From c60537a23b7fc0876c1a887e9077fa416451e6fb Mon Sep 17 00:00:00 2001 From: moabu <47318409+moabu@users.noreply.github.com> Date: Thu, 7 Nov 2024 12:46:02 +0300 Subject: [PATCH 1/6] ci: move jenkins operations to GH --- .github/maven-settings.xml | 9 + .github/workflows/build-wars.yml | 100 ---------- .github/workflows/full-rebuild.yml | 179 ++++++++++++++++++ agama/pom.xml | 5 + automation/startjanssenmonolithdemo.sh | 24 ++- docker-jans-monolith/scripts/entrypoint.sh | 50 ++++- jans-auth-server/agama/engine/pom.xml | 5 + jans-auth-server/agama/inboundID/pom.xml | 13 ++ jans-auth-server/pom.xml | 10 +- jans-bom/pom.xml | 5 + jans-casa/app-fips/pom.xml | 2 +- jans-casa/app/pom.xml | 2 +- jans-casa/plugins/acct-linking/pom.xml | 13 ++ jans-casa/plugins/bioid/pom.xml | 13 ++ .../plugins/client-authorizations/pom.xml | 13 ++ jans-casa/plugins/custom-branding/pom.xml | 13 ++ jans-casa/plugins/email_2fa_core/pom.xml | 13 ++ .../plugins/strong-authn-settings/pom.xml | 13 ++ jans-casa/pom.xml | 13 ++ jans-config-api/pom.xml | 5 + jans-core/pom.xml | 5 + jans-fido2/pom.xml | 5 + .../job-scheduler/pom.xml | 8 + jans-keycloak-integration/pom.xml | 5 + jans-keycloak-link/pom.xml | 13 ++ jans-link/pom.xml | 13 ++ jans-link/server-fips/pom.xml | 8 + jans-link/server/pom.xml | 8 + jans-link/service/pom.xml | 8 + jans-lock/lock-server/pom.xml | 5 + jans-orm/pom.xml | 5 + jans-scim/pom.xml | 5 + 32 files changed, 474 insertions(+), 114 deletions(-) create mode 100644 .github/maven-settings.xml delete mode 100644 .github/workflows/build-wars.yml create mode 100644 .github/workflows/full-rebuild.yml diff --git a/.github/maven-settings.xml b/.github/maven-settings.xml new file mode 100644 index 00000000000..49e17ff1124 --- /dev/null +++ b/.github/maven-settings.xml @@ -0,0 +1,9 @@ + + + + github + ${env.GITHUB_ACTOR} + ${env.JANS_TOKEN} + + + \ No newline at end of file diff --git a/.github/workflows/build-wars.yml b/.github/workflows/build-wars.yml deleted file mode 100644 index 8446be62283..00000000000 --- a/.github/workflows/build-wars.yml +++ /dev/null @@ -1,100 +0,0 @@ -name: Build Wars -on: - workflow_dispatch: - pull_request: - branches: - - main - paths: - - 'jans-keycloak-integration/**' - - 'jans-keycloak-link/**' - - 'agama/**' - - 'jans-auth-server/**' - - 'jans-lock/**' - - 'jans-bom/**' - - 'jans-config-api/**' - - 'jans-core/**' - - 'jans-fido2/**' - - 'jans-orm/**' - - 'jans-scim/**' - - 'jans-link/**' - - push: - branches: - - main - paths: - - 'jans-keycloak-integration/**' - - 'jans-keycloak-link/**' - - 'agama/**' - - 'jans-auth-server/**' - - 'jans-lock/**' - - 'jans-bom/**' - - 'jans-config-api/**' - - 'jans-core/**' - - 'jans-fido2/**' - - 'jans-orm/**' - - 'jans-scim/**' - - 'jans-link/**' -jobs: - build: - if: github.repository == 'JanssenProject/jans' - name: Build wars - runs-on: ubuntu-latest - continue-on-error: true - strategy: - max-parallel: 11 - matrix: - fldrpath: ['jans-bom','agama','jans-fido2','jans-core','jans-auth-server','jans-orm','jans-config-api','jans-scim','jans-keycloak-integration','jans-link','jans-keycloak-link','jans-lock'] - steps: - - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 - with: - egress-policy: audit - - - name : Variables - run: | - echo ${{ github.repository }} - echo ${{ github.actor }} - - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - with: - repository: ${{ github.repository }} - - - name: find changed directories - run: | - if [ $GITHUB_BASE_REF ]; then - # Pull Request - echo "Triggerring event: pull request" - echo Pull request base ref: $GITHUB_BASE_REF - git fetch origin $GITHUB_BASE_REF --depth=1 - if [ ${{ github.event.action }} = "opened" ]; then - echo "Triggerring action: opened" - echo "DIRECTORIES_CHANGED=$( git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.event.pull_request.head.sha }} | cut -d/ -f1 | sort -u | sed -z 's/\n/,/g;s/^/[/;s/,$/]/;s/$/\n/')" >> ${GITHUB_ENV} - fi - if [ ${{ github.event.action }} = "synchronize" ]; then - echo "Triggerring action: synchronize" - echo "DIRECTORIES_CHANGED=$( git diff --name-only ${{ github.event.before }} ${{ github.event.pull_request.head.sha }} | cut -d/ -f1 | sort -u | sed -z 's/\n/,/g;s/^/[/;s/,$/]/;s/$/\n/')" >> ${GITHUB_ENV} - fi - else - # Push - echo "Triggerring event: push" - git fetch origin ${{ github.event.before }} --depth=1 - echo "DIRECTORIES_CHANGED=$( git diff --name-only ${{ github.event.before }} ${{ github.sha }} | cut -d/ -f1 | sort -u | sed -z 's/\n/,/g;s/^/[/;s/,$/]/;s/$/\n/')" >> ${GITHUB_ENV} - fi - echo "$DIRECTORIES_CHANGED" - - - uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 # v4.0.0 - if: contains(env.DIRECTORIES_CHANGED, matrix.fldrpath) - with: - java-version: '17' - distribution: 'zulu' - - - name: Publish package - if: contains(env.DIRECTORIES_CHANGED, matrix.fldrpath) - env: - GITHUB_USERNAME: ${{ github.actor }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - pwd - mvn clean install -DskipTests --file ${{ matrix.fldrpath }} - mvn -B package --file ${{ matrix.fldrpath }}/pom.xml -Dmaven.test.skip=true - mvn --file ${{ matrix.fldrpath }}/pom.xml deploy -Dmaven.test.skip=true diff --git a/.github/workflows/full-rebuild.yml b/.github/workflows/full-rebuild.yml new file mode 100644 index 00000000000..d0adb10ef70 --- /dev/null +++ b/.github/workflows/full-rebuild.yml @@ -0,0 +1,179 @@ +name: Jans Full Build + +on: + push: + branches: + - main + schedule: + - cron: '0 8 * * *' + pull_request: + branches: + - main + workflow_dispatch: + + +jobs: + full-build-with-disabled-tests: + runs-on: ubuntu-20.04 + permissions: + contents: read + packages: write + env: + VERSION_NAME: main + MAVEN_SKIP_TESTS: true + PROFILE_NAME: "default" + + strategy: + max-parallel: 1 + matrix: + service: + - "jans-bom" + - "jans-orm" + - "jans-core" + - "jans-lock/lock-server" + - "agama" + - "jans-auth-server" + - "jans-link" + - "jans-fido2" + - "jans-scim" + - "jans-keycloak-link" + - "jans-config-api" + - "jans-keycloak-integration" + - "jans-casa" + + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ github.event.inputs.branch }} + + - name: Set up Java 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'adopt' + + - name: Set up Maven + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'adopt' + cache: 'maven' + + - name: Build ${{ matrix.service }} + run: | + if [ "${{ github.event_name }}" == "pull_request" ]; then + mvn -f ${{ matrix.service }}/pom.xml -Dcfg=${{ env.PROFILE_NAME }} -Dmaven.test.skip=${{ env.MAVEN_SKIP_TESTS }} clean install -Drevision=${{ github.head_ref }}-SNAPSHOT + else + mvn -f ${{ matrix.service }}/pom.xml -Dcfg=${{ env.PROFILE_NAME }} -Dmaven.test.skip=${{ env.MAVEN_SKIP_TESTS }} clean install + fi + + - name: Publish to GitHub Packages + run: mvn -B deploy -Dmaven.test.skip=${{ env.MAVEN_SKIP_TESTS }} -Dcfg=${{ env.PROFILE_NAME }} + working-directory: ${{ matrix.service }} + env: + GITHUB_TOKEN: ${{ secrets.JANS_TOKEN }} + + - name: Archive results + if: always() + uses: actions/upload-artifact@v4 + with: + name: build-results + path: ${{ matrix.service }}/target + + - name: Send notification on failure + if: failure() + run: echo "Build failed" + + cleanup: + if: github.event_name == 'push' && github.event.ref == 'refs/heads/main' + runs-on: ubuntu-20.04 + steps: + + - name: Clean up PR assets + run: | + # List all SNAPSHOT versions + versions=$(curl -s -H "Authorization: token ${{ secrets.JANS_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/maven-metadata.xml" | grep -oP '(?<=)[^<]+') + + for version in $versions; do + if [[ $version == *-SNAPSHOT ]]; then + # Delete the version from GitHub Packages + curl -X DELETE -H "Authorization: token ${{ secrets.JANS_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/io/jans/${{ matrix.service }}/$version" + fi + done + + run-tests: + permissions: write-all + runs-on: ubuntu-20.04 + env: + MAVEN_SKIP_TESTS: false + CONTAINER_NAME_SPANNER: ubuntu20-spanner + CONTAINER_NAME_CB: ubuntu20-couchbase + CONTAINER_NAME_LDAP: ubuntu20-ldap + CONTAINER_NAME_MYSQL: ubuntu20-mysql + CONTAINER_NAME_POSTGRESQL: ubuntu20-postgresql + DEVELOPMENT_BUILD: true + SKIP_FINDBUGS: true + DEPENDENCY_CHECK: true + VERSION_NAME: main + PROFILE_NAME: default + strategy: + max-parallel: 5 + matrix: + persistence: + - "MYSQL" + - "PGSQL" + fail-fast: false + steps: + + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ github.event.inputs.branch }} + + - name: Set up Java 17 + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'adopt' + + - name: Set up Maven + uses: actions/setup-java@v4 + with: + java-version: '17' + distribution: 'adopt' + cache: 'maven' + + - name: Run Jans Monolith + env: + JANS_FQDN: demoexample.jans.io + EXT_IP: $(ifconfig eth0 | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1') + JANS_BUILD_COMMIT: main + run: | + export ip=$(ifconfig eth0 | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1') + sudo chmod a+x automation/startjanssenmonolithdemo.sh + sudo RUN_TESTS=true bash ./automation/startjanssenmonolithdemo.sh "demoexample.jans.io" "${{ matrix.persistence }}" "$ip" "${{ github.sha }}" + + - name: List Reports + run: | + ls /tmp/reports/ + + - name: Upload Test Results + uses: actions/upload-artifact@v4 + with: + name: ${{ matrix.persistence }}-test-results + path: /tmp/reports + + - name: Publish Test Report ${{ matrix.persistence }} + uses: starburstdata/action-testng-report@v1 + with: + report_paths: /tmp/reports/${{ matrix.persistence }}*.xml + github_token: ${{ github.token }} + fail_if_empty: false + + # - name: Publish Test Report Surefire + # uses: scacap/action-surefire-report@v1 + # if: success() || failure() + # with: + # github_token: ${{ github.token }} + # report_paths: /tmp/reports/**.xml diff --git a/agama/pom.xml b/agama/pom.xml index e150eb66858..0fb22886d65 100644 --- a/agama/pom.xml +++ b/agama/pom.xml @@ -33,6 +33,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + jans Janssen project repository diff --git a/automation/startjanssenmonolithdemo.sh b/automation/startjanssenmonolithdemo.sh index 3dc0dfd1cae..946b0df4367 100644 --- a/automation/startjanssenmonolithdemo.sh +++ b/automation/startjanssenmonolithdemo.sh @@ -49,7 +49,7 @@ WORKING_DIRECTORY=$PWD # note that as we're pulling from a monorepo (with multiple project in it) # we are using partial-clone and sparse-checkout to get the docker-jans-monolith code rm -rf /tmp/jans || echo "/tmp/jans doesn't exist" -git clone --filter blob:none --no-checkout https://github.com/janssenproject/jans /tmp/jans \ +git clone --filter blob:none --no-checkout https://github.com/JanssenProject/jans /tmp/jans \ && cd /tmp/jans \ && git sparse-checkout init --cone \ && git checkout "$JANS_BUILD_COMMIT" \ @@ -132,15 +132,35 @@ while [ $SECONDS -lt $end ]; do sleep 10 done echo -e "Running build.. \n" +docker exec -w /tmp/jans/jans-orm docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=true clean compile install docker exec -w /tmp/jans/jans-auth-server docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=true -fae clean compile install +docker exec -w /tmp/jans/jans-auth-server/agama docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=true -fae clean compile install +docker exec -w /tmp/jans/jans-scim docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=true clean compile install site +docker exec -w /tmp/jans/jans-config-api docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=true clean compile install +docker exec -w /tmp/jans/jans-fido2 docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=true clean compile install echo -e "Running tests.. \n" +docker exec -w /tmp/jans/jans-orm docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=false test docker exec -w /tmp/jans/jans-auth-server docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=false test +docker exec -w /tmp/jans/jans-auth-server/agama docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=false test +docker exec -w /tmp/jans/jans-scim docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=false test +docker exec -w /tmp/jans/jans-config-api docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=false -DfailIfNoTests=false -Dtest=io.jans.configapi.JenkinsTestRunner test +docker exec -w /tmp/jans/jans-fido2 docker-jans-monolith-jans-1 mvn -Dcfg="$JANS_FQDN" -Dmaven.test.skip=false test echo -e "copying reports.. \n" docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-auth-server/client/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-auth-client-testng-results.xml docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-auth-server/agama/model/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-auth-agama-model-testng-results.xml docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-auth-server/test-model/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-auth-test-model-testng-results.xml docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-auth-server/model/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-auth-model-testng-results.xml - +docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/couchbase/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-couchbase-testng-results.xml +docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/spanner-sample/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-spanner-sample-testng-results.xml +docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/couchbase-sample/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-couchbase-sample-testng-results.xml +docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/sql-sample/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-sql-sample-testng-results.xml +docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/sql/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-sql-testng-results.xml +docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/spanner/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-spanner-testng-results.xml +docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/util/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-util-testng-results.xml +docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/model/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-model-testng-results.xml +docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-orm/filter/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-orm-filter-testng-results.xml +docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-scim/client/target/surefire-reports/testng-results.xml /tmp/reports/$JANS_PERSISTENCE-jans-scim-client-testng-results.xml +docker cp docker-jans-monolith-jans-1:/tmp/jans/jans-config-api/server/target/surefire-reports/results-json.txt /tmp/reports/$JANS_PERSISTENCE-jans-config-api-server-testng-results.xml EOF if [[ "$RUN_TESTS" == "true" ]]; then sudo bash testendpoints.sh diff --git a/docker-jans-monolith/scripts/entrypoint.sh b/docker-jans-monolith/scripts/entrypoint.sh index 86ead7f6213..a549ce1753b 100644 --- a/docker-jans-monolith/scripts/entrypoint.sh +++ b/docker-jans-monolith/scripts/entrypoint.sh @@ -109,15 +109,15 @@ register_fqdn() { fi } -prepare_auth_server_test() { +prepare_auth_server_tests() { WORKING_DIRECTORY=$PWD echo "***** cloning jans auth server folder!! *****" rm -rf /tmp/jans || echo "Jans isn't cloned yet..Cloning"\ - && git clone --filter blob:none --no-checkout https://github.com/janssenproject/jans /tmp/jans \ + && git clone --filter blob:none --no-checkout https://github.com/JanssenProject/jans /tmp/jans \ && cd /tmp/jans \ && git sparse-checkout init --cone \ && git checkout "${JANS_SOURCE_VERSION}" \ - && git sparse-checkout set jans-auth-server \ + && git sparse-checkout set jans-auth-server jans-scim jans-config-api jans-orm jans-fido2 \ && cd jans-auth-server \ && echo "Copying auth server test profiles from ephemeral server" \ && cp -R /opt/jans/jans-setup/output/test/jans-auth ./ \ @@ -133,7 +133,7 @@ prepare_auth_server_test() { && echo "Removing test profile folder" \ && rm -rf ./jans-auth \ && cd agama \ - && cp /opt/jans/jans-setup/output/test/jans-auth/config-agama-test.properties . \ + && cp /opt/jans/jans-setup/output/test/agama/config-agama-test.properties . \ && mkdir -p ./engine/profiles/"${CN_HOSTNAME}" \ && mv config-agama-test.properties ./engine/profiles/"${CN_HOSTNAME}"/config-agama-test.properties \ && cd .. \ @@ -145,11 +145,51 @@ prepare_auth_server_test() { && cd "$WORKING_DIRECTORY" } +prepare_scim_test() { + WORKING_DIRECTORY=$PWD + cd /tmp/jans \ + && cd jans-scim \ + && echo "Copying scim server test profiles from ephemeral server" \ + && cp -R /opt/jans/jans-setup/output/test/scim-client ./ \ + && echo "Creating scim server profile folders" \ + && mkdir -p ./client/profiles/"${CN_HOSTNAME}" \ + && echo "Copying scim server profile files" \ + && cp ./scim-client/client/config-scim-test.properties ./client/profiles/"${CN_HOSTNAME}" \ + && echo "Removing test profile folder" \ + && rm -rf ./scim-client \ + && cd .. \ + && cd "$WORKING_DIRECTORY" +} + +prepare_config_api_test() { + WORKING_DIRECTORY=$PWD + cd /tmp/jans \ + && cd jans-config-api \ + && echo "Copying config-api test profiles from ephemeral server" \ + && cp -R /opt/jans/jans-setup/output/test/jans-config-api ./ \ + && rm -rf ./profiles/"${CN_HOSTNAME}" \ + && echo "Creating config-api profile folders" \ + && mkdir -p ./profiles/"${CN_HOSTNAME}" \ + && echo "Copying config-api server profile files" \ + && cp ./jans-config-api/client/* ./profiles/"${CN_HOSTNAME}" \ + && echo "Copying default configuration properties" \ + && cp ./profiles/default/config-build.properties ./profiles/"${CN_HOSTNAME}" \ + && echo "Removing test profile folder" \ + && rm -rf ./jans-config-api \ + && cd .. \ + && cd "$WORKING_DIRECTORY" +} + + prepare_java_tests() { if [[ "${RUN_TESTS}" == "true" ]]; then echo "***** Running Java tests!! *****" echo "***** Running Auth server tests!! *****" - prepare_auth_server_test + prepare_auth_server_tests + echo "***** Running Scim tests!! *****" + prepare_scim_test + echo "***** Running Config Api tests!! *****" + prepare_config_api_test echo "***** Java tests completed!! *****" fi } diff --git a/jans-auth-server/agama/engine/pom.xml b/jans-auth-server/agama/engine/pom.xml index e6620c249ca..2c128da40e1 100644 --- a/jans-auth-server/agama/engine/pom.xml +++ b/jans-auth-server/agama/engine/pom.xml @@ -20,6 +20,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + jans Jans repository diff --git a/jans-auth-server/agama/inboundID/pom.xml b/jans-auth-server/agama/inboundID/pom.xml index 4543762390a..81435b2245c 100644 --- a/jans-auth-server/agama/inboundID/pom.xml +++ b/jans-auth-server/agama/inboundID/pom.xml @@ -7,6 +7,14 @@ jar + + + github + Github Packages + https://maven.pkg.github.com/JanssenProject/jans + + + io.jans jans-auth-server-parent @@ -21,6 +29,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + jans Jans repository diff --git a/jans-auth-server/pom.xml b/jans-auth-server/pom.xml index 360cd02db77..40d57852eed 100644 --- a/jans-auth-server/pom.xml +++ b/jans-auth-server/pom.xml @@ -67,11 +67,11 @@ - - mavencentral - maven central - https://repo1.maven.org/maven2 - + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + true diff --git a/jans-bom/pom.xml b/jans-bom/pom.xml index 12fb2ce1afb..9d830bea1ff 100644 --- a/jans-bom/pom.xml +++ b/jans-bom/pom.xml @@ -64,6 +64,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + central Maven Repository Switchboard diff --git a/jans-casa/app-fips/pom.xml b/jans-casa/app-fips/pom.xml index d8f0fa2228d..fd68f7c0a3a 100644 --- a/jans-casa/app-fips/pom.xml +++ b/jans-casa/app-fips/pom.xml @@ -360,7 +360,7 @@ maven-war-plugin org.apache.maven.plugins - 2.3 + 3.3.2 false diff --git a/jans-casa/app/pom.xml b/jans-casa/app/pom.xml index 873993e6db8..6b7d8c8d87e 100644 --- a/jans-casa/app/pom.xml +++ b/jans-casa/app/pom.xml @@ -334,7 +334,7 @@ maven-war-plugin org.apache.maven.plugins - 2.3 + 3.3.2 diff --git a/jans-casa/plugins/acct-linking/pom.xml b/jans-casa/plugins/acct-linking/pom.xml index a46c815472e..2d72b337d7a 100644 --- a/jans-casa/plugins/acct-linking/pom.xml +++ b/jans-casa/plugins/acct-linking/pom.xml @@ -8,6 +8,14 @@ 1.1.6-SNAPSHOT jar + + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + + + 11 11 @@ -15,6 +23,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + jans Janssen project repository diff --git a/jans-casa/plugins/bioid/pom.xml b/jans-casa/plugins/bioid/pom.xml index 1dd573ed183..0ae2b685388 100644 --- a/jans-casa/plugins/bioid/pom.xml +++ b/jans-casa/plugins/bioid/pom.xml @@ -8,6 +8,14 @@ 1.1.6-SNAPSHOT jar + + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + + + 11 11 @@ -15,6 +23,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + jans Janssen project repository diff --git a/jans-casa/plugins/client-authorizations/pom.xml b/jans-casa/plugins/client-authorizations/pom.xml index 57139bec9b8..2229bd724ec 100644 --- a/jans-casa/plugins/client-authorizations/pom.xml +++ b/jans-casa/plugins/client-authorizations/pom.xml @@ -8,6 +8,14 @@ 1.1.6-SNAPSHOT jar + + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + + + 11 11 @@ -15,6 +23,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + jans Janssen project repository diff --git a/jans-casa/plugins/custom-branding/pom.xml b/jans-casa/plugins/custom-branding/pom.xml index 9fdad5aa58a..16fad6ae5e9 100644 --- a/jans-casa/plugins/custom-branding/pom.xml +++ b/jans-casa/plugins/custom-branding/pom.xml @@ -8,6 +8,14 @@ 1.1.6-SNAPSHOT jar + + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + + + 11 11 @@ -15,6 +23,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + jans Janssen project repository diff --git a/jans-casa/plugins/email_2fa_core/pom.xml b/jans-casa/plugins/email_2fa_core/pom.xml index ffe3058c6e6..ab1578db476 100644 --- a/jans-casa/plugins/email_2fa_core/pom.xml +++ b/jans-casa/plugins/email_2fa_core/pom.xml @@ -8,6 +8,14 @@ 1.1.6-SNAPSHOT jar + + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + + + 11 11 @@ -16,6 +24,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + mavencentral maven central diff --git a/jans-casa/plugins/strong-authn-settings/pom.xml b/jans-casa/plugins/strong-authn-settings/pom.xml index b8bcf828b5d..83b01e93db7 100644 --- a/jans-casa/plugins/strong-authn-settings/pom.xml +++ b/jans-casa/plugins/strong-authn-settings/pom.xml @@ -8,6 +8,14 @@ 1.1.6-SNAPSHOT jar + + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + + + 11 11 @@ -15,6 +23,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + jans Janssen project repository diff --git a/jans-casa/pom.xml b/jans-casa/pom.xml index 4806c9608c8..560666d64dd 100644 --- a/jans-casa/pom.xml +++ b/jans-casa/pom.xml @@ -8,6 +8,14 @@ 1.1.6-SNAPSHOT pom + + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + + + ${maven.min-version} @@ -34,6 +42,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + jans Janssen project repository diff --git a/jans-config-api/pom.xml b/jans-config-api/pom.xml index 87a360c6538..6d01d6e6fbb 100644 --- a/jans-config-api/pom.xml +++ b/jans-config-api/pom.xml @@ -73,6 +73,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + mavencentral maven central diff --git a/jans-core/pom.xml b/jans-core/pom.xml index 5dfa0fe24de..fd4a6e98074 100644 --- a/jans-core/pom.xml +++ b/jans-core/pom.xml @@ -201,6 +201,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + mavencentral maven central diff --git a/jans-fido2/pom.xml b/jans-fido2/pom.xml index c8107b43a08..8afe5628061 100644 --- a/jans-fido2/pom.xml +++ b/jans-fido2/pom.xml @@ -45,6 +45,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + repository.jboss.org JBoss Repository diff --git a/jans-keycloak-integration/job-scheduler/pom.xml b/jans-keycloak-integration/job-scheduler/pom.xml index 9e7944c7062..7fdd64971d4 100644 --- a/jans-keycloak-integration/job-scheduler/pom.xml +++ b/jans-keycloak-integration/job-scheduler/pom.xml @@ -6,6 +6,14 @@ kc-jans-scheduler jar + + + github + Github Packages + https://maven.pkg.github.com/JanssenProject/jans + + + io.jans jans-kc-parent diff --git a/jans-keycloak-integration/pom.xml b/jans-keycloak-integration/pom.xml index 1e0830e4221..ee1c0f30dae 100644 --- a/jans-keycloak-integration/pom.xml +++ b/jans-keycloak-integration/pom.xml @@ -63,6 +63,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + jans.io Janssen project repository diff --git a/jans-keycloak-link/pom.xml b/jans-keycloak-link/pom.xml index 5e1dcca4454..d1601881d04 100644 --- a/jans-keycloak-link/pom.xml +++ b/jans-keycloak-link/pom.xml @@ -12,6 +12,14 @@ pom http://maven.apache.org + + + github + Github Packages + https://maven.pkg.github.com/JanssenProject/jans + + + ${project.version} 3.0.3 @@ -28,6 +36,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + mavencentral maven central diff --git a/jans-link/pom.xml b/jans-link/pom.xml index 07d809461ea..42f27751424 100644 --- a/jans-link/pom.xml +++ b/jans-link/pom.xml @@ -13,6 +13,14 @@ jans link server parent http://maven.apache.org + + + github + Github Packages + https://maven.pkg.github.com/JanssenProject/jans + + + ${project.version} @@ -34,6 +42,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + mavencentral maven central diff --git a/jans-link/server-fips/pom.xml b/jans-link/server-fips/pom.xml index 6d4ae5da051..5582dac9917 100644 --- a/jans-link/server-fips/pom.xml +++ b/jans-link/server-fips/pom.xml @@ -6,6 +6,14 @@ jans link server (FIPS) war + + + github + Github Packages + https://maven.pkg.github.com/JanssenProject/jans + + + jans-link-server-parent io.jans diff --git a/jans-link/server/pom.xml b/jans-link/server/pom.xml index 4dbb333fb0e..b153062ea8b 100644 --- a/jans-link/server/pom.xml +++ b/jans-link/server/pom.xml @@ -10,6 +10,14 @@ jans link server http://maven.apache.org + + + github + Github Packages + https://maven.pkg.github.com/JanssenProject/jans + + + UTF-8 diff --git a/jans-link/service/pom.xml b/jans-link/service/pom.xml index 984ec5e68a1..7a8330d9a8a 100644 --- a/jans-link/service/pom.xml +++ b/jans-link/service/pom.xml @@ -10,6 +10,14 @@ jans link service http://maven.apache.org + + + github + Github Packages + https://maven.pkg.github.com/JanssenProject/jans + + + UTF-8 diff --git a/jans-lock/lock-server/pom.xml b/jans-lock/lock-server/pom.xml index 9fe7c50671a..5b020b8cbfe 100644 --- a/jans-lock/lock-server/pom.xml +++ b/jans-lock/lock-server/pom.xml @@ -55,6 +55,11 @@ maven central https://repo1.maven.org/maven2 + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + jans Janssen project repository diff --git a/jans-orm/pom.xml b/jans-orm/pom.xml index b2f7bfe21ca..9e1c6770b04 100644 --- a/jans-orm/pom.xml +++ b/jans-orm/pom.xml @@ -63,6 +63,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + mavencentral maven central diff --git a/jans-scim/pom.xml b/jans-scim/pom.xml index 31e71a21cea..f4a34ea896a 100644 --- a/jans-scim/pom.xml +++ b/jans-scim/pom.xml @@ -40,6 +40,11 @@ + + github + GitHub Packages + https://maven.pkg.github.com/JanssenProject/jans + repository.jboss.org JBoss Repository From 81f408c248577d861093368d07856e85495f0e7f Mon Sep 17 00:00:00 2001 From: moabu <47318409+moabu@users.noreply.github.com> Date: Thu, 7 Nov 2024 13:01:05 +0300 Subject: [PATCH 2/6] ci: update token --- .github/workflows/full-rebuild.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/full-rebuild.yml b/.github/workflows/full-rebuild.yml index d0adb10ef70..94f97dd83a0 100644 --- a/.github/workflows/full-rebuild.yml +++ b/.github/workflows/full-rebuild.yml @@ -72,7 +72,7 @@ jobs: run: mvn -B deploy -Dmaven.test.skip=${{ env.MAVEN_SKIP_TESTS }} -Dcfg=${{ env.PROFILE_NAME }} working-directory: ${{ matrix.service }} env: - GITHUB_TOKEN: ${{ secrets.JANS_TOKEN }} + GITHUB_TOKEN: ${{ secrets.MOAUTO_WORKFLOW_TOKEN }} - name: Archive results if: always() @@ -93,12 +93,12 @@ jobs: - name: Clean up PR assets run: | # List all SNAPSHOT versions - versions=$(curl -s -H "Authorization: token ${{ secrets.JANS_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/maven-metadata.xml" | grep -oP '(?<=)[^<]+') + versions=$(curl -s -H "Authorization: token ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/maven-metadata.xml" | grep -oP '(?<=)[^<]+') for version in $versions; do if [[ $version == *-SNAPSHOT ]]; then # Delete the version from GitHub Packages - curl -X DELETE -H "Authorization: token ${{ secrets.JANS_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/io/jans/${{ matrix.service }}/$version" + curl -X DELETE -H "Authorization: token ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/io/jans/${{ matrix.service }}/$version" fi done From 4e935ca4817d4644c4a09b0d84562a98edfb1c16 Mon Sep 17 00:00:00 2001 From: moabu <47318409+moabu@users.noreply.github.com> Date: Wed, 13 Nov 2024 12:50:43 +0300 Subject: [PATCH 3/6] ci: adjust to allow building one resource at a time --- .github/workflows/full-rebuild.yml | 37 ++++++++++++++++++------------ 1 file changed, 22 insertions(+), 15 deletions(-) diff --git a/.github/workflows/full-rebuild.yml b/.github/workflows/full-rebuild.yml index 94f97dd83a0..1837a9f5dce 100644 --- a/.github/workflows/full-rebuild.yml +++ b/.github/workflows/full-rebuild.yml @@ -10,6 +10,27 @@ on: branches: - main workflow_dispatch: + inputs: + type: + type: choice + options: + - "jans-bom" + - "jans-orm" + - "jans-core" + - "jans-lock/lock-server" + - "agama" + - "jans-auth-server" + - "jans-link" + - "jans-fido2" + - "jans-scim" + - "jans-keycloak-link" + - "jans-config-api" + - "jans-keycloak-integration" + - "jans-casa" + description: 'Service' + required: true + default: 'jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 + jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa' jobs: @@ -26,21 +47,7 @@ jobs: strategy: max-parallel: 1 matrix: - service: - - "jans-bom" - - "jans-orm" - - "jans-core" - - "jans-lock/lock-server" - - "agama" - - "jans-auth-server" - - "jans-link" - - "jans-fido2" - - "jans-scim" - - "jans-keycloak-link" - - "jans-config-api" - - "jans-keycloak-integration" - - "jans-casa" - + service: ${{ github.event.inputs.services }} steps: - name: Checkout code uses: actions/checkout@v4 From 125f232394f0f192c68cbd4ad1fda4c228ea64a5 Mon Sep 17 00:00:00 2001 From: moabu <47318409+moabu@users.noreply.github.com> Date: Wed, 13 Nov 2024 13:13:01 +0300 Subject: [PATCH 4/6] ci: adjust to allow building one resource at a time --- .github/workflows/full-rebuild.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/full-rebuild.yml b/.github/workflows/full-rebuild.yml index 1837a9f5dce..dd5199d3fc3 100644 --- a/.github/workflows/full-rebuild.yml +++ b/.github/workflows/full-rebuild.yml @@ -29,9 +29,7 @@ on: - "jans-casa" description: 'Service' required: true - default: 'jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 - jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa' - + default: 'jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa' jobs: full-build-with-disabled-tests: @@ -47,7 +45,7 @@ jobs: strategy: max-parallel: 1 matrix: - service: ${{ github.event.inputs.services }} + service: ${{ github.event.inputs.type }} steps: - name: Checkout code uses: actions/checkout@v4 From d2555b6d8a798a6f5b4ec946c70c3acff23b2ab3 Mon Sep 17 00:00:00 2001 From: moabu <47318409+moabu@users.noreply.github.com> Date: Thu, 14 Nov 2024 09:22:27 +0300 Subject: [PATCH 5/6] ci: adjust to allow building one resource at a time --- .github/workflows/full-rebuild.yml | 42 +++++++++++++++++++++++------- 1 file changed, 32 insertions(+), 10 deletions(-) diff --git a/.github/workflows/full-rebuild.yml b/.github/workflows/full-rebuild.yml index dd5199d3fc3..5b662ff364e 100644 --- a/.github/workflows/full-rebuild.yml +++ b/.github/workflows/full-rebuild.yml @@ -11,7 +11,7 @@ on: - main workflow_dispatch: inputs: - type: + project: type: choice options: - "jans-bom" @@ -27,13 +27,34 @@ on: - "jans-config-api" - "jans-keycloak-integration" - "jans-casa" + - "jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa" description: 'Service' required: true - default: 'jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa' + default: "jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa" jobs: + prep-matrix: + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.set-matrix.outputs.matrix }} + steps: + - id: set-matrix + run: | + projects="${{ github.event.inputs.project }}" + if [ -z "$projects" ]; then + projects="jans-bom jans-orm jans-core jans-lock/lock-server agama jans-auth-server jans-link jans-fido2 jans-scim jans-keycloak-link jans-config-api jans-keycloak-integration jans-casa" + fi + matrix="{\"include\":[" + for project in $projects; do + matrix="$matrix{\"service\":\"$project\",\"maven_skip_tests\":true}," + done + matrix="${matrix%,}]}" + echo $matrix + echo "matrix=$matrix" >> $GITHUB_OUTPUT + full-build-with-disabled-tests: runs-on: ubuntu-20.04 + needs: prep-matrix permissions: contents: read packages: write @@ -44,8 +65,8 @@ jobs: strategy: max-parallel: 1 - matrix: - service: ${{ github.event.inputs.type }} + matrix: ${{ fromJson(needs.prep-matrix.outputs.matrix) }} + steps: - name: Checkout code uses: actions/checkout@v4 @@ -68,13 +89,13 @@ jobs: - name: Build ${{ matrix.service }} run: | if [ "${{ github.event_name }}" == "pull_request" ]; then - mvn -f ${{ matrix.service }}/pom.xml -Dcfg=${{ env.PROFILE_NAME }} -Dmaven.test.skip=${{ env.MAVEN_SKIP_TESTS }} clean install -Drevision=${{ github.head_ref }}-SNAPSHOT + mvn -f ${{ matrix.service }}/pom.xml -Dcfg=${{ env.PROFILE_NAME }} -Dmaven.test.skip=${{ matrix.maven_skip_tests }} clean install -Drevision=${{ github.head_ref }}-SNAPSHOT else - mvn -f ${{ matrix.service }}/pom.xml -Dcfg=${{ env.PROFILE_NAME }} -Dmaven.test.skip=${{ env.MAVEN_SKIP_TESTS }} clean install + mvn -f ${{ matrix.service }}/pom.xml -Dcfg=${{ env.PROFILE_NAME }} -Dmaven.test.skip=${{ matrix.maven_skip_tests }} clean install fi - name: Publish to GitHub Packages - run: mvn -B deploy -Dmaven.test.skip=${{ env.MAVEN_SKIP_TESTS }} -Dcfg=${{ env.PROFILE_NAME }} + run: mvn -B deploy -Dmaven.test.skip=${{ matrix.maven_skip_tests }} -Dcfg=${{ env.PROFILE_NAME }} working-directory: ${{ matrix.service }} env: GITHUB_TOKEN: ${{ secrets.MOAUTO_WORKFLOW_TOKEN }} @@ -99,15 +120,16 @@ jobs: run: | # List all SNAPSHOT versions versions=$(curl -s -H "Authorization: token ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/maven-metadata.xml" | grep -oP '(?<=)[^<]+') - + for version in $versions; do if [[ $version == *-SNAPSHOT ]]; then # Delete the version from GitHub Packages - curl -X DELETE -H "Authorization: token ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/io/jans/${{ matrix.service }}/$version" + curl -X DELETE -H "Authorization: token ${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" "https://maven.pkg.github.com/JanssenProject/jans/io/jans/${{ matrix.service.project }}/$version" fi done run-tests: + if: github.event_name == 'push' || github.event_name == 'pull_request' || (github.event_name == 'workflow_dispatch' && github.event.inputs.project == 'jans-bom, jans-orm, jans-core, jans-lock/lock-server, agama, jans-auth-server, jans-link, jans-fido2, jans-scim, jans-keycloak-link, jans-config-api, jans-keycloak-integration, jans-casa') permissions: write-all runs-on: ubuntu-20.04 env: @@ -181,4 +203,4 @@ jobs: # if: success() || failure() # with: # github_token: ${{ github.token }} - # report_paths: /tmp/reports/**.xml + # report_paths: /tmp/reports/**.xml \ No newline at end of file From a679fd598e3ec7a054c2aa942d2e9ffdf22b1bb9 Mon Sep 17 00:00:00 2001 From: moabu <47318409+moabu@users.noreply.github.com> Date: Thu, 14 Nov 2024 10:09:24 +0300 Subject: [PATCH 6/6] ci: initial organization of jans workdfloes --- ...build_image.yml => build-docker-image.yml} | 0 ...htly-build.yml => build-nightly-build.yml} | 0 .../{full-rebuild.yml => build-test.yml} | 68 ++++++++- .github/workflows/documenation_check.yml | 57 -------- .../workflows/jans_pycloud_build_package.yml | 63 -------- .github/workflows/lint-docs.yml | 37 +++++ .../{flake8-lint.yml => lint-flak8.yml} | 0 .github/workflows/{docs.yml => ops-docs.yml} | 56 +++++++- ..._pr_issues.yml => ops-label-pr-issues.yml} | 0 ...{pr-ref-issue.yml => ops-pr-ref-issue.yml} | 0 .../workflows/{sync.yml => ops-sync-tf.yml} | 0 .../{backport.yml => release-backport.yml} | 0 ...ub_cache.yml => sanitary-github-cache.yml} | 0 ...ow_runs.yml => sanitary-workflow-runs.yml} | 0 .../{codeql-analysis.yml => scan-codeql.yml} | 2 +- ...endency-review.yml => scan-dependency.yml} | 0 ..._code_quality_check.yml => scan-sonar.yml} | 0 .../{scorecard.yml => security-scorecard.yml} | 0 ...{test_cedarling.yml => test-cedarling.yml} | 0 ...testcases.yml => test-jans-pycloudlib.yml} | 0 .../{microk8s.yml => test-microk8s.yml} | 2 +- .../workflows/test_docker_linux_installer.yml | 136 ------------------ 22 files changed, 154 insertions(+), 267 deletions(-) rename .github/workflows/{docker_build_image.yml => build-docker-image.yml} (100%) rename .github/workflows/{activate-nightly-build.yml => build-nightly-build.yml} (100%) rename .github/workflows/{full-rebuild.yml => build-test.yml} (68%) delete mode 100644 .github/workflows/documenation_check.yml delete mode 100644 .github/workflows/jans_pycloud_build_package.yml create mode 100644 .github/workflows/lint-docs.yml rename .github/workflows/{flake8-lint.yml => lint-flak8.yml} (100%) rename .github/workflows/{docs.yml => ops-docs.yml} (66%) rename .github/workflows/{label_pr_issues.yml => ops-label-pr-issues.yml} (100%) rename .github/workflows/{pr-ref-issue.yml => ops-pr-ref-issue.yml} (100%) rename .github/workflows/{sync.yml => ops-sync-tf.yml} (100%) rename .github/workflows/{backport.yml => release-backport.yml} (100%) rename .github/workflows/{clean_github_cache.yml => sanitary-github-cache.yml} (100%) rename .github/workflows/{delete_workflow_runs.yml => sanitary-workflow-runs.yml} (100%) rename .github/workflows/{codeql-analysis.yml => scan-codeql.yml} (98%) rename .github/workflows/{dependency-review.yml => scan-dependency.yml} (100%) rename .github/workflows/{central_code_quality_check.yml => scan-sonar.yml} (100%) rename .github/workflows/{scorecard.yml => security-scorecard.yml} (100%) rename .github/workflows/{test_cedarling.yml => test-cedarling.yml} (100%) rename .github/workflows/{testcases.yml => test-jans-pycloudlib.yml} (100%) rename .github/workflows/{microk8s.yml => test-microk8s.yml} (97%) delete mode 100644 .github/workflows/test_docker_linux_installer.yml diff --git a/.github/workflows/docker_build_image.yml b/.github/workflows/build-docker-image.yml similarity index 100% rename from .github/workflows/docker_build_image.yml rename to .github/workflows/build-docker-image.yml diff --git a/.github/workflows/activate-nightly-build.yml b/.github/workflows/build-nightly-build.yml similarity index 100% rename from .github/workflows/activate-nightly-build.yml rename to .github/workflows/build-nightly-build.yml diff --git a/.github/workflows/full-rebuild.yml b/.github/workflows/build-test.yml similarity index 68% rename from .github/workflows/full-rebuild.yml rename to .github/workflows/build-test.yml index 5b662ff364e..f446cdda464 100644 --- a/.github/workflows/full-rebuild.yml +++ b/.github/workflows/build-test.yml @@ -1,4 +1,4 @@ -name: Jans Full Build +name: Janssen Build & Test on: push: @@ -38,6 +38,10 @@ jobs: outputs: matrix: ${{ steps.set-matrix.outputs.matrix }} steps: + - name: Harden Runner + uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + with: + egress-policy: audit - id: set-matrix run: | projects="${{ github.event.inputs.project }}" @@ -52,7 +56,7 @@ jobs: echo $matrix echo "matrix=$matrix" >> $GITHUB_OUTPUT - full-build-with-disabled-tests: + build-with-disabled-tests: runs-on: ubuntu-20.04 needs: prep-matrix permissions: @@ -68,6 +72,10 @@ jobs: matrix: ${{ fromJson(needs.prep-matrix.outputs.matrix) }} steps: + - name: Harden Runner + uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + with: + egress-policy: audit - name: Checkout code uses: actions/checkout@v4 with: @@ -115,7 +123,10 @@ jobs: if: github.event_name == 'push' && github.event.ref == 'refs/heads/main' runs-on: ubuntu-20.04 steps: - + - name: Harden Runner + uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + with: + egress-policy: audit - name: Clean up PR assets run: | # List all SNAPSHOT versions @@ -152,7 +163,10 @@ jobs: - "PGSQL" fail-fast: false steps: - + - name: Harden Runner + uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + with: + egress-policy: audit - name: Checkout code uses: actions/checkout@v4 with: @@ -171,6 +185,27 @@ jobs: distribution: 'adopt' cache: 'maven' + - name: Set up Go + uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 + with: + go-version: 1.18 + + - name: Import GPG key + id: import_gpg + uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0 + with: + gpg_private_key: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY_PASSPHRASE }} + git_user_signingkey: true + git_commit_gpgsign: true + + - name: Configure Git + run: | + git config --global user.name "mo-auto" + git config --global user.email "54212639+mo-auto@users.noreply.github.com" + git config --global user.signingkey "${{ steps.import_gpg.outputs.keyid }}" + echo "${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" | gh auth login --with-token + - name: Run Jans Monolith env: JANS_FQDN: demoexample.jans.io @@ -181,6 +216,31 @@ jobs: sudo chmod a+x automation/startjanssenmonolithdemo.sh sudo RUN_TESTS=true bash ./automation/startjanssenmonolithdemo.sh "demoexample.jans.io" "${{ matrix.persistence }}" "$ip" "${{ github.sha }}" + echo "generating rdbms docs for ${{ matrix.persistence-backends }}..." + git clone https://mo-auto:${{ secrets.MOAUTO_WORKFLOW_TOKEN }}@github.com/JanssenProject/jans.git + cd jans + git config pull.rebase true + git checkout -b cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "Branch exists" + git pull origin cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "Nothing to pull" + sudo bash ./automation/docs/generate-rdbms-docs.sh "$persistence" || echo "generating rdbms docs failed for ${{ matrix.persistence-backends }}!!!" + git add . || echo "generating rdbms docs failed !!!" + git commit -a -S -m "docs: auto-generated ${{ matrix.persistence-backends }} docs" || echo "Nothing to commit" + git push --set-upstream origin cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "generating rdbms docs failed !!!" + MESSAGE="fix(docs): autogenerate ${{ matrix.persistence-backends }} RDBMS docs" + gh pr create --body "Auto generated RDBMS docs" --title "${MESSAGE}" || echo "PR exists" + cd .. + echo "generating rdbms docs for ${{ matrix.persistence-backends }} done" + + export JANS_URL=https://demoexample.jans.io + export JANS_CLIENT_ID=9876baac-de39-4c23-8a78-674b59df8c09 + export JANS_CLIENT_SECRET=1t5Fin3#security + export JANS_INSECURE_CLIENT=true + export TF_ACC=1 + cd terraform-provider-jans + go install github.com/jstemmer/go-junit-report/v2@latest + go test -v 2>&1 ./... | go-junit-report > /tmp/reports/${{ matrix.persistence-backends }}report.xml + cd .. + - name: List Reports run: | ls /tmp/reports/ diff --git a/.github/workflows/documenation_check.yml b/.github/workflows/documenation_check.yml deleted file mode 100644 index 642d4e84e64..00000000000 --- a/.github/workflows/documenation_check.yml +++ /dev/null @@ -1,57 +0,0 @@ -name: Check documentation on PRs -on: - workflow_dispatch: - pull_request: - types: - - opened - - edited - -permissions: - contents: read - -jobs: - check_pr_for_docs: - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - runs-on: ubuntu-latest - steps: - - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 - with: - egress-policy: audit - - - name: Checkout code - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - with: - fetch-depth: 0 - - - name: Install latest GH - continue-on-error: true - run: | - VERSION=`curl "https://api.github.com/repos/cli/cli/releases/latest" | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/' | cut -c2-` - echo $VERSION - curl -sSL https://github.com/cli/cli/releases/download/v${VERSION}/gh_${VERSION}_linux_amd64.tar.gz -o gh_${VERSION}_linux_amd64.tar.gz - tar xvf gh_${VERSION}_linux_amd64.tar.gz - sudo cp gh_${VERSION}_linux_amd64/bin/gh /usr/local/bin/ - gh version - - - name: Check commit message - continue-on-error: false - id: check_message - run: | - PULL_NUMBER=${{ github.event.pull_request.number }} - echo "Parsing commits from PR $PULL_NUMBER" - MESSAGE=$(gh pr view "$PULL_NUMBER" --json commits | jq -r '.commits[].messageHeadline' | grep "^docs" || echo "") - echo "$MESSAGE" - if [[ -z "$MESSAGE" ]]; then - echo "conventional commit starting with docs: does not exist. Checking if user confirmed no impact on docs in PR body" - pr_body=$(gh pr view https://github.com/${{ github.repository }}/pull/"$PULL_NUMBER" --json body -q '.body') - if [[ $pr_body == *"- [x] **I confirm that there is no impact on the docs due to the code changes in this PR.**"* ]]; then - echo "Checklist item is filled in PR body. Author confirmed no impact." - exit 0 - else - echo "Author did not check the item that states: **I confirm that there is no impact on the docs due to the code changes in this PR.**" - exit 1 - fi - fi - exit 0 diff --git a/.github/workflows/jans_pycloud_build_package.yml b/.github/workflows/jans_pycloud_build_package.yml deleted file mode 100644 index bba28154041..00000000000 --- a/.github/workflows/jans_pycloud_build_package.yml +++ /dev/null @@ -1,63 +0,0 @@ -name: Images Janspycloud updater - -on: - push: - branches: - - main - paths: - - "jans-pycloudlib/**" - - "!**.md" - - "!jans-pycloudlib/jans/pycloudlib/version.py" - workflow_dispatch: - -permissions: - contents: read - -jobs: - pycloud-updater: - permissions: - contents: write # for Git to git push - if: github.actor != 'mo-auto' && github.repository == 'JanssenProject/jans' - runs-on: ubuntu-latest - env: - PR_DOCKER_BRANCH_NAME: update-jans-pycloudlib - steps: - - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 - with: - egress-policy: audit - - - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - - name: Import GPG key - id: import_gpg - uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0 - with: - gpg_private_key: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY }} - passphrase: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY_PASSPHRASE }} - git_user_signingkey: true - git_commit_gpgsign: true - - - name: Configure Git - run: | - git config --global user.name "mo-auto" - git config --global user.email "54212639+mo-auto@users.noreply.github.com" - git config --global user.signingkey "${{ steps.import_gpg.outputs.keyid }}" - git checkout -b ${{ env.PR_DOCKER_BRANCH_NAME }} - echo "${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" | gh auth login --with-token - - - name: Update stable requirements in docker images - id: build_stable_reqs - run: | - dockerimages="auth-server casa certmanager config-api configurator fido2 keycloak-link link persistence-loader saml scim " - for image in $dockerimages; do - sed -i '/git+https/c\git+https://github.com/${{ github.repository }}@${{ github.sha }}#egg=jans-pycloudlib&subdirectory=jans-pycloudlib' ./docker-jans-$image/requirements.txt - done - - - name: Configure Git - run: | - git add -A - git commit -S -s -m "chore(jans-pycloudlib): updated build" - git push origin ${{ env.PR_DOCKER_BRANCH_NAME }} - PR=$(gh pr create --assignee "moabu" --base "main" --body "Updated build date. Auto-generated." --label "enhancement,bot" --reviewer "moabu" --title "chore(Dockerfile): updated build dates" || echo "PR Branch is already open") diff --git a/.github/workflows/lint-docs.yml b/.github/workflows/lint-docs.yml new file mode 100644 index 00000000000..8cd86548322 --- /dev/null +++ b/.github/workflows/lint-docs.yml @@ -0,0 +1,37 @@ +name: Lint documentation +on: + workflow_dispatch: + pull_request: + types: + - opened + - edited + paths: + - "docs/**" +permissions: + contents: read + +jobs: + lint_docs: + if: github.repository == 'JanssenProject/jans' && github.event_name == 'pull_request' + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + runs-on: ubuntu-latest + steps: + - name: Harden Runner + uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + with: + egress-policy: audit + + - name: Checkout code + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + fetch-depth: 0 + + - name: Markdown linter + continue-on-error: true + run: | + sudo apt-get install rubygems -y + sudo gem install mdl + mdl --style automation/markdown/.mdl_style.rb docs/ + + diff --git a/.github/workflows/flake8-lint.yml b/.github/workflows/lint-flak8.yml similarity index 100% rename from .github/workflows/flake8-lint.yml rename to .github/workflows/lint-flak8.yml diff --git a/.github/workflows/docs.yml b/.github/workflows/ops-docs.yml similarity index 66% rename from .github/workflows/docs.yml rename to .github/workflows/ops-docs.yml index dd1069b1ffa..1a72e2f7e63 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/ops-docs.yml @@ -5,15 +5,60 @@ on: types: - opened - edited - paths: - - 'docs/**' permissions: contents: read jobs: - docs: + check_pr_for_docs: if: github.repository == 'JanssenProject/jans' + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + runs-on: ubuntu-latest + steps: + - name: Harden Runner + uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + with: + egress-policy: audit + + - name: Checkout code + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + fetch-depth: 0 + + - name: Install latest GH + continue-on-error: true + run: | + VERSION=`curl "https://api.github.com/repos/cli/cli/releases/latest" | grep '"tag_name"' | sed -E 's/.*"([^"]+)".*/\1/' | cut -c2-` + echo $VERSION + curl -sSL https://github.com/cli/cli/releases/download/v${VERSION}/gh_${VERSION}_linux_amd64.tar.gz -o gh_${VERSION}_linux_amd64.tar.gz + tar xvf gh_${VERSION}_linux_amd64.tar.gz + sudo cp gh_${VERSION}_linux_amd64/bin/gh /usr/local/bin/ + gh version + + - name: Check commit message + continue-on-error: false + id: check_message + run: | + PULL_NUMBER=${{ github.event.pull_request.number }} + echo "Parsing commits from PR $PULL_NUMBER" + MESSAGE=$(gh pr view "$PULL_NUMBER" --json commits | jq -r '.commits[].messageHeadline' | grep "^docs" || echo "") + echo "$MESSAGE" + if [[ -z "$MESSAGE" ]]; then + echo "conventional commit starting with docs: does not exist. Checking if user confirmed no impact on docs in PR body" + pr_body=$(gh pr view https://github.com/${{ github.repository }}/pull/"$PULL_NUMBER" --json body -q '.body') + if [[ $pr_body == *"- [x] **I confirm that there is no impact on the docs due to the code changes in this PR.**"* ]]; then + echo "Checklist item is filled in PR body. Author confirmed no impact." + exit 0 + else + echo "Author did not check the item that states: **I confirm that there is no impact on the docs due to the code changes in this PR.**" + exit 1 + fi + fi + exit 0 + + docs: + if: github.repository == 'JanssenProject/jans' && github.event_name == 'pull_request' && contains(github.event.pull_request.changed_files, 'docs/') runs-on: ubuntu-latest steps: - name: Harden Runner @@ -55,7 +100,7 @@ jobs: fi check_pr: - if: github.repository == 'JanssenProject/jans' + if: github.repository == 'JanssenProject/jans' && github.event_name == 'pull_request' && contains(github.event.pull_request.changed_files, 'docs/') env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} runs-on: ubuntu-latest @@ -112,7 +157,7 @@ jobs: lint_docs: - if: github.repository == 'JanssenProject/jans' + if: github.repository == 'JanssenProject/jans' && github.event_name == 'pull_request' && contains(github.event.pull_request.changed_files, 'docs/') env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} runs-on: ubuntu-latest @@ -134,3 +179,4 @@ jobs: sudo gem install mdl mdl --style automation/markdown/.mdl_style.rb docs/ + diff --git a/.github/workflows/label_pr_issues.yml b/.github/workflows/ops-label-pr-issues.yml similarity index 100% rename from .github/workflows/label_pr_issues.yml rename to .github/workflows/ops-label-pr-issues.yml diff --git a/.github/workflows/pr-ref-issue.yml b/.github/workflows/ops-pr-ref-issue.yml similarity index 100% rename from .github/workflows/pr-ref-issue.yml rename to .github/workflows/ops-pr-ref-issue.yml diff --git a/.github/workflows/sync.yml b/.github/workflows/ops-sync-tf.yml similarity index 100% rename from .github/workflows/sync.yml rename to .github/workflows/ops-sync-tf.yml diff --git a/.github/workflows/backport.yml b/.github/workflows/release-backport.yml similarity index 100% rename from .github/workflows/backport.yml rename to .github/workflows/release-backport.yml diff --git a/.github/workflows/clean_github_cache.yml b/.github/workflows/sanitary-github-cache.yml similarity index 100% rename from .github/workflows/clean_github_cache.yml rename to .github/workflows/sanitary-github-cache.yml diff --git a/.github/workflows/delete_workflow_runs.yml b/.github/workflows/sanitary-workflow-runs.yml similarity index 100% rename from .github/workflows/delete_workflow_runs.yml rename to .github/workflows/sanitary-workflow-runs.yml diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/scan-codeql.yml similarity index 98% rename from .github/workflows/codeql-analysis.yml rename to .github/workflows/scan-codeql.yml index dcaecab3e91..6fdf1b4abca 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/scan-codeql.yml @@ -43,7 +43,7 @@ jobs: matrix: # Override automatic language detection by changing the below list # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] - language: ['python', 'java', 'javascript'] + language: ['python', 'java', 'javascript', 'go'] # Learn more... # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/scan-dependency.yml similarity index 100% rename from .github/workflows/dependency-review.yml rename to .github/workflows/scan-dependency.yml diff --git a/.github/workflows/central_code_quality_check.yml b/.github/workflows/scan-sonar.yml similarity index 100% rename from .github/workflows/central_code_quality_check.yml rename to .github/workflows/scan-sonar.yml diff --git a/.github/workflows/scorecard.yml b/.github/workflows/security-scorecard.yml similarity index 100% rename from .github/workflows/scorecard.yml rename to .github/workflows/security-scorecard.yml diff --git a/.github/workflows/test_cedarling.yml b/.github/workflows/test-cedarling.yml similarity index 100% rename from .github/workflows/test_cedarling.yml rename to .github/workflows/test-cedarling.yml diff --git a/.github/workflows/testcases.yml b/.github/workflows/test-jans-pycloudlib.yml similarity index 100% rename from .github/workflows/testcases.yml rename to .github/workflows/test-jans-pycloudlib.yml diff --git a/.github/workflows/microk8s.yml b/.github/workflows/test-microk8s.yml similarity index 97% rename from .github/workflows/microk8s.yml rename to .github/workflows/test-microk8s.yml index c9e5f74dd31..b47f3162e1b 100644 --- a/.github/workflows/microk8s.yml +++ b/.github/workflows/test-microk8s.yml @@ -24,7 +24,7 @@ jobs: max-parallel: 6 matrix: istio: ["true", "false"] - # add '"pgsql" when supported + #TODO: add '"pgsql" persistence-backends: ["MYSQL"] fail-fast: false runs-on: ubuntu-latest diff --git a/.github/workflows/test_docker_linux_installer.yml b/.github/workflows/test_docker_linux_installer.yml deleted file mode 100644 index c9d863426a5..00000000000 --- a/.github/workflows/test_docker_linux_installer.yml +++ /dev/null @@ -1,136 +0,0 @@ -name: Test Linux installer -on: - workflow_dispatch: - push: - branches: - - main - paths: - - "jans-linux-setup/**" - pull_request: - branches: - - main - paths: - - "jans-linux-setup/**" -permissions: - checks: write - pull-requests: write -jobs: - build: - runs-on: ubuntu-20.04 - strategy: - max-parallel: 6 - matrix: - # add '"pgsql" when supported - persistence-backends: ["MYSQL", "PGSQL", "COUCHBASE"] - python-version: ["3.7"] - fail-fast: false - steps: - - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 - with: - egress-policy: audit - - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - name: Set up Python3 - uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 - with: - python-version: ${{ matrix.python-version }} - - - name: Set up Go - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 - with: - go-version: 1.18 - - - name: Import GPG key - id: import_gpg - uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0 - with: - gpg_private_key: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY }} - passphrase: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY_PASSPHRASE }} - git_user_signingkey: true - git_commit_gpgsign: true - - - name: Configure Git - run: | - git config --global user.name "mo-auto" - git config --global user.email "54212639+mo-auto@users.noreply.github.com" - git config --global user.signingkey "${{ steps.import_gpg.outputs.keyid }}" - echo "${{ secrets.MOAUTO_WORKFLOW_TOKEN }}" | gh auth login --with-token - - - name: Test Jans monolith demo - run: | - ip=$(ifconfig eth0 | grep -Eo 'inet (addr:)?([0-9]*\.){3}[0-9]*' | grep -Eo '([0-9]*\.){3}[0-9]*' | grep -v '127.0.0.1') - sudo chmod u+x automation/startjanssenmonolithdemo.sh - sudo RUN_TESTS=true bash ./automation/startjanssenmonolithdemo.sh "demoexample.jans.io" "${{ matrix.persistence-backends }}" "${ip}" "${{ github.sha }}" - persistence=$(echo "${{ matrix.persistence-backends }}" | tr '[:upper:]' '[:lower:]') - mv /tmp/reports /${{ matrix.persistence-backends }}-reports - - echo "generating rdbms docs for ${{ matrix.persistence-backends }}..." - git clone https://mo-auto:${{ secrets.MOAUTO_WORKFLOW_TOKEN }}@github.com/JanssenProject/jans.git - cd jans - git config pull.rebase true - git checkout -b cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "Branch exists" - git pull origin cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "Nothing to pull" - sudo bash ./automation/docs/generate-rdbms-docs.sh "$persistence" || echo "generating rdbms docs failed for ${{ matrix.persistence-backends }}!!!" - git add . || echo "generating rdbms docs failed !!!" - git commit -a -S -m "docs: auto-generated ${{ matrix.persistence-backends }} docs" || echo "Nothing to commit" - git push --set-upstream origin cn-jans-update-${{ matrix.persistence-backends }}-auto-generated-docs || echo "generating rdbms docs failed !!!" - MESSAGE="fix(docs): autogenerate ${{ matrix.persistence-backends }} RDBMS docs" - gh pr create --body "Auto generated RDBMS docs" --title "${MESSAGE}" || echo "PR exists" - cd .. - echo "generating rdbms docs for ${{ matrix.persistence-backends }} done" - - export JANS_URL=https://demoexample.jans.io - export JANS_CLIENT_ID=9876baac-de39-4c23-8a78-674b59df8c09 - export JANS_CLIENT_SECRET=1t5Fin3#security - export JANS_INSECURE_CLIENT=true - export TF_ACC=1 - cd terraform-provider-jans - go install github.com/jstemmer/go-junit-report/v2@latest - go test -v 2>&1 ./... | go-junit-report > ${{ matrix.persistence-backends }}report.xml - cd .. - - - name: Publish Test Results - continue-on-error: true - uses: EnricoMi/publish-unit-test-result-action@e780361cd1fc1b1a170624547b3ffda64787d365 # v2.12.0 - if: >- - github.event.pull_request.head.repo.full_name == github.repository || - github.event_name == 'workflow_dispatch' || - github.event_name == 'push' - with: - large_files: true - check_name: Java ${{ matrix.persistence-backends }} Tests - report_individual_runs: "true" - files: | - /${{ matrix.persistence-backends }}-reports/*.xml - - - name: Upload Test Results - continue-on-error: true - if: always() - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 - with: - name: java-${{ matrix.persistence-backends }}-test-results - path: "/${{ matrix.persistence-backends }}-reports/*.xml" - - - uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5 # v1 - continue-on-error: true - if: >- - github.event.pull_request.head.repo.full_name == github.repository || - github.event_name == 'workflow_dispatch' || - github.event_name == 'push' - id: go - with: - name: Go ${{ matrix.persistence-backends }} Tests - path: './terraform-provider-jans/${{ matrix.persistence-backends }}report.xml' - reporter: java-junit - - - name: Download Artifacts - uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 - with: - name: java-${{ matrix.persistence-backends }}-test-results - path: java-${{ matrix.persistence-backends }}-test-results - - - name: Publish Test Results - uses: EnricoMi/publish-unit-test-result-action/composite@e780361cd1fc1b1a170624547b3ffda64787d365 # v2.12.0 - with: - files: "java-${{ matrix.persistence-backends }}-test-results/**/*.xml"