@@ -8,7 +8,7 @@ name: OIDC Integration Test
88on :
99 push :
1010 branches :
11- # - master
11+ - master
1212 - " **"
1313 # Triggers the workflow on labeled PRs only.
1414 pull_request_target :
@@ -25,24 +25,23 @@ permissions:
2525jobs :
2626 generate-platform-oidc-integration :
2727 strategy :
28- # Using "include" here instead of a typical matrix of arrays gives us granular control over combinations.
29- # This is necessary because we need to generate different audience values, some of which contain characters
30- # not suitable for dynamic naming or matrix keys.
31- # Each audience represents a different real-world use case:
32- # - "default": no audience provided, tests implicit GitHub behavior.
33- # - "test": explicitly defined audience for testing purposes.
34- # - "github-explicit-default": GitHub's default audience (explicitly passed) to test edge behavior,
35- # when a user is defining the default audience in the platform but not in the action.
28+ # Using "include" instead of a matrix of arrays gives us fine-grained control over test combinations.
29+ # This is needed because some audience values (e.g., URLs) contain characters not valid in matrix keys or job names.
30+ #
31+ # Each scenario represents a real-world case:
32+ # - "default": No audience is set in the action or the platform integration.
33+ # - "test": A custom audience is explicitly set in both the action and the platform integration.
34+ # - "github-implicit-default": The platform integration is explicitly configured with GitHub's default audience,
35+ # but the action does not pass any audience.
36+ # This tests CLI behavior in case of mismatches — see https://github.com/jfrog/setup-jfrog-cli/issues/270
3637 matrix :
3738 include :
3839 - audience_id : default
3940 audience_value : ' '
4041 - audience_id : test
41- audience_value : ' test-audience'
42- # When not provided, GitHub resolves the audience value to the URL of the GitHub repository owner.
43- # This test makes sure this issue won't happen again https://github.com/jfrog/setup-jfrog-cli/issues/270.
44- - audience_id : github-explicit-default
45- audience_value : ' https://github.com/EyalDelarea'
42+ audience_value : ' audience-value'
43+ - audience_id : github-implicit-default
44+ audience_value : ' https://github.com/jfrog'
4645 runs-on : ubuntu-latest
4746 steps :
4847 - name : Create OpenID Connect integration
@@ -97,23 +96,23 @@ jobs:
9796 audience_value : ' '
9897 - cli-version : ' 2.74.1'
9998 audience_id : test
100- audience_value : ' test- audience'
99+ audience_value : ' audience-value '
101100 - cli-version : ' 2.75.0'
102101 audience_id : test
103- audience_value : ' test- audience'
102+ audience_value : ' audience-value '
104103 - cli-version : latest
105104 audience_id : test
106- audience_value : ' test- audience'
105+ audience_value : ' audience-value '
107106 # GitHub default audience value is resolved implicitly when omitted.
108107 # These tests verify that the CLI handles an empty value correctly while GitHub sets the expected audience on its backend.
109108 - cli-version : ' 2.74.1'
110- audience_id : github-explicit -default
109+ audience_id : github-implicit -default
111110 audience_value : ' '
112111 - cli-version : ' 2.75.0'
113- audience_id : github-explicit -default
112+ audience_id : github-implicit -default
114113 audience_value : ' '
115114 - cli-version : latest
116- audience_id : github-explicit -default
115+ audience_id : github-implicit -default
117116 audience_value : ' '
118117 runs-on : ubuntu-latest
119118 env :
@@ -153,7 +152,7 @@ jobs:
153152 include :
154153 - audience_id : default
155154 - audience_id : test
156- - audience_id : github-explicit -default
155+ - audience_id : github-implicit -default
157156 runs-on : ubuntu-latest
158157 steps :
159158 - name : Delete OIDC integration
0 commit comments