From 479960d1eb936460b97ae2f8df21c536590ff08a Mon Sep 17 00:00:00 2001
From: Jacek Kowalski <Jacek@jacekk.info>
Date: Mon, 27 Jun 2022 22:16:15 +0000
Subject: [PATCH] Add var project.build.outputTimestamp to enable reproducible builds
---
.github/workflows/release.yml | 80 ++++++++++++++++++---------------------
1 files changed, 37 insertions(+), 43 deletions(-)
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index c6bc7a3..d3df9ce 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -12,38 +12,37 @@
steps:
- id: checkout
name: Checkout code
- uses: actions/checkout@v2
+ uses: actions/checkout@v3
- - name: Install Java and Maven
- uses: actions/setup-java@v1
+ - id: java
+ name: Install Java and Maven
+ uses: actions/setup-java@v2
with:
- java-version: 8
+ distribution: zulu
+ java-version: 11
- id: vars
name: Get project variables
run: |
echo -n "::set-output name=keycloakVersion::"
- mvn -q help:evaluate -Dexpression=keycloak.version -DforceStdout 2> /dev/null
- echo
+ mvn -q help:evaluate -Dexpression=keycloak.version -DforceStdout 2> /dev/null | grep -E '^[0-9a-zA-Z.-]+$'
echo -n "::set-output name=artifactId::"
- mvn -q help:evaluate -Dexpression=project.artifactId -DforceStdout 2> /dev/null
- echo
+ mvn -q help:evaluate -Dexpression=project.artifactId -DforceStdout 2> /dev/null | grep -E '^[0-9a-zA-Z.-]+$'
echo -n "::set-output name=projectName::"
- mvn -q help:evaluate -Dexpression=project.name -DforceStdout 2> /dev/null
- echo
+ mvn -q help:evaluate -Dexpression=project.name -DforceStdout 2> /dev/null | grep -E '^[0-9a-zA-Z :,.-]+$'
echo -n "::set-output name=projectVersion::"
- mvn -q help:evaluate -Dexpression=project.version -DforceStdout 2> /dev/null
- echo
+ mvn -q help:evaluate -Dexpression=project.version -DforceStdout 2> /dev/null | grep -E '^[0-9a-zA-Z.-]+$'
- name: Build project
run: |
mvn -B test package
- name: Upload artifact
- uses: actions/upload-artifact@v1
+ uses: actions/upload-artifact@v3
with:
name: jar
path: target/${{ steps.vars.outputs.artifactId }}-${{ steps.vars.outputs.projectVersion }}.jar
+ if-no-files-found: error
outputs:
artifact_id: ${{ steps.vars.outputs.artifactId }}
@@ -55,16 +54,6 @@
name: Test
runs-on: ubuntu-latest
needs: build
- services:
- keycloak:
- image: quay.io/keycloak/keycloak:${{ needs.build.outputs.keycloak_version }}
- env:
- KEYCLOAK_USER: admin
- KEYCLOAK_PASSWORD: admin
- ports:
- - 8080:8080
- volumes:
- - '${{ github.workspace }}:/workspace'
steps:
- id: checkout
name: Checkout code
@@ -72,37 +61,42 @@
- id: download_artifact
name: Download artifact
- uses: actions/download-artifact@v1
+ uses: actions/download-artifact@v3
with:
name: jar
+
+ - id: create_container
+ name: Create Keycloak container
+ run: |
+ docker run -i -t -d -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin -p 8080:8080 --name keycloak "quay.io/keycloak/keycloak:${{ needs.build.outputs.keycloak_version }}" start-dev
- id: deploy
name: Deploy artifact
run: |
- CONTAINER="${{ job.services.keycloak.id }}"
+ CONTAINER="keycloak"
NAME="${{ needs.build.outputs.artifact_id }}-${{ needs.build.outputs.project_version }}.jar"
- FILE="/opt/jboss/keycloak/standalone/deployments/${NAME}"
- docker cp "jar/${NAME}" "${CONTAINER}:/tmp/"
- docker exec -i "${CONTAINER}" /bin/bash <<EOF
- cp "/tmp/${NAME}" "${FILE}"
- for i in {1..60}; do
- echo -n .
- [ -f "${FILE}.deployed" ] && echo && echo "Deployment succeeded!" && exit 0
- [ -f "${FILE}.failed" ] && echo && echo "Deployment failed!" && exit 1
- sleep 1
- done
- echo && echo "Deployment timeout!" && exit 1
- EOF
+ FILE="/opt/keycloak/providers/${NAME}"
+ docker cp "${NAME}" "${CONTAINER}:${FILE}"
+ docker restart "${CONTAINER}"
+ for i in {1..60}; do
+ if curl --silent --max-time 1 -o /dev/null http://localhost:8080; then
+ echo && echo "Deployment succeeded!" && exit 0
+ else
+ sleep 1
+ echo -n "."
+ fi
+ done
+ echo && echo "Deployment timeout!" && exit 1
- id: configure_keycloak
name: Configure Keycloak
run: |
- CONTAINER="${{ job.services.keycloak.id }}"
+ CONTAINER="keycloak"
docker exec -i "${CONTAINER}" /bin/bash <<EOF
- /opt/jboss/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin --password admin
- /opt/jboss/keycloak/bin/kcadm.sh create clients -r master -s clientId=test -s protocol=cas -s enabled=true -s publicClient=true \
+ /opt/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080 --realm master --user admin --password admin
+ /opt/keycloak/bin/kcadm.sh create clients -r master -s clientId=test -s protocol=cas -s enabled=true -s publicClient=true \
-s 'redirectUris=["http://localhost/*"]' -s baseUrl=http://localhost -s adminUrl=http://localhost
- /opt/jboss/keycloak/bin/kcadm.sh get serverinfo -r master --fields "providers(login-protocol(providers(cas)))" | grep cas
+ /opt/keycloak/bin/kcadm.sh get serverinfo -r master --fields "providers(login-protocol(providers(cas)))" | grep cas
EOF
- id: run_tests
@@ -117,7 +111,7 @@
steps:
- id: download_artifact
name: Download artifact
- uses: actions/download-artifact@v1
+ uses: actions/download-artifact@v3
with:
name: jar
@@ -139,6 +133,6 @@
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
- asset_path: jar/${{ needs.build.outputs.artifact_id }}-${{ needs.build.outputs.project_version }}.jar
+ asset_path: ${{ needs.build.outputs.artifact_id }}-${{ needs.build.outputs.project_version }}.jar
asset_name: ${{ needs.build.outputs.artifact_id }}-${{ needs.build.outputs.project_version }}.jar
asset_content_type: application/java-archive
--
Gitblit v1.9.1