Upstream OAuth 2.0 providers: Support signed userinfo and customising the expected id_token signature algorithm #1163
Workflow file for this run
  
    
      This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
      Learn more about bidirectional Unicode characters
    
  
  
    
  | name: Coverage | |
| on: | |
| push: | |
| branches: [ main ] | |
| pull_request: | |
| branches: [ main ] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: false | |
| env: | |
| CARGO_TERM_COLOR: always | |
| CARGO_NET_GIT_FETCH_WITH_CLI: "true" | |
| jobs: | |
| opa: | |
| name: Run OPA test suite with coverage | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout the code | |
| uses: actions/[email protected] | |
| - name: Setup OPA | |
| uses: open-policy-agent/[email protected] | |
| with: | |
| version: 0.64.1 | |
| - name: Run OPA tests with coverage | |
| working-directory: ./policies | |
| run: make coverage | |
| - name: Upload to codecov.io | |
| uses: codecov/[email protected] | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| files: policies/coverage.json | |
| flags: policies | |
| frontend: | |
| name: Run frontend test suite with coverage | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Checkout the code | |
| uses: actions/[email protected] | |
| - name: Install Node | |
| uses: actions/[email protected] | |
| with: | |
| node-version: 20 | |
| - name: Install Node dependencies | |
| working-directory: ./frontend | |
| run: npm ci | |
| - name: Build the frontend | |
| working-directory: ./frontend | |
| run: npm run build | |
| env: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| - name: Test | |
| working-directory: ./frontend | |
| run: npm run coverage | |
| - name: Upload to codecov.io | |
| uses: codecov/[email protected] | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| directory: frontend/coverage/ | |
| flags: frontend | |
| rust: | |
| name: Run Rust test suite with coverage | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| env: | |
| SCCACHE_GHA_ENABLED: "true" | |
| RUSTC_WRAPPER: "sccache" | |
| services: | |
| postgres: | |
| image: docker.io/library/postgres:15.3 | |
| env: | |
| POSTGRES_USER: postgres | |
| POSTGRES_PASSWORD: postgres | |
| POSTGRES_DB: postgres | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| ports: | |
| - "5432:5432" | |
| steps: | |
| - name: Checkout the code | |
| uses: actions/[email protected] | |
| - name: Install toolchain | |
| run: | | |
| rustup toolchain install stable | |
| rustup default stable | |
| rustup component add llvm-tools-preview | |
| - name: Install Node | |
| uses: actions/[email protected] | |
| with: | |
| node-version: 20 | |
| - name: Install Node dependencies | |
| working-directory: ./frontend | |
| run: npm ci | |
| - name: Build the frontend | |
| working-directory: ./frontend | |
| run: npm run build | |
| - name: Setup OPA | |
| uses: open-policy-agent/[email protected] | |
| with: | |
| version: 0.64.1 | |
| - name: Compile OPA policies | |
| working-directory: ./policies | |
| run: make | |
| - name: Setup sccache | |
| uses: mozilla-actions/[email protected] | |
| - name: Download grcov | |
| run: | | |
| mkdir -p "${HOME}/.local/bin" | |
| curl -sL https://github.com/mozilla/grcov/releases/download/v0.8.19/grcov-x86_64-unknown-linux-gnu.tar.bz2 | tar jxf - -C "${HOME}/.local/bin" | |
| echo "$HOME/.local/bin" >> $GITHUB_PATH | |
| - name: Run test suite with profiling enabled | |
| run: | | |
| cargo test --no-fail-fast --workspace | |
| env: | |
| RUSTFLAGS: '-Cinstrument-coverage' | |
| LLVM_PROFILE_FILE: "cargo-test-%p-%m.profraw" | |
| DATABASE_URL: postgresql://postgres:postgres@localhost/postgres | |
| SQLX_OFFLINE: '1' | |
| - name: Build grcov report | |
| run: | | |
| mkdir -p target/coverage | |
| grcov . --binary-path ./target/debug/deps/ -s . -t lcov --branch --ignore-not-existing --ignore '../*' --ignore "/*" -o target/coverage/tests.lcov | |
| - name: Upload to codecov.io | |
| uses: codecov/[email protected] | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| files: target/coverage/*.lcov | |
| flags: unit |