From 755fd78fa0ee0f2a67417a119382c63e02c1091e Mon Sep 17 00:00:00 2001
From: Alexandre Rocha Wendling <alexandrerw@celepar.pr.gov.br>
Date: Tue, 16 Jul 2024 14:15:23 +0000
Subject: [PATCH] Proxy ticket service and proxy ticket validation Proxy endpoints improvements suggested by Jacek Kowalski Add ticket type to storage key Rename isreuse to isReusable Remove "parsing" of "codeUUID" that is String, not UUID Improve error reporting in CAS ticket validation
---
.github/workflows/release.yml | 115 +++++++++++++++++++++++++--------------------------------
1 files changed, 50 insertions(+), 65 deletions(-)
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index c6bc7a3..8163160 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -5,6 +5,8 @@
name: Release
+permissions: {}
+
jobs:
build:
name: Build
@@ -12,38 +14,37 @@
steps:
- id: checkout
name: Checkout code
- uses: actions/checkout@v2
+ uses: actions/checkout@v3
- - name: Install Java and Maven
- uses: actions/setup-java@v1
+ - id: java
+ name: Install Java and Maven
+ uses: actions/setup-java@v3
with:
- java-version: 8
+ distribution: zulu
+ java-version: 17
- id: vars
name: Get project variables
run: |
- echo -n "::set-output name=keycloakVersion::"
- mvn -q help:evaluate -Dexpression=keycloak.version -DforceStdout 2> /dev/null
- echo
- echo -n "::set-output name=artifactId::"
- mvn -q help:evaluate -Dexpression=project.artifactId -DforceStdout 2> /dev/null
- echo
- echo -n "::set-output name=projectName::"
- mvn -q help:evaluate -Dexpression=project.name -DforceStdout 2> /dev/null
- echo
- echo -n "::set-output name=projectVersion::"
- mvn -q help:evaluate -Dexpression=project.version -DforceStdout 2> /dev/null
- echo
+ echo -n "keycloakVersion=" >> $GITHUB_OUTPUT
+ mvn -q help:evaluate -Dexpression=keycloak.version -DforceStdout 2> /dev/null | grep -E '^[0-9a-zA-Z.-]+$' >> $GITHUB_OUTPUT
+ echo -n "artifactId=" >> $GITHUB_OUTPUT
+ mvn -q help:evaluate -Dexpression=project.artifactId -DforceStdout 2> /dev/null | grep -E '^[0-9a-zA-Z.-]+$' >> $GITHUB_OUTPUT
+ echo -n "projectName=" >> $GITHUB_OUTPUT
+ mvn -q help:evaluate -Dexpression=project.name -DforceStdout 2> /dev/null | grep -E '^[0-9a-zA-Z :,.-]+$' >> $GITHUB_OUTPUT
+ echo -n "projectVersion=" >> $GITHUB_OUTPUT
+ mvn -q help:evaluate -Dexpression=project.version -DforceStdout 2> /dev/null | grep -E '^[0-9a-zA-Z.-]+$' >> $GITHUB_OUTPUT
- name: Build project
run: |
mvn -B test package
- name: Upload artifact
- uses: actions/upload-artifact@v1
+ uses: actions/upload-artifact@v3
with:
name: jar
path: target/${{ steps.vars.outputs.artifactId }}-${{ steps.vars.outputs.projectVersion }}.jar
+ if-no-files-found: error
outputs:
artifact_id: ${{ steps.vars.outputs.artifactId }}
@@ -55,54 +56,49 @@
name: Test
runs-on: ubuntu-latest
needs: build
- services:
- keycloak:
- image: quay.io/keycloak/keycloak:${{ needs.build.outputs.keycloak_version }}
- env:
- KEYCLOAK_USER: admin
- KEYCLOAK_PASSWORD: admin
- ports:
- - 8080:8080
- volumes:
- - '${{ github.workspace }}:/workspace'
steps:
- id: checkout
name: Checkout code
- uses: actions/checkout@v2
+ uses: actions/checkout@v3
- id: download_artifact
name: Download artifact
- uses: actions/download-artifact@v1
+ uses: actions/download-artifact@v3
with:
name: jar
+
+ - id: create_container
+ name: Create Keycloak container
+ run: |
+ docker run -i -t -d -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin -p 8080:8080 --name keycloak "quay.io/keycloak/keycloak:${{ needs.build.outputs.keycloak_version }}" start-dev
- id: deploy
name: Deploy artifact
run: |
- CONTAINER="${{ job.services.keycloak.id }}"
+ CONTAINER="keycloak"
NAME="${{ needs.build.outputs.artifact_id }}-${{ needs.build.outputs.project_version }}.jar"
- FILE="/opt/jboss/keycloak/standalone/deployments/${NAME}"
- docker cp "jar/${NAME}" "${CONTAINER}:/tmp/"
- docker exec -i "${CONTAINER}" /bin/bash <<EOF
- cp "/tmp/${NAME}" "${FILE}"
- for i in {1..60}; do
- echo -n .
- [ -f "${FILE}.deployed" ] && echo && echo "Deployment succeeded!" && exit 0
- [ -f "${FILE}.failed" ] && echo && echo "Deployment failed!" && exit 1
- sleep 1
- done
- echo && echo "Deployment timeout!" && exit 1
- EOF
+ FILE="/opt/keycloak/providers/${NAME}"
+ docker cp "${NAME}" "${CONTAINER}:${FILE}"
+ docker restart "${CONTAINER}"
+ for i in {1..60}; do
+ if curl --silent --max-time 1 -o /dev/null http://localhost:8080; then
+ echo && echo "Deployment succeeded!" && exit 0
+ else
+ sleep 1
+ echo -n "."
+ fi
+ done
+ echo && echo "Deployment timeout!" && exit 1
- id: configure_keycloak
name: Configure Keycloak
run: |
- CONTAINER="${{ job.services.keycloak.id }}"
+ CONTAINER="keycloak"
docker exec -i "${CONTAINER}" /bin/bash <<EOF
- /opt/jboss/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080/auth --realm master --user admin --password admin
- /opt/jboss/keycloak/bin/kcadm.sh create clients -r master -s clientId=test -s protocol=cas -s enabled=true -s publicClient=true \
+ /opt/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080 --realm master --user admin --password admin
+ /opt/keycloak/bin/kcadm.sh create clients -r master -s clientId=test -s protocol=cas -s enabled=true -s publicClient=true \
-s 'redirectUris=["http://localhost/*"]' -s baseUrl=http://localhost -s adminUrl=http://localhost
- /opt/jboss/keycloak/bin/kcadm.sh get serverinfo -r master --fields "providers(login-protocol(providers(cas)))" | grep cas
+ /opt/keycloak/bin/kcadm.sh get serverinfo -r master --fields "providers(login-protocol(providers(cas)))" | grep cas
EOF
- id: run_tests
@@ -114,31 +110,20 @@
name: Release
runs-on: ubuntu-latest
needs: [build, test]
+ permissions:
+ contents: write
steps:
- id: download_artifact
name: Download artifact
- uses: actions/download-artifact@v1
+ uses: actions/download-artifact@v3
with:
name: jar
- id: create_release
name: Create release
- uses: actions/create-release@v1
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ uses: softprops/action-gh-release@v1
with:
- tag_name: ${{ github.ref }}
- release_name: ${{ needs.build.outputs.project_name }} ${{ needs.build.outputs.project_version }}
- draft: false
- prerelease: false
-
- - id: upload_release
- name: Upload release artifact
- uses: actions/upload-release-asset@v1
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- with:
- upload_url: ${{ steps.create_release.outputs.upload_url }}
- asset_path: jar/${{ needs.build.outputs.artifact_id }}-${{ needs.build.outputs.project_version }}.jar
- asset_name: ${{ needs.build.outputs.artifact_id }}-${{ needs.build.outputs.project_version }}.jar
- asset_content_type: application/java-archive
+ name: ${{ needs.build.outputs.project_name }} ${{ needs.build.outputs.project_version }}
+ files: ${{ needs.build.outputs.artifact_id }}-${{ needs.build.outputs.project_version }}.jar
+ fail_on_unmatched_files: true
+ generate_release_notes: true
--
Gitblit v1.9.1