keycloak-scim/.github/workflows/ci.yml
Alexander Schwartz c580c88c93
Persist online sessions to the database (#27977)
Adding two feature toggles for new code paths to store online sessions in the existing offline sessions table. Separate the code which is due to be changed in the next iteration in new classes/providers which used instead of the old one.

Closes #27976

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2024-03-28 09:17:07 +01:00

831 lines
27 KiB
YAML

name: Keycloak CI
on:
push:
branches-ignore:
- main
- dependabot/**
pull_request:
workflow_dispatch:
env:
MAVEN_ARGS: "-B -nsu -Daether.connector.http.connectionMaxTtl=25"
SUREFIRE_RERUN_FAILING_COUNT: 2
SUREFIRE_RETRY: "-Dsurefire.rerunFailingTestsCount=2"
concurrency:
# Only cancel jobs for PR updates
group: ci-${{ github.ref }}
cancel-in-progress: true
defaults:
run:
shell: bash
jobs:
conditional:
name: Check conditional workflows and jobs
runs-on: ubuntu-latest
outputs:
ci: ${{ steps.conditional.outputs.ci }}
ci-store: ${{ steps.conditional.outputs.ci-store }}
ci-sssd: ${{ steps.conditional.outputs.ci-sssd }}
ci-store-matrix: ${{ steps.conditional-stores.outputs.matrix }}
steps:
- uses: actions/checkout@v4
- id: conditional
uses: ./.github/actions/conditional
with:
token: ${{ secrets.GITHUB_TOKEN }}
- id: conditional-stores
run: |
STORES="postgres, mysql, oracle, mssql, mariadb"
if [[ $GITHUB_EVENT_NAME != "pull_request" && -n "${{ secrets.AWS_SECRET_ACCESS_KEY }}" ]]; then
STORES+=", aurora-postgres"
fi
echo "matrix=$(echo $STORES | jq -Rc 'split(", ")')" >> $GITHUB_OUTPUT
build:
name: Build
if: needs.conditional.outputs.ci == 'true'
runs-on: ubuntu-latest
needs: conditional
steps:
- uses: actions/checkout@v4
- name: Build Keycloak
uses: ./.github/actions/build-keycloak
unit-tests:
name: Base UT
runs-on: ubuntu-latest
needs: build
timeout-minutes: 30
steps:
- uses: actions/checkout@v4
- id: unit-test-setup
name: Unit test setup
uses: ./.github/actions/unit-test-setup
- name: Run unit tests
run: |
SEP=""
PROJECTS=""
for i in `find -name '*Test.java' -type f | egrep -v './(testsuite|quarkus|docs)/' | sed 's|/src/test/java/.*||' | sort | uniq | sed 's|./||'`; do
PROJECTS="$PROJECTS$SEP$i"
SEP=","
done
./mvnw test -pl "$PROJECTS" -am
- name: Upload JVM Heapdumps
if: always()
uses: ./.github/actions/upload-heapdumps
- name: Surefire reports
if: always()
uses: ./.github/actions/archive-surefire-reports
with:
job-id: unit-tests
base-integration-tests:
name: Base IT
needs: build
runs-on: ubuntu-latest
timeout-minutes: 100
strategy:
matrix:
group: [1, 2, 3, 4, 5, 6]
fail-fast: false
steps:
- uses: actions/checkout@v4
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
- name: Run base tests
run: |
TESTS=`testsuite/integration-arquillian/tests/base/testsuites/base-suite.sh ${{ matrix.group }}`
echo "Tests: $TESTS"
./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus "-Dwebdriver.chrome.driver=$CHROMEWEBDRIVER/chromedriver" -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh
- name: Upload JVM Heapdumps
if: always()
uses: ./.github/actions/upload-heapdumps
- uses: ./.github/actions/upload-flaky-tests
name: Upload flaky tests
env:
GH_TOKEN: ${{ github.token }}
with:
job-name: Base IT
- name: Surefire reports
if: always()
uses: ./.github/actions/archive-surefire-reports
with:
job-id: base-integration-tests-${{ matrix.group }}
adapter-integration-tests:
name: Adapter IT
needs: build
runs-on: ubuntu-latest
timeout-minutes: 100
steps:
- uses: actions/checkout@v4
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
- name: Build adapter distributions
run: ./mvnw install -DskipTests -f distribution/pom.xml
- name: Build app servers
run: ./mvnw install -DskipTests -Pbuild-app-servers -f testsuite/integration-arquillian/servers/app-server/pom.xml
- name: Run adapter tests
run: |
TESTS="org.keycloak.testsuite.adapter.**"
echo "Tests: $TESTS"
./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Papp-server-wildfly "-Dwebdriver.chrome.driver=$CHROMEWEBDRIVER/chromedriver" -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh
- name: Upload JVM Heapdumps
if: always()
uses: ./.github/actions/upload-heapdumps
- uses: ./.github/actions/upload-flaky-tests
name: Upload flaky tests
env:
GH_TOKEN: ${{ github.token }}
with:
job-name: Base IT
- name: Surefire reports
if: always()
uses: ./.github/actions/archive-surefire-reports
with:
job-id: adapter-integration-tests
quarkus-unit-tests:
name: Quarkus UT
needs: build
timeout-minutes: 15
strategy:
matrix:
os: [ ubuntu-latest, windows-latest ]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
# We want to download Keycloak artifacts
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
- name: Run unit tests
run: |
./mvnw test -f quarkus/pom.xml -pl '!tests,!tests/junit5,!tests/integration,!dist'
- name: Upload JVM Heapdumps
if: always()
uses: ./.github/actions/upload-heapdumps
- name: Surefire reports
if: always()
uses: ./.github/actions/archive-surefire-reports
with:
job-id: quarkus-unit-tests
quarkus-integration-tests:
name: Quarkus IT
needs: build
timeout-minutes: 115
strategy:
matrix:
os: [ubuntu-latest, windows-latest]
server: [sanity-check-zip, zip, container, storage]
exclude:
- os: windows-latest
server: zip
- os: windows-latest
server: container
- os: windows-latest
server: storage
- os: ubuntu-latest
server: sanity-check-zip
fail-fast: false
runs-on: ${{ matrix.os }}
env:
MAVEN_OPTS: -Xmx1024m
steps:
- uses: actions/checkout@v4
- id: unit-test-setup
name: Unit test setup
uses: ./.github/actions/unit-test-setup
# Not sure why, but needs to re-build otherwise there's some failures starting up
- name: Run Quarkus integration Tests
run: |
declare -A PARAMS
PARAMS["sanity-check-zip"]="-Dtest=StartCommandDistTest,StartDevCommandDistTest,BuildAndStartDistTest,ImportAtStartupDistTest"
PARAMS["zip"]=""
PARAMS["container"]="-Dkc.quarkus.tests.dist=docker"
PARAMS["storage"]="-Ptest-database -Dtest=PostgreSQLDistTest,MariaDBDistTest#testSuccessful,MySQLDistTest#testSuccessful,DatabaseOptionsDistTest,JPAStoreDistTest,HotRodStoreDistTest,MixedStoreDistTest,TransactionConfigurationDistTest,ExternalInfinispanTest"
./mvnw install -pl quarkus/tests/integration -am -DskipTests
./mvnw test -pl quarkus/tests/integration ${PARAMS["${{ matrix.server }}"]} 2>&1 | misc/log/trimmer.sh
- name: Upload JVM Heapdumps
if: always()
uses: ./.github/actions/upload-heapdumps
- name: Surefire reports
if: always()
uses: ./.github/actions/archive-surefire-reports
with:
job-id: quarkus-integration-tests-${{ matrix.os }}-${{ matrix.server }}
jdk-integration-tests:
name: Java Distribution IT
needs: build
timeout-minutes: 100
strategy:
matrix:
os: [ubuntu-latest, windows-latest]
dist: [temurin]
version: [19]
fail-fast: false
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
with:
jdk-dist: ${{ matrix.dist }}
jdk-version: ${{ matrix.version }}
- name: Prepare Quarkus distribution with current JDK
run: ./mvnw install -e -pl testsuite/integration-arquillian/servers/auth-server/quarkus
- name: Run base tests
run: |
TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh jdk`
echo "Tests: $TESTS"
./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh
- name: Build with JDK
run:
./mvnw install -e -DskipTests -DskipExamples
- name: Upload JVM Heapdumps
if: always()
uses: ./.github/actions/upload-heapdumps
- uses: ./.github/actions/upload-flaky-tests
name: Upload flaky tests
env:
GH_TOKEN: ${{ github.token }}
with:
job-name: Java Distribution IT
- name: Surefire reports
if: always()
uses: ./.github/actions/archive-surefire-reports
with:
job-id: jdk-integration-tests-${{ matrix.os }}-${{ matrix.dist }}-${{ matrix.version }}
persistent-sessions-tests:
name: Persistent Sessions IT
needs: [build, conditional]
if: needs.conditional.outputs.ci-store == 'true'
runs-on: ubuntu-latest
timeout-minutes: 150
steps:
- uses: actions/checkout@v4
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
- name: Run base tests
run: |
TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh persistent-sessions`
echo "Tests: $TESTS"
./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Dauth.server.features=persistent-user-sessions,persistent-user-sessions-no-cache -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh
- name: Upload JVM Heapdumps
if: always()
uses: ./.github/actions/upload-heapdumps
- uses: ./.github/actions/upload-flaky-tests
name: Upload flaky tests
env:
GH_TOKEN: ${{ github.token }}
with:
job-name: Store IT
- name: Surefire reports
if: always()
uses: ./.github/actions/archive-surefire-reports
with:
job-id: store-integration-tests-${{ matrix.db }}
- name: EC2 Maven Logs
if: failure()
uses: actions/upload-artifact@v3
with:
name: store-it-mvn-logs
path: .github/scripts/ansible/files
- name: Delete Aurora EC2 Instance
if: ${{ always() && matrix.db == 'aurora-postgres' }}
working-directory: .github/scripts/ansible
run: |
export CLUSTER_NAME=${{ steps.aurora-tests.outputs.ec2_cluster }}
./aws_ec2.sh delete ${{ steps.aurora-init.outputs.region }}
- name: Delete Aurora DB
if: ${{ always() && matrix.db == 'aurora-postgres' }}
uses: ./.github/actions/aurora-delete-database
with:
name: ${{ steps.aurora-init.outputs.name }}
region: ${{ steps.aurora-init.outputs.region }}
store-integration-tests:
name: Store IT
needs: [build, conditional]
if: needs.conditional.outputs.ci-store == 'true'
runs-on: ubuntu-latest
timeout-minutes: 150
strategy:
matrix:
db: ${{ fromJson(needs.conditional.outputs.ci-store-matrix) }}
fail-fast: false
steps:
- uses: actions/checkout@v4
- id: aurora-init
name: Initialize Aurora environment
if: ${{ matrix.db == 'aurora-postgres' }}
run: |
AWS_REGION=us-east-1
echo "Region: ${AWS_REGION}"
aws configure set aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }}
aws configure set aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws configure set region ${AWS_REGION}
PASS=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 13; echo)
echo "::add-mask::${PASS}"
echo "name=gh-action-$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
echo "password=${PASS}" >> $GITHUB_OUTPUT
echo "region=${AWS_REGION}" >> $GITHUB_OUTPUT
- id: aurora-create
name: Create Aurora DB
if: ${{ matrix.db == 'aurora-postgres' }}
uses: ./.github/actions/aurora-create-database
with:
name: ${{ steps.aurora-init.outputs.name }}
password: ${{ steps.aurora-init.outputs.password }}
region: ${{ steps.aurora-init.outputs.region }}
- id: integration-test-setup
name: Integration test setup
if: ${{ matrix.db != 'aurora-postgres' }}
uses: ./.github/actions/integration-test-setup
- name: Run Aurora tests on EC2
id: aurora-tests
if: ${{ matrix.db == 'aurora-postgres' }}
run: |
PROPS="-Dauth.server.db.host=${{ steps.aurora-create.outputs.endpoint }}"
PROPS+=" -Dkeycloak.connectionsJpa.password=${{ steps.aurora-init.outputs.password }}"
REGION=${{ steps.aurora-init.outputs.region }}
curl --fail-with-body https://truststore.pki.rds.amazonaws.com/${REGION}/${REGION}-bundle.pem -o aws.pem
PROPS+=" -Dkeycloak.connectionsJpa.jdbcParameters=\"?ssl=true&sslmode=verify-ca&sslrootcert=/opt/keycloak/aws.pem\""
TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh database`
echo "Tests: $TESTS"
git archive --format=zip --output /tmp/keycloak.zip $GITHUB_REF
zip -u /tmp/keycloak.zip aws.pem
cd .github/scripts/ansible
export CLUSTER_NAME=keycloak_$(git rev-parse --short HEAD)
echo "ec2_cluster=${CLUSTER_NAME}" >> $GITHUB_OUTPUT
./aws_ec2.sh requirements
./aws_ec2.sh create ${REGION}
./keycloak_ec2_installer.sh ${REGION} /tmp/keycloak.zip
./mvn_ec2_runner.sh ${REGION} "clean install -B -DskipTests -Pdistribution"
./mvn_ec2_runner.sh ${REGION} "clean install -B -DskipTests -pl testsuite/integration-arquillian/servers/auth-server/quarkus -Pauth-server-quarkus -Pdb-aurora-postgres -Dmaven.build.cache.enabled=true"
./mvn_ec2_runner.sh ${REGION} "test -B ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Pdb-${{ matrix.db }} $PROPS -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh"
# Copy returned surefire-report directories to workspace root to ensure they're discovered
results=(files/keycloak/results/*)
rsync -a $results/* ../../../
rm -rf $results
- name: Run base tests
if: ${{ matrix.db != 'aurora-postgres' }}
run: |
TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh database`
echo "Tests: $TESTS"
./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Pdb-${{ matrix.db }} -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh
- name: Upload JVM Heapdumps
if: always()
uses: ./.github/actions/upload-heapdumps
- uses: ./.github/actions/upload-flaky-tests
name: Upload flaky tests
env:
GH_TOKEN: ${{ github.token }}
with:
job-name: Store IT
- name: Surefire reports
if: always()
uses: ./.github/actions/archive-surefire-reports
with:
job-id: store-integration-tests-${{ matrix.db }}
- name: EC2 Maven Logs
if: failure()
uses: actions/upload-artifact@v3
with:
name: store-it-mvn-logs
path: .github/scripts/ansible/files
- name: Delete Aurora EC2 Instance
if: ${{ always() && matrix.db == 'aurora-postgres' }}
working-directory: .github/scripts/ansible
run: |
export CLUSTER_NAME=${{ steps.aurora-tests.outputs.ec2_cluster }}
./aws_ec2.sh delete ${{ steps.aurora-init.outputs.region }}
- name: Delete Aurora DB
if: ${{ always() && matrix.db == 'aurora-postgres' }}
uses: ./.github/actions/aurora-delete-database
with:
name: ${{ steps.aurora-init.outputs.name }}
region: ${{ steps.aurora-init.outputs.region }}
store-model-tests:
name: Store Model Tests
runs-on: ubuntu-latest
needs: [build, conditional]
if: needs.conditional.outputs.ci-store == 'true'
timeout-minutes: 75
steps:
- uses: actions/checkout@v4
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
- name: Run model tests
run: testsuite/model/test-all-profiles.sh ${{ env.SUREFIRE_RETRY }}
- name: Upload JVM Heapdumps
if: always()
uses: ./.github/actions/upload-heapdumps
- uses: ./.github/actions/upload-flaky-tests
name: Upload flaky tests
env:
GH_TOKEN: ${{ github.token }}
with:
job-name: Store Model Tests
- name: Surefire reports
if: always()
uses: ./.github/actions/archive-surefire-reports
with:
job-id: store-model-tests
clustering-integration-tests:
name: Clustering IT
needs: build
runs-on: ubuntu-latest
timeout-minutes: 35
env:
MAVEN_OPTS: -Xmx1024m
steps:
- uses: actions/checkout@v4
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
- name: Run cluster tests
run: |
./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-cluster-quarkus -Dsession.cache.owners=2 -Dtest=**.cluster.** -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh
- name: Upload JVM Heapdumps
if: always()
uses: ./.github/actions/upload-heapdumps
- uses: ./.github/actions/upload-flaky-tests
name: Upload flaky tests
env:
GH_TOKEN: ${{ github.token }}
with:
job-name: Clustering IT
- name: Surefire reports
if: always()
uses: ./.github/actions/archive-surefire-reports
with:
job-id: clustering-integration-tests
fips-unit-tests:
name: FIPS UT
runs-on: ubuntu-latest
needs: build
timeout-minutes: 20
steps:
- uses: actions/checkout@v4
- name: Fake fips
run: |
cd .github/fake_fips
make
sudo insmod fake_fips.ko
- id: unit-test-setup
name: Unit test setup
uses: ./.github/actions/unit-test-setup
- name: Run crypto tests
run: docker run --rm --workdir /github/workspace -v "${{ github.workspace }}":"/github/workspace" -v "$HOME/.m2":"/root/.m2" registry.access.redhat.com/ubi8/ubi:latest .github/scripts/run-fips-ut.sh
- name: Upload JVM Heapdumps
if: always()
uses: ./.github/actions/upload-heapdumps
- name: Surefire reports
if: always()
uses: ./.github/actions/archive-surefire-reports
with:
job-id: fips-unit-tests
fips-integration-tests:
name: FIPS IT
needs: build
runs-on: ubuntu-latest
timeout-minutes: 45
strategy:
matrix:
mode: [non-strict, strict]
fail-fast: false
steps:
- uses: actions/checkout@v4
- name: Fake fips
run: |
cd .github/fake_fips
make
sudo insmod fake_fips.ko
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
with:
jdk-version: 17
- name: Build adapter distributions
run: ./mvnw install -DskipTests -f distribution/pom.xml
- name: Build app servers
run: ./mvnw install -DskipTests -Pbuild-app-servers -f testsuite/integration-arquillian/servers/app-server/pom.xml
- name: Prepare Quarkus distribution with BCFIPS
run: ./mvnw install -e -pl testsuite/integration-arquillian/servers/auth-server/quarkus -Pauth-server-quarkus,auth-server-fips140-2
- name: Run base tests
run: docker run --rm --workdir /github/workspace -e "SUREFIRE_RERUN_FAILING_COUNT" -v "${{ github.workspace }}":"/github/workspace" -v "$HOME/.m2":"/root/.m2" registry.access.redhat.com/ubi8/ubi:latest .github/scripts/run-fips-it.sh ${{ matrix.mode }}
- name: Upload JVM Heapdumps
if: always()
uses: ./.github/actions/upload-heapdumps
- uses: ./.github/actions/upload-flaky-tests
name: Upload flaky tests
env:
GH_TOKEN: ${{ github.token }}
with:
job-name: FIPS IT
- name: Surefire reports
if: always()
uses: ./.github/actions/archive-surefire-reports
with:
job-id: fips-integration-tests-${{ matrix.mode }}
forms-integration-tests:
name: Forms IT
runs-on: ubuntu-latest
needs: build
timeout-minutes: 75
strategy:
matrix:
browser: [chrome, firefox]
fail-fast: false
steps:
- uses: actions/checkout@v4
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
- name: Run Forms IT
run: |
TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh forms`
echo "Tests: $TESTS"
./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Dtest=$TESTS -Dbrowser=${{ matrix.browser }} "-Dwebdriver.chrome.driver=$CHROMEWEBDRIVER/chromedriver" "-Dwebdriver.gecko.driver=$GECKOWEBDRIVER/geckodriver" -f testsuite/integration-arquillian/tests/base/pom.xml 2>&1 | misc/log/trimmer.sh
- name: Upload JVM Heapdumps
if: always()
uses: ./.github/actions/upload-heapdumps
- uses: ./.github/actions/upload-flaky-tests
name: Upload flaky tests
env:
GH_TOKEN: ${{ github.token }}
with:
job-name: Forms IT
- name: Surefire reports
if: always()
uses: ./.github/actions/archive-surefire-reports
with:
job-id: forms-integration-tests-${{ matrix.browser }}
webauthn-integration-tests:
name: WebAuthn IT
runs-on: ubuntu-latest
needs: build
timeout-minutes: 45
strategy:
matrix:
browser:
- chrome
# - firefox disabled until https://github.com/keycloak/keycloak/issues/20777 is resolved
fail-fast: false
steps:
- uses: actions/checkout@v4
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
# Don't use Chrome for testing (just regular Chrome) until https://github.com/keycloak/keycloak/issues/22214 is resolved
#- id: install-chrome
# name: Install Chrome browser
# uses: ./.github/actions/install-chrome
# if: matrix.browser == 'chrome'
- name: Run WebAuthn IT
run: ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Dtest=org.keycloak.testsuite.webauthn.**.*Test -Dbrowser=${{ matrix.browser }} "-Dwebdriver.chrome.driver=$CHROMEWEBDRIVER/chromedriver" "-Dwebdriver.gecko.driver=$GECKOWEBDRIVER/geckodriver" -Pwebauthn -f testsuite/integration-arquillian/tests/other/pom.xml 2>&1 | misc/log/trimmer.sh
- name: Upload JVM Heapdumps
if: always()
uses: ./.github/actions/upload-heapdumps
- uses: ./.github/actions/upload-flaky-tests
name: Upload flaky tests
env:
GH_TOKEN: ${{ github.token }}
with:
job-name: WebAuthn IT
- name: Surefire reports
if: always()
uses: ./.github/actions/archive-surefire-reports
with:
job-id: webauthn-integration-tests-${{ matrix.browser }}
sssd-unit-tests:
name: SSSD
runs-on: ubuntu-latest
if: needs.conditional.outputs.ci-sssd == 'true'
needs:
- conditional
- build
timeout-minutes: 30
steps:
- name: checkout
uses: actions/checkout@v4
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
- id: weekly-cache-key
name: Key for weekly rotation of cache
shell: bash
run: echo "key=ipa-data-`date -u "+%Y-%U"`" >> $GITHUB_OUTPUT
- id: cache-maven-repository
name: ipa-data cache
uses: actions/cache@v4
with:
path: ~/ipa-data.tar
key: ${{ steps.weekly-cache-key.outputs.key }}
- name: Run tests
run: .github/scripts/run-ipa.sh "${{ github.workspace }}"
- name: Surefire reports
if: always()
uses: ./.github/actions/archive-surefire-reports
with:
job-id: sssd-unit-tests
migration-tests:
name: Migration Tests
runs-on: ubuntu-latest
needs: build
timeout-minutes: 45
strategy:
matrix:
old-version: [19.0.3]
database: [postgres, mysql, oracle, mssql, mariadb]
fail-fast: false
steps:
- uses: actions/checkout@v4
- id: integration-test-setup
name: Integration test setup
uses: ./.github/actions/integration-test-setup
- name: Run Migration Tests
run: |
./mvnw clean install ${{ env.SUREFIRE_RETRY }} \
-Pauth-server-quarkus -Pdb-${{ matrix.database }} -Pauth-server-migration \
-Dtest=MigrationTest \
-Dmigration.mode=auto \
-Dmigrated.auth.server.version=${{ matrix.old-version }} \
-Dmigration.import.file.name=migration-realm-${{ matrix.old-version }}.json \
-Dauth.server.ssl.required=false \
-Dauth.server.db.host=localhost \
-f testsuite/integration-arquillian/pom.xml 2>&1 | misc/log/trimmer.sh
- name: Upload JVM Heapdumps
if: always()
uses: ./.github/actions/upload-heapdumps
- uses: ./.github/actions/upload-flaky-tests
name: Upload flaky tests
env:
GH_TOKEN: ${{ github.token }}
with:
job-name: Migration Tests
- name: Surefire reports
if: always()
uses: ./.github/actions/archive-surefire-reports
with:
job-id: migration-tests-${{ matrix.old-version }}-${{ matrix.database }}
check:
name: Status Check - Keycloak CI
if: always()
needs:
- conditional
- build
- unit-tests
- base-integration-tests
- adapter-integration-tests
- quarkus-unit-tests
- quarkus-integration-tests
- jdk-integration-tests
- store-integration-tests
- persistent-sessions-tests
- store-model-tests
- clustering-integration-tests
- fips-unit-tests
- fips-integration-tests
- forms-integration-tests
- webauthn-integration-tests
- sssd-unit-tests
- migration-tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/status-check
with:
jobs: ${{ toJSON(needs) }}