-
Notifications
You must be signed in to change notification settings - Fork 727
288 lines (253 loc) · 10.8 KB
/
oidc-conformance-test.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
# This workflow will test IS for OIDC conformance
#
name: OIDC Conformance Test
on:
schedule:
# Everyday at 08:30 UTC (2:00 AM SL time)
- cron: '30 20 * * *'
# Allows the workflow to run automatically after a release
release:
types: [published]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
inputs:
tag:
description: 'product-is tag name'
required: false
download-url:
description: 'URL to download product-is'
required: false
conformance-suite-version:
description: 'Conformance suite branch to clone in https://gitlab.com/openid/conformance-suite.git (Ex: release-v5.1.10). If not provided, latest release tag branch is used.'
required: false
send-email:
description: 'Send test results to email'
required: true
default: 'no'
send-chat:
description: 'Send test results to google chat'
required: true
default: 'yes'
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
path: './product-is'
- name: Set up JDK 11
uses: actions/setup-java@v1
with:
java-version: 11.0.18+10
- name: Setup Python
run: |
python3 -m pip install --upgrade pip setuptools wheel
pip3 install psutil
pip3 install httpx
pip3 install httplib2
- name: Clone conformance suite
run: |
sudo snap install jq
LATEST_RELEASE_BRANCH=$(curl -s https://gitlab.com/api/v4/projects/4175605/releases/ | jq '.[]' | jq -r '.name' | head -1)
echo ">>> Conformance suite latest release branch: $LATEST_RELEASE_BRANCH"
PROVIDED_VERSION=${{github.event.inputs.conformance-suite-version}}
if [[ -z "${PROVIDED_VERSION}" ]]; then
CONFORMANCE_SUITE_BRANCH=$LATEST_RELEASE_BRANCH
echo ">>> Conformance suite latest release branch is taken: $CONFORMANCE_SUITE_BRANCH"
else
CONFORMANCE_SUITE_BRANCH=$PROVIDED_VERSION
echo ">>> Conformance suite provided branch is taken: $CONFORMANCE_SUITE_BRANCH"
fi
echo ">>> Selected conformance suite branch: $CONFORMANCE_SUITE_BRANCH"
git clone --depth 1 --branch ${CONFORMANCE_SUITE_BRANCH} https://gitlab.com/openid/conformance-suite.git
- name: Adding extra hosts to docker-compose-dev.yml
run: sed -i '/^ volumes.*/i \ \ \ \ extra_hosts:\n \ \ \ \ - "localhost:\$IP\"' ./conformance-suite/docker-compose-dev.yml
- name: Get IS zip
run: |
INPUT_TAG=${{github.event.inputs.tag}}
if [[ -z "${INPUT_TAG}" ]]; then
echo ">>> Building IS from source..."
mkdir cloned-product-is
cd cloned-product-is
git clone https://github.com/wso2/product-is
cd product-is
mvn clean install -Dmaven.test.skip=true | tee mvn-build.log
REPO_BUILD_STATUS=$(cat mvn-build.log | grep "\[INFO\] BUILD" | grep -oE '[^ ]+$')
echo "==========================================================="
echo "BUILD $REPO_BUILD_STATUS"
echo "=========================================================="
if [[ "${REPO_BUILD_STATUS}" != "SUCCESS" ]]; then
exit 1
fi
zip_file=$(find . -name 'wso2is-*.zip' -type f -not -name 'wso2is-*-src.zip' -print -quit)
if [[ -z "$zip_file" ]]; then
echo "Zip file not found"
exit 1
fi
echo ">>> Zip file found: $zip_file"
echo ">>> Copying zip file to the root directory ..."
cp "$zip_file" ./../../
cd ../..
ls
echo ">>> Remove cloned-product-is directory"
rm -rf cloned-product-is
ls
else
owner="wso2"
repo="product-is"
if [[ -z "${INPUT_TAG}" ]]; then
tag=${GITHUB_REF:10}
tag_trimmed=${tag// }
else
tag=${{github.event.inputs.tag}}
tag_trimmed=${tag// }
fi
artifact="wso2is-${tag_trimmed:1}.zip"
echo "Tag=$tag"
echo "Artifact=$artifact"
list_asset_url="https://api.github.com/repos/${owner}/${repo}/releases/tags/${tag_trimmed}"
asset_url=$(curl "${list_asset_url}" | jq ".assets[] | select(.name==\"${artifact}\") | .url" | sed 's/\"//g')
curl -vLJO -H 'Accept: application/octet-stream' \
"${asset_url}"
fi
- name: Download Jacoco Agent
id: download_jacoco
run: |
curl -vLJO -H 'Accept: application/octet-stream' https://search.maven.org/remotecontent?filepath=org/jacoco/jacoco/0.8.12/jacoco-0.8.12.zip
- name: Run IS
run: |
PRODUCT_IS_ZIP=$(find ./ -name wso2is* -type f -printf "%f\n")
ROOT_DIR=$(pwd)
touch jacoco.exec
echo "PRODUCT_IS_DIR=${PRODUCT_IS_ZIP%.zip}" >> $GITHUB_ENV
cd ./product-is/oidc-conformance-tests
python3 ./configure_is.py ../../$PRODUCT_IS_ZIP $ROOT_DIR $ROOT_DIR/jacoco.exec
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: 17
distribution: temurin
- name: Install Docker Compose
run: |
sudo curl -L "https://github.com/docker/compose/releases/download/$(curl -s https://api.github.com/repos/docker/compose/releases/latest | jq -r .tag_name)/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose --version
- name: Run Conformance Suite
run: |
DOCKER_COMPOSE_FILE=./docker-compose-dev.yml
cd conformance-suite
IP=$(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1)
export IP
echo "Host ip: "
printenv IP
mvn clean package
python3 ../product-is/oidc-conformance-tests/start_conformance_suite.py $DOCKER_COMPOSE_FILE
- name: Run Tests
run: bash ./product-is/oidc-conformance-tests/test_runner.sh
- name: Stop IS
id: stop_is
run: |
sh ./product-is/oidc-conformance-tests/${{ env.PRODUCT_IS_DIR }}/bin/wso2server.sh stop
- name: Test Results
run: |
IS_SUCCESSFUL=false
if python3 ./product-is/oidc-conformance-tests/export_results.py https://localhost:8443
then
IS_SUCCESSFUL=true
fi
if $IS_SUCCESSFUL
then
echo "======================"
echo "All Test Cases Passed!"
echo "======================"
exit 0
else
echo "============================================="
echo "Failed Test Cases Found. Exiting with Failure"
echo "============================================="
exit 1
fi
- name: Archive test results
uses: actions/upload-artifact@v4
if: always()
with:
name: test-results
path: ./*test_results.zip
- name: Archive test logs
uses: actions/upload-artifact@v4
if: always()
with:
name: test-logs
path: ./*log.txt
- name: Build Jacoco Report Generator
run: |
cd ./product-is/modules/integration/tests-common/jacoco-report-generator
mvn clean install
ARTIFACT_ID=$(mvn help:evaluate -Dexpression=project.artifactId -q -DforceStdout)
VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
JAR_NAME="${ARTIFACT_ID}-${VERSION}.jar"
echo "JAR_NAME=${JAR_NAME}" >> $GITHUB_ENV
echo "Report generator jar name: $JAR_NAME"
- name: Generate Jacoco Report
run: |
java -jar ./product-is/modules/integration/tests-common/jacoco-report-generator/target/${{ env.JAR_NAME }} ./jacoco.exec ./product-is/oidc-conformance-tests/${{ env.PRODUCT_IS_DIR }}/repository/deployment/server/webapps ./product-is/oidc-conformance-tests/${{ env.PRODUCT_IS_DIR }}/repository/components/plugins ./product-is/oidc-conformance-tests/${{ env.PRODUCT_IS_DIR }}/repository/components/dropins ./product-is/oidc-conformance-tests/${{ env.PRODUCT_IS_DIR }}/lib/runtimes/cxf3
- name: Archive Jacoco report
uses: actions/upload-artifact@v4
if: always()
with:
name: jacoco-xml
path: ./report/jacoco.xml
- name: Send Email
if: always()
run: |
INPUT=${{github.event.inputs.send-email}}
if [[ -z "${INPUT}" ]]; then
INPUT="no"
fi
SEND_EMAIL=${INPUT^^}
if [ $SEND_EMAIL == "YES" ]; then
echo "============="
echo "Sending Email"
echo "============="
CONFORMANCE_SUITE_URL=https://localhost:8443
RESOURCE=${{github.event.inputs.download-url}}
if [[ -z "${RESOURCE}" ]]; then
RESOURCE=${{github.event.inputs.tag}}
fi
python3 ./product-is/oidc-conformance-tests/send_email.py $CONFORMANCE_SUITE_URL $GITHUB_RUN_NUMBER ${{job.status}} ${{github.repository}} ${{github.run_id}} ${{secrets.SENDER_EMAIL}} ${{secrets.PASSWORD}} ${{secrets.RECEIVER_LIST}} $RESOURCE
elif [ $SEND_EMAIL == "NO" ]; then
echo "========================================"
echo "Skipped Sending Email"
echo "========================================"
else
echo "================================================================="
echo "Invalid parameter value. Skipped sending email"
echo "================================================================="
fi
- name: Send Chat message
if: always()
run: |
INPUT=${{github.event.inputs.send-chat}}
RESOURCE=${{github.event.inputs.download-url}}
if [[ -z "${RESOURCE}" ]]; then
RESOURCE=${{github.event.inputs.tag}}
fi
if [[ -z "${INPUT}" ]]; then
INPUT="yes"
fi
SEND_CHAT=${INPUT^^}
if [ $SEND_CHAT == "YES" ]; then
echo "==========================="
echo "Sending Google Chat Message"
echo "==========================="
CONFORMANCE_SUITE_URL=https://localhost:8443
python3 ./product-is/oidc-conformance-tests/send_chat.py "$CONFORMANCE_SUITE_URL" "$GITHUB_RUN_NUMBER" "${{job.status}}" "${{github.repository}}" "${{github.run_id}}" "${{secrets.GOOGLE_CHAT_WEBHOOK_OIDC_TEST}}" "$RESOURCE" "OIDC Conformance Test"
elif [ $SEND_CHAT == "NO" ]; then
echo "========================================"
echo "Skipped Sending Google Chat Message"
echo "========================================"
else
echo "================================================================="
echo "Invalid parameter value. Skipped sending google chat message"
echo "================================================================="
fi