Keycloak

Форк
0
810 строк · 26.0 Кб
1
name: Keycloak CI
2

3
on:
4
  push:
5
    branches-ignore:
6
      - main
7
      - dependabot/**
8
  pull_request:
9
  workflow_dispatch:
10

11
env:
12
  MAVEN_ARGS: "-B -nsu -Daether.connector.http.connectionMaxTtl=25"
13
  SUREFIRE_RERUN_FAILING_COUNT: 2
14
  SUREFIRE_RETRY: "-Dsurefire.rerunFailingTestsCount=2"
15

16
concurrency:
17
  # Only cancel jobs for PR updates
18
  group: ci-${{ github.ref }}
19
  cancel-in-progress: true
20

21
defaults:
22
  run:
23
    shell: bash
24

25
jobs:
26

27
  conditional:
28
    name: Check conditional workflows and jobs
29
    runs-on: ubuntu-latest
30
    outputs:
31
      ci: ${{ steps.conditional.outputs.ci }}
32
      ci-store: ${{ steps.conditional.outputs.ci-store }}
33
      ci-sssd: ${{ steps.conditional.outputs.ci-sssd }}
34
      ci-store-matrix: ${{ steps.conditional-stores.outputs.matrix }}
35
    steps:
36
      - uses: actions/checkout@v4
37

38
      - id: conditional
39
        uses: ./.github/actions/conditional
40
        with:
41
          token: ${{ secrets.GITHUB_TOKEN }}
42

43
      - id: conditional-stores
44
        run: |
45
          STORES="postgres, mysql, oracle, mssql, mariadb"
46
          if [[ $GITHUB_EVENT_NAME != "pull_request" && -n "${{ secrets.AWS_SECRET_ACCESS_KEY }}" ]]; then
47
            STORES+=", aurora-postgres"
48
          fi
49
          echo "matrix=$(echo $STORES  | jq -Rc 'split(", ")')" >> $GITHUB_OUTPUT
50

51
  build:
52
    name: Build
53
    if: needs.conditional.outputs.ci == 'true'
54
    runs-on: ubuntu-latest
55
    needs: conditional
56
    steps:
57
      - uses: actions/checkout@v4
58

59
      - name: Build Keycloak
60
        uses: ./.github/actions/build-keycloak
61

62
  unit-tests:
63
    name: Base UT
64
    runs-on: ubuntu-latest
65
    needs: build
66
    timeout-minutes: 30
67
    steps:
68
      - uses: actions/checkout@v4
69

70
      - id: unit-test-setup
71
        name: Unit test setup
72
        uses: ./.github/actions/unit-test-setup
73

74
      - name: Run unit tests
75
        run: |
76
          SEP=""
77
          PROJECTS=""
78
          for i in `find -name '*Test.java' -type f | egrep -v './(testsuite|quarkus|docs)/' | sed 's|/src/test/java/.*||' | sort | uniq | sed 's|./||'`; do
79
            PROJECTS="$PROJECTS$SEP$i"
80
            SEP=","
81
          done
82

83
          ./mvnw test -pl "$PROJECTS" -am
84

85
      - name: Upload JVM Heapdumps
86
        if: always()
87
        uses: ./.github/actions/upload-heapdumps
88

89
      - name: Surefire reports
90
        if: always()
91
        uses: ./.github/actions/archive-surefire-reports
92
        with:
93
          job-id: unit-tests
94

95
  base-integration-tests:
96
    name: Base IT
97
    needs: build
98
    runs-on: ubuntu-latest
99
    timeout-minutes: 100
100
    strategy:
101
      matrix:
102
        group: [1, 2, 3, 4, 5, 6]
103
      fail-fast: false
104
    steps:
105
      - uses: actions/checkout@v4
106

107
      - id: integration-test-setup
108
        name: Integration test setup
109
        uses: ./.github/actions/integration-test-setup
110

111
      - name: Run base tests
112
        run: |
113
          TESTS=`testsuite/integration-arquillian/tests/base/testsuites/base-suite.sh ${{ matrix.group }}`
114
          echo "Tests: $TESTS"
115
          ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus "-Dwebdriver.chrome.driver=$CHROMEWEBDRIVER/chromedriver" -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh
116

117
      - name: Upload JVM Heapdumps
118
        if: always()
119
        uses: ./.github/actions/upload-heapdumps
120

121
      - uses: ./.github/actions/upload-flaky-tests
122
        name: Upload flaky tests
123
        env:
124
          GH_TOKEN: ${{ github.token }}
125
        with:
126
          job-name: Base IT
127

128
      - name: Surefire reports
129
        if: always()
130
        uses: ./.github/actions/archive-surefire-reports
131
        with:
132
          job-id: base-integration-tests-${{ matrix.group }}
133

134
  adapter-integration-tests:
135
    name: Adapter IT
136
    needs: build
137
    runs-on: ubuntu-latest
138
    timeout-minutes: 100
139
    steps:
140
      - uses: actions/checkout@v4
141

142
      - id: integration-test-setup
143
        name: Integration test setup
144
        uses: ./.github/actions/integration-test-setup
145

146
      - name: Build adapter distributions
147
        run: ./mvnw install -DskipTests -f distribution/pom.xml
148

149
      - name: Build app servers
150
        run: ./mvnw install -DskipTests -Pbuild-app-servers -f testsuite/integration-arquillian/servers/app-server/pom.xml
151

152
      - name: Run adapter tests
153
        run: |
154
          TESTS="org.keycloak.testsuite.adapter.**"
155
          echo "Tests: $TESTS"
156
          ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Papp-server-wildfly "-Dwebdriver.chrome.driver=$CHROMEWEBDRIVER/chromedriver" -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh
157

158
      - name: Upload JVM Heapdumps
159
        if: always()
160
        uses: ./.github/actions/upload-heapdumps
161

162
      - uses: ./.github/actions/upload-flaky-tests
163
        name: Upload flaky tests
164
        env:
165
          GH_TOKEN: ${{ github.token }}
166
        with:
167
          job-name: Base IT
168

169
      - name: Surefire reports
170
        if: always()
171
        uses: ./.github/actions/archive-surefire-reports
172
        with:
173
          job-id: adapter-integration-tests
174

175
  quarkus-unit-tests:
176
    name: Quarkus UT
177
    needs: build
178
    timeout-minutes: 15
179
    strategy:
180
      matrix:
181
        os: [ ubuntu-latest, windows-latest ]
182
    runs-on: ${{ matrix.os }}
183
    steps:
184
      - uses: actions/checkout@v4
185

186
      # We want to download Keycloak artifacts
187
      - id: integration-test-setup
188
        name: Integration test setup
189
        uses: ./.github/actions/integration-test-setup
190

191
      - name: Run unit tests
192
        run: |
193
          ./mvnw test -f quarkus/pom.xml -pl '!tests,!tests/junit5,!tests/integration,!dist'
194

195
      - name: Upload JVM Heapdumps
196
        if: always()
197
        uses: ./.github/actions/upload-heapdumps
198

199
      - name: Surefire reports
200
        if: always()
201
        uses: ./.github/actions/archive-surefire-reports
202
        with:
203
          job-id: quarkus-unit-tests
204

205
  quarkus-integration-tests:
206
    name: Quarkus IT
207
    needs: build
208
    timeout-minutes: 115
209
    strategy:
210
      matrix:
211
        os: [ubuntu-latest, windows-latest]
212
        server: [sanity-check-zip, zip, container, storage]
213
        exclude:
214
          - os: windows-latest
215
            server: zip
216
          - os: windows-latest
217
            server: container
218
          - os: windows-latest
219
            server: storage
220
          - os: ubuntu-latest
221
            server: sanity-check-zip
222
      fail-fast: false
223
    runs-on: ${{ matrix.os }}
224
    env:
225
      MAVEN_OPTS: -Xmx1024m
226
    steps:
227
      - uses: actions/checkout@v4
228

229
      - id: unit-test-setup
230
        name: Unit test setup
231
        uses: ./.github/actions/unit-test-setup
232

233
      # Not sure why, but needs to re-build otherwise there's some failures starting up
234
      - name: Run Quarkus integration Tests
235
        run: |
236
          declare -A PARAMS
237
          PARAMS["sanity-check-zip"]="-Dtest=StartCommandDistTest,StartDevCommandDistTest,BuildAndStartDistTest,ImportAtStartupDistTest"
238
          PARAMS["zip"]=""
239
          PARAMS["container"]="-Dkc.quarkus.tests.dist=docker"
240
          PARAMS["storage"]="-Ptest-database -Dtest=PostgreSQLDistTest,MariaDBDistTest#testSuccessful,MySQLDistTest#testSuccessful,DatabaseOptionsDistTest,JPAStoreDistTest,HotRodStoreDistTest,MixedStoreDistTest,TransactionConfigurationDistTest,ExternalInfinispanTest"
241

242
          ./mvnw install -pl quarkus/tests/integration -am -DskipTests
243
          ./mvnw test -pl quarkus/tests/integration ${PARAMS["${{ matrix.server }}"]} 2>&1 | misc/log/trimmer.sh
244

245
      - name: Upload JVM Heapdumps
246
        if: always()
247
        uses: ./.github/actions/upload-heapdumps
248

249
      - name: Surefire reports
250
        if: always()
251
        uses: ./.github/actions/archive-surefire-reports
252
        with:
253
          job-id: quarkus-integration-tests-${{ matrix.os }}-${{ matrix.server }}
254

255
  jdk-integration-tests:
256
    name: Java Distribution IT
257
    needs: build
258
    timeout-minutes: 100
259
    strategy:
260
      matrix:
261
        os: [ubuntu-latest, windows-latest]
262
        dist: [temurin]
263
        version: [19]
264
      fail-fast: false
265
    runs-on: ${{ matrix.os }}
266
    steps:
267
      - uses: actions/checkout@v4
268

269
      - id: integration-test-setup
270
        name: Integration test setup
271
        uses: ./.github/actions/integration-test-setup
272
        with:
273
          jdk-dist: ${{ matrix.dist }}
274
          jdk-version: ${{ matrix.version }}
275

276
      - name: Prepare Quarkus distribution with current JDK
277
        run: ./mvnw install -e -pl testsuite/integration-arquillian/servers/auth-server/quarkus
278

279
      - name: Run base tests
280
        run: |
281
          TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh jdk`
282
          echo "Tests: $TESTS"
283
          ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh
284

285
      - name: Build with JDK
286
        run:
287
          ./mvnw install -e -DskipTests -DskipExamples
288

289
      - name: Upload JVM Heapdumps
290
        if: always()
291
        uses: ./.github/actions/upload-heapdumps
292

293
      - uses: ./.github/actions/upload-flaky-tests
294
        name: Upload flaky tests
295
        env:
296
          GH_TOKEN: ${{ github.token }}
297
        with:
298
          job-name: Java Distribution IT
299

300
      - name: Surefire reports
301
        if: always()
302
        uses: ./.github/actions/archive-surefire-reports
303
        with:
304
          job-id: jdk-integration-tests-${{ matrix.os }}-${{ matrix.dist }}-${{ matrix.version }}
305

306
  store-integration-tests:
307
    name: Store IT
308
    needs: [build, conditional]
309
    if: needs.conditional.outputs.ci-store == 'true'
310
    runs-on: ubuntu-latest
311
    timeout-minutes: 150
312
    strategy:
313
      matrix:
314
        db: ${{ fromJson(needs.conditional.outputs.ci-store-matrix) }}
315
      fail-fast: false
316
    steps:
317
      - uses: actions/checkout@v4
318

319
      - id: aurora-init
320
        name: Initialize Aurora environment
321
        if: ${{ matrix.db == 'aurora-postgres' }}
322
        run: |
323
          AWS_REGION=us-east-1
324
          echo "Region: ${AWS_REGION}"
325

326
          aws configure set aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }}
327
          aws configure set aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }}
328
          aws configure set region ${AWS_REGION}
329
          PASS=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 13; echo)
330
          echo "::add-mask::${PASS}"
331

332
          echo "name=gh-action-$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
333
          echo "password=${PASS}" >> $GITHUB_OUTPUT
334
          echo "region=${AWS_REGION}" >> $GITHUB_OUTPUT
335

336
      - id: aurora-create
337
        name: Create Aurora DB
338
        if: ${{ matrix.db == 'aurora-postgres' }}
339
        uses: ./.github/actions/aurora-create-database
340
        with:
341
          name: ${{ steps.aurora-init.outputs.name }}
342
          password: ${{ steps.aurora-init.outputs.password }}
343
          region: ${{ steps.aurora-init.outputs.region }}
344

345
      - id: integration-test-setup
346
        name: Integration test setup
347
        if: ${{ matrix.db != 'aurora-postgres' }}
348
        uses: ./.github/actions/integration-test-setup
349

350
      - name: Run Aurora tests on EC2
351
        id: aurora-tests
352
        if: ${{ matrix.db == 'aurora-postgres' }}
353
        run: |
354
          PROPS="-Dauth.server.db.host=${{ steps.aurora-create.outputs.endpoint }}"
355
          PROPS+=" -Dkeycloak.connectionsJpa.password=${{ steps.aurora-init.outputs.password }}"
356

357
          REGION=${{ steps.aurora-init.outputs.region }}
358

359
          curl --fail-with-body https://truststore.pki.rds.amazonaws.com/${REGION}/${REGION}-bundle.pem -o aws.pem
360
          PROPS+=" -Dkeycloak.connectionsJpa.jdbcParameters=\"?ssl=true&sslmode=verify-ca&sslrootcert=/opt/keycloak/aws.pem\""
361

362
          TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh database`
363
          echo "Tests: $TESTS"
364

365
          git archive --format=zip --output /tmp/keycloak.zip $GITHUB_REF
366
          zip -u /tmp/keycloak.zip aws.pem
367

368
          cd .github/scripts/ansible
369
          export CLUSTER_NAME=keycloak_$(git rev-parse --short HEAD)
370
          echo "ec2_cluster=${CLUSTER_NAME}" >> $GITHUB_OUTPUT
371
          ./aws_ec2.sh requirements
372
          ./aws_ec2.sh create ${REGION}
373
          ./keycloak_ec2_installer.sh ${REGION} /tmp/keycloak.zip
374
          ./mvn_ec2_runner.sh ${REGION} "clean install -B -DskipTests -Pdistribution"
375
          ./mvn_ec2_runner.sh ${REGION} "clean install -B -DskipTests -pl testsuite/integration-arquillian/servers/auth-server/quarkus -Pauth-server-quarkus -Pdb-aurora-postgres -Dmaven.build.cache.enabled=true"
376
          ./mvn_ec2_runner.sh ${REGION} "test -B ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Pdb-${{ matrix.db }} $PROPS -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh"
377

378
          # Copy returned surefire-report directories to workspace root to ensure they're discovered
379
          results=(files/keycloak/results/*)
380
          rsync -a $results/* ../../../
381
          rm -rf $results
382

383
      - name: Run base tests
384
        if: ${{ matrix.db != 'aurora-postgres' }}
385
        run: |
386
          TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh database`
387
          echo "Tests: $TESTS"
388
          ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Pdb-${{ matrix.db }} -Dtest=$TESTS -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh
389

390
      - name: Upload JVM Heapdumps
391
        if: always()
392
        uses: ./.github/actions/upload-heapdumps
393

394
      - uses: ./.github/actions/upload-flaky-tests
395
        name: Upload flaky tests
396
        env:
397
          GH_TOKEN: ${{ github.token }}
398
        with:
399
          job-name: Store IT
400

401
      - name: Surefire reports
402
        if: always()
403
        uses: ./.github/actions/archive-surefire-reports
404
        with:
405
          job-id: store-integration-tests-${{ matrix.db }}
406

407
      - name: EC2 Maven Logs
408
        if: failure()
409
        uses: actions/upload-artifact@v3
410
        with:
411
          name: store-it-mvn-logs
412
          path: .github/scripts/ansible/files
413

414
      - name: Delete Aurora EC2 Instance
415
        if: ${{ always() && matrix.db == 'aurora-postgres' }}
416
        working-directory: .github/scripts/ansible
417
        run: |
418
          export CLUSTER_NAME=${{ steps.aurora-tests.outputs.ec2_cluster }}
419
          ./aws_ec2.sh delete ${{ steps.aurora-init.outputs.region }}
420

421
      - name: Delete Aurora DB
422
        if: ${{ always() && matrix.db == 'aurora-postgres' }}
423
        uses: ./.github/actions/aurora-delete-database
424
        with:
425
          name: ${{ steps.aurora-init.outputs.name }}
426
          region: ${{ steps.aurora-init.outputs.region }}
427

428
  store-model-tests:
429
    name: Store Model Tests
430
    runs-on: ubuntu-latest
431
    needs: [build, conditional]
432
    if: needs.conditional.outputs.ci-store == 'true'
433
    timeout-minutes: 75
434
    steps:
435
      - uses: actions/checkout@v4
436

437
      - id: integration-test-setup
438
        name: Integration test setup
439
        uses: ./.github/actions/integration-test-setup
440

441
      - name: Run model tests
442
        run: testsuite/model/test-all-profiles.sh ${{ env.SUREFIRE_RETRY }}
443

444
      - name: Upload JVM Heapdumps
445
        if: always()
446
        uses: ./.github/actions/upload-heapdumps
447

448
      - uses: ./.github/actions/upload-flaky-tests
449
        name: Upload flaky tests
450
        env:
451
          GH_TOKEN: ${{ github.token }}
452
        with:
453
          job-name: Store Model Tests
454

455
      - name: Surefire reports
456
        if: always()
457
        uses: ./.github/actions/archive-surefire-reports
458
        with:
459
          job-id: store-model-tests
460

461
  clustering-integration-tests:
462
    name: Clustering IT
463
    needs: build
464
    runs-on: ubuntu-latest
465
    timeout-minutes: 35
466
    env:
467
      MAVEN_OPTS: -Xmx1024m
468
    steps:
469
      - uses: actions/checkout@v4
470

471
      - id: integration-test-setup
472
        name: Integration test setup
473
        uses: ./.github/actions/integration-test-setup
474

475
      - name: Run cluster tests
476
        run: |
477
          ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-cluster-quarkus -Dsession.cache.owners=2 -Dtest=**.cluster.** -pl testsuite/integration-arquillian/tests/base 2>&1 | misc/log/trimmer.sh
478

479
      - name: Upload JVM Heapdumps
480
        if: always()
481
        uses: ./.github/actions/upload-heapdumps
482

483
      - uses: ./.github/actions/upload-flaky-tests
484
        name: Upload flaky tests
485
        env:
486
          GH_TOKEN: ${{ github.token }}
487
        with:
488
          job-name: Clustering IT
489

490
      - name: Surefire reports
491
        if: always()
492
        uses: ./.github/actions/archive-surefire-reports
493
        with:
494
          job-id: clustering-integration-tests
495

496
  fips-unit-tests:
497
    name: FIPS UT
498
    runs-on: ubuntu-latest
499
    needs: build
500
    timeout-minutes: 20
501
    steps:
502
      - uses: actions/checkout@v4
503

504
      - name: Fake fips
505
        run: |
506
          cd .github/fake_fips
507
          make
508
          sudo insmod fake_fips.ko
509

510
      - id: unit-test-setup
511
        name: Unit test setup
512
        uses: ./.github/actions/unit-test-setup
513

514
      - name: Run crypto tests
515
        run: docker run --rm --workdir /github/workspace -v "${{ github.workspace }}":"/github/workspace" -v "$HOME/.m2":"/root/.m2" registry.access.redhat.com/ubi8/ubi:latest .github/scripts/run-fips-ut.sh
516

517
      - name: Upload JVM Heapdumps
518
        if: always()
519
        uses: ./.github/actions/upload-heapdumps
520

521
      - name: Surefire reports
522
        if: always()
523
        uses: ./.github/actions/archive-surefire-reports
524
        with:
525
          job-id: fips-unit-tests
526

527
  fips-integration-tests:
528
    name: FIPS IT
529
    needs: build
530
    runs-on: ubuntu-latest
531
    timeout-minutes: 45
532
    strategy:
533
      matrix:
534
        mode: [non-strict, strict]
535
      fail-fast: false
536
    steps:
537
      - uses: actions/checkout@v4
538

539
      - name: Fake fips
540
        run: |
541
          cd .github/fake_fips
542
          make
543
          sudo insmod fake_fips.ko
544

545
      - id: integration-test-setup
546
        name: Integration test setup
547
        uses: ./.github/actions/integration-test-setup
548
        with:
549
          jdk-version: 17
550

551
      - name: Build adapter distributions
552
        run: ./mvnw install -DskipTests -f distribution/pom.xml
553

554
      - name: Build app servers
555
        run: ./mvnw install -DskipTests -Pbuild-app-servers -f testsuite/integration-arquillian/servers/app-server/pom.xml
556

557

558
      - name: Prepare Quarkus distribution with BCFIPS
559
        run: ./mvnw install -e -pl testsuite/integration-arquillian/servers/auth-server/quarkus -Pauth-server-quarkus,auth-server-fips140-2
560

561
      - name: Run base tests
562
        run: docker run --rm --workdir /github/workspace -e "SUREFIRE_RERUN_FAILING_COUNT" -v "${{ github.workspace }}":"/github/workspace" -v "$HOME/.m2":"/root/.m2" registry.access.redhat.com/ubi8/ubi:latest .github/scripts/run-fips-it.sh ${{ matrix.mode }}
563

564
      - name: Upload JVM Heapdumps
565
        if: always()
566
        uses: ./.github/actions/upload-heapdumps
567

568
      - uses: ./.github/actions/upload-flaky-tests
569
        name: Upload flaky tests
570
        env:
571
          GH_TOKEN: ${{ github.token }}
572
        with:
573
          job-name: FIPS IT
574

575
      - name: Surefire reports
576
        if: always()
577
        uses: ./.github/actions/archive-surefire-reports
578
        with:
579
          job-id: fips-integration-tests-${{ matrix.mode }}
580

581
  account-console-integration-tests:
582
    name: Account Console IT
583
    runs-on: ubuntu-latest
584
    needs: build
585
    timeout-minutes: 75
586
    strategy:
587
      matrix:
588
        browser: [chrome]
589
      fail-fast: false
590
    steps:
591
      - uses: actions/checkout@v4
592

593
      - id: integration-test-setup
594
        name: Integration test setup
595
        uses: ./.github/actions/integration-test-setup
596

597
      - name: Run Account Console IT
598
        run: ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Dtest=**.account2.**,!SigningInTest#passwordlessWebAuthnTest,!SigningInTest#twoFactorWebAuthnTest -Dbrowser=${{ matrix.browser }} "-Dwebdriver.chrome.driver=$CHROMEWEBDRIVER/chromedriver" -f testsuite/integration-arquillian/tests/other/base-ui/pom.xml 2>&1 | misc/log/trimmer.sh
599

600
      - name: Upload JVM Heapdumps
601
        if: always()
602
        uses: ./.github/actions/upload-heapdumps
603

604
      - uses: ./.github/actions/upload-flaky-tests
605
        name: Upload flaky tests
606
        env:
607
          GH_TOKEN: ${{ github.token }}
608
        with:
609
          job-name: Account Console IT
610

611
      - name: Surefire reports
612
        if: always()
613
        uses: ./.github/actions/archive-surefire-reports
614
        with:
615
          job-id: account-console-integration-tests-${{ matrix.browser }}
616

617
  forms-integration-tests:
618
    name: Forms IT
619
    runs-on: ubuntu-latest
620
    needs: build
621
    timeout-minutes: 75
622
    strategy:
623
      matrix:
624
        browser: [chrome, firefox]
625
      fail-fast: false
626
    steps:
627
      - uses: actions/checkout@v4
628

629
      - id: integration-test-setup
630
        name: Integration test setup
631
        uses: ./.github/actions/integration-test-setup
632

633
      - name: Run Forms IT
634
        run: |
635
          TESTS=`testsuite/integration-arquillian/tests/base/testsuites/suite.sh forms`
636
          echo "Tests: $TESTS"
637
          ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Dtest=$TESTS -Dbrowser=${{ matrix.browser }} "-Dwebdriver.chrome.driver=$CHROMEWEBDRIVER/chromedriver" "-Dwebdriver.gecko.driver=$GECKOWEBDRIVER/geckodriver" -f testsuite/integration-arquillian/tests/base/pom.xml 2>&1 | misc/log/trimmer.sh
638

639
      - name: Upload JVM Heapdumps
640
        if: always()
641
        uses: ./.github/actions/upload-heapdumps
642

643
      - uses: ./.github/actions/upload-flaky-tests
644
        name: Upload flaky tests
645
        env:
646
          GH_TOKEN: ${{ github.token }}
647
        with:
648
          job-name: Forms IT
649

650
      - name: Surefire reports
651
        if: always()
652
        uses: ./.github/actions/archive-surefire-reports
653
        with:
654
          job-id: forms-integration-tests-${{ matrix.browser }}
655

656
  webauthn-integration-tests:
657
    name: WebAuthn IT
658
    runs-on: ubuntu-latest
659
    needs: build
660
    timeout-minutes: 45
661
    strategy:
662
      matrix:
663
        browser:
664
          - chrome
665
          # - firefox  disabled until https://github.com/keycloak/keycloak/issues/20777 is resolved
666
      fail-fast: false
667
    steps:
668
      - uses: actions/checkout@v4
669

670
      - id: integration-test-setup
671
        name: Integration test setup
672
        uses: ./.github/actions/integration-test-setup
673

674
      # Don't use Chrome for testing (just regular Chrome) until https://github.com/keycloak/keycloak/issues/22214 is resolved
675
      #- id: install-chrome
676
      #  name: Install Chrome browser
677
      #  uses: ./.github/actions/install-chrome
678
      #  if: matrix.browser == 'chrome'
679

680
      - name: Run WebAuthn IT
681
        run: ./mvnw test ${{ env.SUREFIRE_RETRY }} -Pauth-server-quarkus -Dtest=org.keycloak.testsuite.webauthn.**.*Test -Dbrowser=${{ matrix.browser }} "-Dwebdriver.chrome.driver=$CHROMEWEBDRIVER/chromedriver" "-Dwebdriver.gecko.driver=$GECKOWEBDRIVER/geckodriver" -Pwebauthn -f testsuite/integration-arquillian/tests/other/pom.xml 2>&1 | misc/log/trimmer.sh
682

683
      - name: Upload JVM Heapdumps
684
        if: always()
685
        uses: ./.github/actions/upload-heapdumps
686

687
      - uses: ./.github/actions/upload-flaky-tests
688
        name: Upload flaky tests
689
        env:
690
          GH_TOKEN: ${{ github.token }}
691
        with:
692
          job-name: WebAuthn IT
693

694
      - name: Surefire reports
695
        if: always()
696
        uses: ./.github/actions/archive-surefire-reports
697
        with:
698
          job-id: webauthn-integration-tests-${{ matrix.browser }}
699

700
  sssd-unit-tests:
701
    name: SSSD
702
    runs-on: ubuntu-latest
703
    if: needs.conditional.outputs.ci-sssd == 'true'
704
    needs:
705
      - conditional
706
      - build
707
    timeout-minutes: 30
708
    steps:
709
      - name: checkout
710
        uses: actions/checkout@v4
711

712
      - id: integration-test-setup
713
        name: Integration test setup
714
        uses: ./.github/actions/integration-test-setup
715

716
      - id: weekly-cache-key
717
        name: Key for weekly rotation of cache
718
        shell: bash
719
        run: echo "key=ipa-data-`date -u "+%Y-%U"`" >> $GITHUB_OUTPUT
720

721
      - id: cache-maven-repository
722
        name: ipa-data cache
723
        uses: actions/cache@v3
724
        with:
725
          path: ~/ipa-data.tar
726
          key: ${{ steps.weekly-cache-key.outputs.key }}
727

728
      - name: Run tests
729
        run: .github/scripts/run-ipa.sh "${{ github.workspace }}"
730

731
      - name: Surefire reports
732
        if: always()
733
        uses: ./.github/actions/archive-surefire-reports
734
        with:
735
          job-id: sssd-unit-tests
736

737
  migration-tests:
738
    name: Migration Tests
739
    runs-on: ubuntu-latest
740
    needs: build
741
    timeout-minutes: 45
742
    strategy:
743
      matrix:
744
        old-version: [19.0.3]
745
        database: [postgres, mysql, oracle, mssql, mariadb]
746
      fail-fast: false
747
    steps:
748
      - uses: actions/checkout@v4
749

750
      - id: integration-test-setup
751
        name: Integration test setup
752
        uses: ./.github/actions/integration-test-setup
753

754
      - name: Run Migration Tests
755
        run: |
756
          ./mvnw clean install ${{ env.SUREFIRE_RETRY }} \
757
          -Pauth-server-quarkus -Pdb-${{ matrix.database }} -Pauth-server-migration \
758
          -Dtest=MigrationTest \
759
          -Dmigration.mode=auto \
760
          -Dmigrated.auth.server.version=${{ matrix.old-version }} \
761
          -Dmigration.import.file.name=migration-realm-${{ matrix.old-version }}.json \
762
          -Dauth.server.ssl.required=false \
763
          -Dauth.server.db.host=localhost \
764
          -f testsuite/integration-arquillian/pom.xml 2>&1 | misc/log/trimmer.sh
765

766
      - name: Upload JVM Heapdumps
767
        if: always()
768
        uses: ./.github/actions/upload-heapdumps
769

770
      - uses: ./.github/actions/upload-flaky-tests
771
        name: Upload flaky tests
772
        env:
773
          GH_TOKEN: ${{ github.token }}
774
        with:
775
          job-name: Migration Tests
776

777
      - name: Surefire reports
778
        if: always()
779
        uses: ./.github/actions/archive-surefire-reports
780
        with:
781
          job-id: migration-tests-${{ matrix.old-version }}-${{ matrix.database }}
782

783
  check:
784
    name: Status Check - Keycloak CI
785
    if: always()
786
    needs:
787
      - conditional
788
      - build
789
      - unit-tests
790
      - base-integration-tests
791
      - adapter-integration-tests
792
      - quarkus-unit-tests
793
      - quarkus-integration-tests
794
      - jdk-integration-tests
795
      - store-integration-tests
796
      - store-model-tests
797
      - clustering-integration-tests
798
      - fips-unit-tests
799
      - fips-integration-tests
800
      - account-console-integration-tests
801
      - forms-integration-tests
802
      - webauthn-integration-tests
803
      - sssd-unit-tests
804
      - migration-tests
805
    runs-on: ubuntu-latest
806
    steps:
807
      - uses: actions/checkout@v4
808
      - uses: ./.github/actions/status-check
809
        with:
810
          jobs: ${{ toJSON(needs) }}
811

Использование cookies

Мы используем файлы cookie в соответствии с Политикой конфиденциальности и Политикой использования cookies.

Нажимая кнопку «Принимаю», Вы даете АО «СберТех» согласие на обработку Ваших персональных данных в целях совершенствования нашего веб-сайта и Сервиса GitVerse, а также повышения удобства их использования.

Запретить использование cookies Вы можете самостоятельно в настройках Вашего браузера.