From c60537a23b7fc0876c1a887e9077fa416451e6fb Mon Sep 17 00:00:00 2001
From: moabu <47318409+moabu@users.noreply.github.com>
Date: Thu, 7 Nov 2024 12:46:02 +0300
Subject: [PATCH 1/6] ci: move jenkins operations to GH
---
.github/maven-settings.xml | 9 +
.github/workflows/build-wars.yml | 100 ----------
.github/workflows/full-rebuild.yml | 179 ++++++++++++++++++
agama/pom.xml | 5 +
automation/startjanssenmonolithdemo.sh | 24 ++-
docker-jans-monolith/scripts/entrypoint.sh | 50 ++++-
jans-auth-server/agama/engine/pom.xml | 5 +
jans-auth-server/agama/inboundID/pom.xml | 13 ++
jans-auth-server/pom.xml | 10 +-
jans-bom/pom.xml | 5 +
jans-casa/app-fips/pom.xml | 2 +-
jans-casa/app/pom.xml | 2 +-
jans-casa/plugins/acct-linking/pom.xml | 13 ++
jans-casa/plugins/bioid/pom.xml | 13 ++
.../plugins/client-authorizations/pom.xml | 13 ++
jans-casa/plugins/custom-branding/pom.xml | 13 ++
jans-casa/plugins/email_2fa_core/pom.xml | 13 ++
.../plugins/strong-authn-settings/pom.xml | 13 ++
jans-casa/pom.xml | 13 ++
jans-config-api/pom.xml | 5 +
jans-core/pom.xml | 5 +
jans-fido2/pom.xml | 5 +
.../job-scheduler/pom.xml | 8 +
jans-keycloak-integration/pom.xml | 5 +
jans-keycloak-link/pom.xml | 13 ++
jans-link/pom.xml | 13 ++
jans-link/server-fips/pom.xml | 8 +
jans-link/server/pom.xml | 8 +
jans-link/service/pom.xml | 8 +
jans-lock/lock-server/pom.xml | 5 +
jans-orm/pom.xml | 5 +
jans-scim/pom.xml | 5 +
32 files changed, 474 insertions(+), 114 deletions(-)
create mode 100644 .github/maven-settings.xml
delete mode 100644 .github/workflows/build-wars.yml
create mode 100644 .github/workflows/full-rebuild.yml
diff --git a/.github/maven-settings.xml b/.github/maven-settings.xml
new file mode 100644
index 00000000000..49e17ff1124
--- /dev/null
+++ b/.github/maven-settings.xml
@@ -0,0 +1,9 @@
+
+
+
+ github
+ ${env.GITHUB_ACTOR}
+ ${env.JANS_TOKEN}
+
+
+
\ No newline at end of file
diff --git a/.github/workflows/build-wars.yml b/.github/workflows/build-wars.yml
deleted file mode 100644
index 8446be62283..00000000000
--- a/.github/workflows/build-wars.yml
+++ /dev/null
@@ -1,100 +0,0 @@
-name: Build Wars
-on:
- workflow_dispatch:
- pull_request:
- branches:
- - main
- paths:
- - 'jans-keycloak-integration/**'
- - 'jans-keycloak-link/**'
- - 'agama/**'
- - 'jans-auth-server/**'
- - 'jans-lock/**'
- - 'jans-bom/**'
- - 'jans-config-api/**'
- - 'jans-core/**'
- - 'jans-fido2/**'
- - 'jans-orm/**'
- - 'jans-scim/**'
- - 'jans-link/**'
-
- push:
- branches:
- - main
- paths:
- - 'jans-keycloak-integration/**'
- - 'jans-keycloak-link/**'
- - 'agama/**'
- - 'jans-auth-server/**'
- - 'jans-lock/**'
- - 'jans-bom/**'
- - 'jans-config-api/**'
- - 'jans-core/**'
- - 'jans-fido2/**'
- - 'jans-orm/**'
- - 'jans-scim/**'
- - 'jans-link/**'
-jobs:
- build:
- if: github.repository == 'JanssenProject/jans'
- name: Build wars
- runs-on: ubuntu-latest
- continue-on-error: true
- strategy:
- max-parallel: 11
- matrix:
- fldrpath: ['jans-bom','agama','jans-fido2','jans-core','jans-auth-server','jans-orm','jans-config-api','jans-scim','jans-keycloak-integration','jans-link','jans-keycloak-link','jans-lock']
- steps:
- - name: Harden Runner
- uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
- with:
- egress-policy: audit
-
- - name : Variables
- run: |
- echo ${{ github.repository }}
- echo ${{ github.actor }}
-
- - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- with:
- repository: ${{ github.repository }}
-
- - name: find changed directories
- run: |
- if [ $GITHUB_BASE_REF ]; then
- # Pull Request
- echo "Triggerring event: pull request"
- echo Pull request base ref: $GITHUB_BASE_REF
- git fetch origin $GITHUB_BASE_REF --depth=1
- if [ ${{ github.event.action }} = "opened" ]; then
- echo "Triggerring action: opened"
- echo "DIRECTORIES_CHANGED=$( git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.event.pull_request.head.sha }} | cut -d/ -f1 | sort -u | sed -z 's/\n/,/g;s/^/[/;s/,$/]/;s/$/\n/')" >> ${GITHUB_ENV}
- fi
- if [ ${{ github.event.action }} = "synchronize" ]; then
- echo "Triggerring action: synchronize"
- echo "DIRECTORIES_CHANGED=$( git diff --name-only ${{ github.event.before }} ${{ github.event.pull_request.head.sha }} | cut -d/ -f1 | sort -u | sed -z 's/\n/,/g;s/^/[/;s/,$/]/;s/$/\n/')" >> ${GITHUB_ENV}
- fi
- else
- # Push
- echo "Triggerring event: push"
- git fetch origin ${{ github.event.before }} --depth=1
- echo "DIRECTORIES_CHANGED=$( git diff --name-only ${{ github.event.before }} ${{ github.sha }} | cut -d/ -f1 | sort -u | sed -z 's/\n/,/g;s/^/[/;s/,$/]/;s/$/\n/')" >> ${GITHUB_ENV}
- fi
- echo "$DIRECTORIES_CHANGED"
-
- - uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 # v4.0.0
- if: contains(env.DIRECTORIES_CHANGED, matrix.fldrpath)
- with:
- java-version: '17'
- distribution: 'zulu'
-
- - name: Publish package
- if: contains(env.DIRECTORIES_CHANGED, matrix.fldrpath)
- env:
- GITHUB_USERNAME: ${{ github.actor }}
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- run: |
- pwd
- mvn clean install -DskipTests --file ${{ matrix.fldrpath }}
- mvn -B package --file ${{ matrix.fldrpath }}/pom.xml -Dmaven.test.skip=true
- mvn --file ${{ matrix.fldrpath }}/pom.xml deploy -Dmaven.test.skip=true
diff --git a/.github/workflows/full-rebuild.yml b/.github/workflows/full-rebuild.yml
new file mode 100644
index 00000000000..d0adb10ef70
--- /dev/null
+++ b/.github/workflows/full-rebuild.yml
@@ -0,0 +1,179 @@
+name: Jans Full Build
+
+on:
+ push:
+ branches:
+ - main
+ schedule:
+ - cron: '0 8 * * *'
+ pull_request:
+ branches:
+ - main
+ workflow_dispatch:
+
+
+jobs:
+ full-build-with-disabled-tests:
+ runs-on: ubuntu-20.04
+ permissions:
+ contents: read
+ packages: write
+ env:
+ VERSION_NAME: main
+ MAVEN_SKIP_TESTS: true
+ PROFILE_NAME: "default"
+
+ strategy:
+ max-parallel: 1
+ matrix:
+ service:
+ - "jans-bom"
+ - "jans-orm"
+ - "jans-core"
+ - "jans-lock/lock-server"
+ - "agama"
+ - "jans-auth-server"
+ - "jans-link"
+ - "jans-fido2"
+ - "jans-scim"
+ - "jans-keycloak-link"
+ - "jans-config-api"
+ - "jans-keycloak-integration"
+ - "jans-casa"
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+ with:
+ ref: ${{ github.event.inputs.branch }}
+
+ - name: Set up Java 17
+ uses: actions/setup-java@v4
+ with:
+ java-version: '17'
+ distribution: 'adopt'
+
+ - name: Set up Maven
+ uses: actions/setup-java@v4
+ with:
+ java-version: '17'
+ distribution: 'adopt'
+ cache: 'maven'
+
+ - name: Build ${{ matrix.service }}
+ run: |
+ if [ "${{ github.event_name }}" == "pull_request" ]; then
+ mvn -f ${{ matrix.service }}/pom.xml -Dcfg=${{ env.PROFILE_NAME }} -Dmaven.test.skip=${{ env.MAVEN_SKIP_TESTS }} clean install -Drevision=${{ github.head_ref }}-SNAPSHOT
+ else
+ mvn -f ${{ matrix.service }}/pom.xml -Dcfg=${{ env.PROFILE_NAME }} -Dmaven.test.skip=${{ env.MAVEN_SKIP_TESTS }} clean install
+ fi
+
+ - name: Publish to GitHub Packages
+ run: mvn -B deploy -Dmaven.test.skip=${{ env.MAVEN_SKIP_TESTS }} -Dcfg=${{ env.PROFILE_NAME }}
+ working-directory: ${{ matrix.service }}
+ env:
+ GITHUB_TOKEN: ${{ secrets.JANS_TOKEN }}
+
+ - name: Archive results
+ if: always()
+ uses: actions/upload-artifact@v4
+ with:
+ name: build-results
+ path: ${{ matrix.service }}/target
+
+ - name: Send notification on failure
+ if: failure()
+ run: echo "Build failed"
+
+ cleanup:
+ if: github.event_name == 'push' && github.event.ref == 'refs/heads/main'
+ runs-on: ubuntu-20.04
+ steps:
+
+ - name: Clean up PR assets
+ run: |
+ # List all SNAPSHOT versions
+ versions=$(curl -s -H "Authorization: token ${{ secrets.JANS_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/maven-metadata.xml" | grep -oP '(?<=)[^<]+')
+
+ for version in $versions; do
+ if [[ $version == *-SNAPSHOT ]]; then
+ # Delete the version from GitHub Packages
+ curl -X DELETE -H "Authorization: token ${{ secrets.JANS_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/io/jans/${{ matrix.service }}/$version"
+ fi
+ done
+
+ run-tests:
+ permissions: write-all
+ runs-on: ubuntu-20.04
+ env:
+ MAVEN_SKIP_TESTS: false
+ CONTAINER_NAME_SPANNER: ubuntu20-spanner
+ CONTAINER_NAME_CB: ubuntu20-couchbase
+ CONTAINER_NAME_LDAP: ubuntu20-ldap
+ CONTAINER_NAME_MYSQL: ubuntu20-mysql
+ CONTAINER_NAME_POSTGRESQL: ubuntu20-postgresql
+ DEVELOPMENT_BUILD: true
+ SKIP_FINDBUGS: true
+ DEPENDENCY_CHECK: true
+ VERSION_NAME: main
+ PROFILE_NAME: default
+ strategy:
+ max-parallel: 5
+ matrix:
+ persistence:
+ - "MYSQL"
+ - "PGSQL"
+ fail-fast: false
+ steps:
+
+ - name: Checkout code
+ uses: actions/checkout@v4
+ with:
+ ref: ${{ github.event.inputs.branch }}
+
+ - name: Set up Java 17
+ uses: actions/setup-java@v4
+ with:
+ java-version: '17'
+ distribution: 'adopt'
+
+ - name: Set up Maven
+ uses: actions/setup-java@v4
+ with:
+ java-version: '17'
+ distribution: 'adopt'
+ cache: 'maven'
+
+ - name: Run Jans Monolith
+ env:
+ JANS_FQDN: demoexample.jans.io
+ EXT_IP: $(ifconfig eth0 | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1')
+ JANS_BUILD_COMMIT: main
+ run: |
+ export ip=$(ifconfig eth0 | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1')
+ sudo chmod a+x automation/startjanssenmonolithdemo.sh
+ sudo RUN_TESTS=true bash ./automation/startjanssenmonolithdemo.sh "demoexample.jans.io" "${{ matrix.persistence }}" "$ip" "${{ github.sha }}"
+
+ - name: List Reports
+ run: |
+ ls /tmp/reports/
+
+ - name: Upload Test Results
+ uses: actions/upload-artifact@v4
+ with:
+ name: ${{ matrix.persistence }}-test-results
+ path: /tmp/reports
+
+ - name: Publish Test Report ${{ matrix.persistence }}
+ uses: starburstdata/action-testng-report@v1
+ with:
+ report_paths: /tmp/reports/${{ matrix.persistence }}*.xml
+ github_token: ${{ github.token }}
+ fail_if_empty: false
+
+ # - name: Publish Test Report Surefire
+ # uses: scacap/action-surefire-report@v1
+ # if: success() || failure()
+ # with:
+ # github_token: ${{ github.token }}
+ # report_paths: /tmp/reports/**.xml
diff --git a/agama/pom.xml b/agama/pom.xml
index e150eb66858..0fb22886d65 100644
--- a/agama/pom.xml
+++ b/agama/pom.xml
@@ -33,6 +33,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
jans
Janssen project repository
diff --git a/automation/startjanssenmonolithdemo.sh b/automation/startjanssenmonolithdemo.sh
index 3dc0dfd1cae..946b0df4367 100644
--- a/automation/startjanssenmonolithdemo.sh
+++ b/automation/startjanssenmonolithdemo.sh
@@ -49,7 +49,7 @@ WORKING_DIRECTORY=$PWD
# note that as we're pulling from a monorepo (with multiple project in it)
# we are using partial-clone and sparse-checkout to get the docker-jans-monolith code
rm -rf /tmp/jans || echo "/tmp/jans doesn't exist"
-git clone --filter blob:none --no-checkout https://github.com/janssenproject/jans /tmp/jans \
+git clone --filter blob:none --no-checkout https://github.com/JanssenProject/jans /tmp/jans \
&& cd /tmp/jans \
&& git sparse-checkout init --cone \
&& git checkout "$JANS_BUILD_COMMIT" \
@@ -132,15 +132,35 @@ while [ $SECONDS -lt $end ]; do
sleep 10
done
echo -e "Running build.. \n"
+docker exec -w /tmp/jans/jans-orm docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=true clean compile install
docker exec -w /tmp/jans/jans-auth-server docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=true -fae clean compile install
+docker exec -w /tmp/jans/jans-auth-server/agama docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=true -fae clean compile install
+docker exec -w /tmp/jans/jans-scim docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=true clean compile install site
+docker exec -w /tmp/jans/jans-config-api docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=true clean compile install
+docker exec -w /tmp/jans/jans-fido2 docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=true clean compile install
echo -e "Running tests.. \n"
+docker exec -w /tmp/jans/jans-orm docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=false test
docker exec -w /tmp/jans/jans-auth-server docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=false test
+docker exec -w /tmp/jans/jans-auth-server/agama docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=false test
+docker exec -w /tmp/jans/jans-scim docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=false test
+docker exec -w /tmp/jans/jans-config-api docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=false -DfailIfNoTests=false -Dtest=io.jans.configapi.JenkinsTestRunner test
+docker exec -w /tmp/jans/jans-fido2 docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=false test
echo -e "copying reports.. \n"
docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-auth-server/client/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-auth-client-testng-results.xml
docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-auth-server/agama/model/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-auth-agama-model-testng-results.xml
docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-auth-server/test-model/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-auth-test-model-testng-results.xml
docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-auth-server/model/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-auth-model-testng-results.xml
-
+docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/couchbase/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-couchbase-testng-results.xml
+docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/spanner-sample/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-spanner-sample-testng-results.xml
+docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/couchbase-sample/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-couchbase-sample-testng-results.xml
+docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/sql-sample/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-sql-sample-testng-results.xml
+docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/sql/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-sql-testng-results.xml
+docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/spanner/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-spanner-testng-results.xml
+docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/util/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-util-testng-results.xml
+docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/model/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-model-testng-results.xml
+docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/filter/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-filter-testng-results.xml
+docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-scim/client/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-scim-client-testng-results.xml
+docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-config-api/server/target/surefire-reports/results-json.txt /tmp/reports/$JANS_PERSISTENCE-jans-config-api-server-testng-results.xml
EOF
if [[ "$RUN_TESTS" == "true" ]]; then
sudo bash testendpoints.sh
diff --git a/docker-jans-monolith/scripts/entrypoint.sh b/docker-jans-monolith/scripts/entrypoint.sh
index 86ead7f6213..a549ce1753b 100644
--- a/docker-jans-monolith/scripts/entrypoint.sh
+++ b/docker-jans-monolith/scripts/entrypoint.sh
@@ -109,15 +109,15 @@ register_fqdn() {
fi
}
-prepare_auth_server_test() {
+prepare_auth_server_tests() {
WORKING_DIRECTORY=$PWD
echo "***** cloning jans auth server folder!! *****"
rm -rf /tmp/jans || echo "Jans isn't cloned yet..Cloning"\
- && git clone --filter blob:none --no-checkout https://github.com/janssenproject/jans /tmp/jans \
+ && git clone --filter blob:none --no-checkout https://github.com/JanssenProject/jans /tmp/jans \
&& cd /tmp/jans \
&& git sparse-checkout init --cone \
&& git checkout "${JANS_SOURCE_VERSION}" \
- && git sparse-checkout set jans-auth-server \
+ && git sparse-checkout set jans-auth-server jans-scim jans-config-api jans-orm jans-fido2 \
&& cd jans-auth-server \
&& echo "Copying auth server test profiles from ephemeral server" \
&& cp -R /opt/jans/jans-setup/output/test/jans-auth ./ \
@@ -133,7 +133,7 @@ prepare_auth_server_test() {
&& echo "Removing test profile folder" \
&& rm -rf ./jans-auth \
&& cd agama \
- && cp /opt/jans/jans-setup/output/test/jans-auth/config-agama-test.properties . \
+ && cp /opt/jans/jans-setup/output/test/agama/config-agama-test.properties . \
&& mkdir -p ./engine/profiles/"${CN_HOSTNAME}" \
&& mv config-agama-test.properties ./engine/profiles/"${CN_HOSTNAME}"/config-agama-test.properties \
&& cd .. \
@@ -145,11 +145,51 @@ prepare_auth_server_test() {
&& cd "$WORKING_DIRECTORY"
}
+prepare_scim_test() {
+ WORKING_DIRECTORY=$PWD
+ cd /tmp/jans \
+ && cd jans-scim \
+ && echo "Copying scim server test profiles from ephemeral server" \
+ && cp -R /opt/jans/jans-setup/output/test/scim-client ./ \
+ && echo "Creating scim server profile folders" \
+ && mkdir -p ./client/profiles/"${CN_HOSTNAME}" \
+ && echo "Copying scim server profile files" \
+ && cp ./scim-client/client/config-scim-test.properties ./client/profiles/"${CN_HOSTNAME}" \
+ && echo "Removing test profile folder" \
+ && rm -rf ./scim-client \
+ && cd .. \
+ && cd "$WORKING_DIRECTORY"
+}
+
+prepare_config_api_test() {
+ WORKING_DIRECTORY=$PWD
+ cd /tmp/jans \
+ && cd jans-config-api \
+ && echo "Copying config-api test profiles from ephemeral server" \
+ && cp -R /opt/jans/jans-setup/output/test/jans-config-api ./ \
+ && rm -rf ./profiles/"${CN_HOSTNAME}" \
+ && echo "Creating config-api profile folders" \
+ && mkdir -p ./profiles/"${CN_HOSTNAME}" \
+ && echo "Copying config-api server profile files" \
+ && cp ./jans-config-api/client/* ./profiles/"${CN_HOSTNAME}" \
+ && echo "Copying default configuration properties" \
+ && cp ./profiles/default/config-build.properties ./profiles/"${CN_HOSTNAME}" \
+ && echo "Removing test profile folder" \
+ && rm -rf ./jans-config-api \
+ && cd .. \
+ && cd "$WORKING_DIRECTORY"
+}
+
+
prepare_java_tests() {
if [[ "${RUN_TESTS}" == "true" ]]; then
echo "***** Running Java tests!! *****"
echo "***** Running Auth server tests!! *****"
- prepare_auth_server_test
+ prepare_auth_server_tests
+ echo "***** Running Scim tests!! *****"
+ prepare_scim_test
+ echo "***** Running Config Api tests!! *****"
+ prepare_config_api_test
echo "***** Java tests completed!! *****"
fi
}
diff --git a/jans-auth-server/agama/engine/pom.xml b/jans-auth-server/agama/engine/pom.xml
index e6620c249ca..2c128da40e1 100644
--- a/jans-auth-server/agama/engine/pom.xml
+++ b/jans-auth-server/agama/engine/pom.xml
@@ -20,6 +20,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
jans
Jans repository
diff --git a/jans-auth-server/agama/inboundID/pom.xml b/jans-auth-server/agama/inboundID/pom.xml
index 4543762390a..81435b2245c 100644
--- a/jans-auth-server/agama/inboundID/pom.xml
+++ b/jans-auth-server/agama/inboundID/pom.xml
@@ -7,6 +7,14 @@
jar
+
+
+ github
+ Github Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
+
+
io.jans
jans-auth-server-parent
@@ -21,6 +29,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
jans
Jans repository
diff --git a/jans-auth-server/pom.xml b/jans-auth-server/pom.xml
index 360cd02db77..40d57852eed 100644
--- a/jans-auth-server/pom.xml
+++ b/jans-auth-server/pom.xml
@@ -67,11 +67,11 @@
-
- mavencentral
- maven central
- https://repo1.maven.org/maven2
-
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
true
diff --git a/jans-bom/pom.xml b/jans-bom/pom.xml
index 12fb2ce1afb..9d830bea1ff 100644
--- a/jans-bom/pom.xml
+++ b/jans-bom/pom.xml
@@ -64,6 +64,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
central
Maven Repository Switchboard
diff --git a/jans-casa/app-fips/pom.xml b/jans-casa/app-fips/pom.xml
index d8f0fa2228d..fd68f7c0a3a 100644
--- a/jans-casa/app-fips/pom.xml
+++ b/jans-casa/app-fips/pom.xml
@@ -360,7 +360,7 @@
maven-war-plugin
org.apache.maven.plugins
- 2.3
+ 3.3.2
false
diff --git a/jans-casa/app/pom.xml b/jans-casa/app/pom.xml
index 873993e6db8..6b7d8c8d87e 100644
--- a/jans-casa/app/pom.xml
+++ b/jans-casa/app/pom.xml
@@ -334,7 +334,7 @@
maven-war-plugin
org.apache.maven.plugins
- 2.3
+ 3.3.2
diff --git a/jans-casa/plugins/acct-linking/pom.xml b/jans-casa/plugins/acct-linking/pom.xml
index a46c815472e..2d72b337d7a 100644
--- a/jans-casa/plugins/acct-linking/pom.xml
+++ b/jans-casa/plugins/acct-linking/pom.xml
@@ -8,6 +8,14 @@
1.1.6-SNAPSHOT
jar
+
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
+
+
11
11
@@ -15,6 +23,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
jans
Janssen project repository
diff --git a/jans-casa/plugins/bioid/pom.xml b/jans-casa/plugins/bioid/pom.xml
index 1dd573ed183..0ae2b685388 100644
--- a/jans-casa/plugins/bioid/pom.xml
+++ b/jans-casa/plugins/bioid/pom.xml
@@ -8,6 +8,14 @@
1.1.6-SNAPSHOT
jar
+
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
+
+
11
11
@@ -15,6 +23,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
jans
Janssen project repository
diff --git a/jans-casa/plugins/client-authorizations/pom.xml b/jans-casa/plugins/client-authorizations/pom.xml
index 57139bec9b8..2229bd724ec 100644
--- a/jans-casa/plugins/client-authorizations/pom.xml
+++ b/jans-casa/plugins/client-authorizations/pom.xml
@@ -8,6 +8,14 @@
1.1.6-SNAPSHOT
jar
+
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
+
+
11
11
@@ -15,6 +23,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
jans
Janssen project repository
diff --git a/jans-casa/plugins/custom-branding/pom.xml b/jans-casa/plugins/custom-branding/pom.xml
index 9fdad5aa58a..16fad6ae5e9 100644
--- a/jans-casa/plugins/custom-branding/pom.xml
+++ b/jans-casa/plugins/custom-branding/pom.xml
@@ -8,6 +8,14 @@
1.1.6-SNAPSHOT
jar
+
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
+
+
11
11
@@ -15,6 +23,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
jans
Janssen project repository
diff --git a/jans-casa/plugins/email_2fa_core/pom.xml b/jans-casa/plugins/email_2fa_core/pom.xml
index ffe3058c6e6..ab1578db476 100644
--- a/jans-casa/plugins/email_2fa_core/pom.xml
+++ b/jans-casa/plugins/email_2fa_core/pom.xml
@@ -8,6 +8,14 @@
1.1.6-SNAPSHOT
jar
+
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
+
+
11
11
@@ -16,6 +24,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
mavencentral
maven central
diff --git a/jans-casa/plugins/strong-authn-settings/pom.xml b/jans-casa/plugins/strong-authn-settings/pom.xml
index b8bcf828b5d..83b01e93db7 100644
--- a/jans-casa/plugins/strong-authn-settings/pom.xml
+++ b/jans-casa/plugins/strong-authn-settings/pom.xml
@@ -8,6 +8,14 @@
1.1.6-SNAPSHOT
jar
+
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
+
+
11
11
@@ -15,6 +23,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
jans
Janssen project repository
diff --git a/jans-casa/pom.xml b/jans-casa/pom.xml
index 4806c9608c8..560666d64dd 100644
--- a/jans-casa/pom.xml
+++ b/jans-casa/pom.xml
@@ -8,6 +8,14 @@
1.1.6-SNAPSHOT
pom
+
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
+
+
${maven.min-version}
@@ -34,6 +42,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
jans
Janssen project repository
diff --git a/jans-config-api/pom.xml b/jans-config-api/pom.xml
index 87a360c6538..6d01d6e6fbb 100644
--- a/jans-config-api/pom.xml
+++ b/jans-config-api/pom.xml
@@ -73,6 +73,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
mavencentral
maven central
diff --git a/jans-core/pom.xml b/jans-core/pom.xml
index 5dfa0fe24de..fd4a6e98074 100644
--- a/jans-core/pom.xml
+++ b/jans-core/pom.xml
@@ -201,6 +201,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
mavencentral
maven central
diff --git a/jans-fido2/pom.xml b/jans-fido2/pom.xml
index c8107b43a08..8afe5628061 100644
--- a/jans-fido2/pom.xml
+++ b/jans-fido2/pom.xml
@@ -45,6 +45,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
repository.jboss.org
JBoss Repository
diff --git a/jans-keycloak-integration/job-scheduler/pom.xml b/jans-keycloak-integration/job-scheduler/pom.xml
index 9e7944c7062..7fdd64971d4 100644
--- a/jans-keycloak-integration/job-scheduler/pom.xml
+++ b/jans-keycloak-integration/job-scheduler/pom.xml
@@ -6,6 +6,14 @@
kc-jans-scheduler
jar
+
+
+ github
+ Github Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
+
+
io.jans
jans-kc-parent
diff --git a/jans-keycloak-integration/pom.xml b/jans-keycloak-integration/pom.xml
index 1e0830e4221..ee1c0f30dae 100644
--- a/jans-keycloak-integration/pom.xml
+++ b/jans-keycloak-integration/pom.xml
@@ -63,6 +63,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
jans.io
Janssen project repository
diff --git a/jans-keycloak-link/pom.xml b/jans-keycloak-link/pom.xml
index 5e1dcca4454..d1601881d04 100644
--- a/jans-keycloak-link/pom.xml
+++ b/jans-keycloak-link/pom.xml
@@ -12,6 +12,14 @@
pom
http://maven.apache.org
+
+
+ github
+ Github Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
+
+
${project.version}
3.0.3
@@ -28,6 +36,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
mavencentral
maven central
diff --git a/jans-link/pom.xml b/jans-link/pom.xml
index 07d809461ea..42f27751424 100644
--- a/jans-link/pom.xml
+++ b/jans-link/pom.xml
@@ -13,6 +13,14 @@
jans link server parent
http://maven.apache.org
+
+
+ github
+ Github Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
+
+
${project.version}
@@ -34,6 +42,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
mavencentral
maven central
diff --git a/jans-link/server-fips/pom.xml b/jans-link/server-fips/pom.xml
index 6d4ae5da051..5582dac9917 100644
--- a/jans-link/server-fips/pom.xml
+++ b/jans-link/server-fips/pom.xml
@@ -6,6 +6,14 @@
jans link server (FIPS)
war
+
+
+ github
+ Github Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
+
+
jans-link-server-parent
io.jans
diff --git a/jans-link/server/pom.xml b/jans-link/server/pom.xml
index 4dbb333fb0e..b153062ea8b 100644
--- a/jans-link/server/pom.xml
+++ b/jans-link/server/pom.xml
@@ -10,6 +10,14 @@
jans link server
http://maven.apache.org
+
+
+ github
+ Github Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
+
+
UTF-8
diff --git a/jans-link/service/pom.xml b/jans-link/service/pom.xml
index 984ec5e68a1..7a8330d9a8a 100644
--- a/jans-link/service/pom.xml
+++ b/jans-link/service/pom.xml
@@ -10,6 +10,14 @@
jans link service
http://maven.apache.org
+
+
+ github
+ Github Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
+
+
UTF-8
diff --git a/jans-lock/lock-server/pom.xml b/jans-lock/lock-server/pom.xml
index 9fe7c50671a..5b020b8cbfe 100644
--- a/jans-lock/lock-server/pom.xml
+++ b/jans-lock/lock-server/pom.xml
@@ -55,6 +55,11 @@
maven central
https://repo1.maven.org/maven2
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
jans
Janssen project repository
diff --git a/jans-orm/pom.xml b/jans-orm/pom.xml
index b2f7bfe21ca..9e1c6770b04 100644
--- a/jans-orm/pom.xml
+++ b/jans-orm/pom.xml
@@ -63,6 +63,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
mavencentral
maven central
diff --git a/jans-scim/pom.xml b/jans-scim/pom.xml
index 31e71a21cea..f4a34ea896a 100644
--- a/jans-scim/pom.xml
+++ b/jans-scim/pom.xml
@@ -40,6 +40,11 @@
+
+ github
+ GitHub Packages
+ https://maven.pkg.github.com/JanssenProject/jans
+
repository.jboss.org
JBoss Repository
From 81f408c248577d861093368d07856e85495f0e7f Mon Sep 17 00:00:00 2001
From: moabu <47318409+moabu@users.noreply.github.com>
Date: Thu, 7 Nov 2024 13:01:05 +0300
Subject: [PATCH 2/6] ci: update token
---
.github/workflows/full-rebuild.yml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/.github/workflows/full-rebuild.yml b/.github/workflows/full-rebuild.yml
index d0adb10ef70..94f97dd83a0 100644
--- a/.github/workflows/full-rebuild.yml
+++ b/.github/workflows/full-rebuild.yml
@@ -72,7 +72,7 @@ jobs:
run: mvn -B deploy -Dmaven.test.skip=${{ env.MAVEN_SKIP_TESTS }} -Dcfg=${{ env.PROFILE_NAME }}
working-directory: ${{ matrix.service }}
env:
- GITHUB_TOKEN: ${{ secrets.JANS_TOKEN }}
+ GITHUB_TOKEN: ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}
- name: Archive results
if: always()
@@ -93,12 +93,12 @@ jobs:
- name: Clean up PR assets
run: |
# List all SNAPSHOT versions
- versions=$(curl -s -H "Authorization: token ${{ secrets.JANS_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/maven-metadata.xml" | grep -oP '(?<=)[^<]+')
+ versions=$(curl -s -H "Authorization: token ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/maven-metadata.xml" | grep -oP '(?<=)[^<]+')
for version in $versions; do
if [[ $version == *-SNAPSHOT ]]; then
# Delete the version from GitHub Packages
- curl -X DELETE -H "Authorization: token ${{ secrets.JANS_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/io/jans/${{ matrix.service }}/$version"
+ curl -X DELETE -H "Authorization: token ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/io/jans/${{ matrix.service }}/$version"
fi
done
From 4e935ca4817d4644c4a09b0d84562a98edfb1c16 Mon Sep 17 00:00:00 2001
From: moabu <47318409+moabu@users.noreply.github.com>
Date: Wed, 13 Nov 2024 12:50:43 +0300
Subject: [PATCH 3/6] ci: adjust to allow building one resource at a time
---
.github/workflows/full-rebuild.yml | 37 ++++++++++++++++++------------
1 file changed, 22 insertions(+), 15 deletions(-)
diff --git a/.github/workflows/full-rebuild.yml b/.github/workflows/full-rebuild.yml
index 94f97dd83a0..1837a9f5dce 100644
--- a/.github/workflows/full-rebuild.yml
+++ b/.github/workflows/full-rebuild.yml
@@ -10,6 +10,27 @@ on:
branches:
- main
workflow_dispatch:
+ inputs:
+ type:
+ type: choice
+ options:
+ - "jans-bom"
+ - "jans-orm"
+ - "jans-core"
+ - "jans-lock/lock-server"
+ - "agama"
+ - "jans-auth-server"
+ - "jans-link"
+ - "jans-fido2"
+ - "jans-scim"
+ - "jans-keycloak-link"
+ - "jans-config-api"
+ - "jans-keycloak-integration"
+ - "jans-casa"
+ description: 'Service'
+ required: true
+ default: 'jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2
+ jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa'
jobs:
@@ -26,21 +47,7 @@ jobs:
strategy:
max-parallel: 1
matrix:
- service:
- - "jans-bom"
- - "jans-orm"
- - "jans-core"
- - "jans-lock/lock-server"
- - "agama"
- - "jans-auth-server"
- - "jans-link"
- - "jans-fido2"
- - "jans-scim"
- - "jans-keycloak-link"
- - "jans-config-api"
- - "jans-keycloak-integration"
- - "jans-casa"
-
+ service: ${{ github.event.inputs.services }}
steps:
- name: Checkout code
uses: actions/checkout@v4
From 125f232394f0f192c68cbd4ad1fda4c228ea64a5 Mon Sep 17 00:00:00 2001
From: moabu <47318409+moabu@users.noreply.github.com>
Date: Wed, 13 Nov 2024 13:13:01 +0300
Subject: [PATCH 4/6] ci: adjust to allow building one resource at a time
---
.github/workflows/full-rebuild.yml | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/.github/workflows/full-rebuild.yml b/.github/workflows/full-rebuild.yml
index 1837a9f5dce..dd5199d3fc3 100644
--- a/.github/workflows/full-rebuild.yml
+++ b/.github/workflows/full-rebuild.yml
@@ -29,9 +29,7 @@ on:
- "jans-casa"
description: 'Service'
required: true
- default: 'jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2
- jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa'
-
+ default: 'jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa'
jobs:
full-build-with-disabled-tests:
@@ -47,7 +45,7 @@ jobs:
strategy:
max-parallel: 1
matrix:
- service: ${{ github.event.inputs.services }}
+ service: ${{ github.event.inputs.type }}
steps:
- name: Checkout code
uses: actions/checkout@v4
From d2555b6d8a798a6f5b4ec946c70c3acff23b2ab3 Mon Sep 17 00:00:00 2001
From: moabu <47318409+moabu@users.noreply.github.com>
Date: Thu, 14 Nov 2024 09:22:27 +0300
Subject: [PATCH 5/6] ci: adjust to allow building one resource at a time
---
.github/workflows/full-rebuild.yml | 42 +++++++++++++++++++++++-------
1 file changed, 32 insertions(+), 10 deletions(-)
diff --git a/.github/workflows/full-rebuild.yml b/.github/workflows/full-rebuild.yml
index dd5199d3fc3..5b662ff364e 100644
--- a/.github/workflows/full-rebuild.yml
+++ b/.github/workflows/full-rebuild.yml
@@ -11,7 +11,7 @@ on:
- main
workflow_dispatch:
inputs:
- type:
+ project:
type: choice
options:
- "jans-bom"
@@ -27,13 +27,34 @@ on:
- "jans-config-api"
- "jans-keycloak-integration"
- "jans-casa"
+ - "jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa"
description: 'Service'
required: true
- default: 'jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa'
+ default: "jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa"
jobs:
+ prep-matrix:
+ runs-on: ubuntu-latest
+ outputs:
+ matrix: ${{ steps.set-matrix.outputs.matrix }}
+ steps:
+ - id: set-matrix
+ run: |
+ projects="${{ github.event.inputs.project }}"
+ if [ -z "$projects" ]; then
+ projects="jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa"
+ fi
+ matrix="{\"include\":["
+ for project in $projects; do
+ matrix="$matrix{\"service\":\"$project\",\"maven_skip_tests\":true},"
+ done
+ matrix="${matrix%,}]}"
+ echo $matrix
+ echo "matrix=$matrix" >> $GITHUB_OUTPUT
+
full-build-with-disabled-tests:
runs-on: ubuntu-20.04
+ needs: prep-matrix
permissions:
contents: read
packages: write
@@ -44,8 +65,8 @@ jobs:
strategy:
max-parallel: 1
- matrix:
- service: ${{ github.event.inputs.type }}
+ matrix: ${{ fromJson(needs.prep-matrix.outputs.matrix) }}
+
steps:
- name: Checkout code
uses: actions/checkout@v4
@@ -68,13 +89,13 @@ jobs:
- name: Build ${{ matrix.service }}
run: |
if [ "${{ github.event_name }}" == "pull_request" ]; then
- mvn -f ${{ matrix.service }}/pom.xml -Dcfg=${{ env.PROFILE_NAME }} -Dmaven.test.skip=${{ env.MAVEN_SKIP_TESTS }} clean install -Drevision=${{ github.head_ref }}-SNAPSHOT
+ mvn -f ${{ matrix.service }}/pom.xml -Dcfg=${{ env.PROFILE_NAME }} -Dmaven.test.skip=${{ matrix.maven_skip_tests }} clean install -Drevision=${{ github.head_ref }}-SNAPSHOT
else
- mvn -f ${{ matrix.service }}/pom.xml -Dcfg=${{ env.PROFILE_NAME }} -Dmaven.test.skip=${{ env.MAVEN_SKIP_TESTS }} clean install
+ mvn -f ${{ matrix.service }}/pom.xml -Dcfg=${{ env.PROFILE_NAME }} -Dmaven.test.skip=${{ matrix.maven_skip_tests }} clean install
fi
- name: Publish to GitHub Packages
- run: mvn -B deploy -Dmaven.test.skip=${{ env.MAVEN_SKIP_TESTS }} -Dcfg=${{ env.PROFILE_NAME }}
+ run: mvn -B deploy -Dmaven.test.skip=${{ matrix.maven_skip_tests }} -Dcfg=${{ env.PROFILE_NAME }}
working-directory: ${{ matrix.service }}
env:
GITHUB_TOKEN: ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}
@@ -99,15 +120,16 @@ jobs:
run: |
# List all SNAPSHOT versions
versions=$(curl -s -H "Authorization: token ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/maven-metadata.xml" | grep -oP '(?<=)[^<]+')
-
+
for version in $versions; do
if [[ $version == *-SNAPSHOT ]]; then
# Delete the version from GitHub Packages
- curl -X DELETE -H "Authorization: token ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/io/jans/${{ matrix.service }}/$version"
+ curl -X DELETE -H "Authorization: token ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/io/jans/${{ matrix.service.project }}/$version"
fi
done
run-tests:
+ if: github.event_name == 'push' || github.event_name == 'pull_request' || (github.event_name == 'workflow_dispatch' && github.event.inputs.project == 'jans-bom, jans-orm, jans-core, jans-lock/lock-server, agama, jans-auth-server, jans-link, jans-fido2, jans-scim, jans-keycloak-link, jans-config-api, jans-keycloak-integration, jans-casa')
permissions: write-all
runs-on: ubuntu-20.04
env:
@@ -181,4 +203,4 @@ jobs:
# if: success() || failure()
# with:
# github_token: ${{ github.token }}
- # report_paths: /tmp/reports/**.xml
+ # report_paths: /tmp/reports/**.xml
\ No newline at end of file
From a679fd598e3ec7a054c2aa942d2e9ffdf22b1bb9 Mon Sep 17 00:00:00 2001
From: moabu <47318409+moabu@users.noreply.github.com>
Date: Thu, 14 Nov 2024 10:09:24 +0300
Subject: [PATCH 6/6] ci: initial organization of jans workdfloes
---
...build_image.yml => build-docker-image.yml} | 0
...htly-build.yml => build-nightly-build.yml} | 0
.../{full-rebuild.yml => build-test.yml} | 68 ++++++++-
.github/workflows/documenation_check.yml | 57 --------
.../workflows/jans_pycloud_build_package.yml | 63 --------
.github/workflows/lint-docs.yml | 37 +++++
.../{flake8-lint.yml => lint-flak8.yml} | 0
.github/workflows/{docs.yml => ops-docs.yml} | 56 +++++++-
..._pr_issues.yml => ops-label-pr-issues.yml} | 0
...{pr-ref-issue.yml => ops-pr-ref-issue.yml} | 0
.../workflows/{sync.yml => ops-sync-tf.yml} | 0
.../{backport.yml => release-backport.yml} | 0
...ub_cache.yml => sanitary-github-cache.yml} | 0
...ow_runs.yml => sanitary-workflow-runs.yml} | 0
.../{codeql-analysis.yml => scan-codeql.yml} | 2 +-
...endency-review.yml => scan-dependency.yml} | 0
..._code_quality_check.yml => scan-sonar.yml} | 0
.../{scorecard.yml => security-scorecard.yml} | 0
...{test_cedarling.yml => test-cedarling.yml} | 0
...testcases.yml => test-jans-pycloudlib.yml} | 0
.../{microk8s.yml => test-microk8s.yml} | 2 +-
.../workflows/test_docker_linux_installer.yml | 136 ------------------
22 files changed, 154 insertions(+), 267 deletions(-)
rename .github/workflows/{docker_build_image.yml => build-docker-image.yml} (100%)
rename .github/workflows/{activate-nightly-build.yml => build-nightly-build.yml} (100%)
rename .github/workflows/{full-rebuild.yml => build-test.yml} (68%)
delete mode 100644 .github/workflows/documenation_check.yml
delete mode 100644 .github/workflows/jans_pycloud_build_package.yml
create mode 100644 .github/workflows/lint-docs.yml
rename .github/workflows/{flake8-lint.yml => lint-flak8.yml} (100%)
rename .github/workflows/{docs.yml => ops-docs.yml} (66%)
rename .github/workflows/{label_pr_issues.yml => ops-label-pr-issues.yml} (100%)
rename .github/workflows/{pr-ref-issue.yml => ops-pr-ref-issue.yml} (100%)
rename .github/workflows/{sync.yml => ops-sync-tf.yml} (100%)
rename .github/workflows/{backport.yml => release-backport.yml} (100%)
rename .github/workflows/{clean_github_cache.yml => sanitary-github-cache.yml} (100%)
rename .github/workflows/{delete_workflow_runs.yml => sanitary-workflow-runs.yml} (100%)
rename .github/workflows/{codeql-analysis.yml => scan-codeql.yml} (98%)
rename .github/workflows/{dependency-review.yml => scan-dependency.yml} (100%)
rename .github/workflows/{central_code_quality_check.yml => scan-sonar.yml} (100%)
rename .github/workflows/{scorecard.yml => security-scorecard.yml} (100%)
rename .github/workflows/{test_cedarling.yml => test-cedarling.yml} (100%)
rename .github/workflows/{testcases.yml => test-jans-pycloudlib.yml} (100%)
rename .github/workflows/{microk8s.yml => test-microk8s.yml} (97%)
delete mode 100644 .github/workflows/test_docker_linux_installer.yml
diff --git a/.github/workflows/docker_build_image.yml b/.github/workflows/build-docker-image.yml
similarity index 100%
rename from .github/workflows/docker_build_image.yml
rename to .github/workflows/build-docker-image.yml
diff --git a/.github/workflows/activate-nightly-build.yml b/.github/workflows/build-nightly-build.yml
similarity index 100%
rename from .github/workflows/activate-nightly-build.yml
rename to .github/workflows/build-nightly-build.yml
diff --git a/.github/workflows/full-rebuild.yml b/.github/workflows/build-test.yml
similarity index 68%
rename from .github/workflows/full-rebuild.yml
rename to .github/workflows/build-test.yml
index 5b662ff364e..f446cdda464 100644
--- a/.github/workflows/full-rebuild.yml
+++ b/.github/workflows/build-test.yml
@@ -1,4 +1,4 @@
-name: Jans Full Build
+name: Janssen Build & Test
on:
push:
@@ -38,6 +38,10 @@ jobs:
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
+ - name: Harden Runner
+ uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+ with:
+ egress-policy: audit
- id: set-matrix
run: |
projects="${{ github.event.inputs.project }}"
@@ -52,7 +56,7 @@ jobs:
echo $matrix
echo "matrix=$matrix" >> $GITHUB_OUTPUT
- full-build-with-disabled-tests:
+ build-with-disabled-tests:
runs-on: ubuntu-20.04
needs: prep-matrix
permissions:
@@ -68,6 +72,10 @@ jobs:
matrix: ${{ fromJson(needs.prep-matrix.outputs.matrix) }}
steps:
+ - name: Harden Runner
+ uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+ with:
+ egress-policy: audit
- name: Checkout code
uses: actions/checkout@v4
with:
@@ -115,7 +123,10 @@ jobs:
if: github.event_name == 'push' && github.event.ref == 'refs/heads/main'
runs-on: ubuntu-20.04
steps:
-
+ - name: Harden Runner
+ uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+ with:
+ egress-policy: audit
- name: Clean up PR assets
run: |
# List all SNAPSHOT versions
@@ -152,7 +163,10 @@ jobs:
- "PGSQL"
fail-fast: false
steps:
-
+ - name: Harden Runner
+ uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+ with:
+ egress-policy: audit
- name: Checkout code
uses: actions/checkout@v4
with:
@@ -171,6 +185,27 @@ jobs:
distribution: 'adopt'
cache: 'maven'
+ - name: Set up Go
+ uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
+ with:
+ go-version: 1.18
+
+ - name: Import GPG key
+ id: import_gpg
+ uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
+ with:
+ gpg_private_key: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY }}
+ passphrase: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY_PASSPHRASE }}
+ git_user_signingkey: true
+ git_commit_gpgsign: true
+
+ - name: Configure Git
+ run: |
+ git config --global user.name "mo-auto"
+ git config --global user.email "54212639+mo-auto@users.noreply.github.com"
+ git config --global user.signingkey "${{ steps.import_gpg.outputs.keyid }}"
+ echo "${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" | gh auth login --with-token
+
- name: Run Jans Monolith
env:
JANS_FQDN: demoexample.jans.io
@@ -181,6 +216,31 @@ jobs:
sudo chmod a+x automation/startjanssenmonolithdemo.sh
sudo RUN_TESTS=true bash ./automation/startjanssenmonolithdemo.sh "demoexample.jans.io" "${{ matrix.persistence }}" "$ip" "${{ github.sha }}"
+ echo "generating rdbms docs for ${{ matrix.persistence-backends }}..."
+ git clone https://mo-auto:${{ secrets.MOAUTO_WORKFLOW_TOKEN }}@github.com/JanssenProject/jans.git
+ cd jans
+ git config pull.rebase true
+ git checkout -b cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "Branch exists"
+ git pull origin cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "Nothing to pull"
+ sudo bash ./automation/docs/generate-rdbms-docs.sh "$persistence" || echo "generating rdbms docs failed for ${{ matrix.persistence-backends }}!!!"
+ git add . || echo "generating rdbms docs failed !!!"
+ git commit -a -S -m "docs: auto-generated ${{ matrix.persistence-backends }} docs" || echo "Nothing to commit"
+ git push --set-upstream origin cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "generating rdbms docs failed !!!"
+ MESSAGE="fix(docs): autogenerate ${{ matrix.persistence-backends }} RDBMS docs"
+ gh pr create --body "Auto generated RDBMS docs" --title "${MESSAGE}" || echo "PR exists"
+ cd ..
+ echo "generating rdbms docs for ${{ matrix.persistence-backends }} done"
+
+ export JANS_URL=https://demoexample.jans.io
+ export JANS_CLIENT_ID=9876baac-de39-4c23-8a78-674b59df8c09
+ export JANS_CLIENT_SECRET=1t5Fin3#security
+ export JANS_INSECURE_CLIENT=true
+ export TF_ACC=1
+ cd terraform-provider-jans
+ go install github.com/jstemmer/go-junit-report/v2@latest
+ go test -v 2>&1 ./... | go-junit-report > /tmp/reports/${{ matrix.persistence-backends }}report.xml
+ cd ..
+
- name: List Reports
run: |
ls /tmp/reports/
diff --git a/.github/workflows/documenation_check.yml b/.github/workflows/documenation_check.yml
deleted file mode 100644
index 642d4e84e64..00000000000
--- a/.github/workflows/documenation_check.yml
+++ /dev/null
@@ -1,57 +0,0 @@
-name: Check documentation on PRs
-on:
- workflow_dispatch:
- pull_request:
- types:
- - opened
- - edited
-
-permissions:
- contents: read
-
-jobs:
- check_pr_for_docs:
- env:
- GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- runs-on: ubuntu-latest
- steps:
- - name: Harden Runner
- uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
- with:
- egress-policy: audit
-
- - name: Checkout code
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- with:
- fetch-depth: 0
-
- - name: Install latest GH
- continue-on-error: true
- run: |
- VERSION=`curl "https://api.github.com/repos/cli/cli/releases/latest" | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/' | cut -c2-`
- echo $VERSION
- curl -sSL https://github.com/cli/cli/releases/download/v${VERSION}/gh_${VERSION}_linux_amd64.tar.gz -o gh_${VERSION}_linux_amd64.tar.gz
- tar xvf gh_${VERSION}_linux_amd64.tar.gz
- sudo cp gh_${VERSION}_linux_amd64/bin/gh /usr/local/bin/
- gh version
-
- - name: Check commit message
- continue-on-error: false
- id: check_message
- run: |
- PULL_NUMBER=${{ github.event.pull_request.number }}
- echo "Parsing commits from PR $PULL_NUMBER"
- MESSAGE=$(gh pr view "$PULL_NUMBER" --json commits | jq -r '.commits[].messageHeadline' | grep "^docs" || echo "")
- echo "$MESSAGE"
- if [[ -z "$MESSAGE" ]]; then
- echo "conventional commit starting with docs: does not exist. Checking if user confirmed no impact on docs in PR body"
- pr_body=$(gh pr view https://github.com/${{ github.repository }}/pull/"$PULL_NUMBER" --json body -q '.body')
- if [[ $pr_body == *"- [x] **I confirm that there is no impact on the docs due to the code changes in this PR.**"* ]]; then
- echo "Checklist item is filled in PR body. Author confirmed no impact."
- exit 0
- else
- echo "Author did not check the item that states: **I confirm that there is no impact on the docs due to the code changes in this PR.**"
- exit 1
- fi
- fi
- exit 0
diff --git a/.github/workflows/jans_pycloud_build_package.yml b/.github/workflows/jans_pycloud_build_package.yml
deleted file mode 100644
index bba28154041..00000000000
--- a/.github/workflows/jans_pycloud_build_package.yml
+++ /dev/null
@@ -1,63 +0,0 @@
-name: Images Janspycloud updater
-
-on:
- push:
- branches:
- - main
- paths:
- - "jans-pycloudlib/**"
- - "!**.md"
- - "!jans-pycloudlib/jans/pycloudlib/version.py"
- workflow_dispatch:
-
-permissions:
- contents: read
-
-jobs:
- pycloud-updater:
- permissions:
- contents: write # for Git to git push
- if: github.actor != 'mo-auto' && github.repository == 'JanssenProject/jans'
- runs-on: ubuntu-latest
- env:
- PR_DOCKER_BRANCH_NAME: update-jans-pycloudlib
- steps:
- - name: Harden Runner
- uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
- with:
- egress-policy: audit
-
- - name: Checkout
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-
- - name: Import GPG key
- id: import_gpg
- uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
- with:
- gpg_private_key: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY }}
- passphrase: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY_PASSPHRASE }}
- git_user_signingkey: true
- git_commit_gpgsign: true
-
- - name: Configure Git
- run: |
- git config --global user.name "mo-auto"
- git config --global user.email "54212639+mo-auto@users.noreply.github.com"
- git config --global user.signingkey "${{ steps.import_gpg.outputs.keyid }}"
- git checkout -b ${{ env.PR_DOCKER_BRANCH_NAME }}
- echo "${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" | gh auth login --with-token
-
- - name: Update stable requirements in docker images
- id: build_stable_reqs
- run: |
- dockerimages="auth-server casa certmanager config-api configurator fido2 keycloak-link link persistence-loader saml scim "
- for image in $dockerimages; do
- sed -i '/git+https/c\git+https://github.com/${{ github.repository }}@${{ github.sha }}#egg=jans-pycloudlib&subdirectory=jans-pycloudlib' ./docker-jans-$image/requirements.txt
- done
-
- - name: Configure Git
- run: |
- git add -A
- git commit -S -s -m "chore(jans-pycloudlib): updated build"
- git push origin ${{ env.PR_DOCKER_BRANCH_NAME }}
- PR=$(gh pr create --assignee "moabu" --base "main" --body "Updated build date. Auto-generated." --label "enhancement,bot" --reviewer "moabu" --title "chore(Dockerfile): updated build dates" || echo "PR Branch is already open")
diff --git a/.github/workflows/lint-docs.yml b/.github/workflows/lint-docs.yml
new file mode 100644
index 00000000000..8cd86548322
--- /dev/null
+++ b/.github/workflows/lint-docs.yml
@@ -0,0 +1,37 @@
+name: Lint documentation
+on:
+ workflow_dispatch:
+ pull_request:
+ types:
+ - opened
+ - edited
+ paths:
+ - "docs/**"
+permissions:
+ contents: read
+
+jobs:
+ lint_docs:
+ if: github.repository == 'JanssenProject/jans' && github.event_name == 'pull_request'
+ env:
+ GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ runs-on: ubuntu-latest
+ steps:
+ - name: Harden Runner
+ uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+ with:
+ egress-policy: audit
+
+ - name: Checkout code
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+ with:
+ fetch-depth: 0
+
+ - name: Markdown linter
+ continue-on-error: true
+ run: |
+ sudo apt-get install rubygems -y
+ sudo gem install mdl
+ mdl --style automation/markdown/.mdl_style.rb docs/
+
+
diff --git a/.github/workflows/flake8-lint.yml b/.github/workflows/lint-flak8.yml
similarity index 100%
rename from .github/workflows/flake8-lint.yml
rename to .github/workflows/lint-flak8.yml
diff --git a/.github/workflows/docs.yml b/.github/workflows/ops-docs.yml
similarity index 66%
rename from .github/workflows/docs.yml
rename to .github/workflows/ops-docs.yml
index dd1069b1ffa..1a72e2f7e63 100644
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/ops-docs.yml
@@ -5,15 +5,60 @@ on:
types:
- opened
- edited
- paths:
- - 'docs/**'
permissions:
contents: read
jobs:
- docs:
+ check_pr_for_docs:
if: github.repository == 'JanssenProject/jans'
+ env:
+ GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ runs-on: ubuntu-latest
+ steps:
+ - name: Harden Runner
+ uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
+ with:
+ egress-policy: audit
+
+ - name: Checkout code
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+ with:
+ fetch-depth: 0
+
+ - name: Install latest GH
+ continue-on-error: true
+ run: |
+ VERSION=`curl "https://api.github.com/repos/cli/cli/releases/latest" | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/' | cut -c2-`
+ echo $VERSION
+ curl -sSL https://github.com/cli/cli/releases/download/v${VERSION}/gh_${VERSION}_linux_amd64.tar.gz -o gh_${VERSION}_linux_amd64.tar.gz
+ tar xvf gh_${VERSION}_linux_amd64.tar.gz
+ sudo cp gh_${VERSION}_linux_amd64/bin/gh /usr/local/bin/
+ gh version
+
+ - name: Check commit message
+ continue-on-error: false
+ id: check_message
+ run: |
+ PULL_NUMBER=${{ github.event.pull_request.number }}
+ echo "Parsing commits from PR $PULL_NUMBER"
+ MESSAGE=$(gh pr view "$PULL_NUMBER" --json commits | jq -r '.commits[].messageHeadline' | grep "^docs" || echo "")
+ echo "$MESSAGE"
+ if [[ -z "$MESSAGE" ]]; then
+ echo "conventional commit starting with docs: does not exist. Checking if user confirmed no impact on docs in PR body"
+ pr_body=$(gh pr view https://github.com/${{ github.repository }}/pull/"$PULL_NUMBER" --json body -q '.body')
+ if [[ $pr_body == *"- [x] **I confirm that there is no impact on the docs due to the code changes in this PR.**"* ]]; then
+ echo "Checklist item is filled in PR body. Author confirmed no impact."
+ exit 0
+ else
+ echo "Author did not check the item that states: **I confirm that there is no impact on the docs due to the code changes in this PR.**"
+ exit 1
+ fi
+ fi
+ exit 0
+
+ docs:
+ if: github.repository == 'JanssenProject/jans' && github.event_name == 'pull_request' && contains(github.event.pull_request.changed_files, 'docs/')
runs-on: ubuntu-latest
steps:
- name: Harden Runner
@@ -55,7 +100,7 @@ jobs:
fi
check_pr:
- if: github.repository == 'JanssenProject/jans'
+ if: github.repository == 'JanssenProject/jans' && github.event_name == 'pull_request' && contains(github.event.pull_request.changed_files, 'docs/')
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
runs-on: ubuntu-latest
@@ -112,7 +157,7 @@ jobs:
lint_docs:
- if: github.repository == 'JanssenProject/jans'
+ if: github.repository == 'JanssenProject/jans' && github.event_name == 'pull_request' && contains(github.event.pull_request.changed_files, 'docs/')
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
runs-on: ubuntu-latest
@@ -134,3 +179,4 @@ jobs:
sudo gem install mdl
mdl --style automation/markdown/.mdl_style.rb docs/
+
diff --git a/.github/workflows/label_pr_issues.yml b/.github/workflows/ops-label-pr-issues.yml
similarity index 100%
rename from .github/workflows/label_pr_issues.yml
rename to .github/workflows/ops-label-pr-issues.yml
diff --git a/.github/workflows/pr-ref-issue.yml b/.github/workflows/ops-pr-ref-issue.yml
similarity index 100%
rename from .github/workflows/pr-ref-issue.yml
rename to .github/workflows/ops-pr-ref-issue.yml
diff --git a/.github/workflows/sync.yml b/.github/workflows/ops-sync-tf.yml
similarity index 100%
rename from .github/workflows/sync.yml
rename to .github/workflows/ops-sync-tf.yml
diff --git a/.github/workflows/backport.yml b/.github/workflows/release-backport.yml
similarity index 100%
rename from .github/workflows/backport.yml
rename to .github/workflows/release-backport.yml
diff --git a/.github/workflows/clean_github_cache.yml b/.github/workflows/sanitary-github-cache.yml
similarity index 100%
rename from .github/workflows/clean_github_cache.yml
rename to .github/workflows/sanitary-github-cache.yml
diff --git a/.github/workflows/delete_workflow_runs.yml b/.github/workflows/sanitary-workflow-runs.yml
similarity index 100%
rename from .github/workflows/delete_workflow_runs.yml
rename to .github/workflows/sanitary-workflow-runs.yml
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/scan-codeql.yml
similarity index 98%
rename from .github/workflows/codeql-analysis.yml
rename to .github/workflows/scan-codeql.yml
index dcaecab3e91..6fdf1b4abca 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/scan-codeql.yml
@@ -43,7 +43,7 @@ jobs:
matrix:
# Override automatic language detection by changing the below list
# Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']
- language: ['python', 'java', 'javascript']
+ language: ['python', 'java', 'javascript', 'go']
# Learn more...
# https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/scan-dependency.yml
similarity index 100%
rename from .github/workflows/dependency-review.yml
rename to .github/workflows/scan-dependency.yml
diff --git a/.github/workflows/central_code_quality_check.yml b/.github/workflows/scan-sonar.yml
similarity index 100%
rename from .github/workflows/central_code_quality_check.yml
rename to .github/workflows/scan-sonar.yml
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/security-scorecard.yml
similarity index 100%
rename from .github/workflows/scorecard.yml
rename to .github/workflows/security-scorecard.yml
diff --git a/.github/workflows/test_cedarling.yml b/.github/workflows/test-cedarling.yml
similarity index 100%
rename from .github/workflows/test_cedarling.yml
rename to .github/workflows/test-cedarling.yml
diff --git a/.github/workflows/testcases.yml b/.github/workflows/test-jans-pycloudlib.yml
similarity index 100%
rename from .github/workflows/testcases.yml
rename to .github/workflows/test-jans-pycloudlib.yml
diff --git a/.github/workflows/microk8s.yml b/.github/workflows/test-microk8s.yml
similarity index 97%
rename from .github/workflows/microk8s.yml
rename to .github/workflows/test-microk8s.yml
index c9e5f74dd31..b47f3162e1b 100644
--- a/.github/workflows/microk8s.yml
+++ b/.github/workflows/test-microk8s.yml
@@ -24,7 +24,7 @@ jobs:
max-parallel: 6
matrix:
istio: ["true", "false"]
- # add '"pgsql" when supported
+ #TODO: add '"pgsql"
persistence-backends: ["MYSQL"]
fail-fast: false
runs-on: ubuntu-latest
diff --git a/.github/workflows/test_docker_linux_installer.yml b/.github/workflows/test_docker_linux_installer.yml
deleted file mode 100644
index c9d863426a5..00000000000
--- a/.github/workflows/test_docker_linux_installer.yml
+++ /dev/null
@@ -1,136 +0,0 @@
-name: Test Linux installer
-on:
- workflow_dispatch:
- push:
- branches:
- - main
- paths:
- - "jans-linux-setup/**"
- pull_request:
- branches:
- - main
- paths:
- - "jans-linux-setup/**"
-permissions:
- checks: write
- pull-requests: write
-jobs:
- build:
- runs-on: ubuntu-20.04
- strategy:
- max-parallel: 6
- matrix:
- # add '"pgsql" when supported
- persistence-backends: ["MYSQL", "PGSQL", "COUCHBASE"]
- python-version: ["3.7"]
- fail-fast: false
- steps:
- - name: Harden Runner
- uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
- with:
- egress-policy: audit
-
- - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- - name: Set up Python3
- uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
- with:
- python-version: ${{ matrix.python-version }}
-
- - name: Set up Go
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
- with:
- go-version: 1.18
-
- - name: Import GPG key
- id: import_gpg
- uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
- with:
- gpg_private_key: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY }}
- passphrase: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY_PASSPHRASE }}
- git_user_signingkey: true
- git_commit_gpgsign: true
-
- - name: Configure Git
- run: |
- git config --global user.name "mo-auto"
- git config --global user.email "54212639+mo-auto@users.noreply.github.com"
- git config --global user.signingkey "${{ steps.import_gpg.outputs.keyid }}"
- echo "${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" | gh auth login --with-token
-
- - name: Test Jans monolith demo
- run: |
- ip=$(ifconfig eth0 | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1')
- sudo chmod u+x automation/startjanssenmonolithdemo.sh
- sudo RUN_TESTS=true bash ./automation/startjanssenmonolithdemo.sh "demoexample.jans.io" "${{ matrix.persistence-backends }}" "${ip}" "${{ github.sha }}"
- persistence=$(echo "${{ matrix.persistence-backends }}" | tr '[:upper:]' '[:lower:]')
- mv /tmp/reports /${{ matrix.persistence-backends }}-reports
-
- echo "generating rdbms docs for ${{ matrix.persistence-backends }}..."
- git clone https://mo-auto:${{ secrets.MOAUTO_WORKFLOW_TOKEN }}@github.com/JanssenProject/jans.git
- cd jans
- git config pull.rebase true
- git checkout -b cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "Branch exists"
- git pull origin cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "Nothing to pull"
- sudo bash ./automation/docs/generate-rdbms-docs.sh "$persistence" || echo "generating rdbms docs failed for ${{ matrix.persistence-backends }}!!!"
- git add . || echo "generating rdbms docs failed !!!"
- git commit -a -S -m "docs: auto-generated ${{ matrix.persistence-backends }} docs" || echo "Nothing to commit"
- git push --set-upstream origin cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "generating rdbms docs failed !!!"
- MESSAGE="fix(docs): autogenerate ${{ matrix.persistence-backends }} RDBMS docs"
- gh pr create --body "Auto generated RDBMS docs" --title "${MESSAGE}" || echo "PR exists"
- cd ..
- echo "generating rdbms docs for ${{ matrix.persistence-backends }} done"
-
- export JANS_URL=https://demoexample.jans.io
- export JANS_CLIENT_ID=9876baac-de39-4c23-8a78-674b59df8c09
- export JANS_CLIENT_SECRET=1t5Fin3#security
- export JANS_INSECURE_CLIENT=true
- export TF_ACC=1
- cd terraform-provider-jans
- go install github.com/jstemmer/go-junit-report/v2@latest
- go test -v 2>&1 ./... | go-junit-report > ${{ matrix.persistence-backends }}report.xml
- cd ..
-
- - name: Publish Test Results
- continue-on-error: true
- uses: EnricoMi/publish-unit-test-result-action@e780361cd1fc1b1a170624547b3ffda64787d365 # v2.12.0
- if: >-
- github.event.pull_request.head.repo.full_name == github.repository ||
- github.event_name == 'workflow_dispatch' ||
- github.event_name == 'push'
- with:
- large_files: true
- check_name: Java ${{ matrix.persistence-backends }} Tests
- report_individual_runs: "true"
- files: |
- /${{ matrix.persistence-backends }}-reports/*.xml
-
- - name: Upload Test Results
- continue-on-error: true
- if: always()
- uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
- with:
- name: java-${{ matrix.persistence-backends }}-test-results
- path: "/${{ matrix.persistence-backends }}-reports/*.xml"
-
- - uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5 # v1
- continue-on-error: true
- if: >-
- github.event.pull_request.head.repo.full_name == github.repository ||
- github.event_name == 'workflow_dispatch' ||
- github.event_name == 'push'
- id: go
- with:
- name: Go ${{ matrix.persistence-backends }} Tests
- path: './terraform-provider-jans/${{ matrix.persistence-backends }}report.xml'
- reporter: java-junit
-
- - name: Download Artifacts
- uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1
- with:
- name: java-${{ matrix.persistence-backends }}-test-results
- path: java-${{ matrix.persistence-backends }}-test-results
-
- - name: Publish Test Results
- uses: EnricoMi/publish-unit-test-result-action/composite@e780361cd1fc1b1a170624547b3ffda64787d365 # v2.12.0
- with:
- files: "java-${{ matrix.persistence-backends }}-test-results/**/*.xml"