Test oidc sso example on ci #2054
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| tags: | |
| - "v*" # Push events to matching v*, i.e. v1.0, v20.15.10 | |
| branches: | |
| - "main" | |
| paths-ignore: | |
| - "docs/**" | |
| - "README.md" | |
| - ".github/workflows/release.yml" | |
| - ".github/workflows/official-site.yml" | |
| pull_request: | |
| branches: | |
| - "main" | |
| env: | |
| CARGO_TERM_COLOR: always | |
| REGISTRY_USERNAME: lovasoa | |
| REGISTRY_IMAGE: lovasoa/sqlpage | |
| jobs: | |
| compile_and_lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - run: npm ci | |
| - run: npm test | |
| - name: Set up cargo cache | |
| uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 | |
| with: | |
| shared-key: rust-sqlpage-proj-test | |
| save-if: ${{ github.ref == 'refs/heads/main' }} | |
| - run: cargo fmt --all -- --check | |
| - run: cargo clippy --all-targets --all-features -- -D warnings | |
| - run: cargo test --features odbc-static | |
| - name: Upload Linux binary | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: sqlpage-linux-debug | |
| path: "target/debug/sqlpage" | |
| test: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| include: | |
| - database: postgres | |
| container: postgres | |
| db_url: "postgres://root:[email protected]/sqlpage" | |
| - database: mysql | |
| container: mysql | |
| db_url: "mysql://root:[email protected]/sqlpage" | |
| - database: mssql | |
| container: mssql | |
| db_url: "mssql://root:[email protected]/sqlpage" | |
| - database: odbc | |
| container: postgres | |
| db_url: "Driver=PostgreSQL Unicode;Server=127.0.0.1;Port=5432;Database=sqlpage;UID=root;PWD=Password123!" | |
| setup_odbc: true | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up cargo cache | |
| uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 | |
| with: | |
| shared-key: rust-sqlpage-proj-test | |
| save-if: false | |
| - name: Install PostgreSQL ODBC driver | |
| if: matrix.setup_odbc | |
| run: sudo apt-get install -y odbc-postgresql | |
| - name: Start database container | |
| run: docker compose up --wait ${{ matrix.container }} | |
| - name: Show container logs | |
| if: failure() | |
| run: docker compose logs ${{ matrix.container }} | |
| - name: Run tests against ${{ matrix.database }} | |
| timeout-minutes: 5 | |
| run: cargo test --features odbc-static | |
| env: | |
| DATABASE_URL: ${{ matrix.db_url }} | |
| RUST_BACKTRACE: 1 | |
| MALLOC_CHECK_: 3 | |
| MALLOC_PERTURB_: 10 | |
| windows_test: | |
| runs-on: windows-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up cargo cache | |
| uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 | |
| - name: Check port usage | |
| run: netstat -bano | |
| - run: cargo test | |
| env: | |
| RUST_BACKTRACE: 1 | |
| - name: Upload Windows binary | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: sqlpage-windows-debug | |
| path: "target/debug/sqlpage.exe" | |
| docker_build: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| platform: | |
| - linux/amd64 | |
| - linux/arm/v7 | |
| - linux/arm64 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - id: suffix | |
| name: Cache name suffix | |
| run: echo "suffix=-$(tr '/' '-' <<< ${{ matrix.platform }})" >> "$GITHUB_OUTPUT" | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY_IMAGE }} | |
| flavor: suffix=${{ steps.suffix.outputs.suffix }} | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Login to Docker Hub | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ env.REGISTRY_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Build and push by digest | |
| id: build | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| platforms: ${{ matrix.platform }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| cache-from: type=registry,ref=${{ env.REGISTRY_IMAGE }}:main${{ steps.suffix.outputs.suffix }} | |
| # don't save cache on prs | |
| cache-to: > | |
| ${{ github.event_name != 'pull_request' | |
| && format('type=registry,ref={0}:main{1},compression=zstd,mode=max', env.REGISTRY_IMAGE, steps.suffix.outputs.suffix) | |
| || '' | |
| }} | |
| - name: Export digest | |
| if: github.event_name != 'pull_request' | |
| run: | | |
| mkdir -p /tmp/digests | |
| digest="${{ steps.build.outputs.digest }}" | |
| touch "/tmp/digests/${digest#sha256:}" | |
| - name: Upload digest | |
| uses: actions/upload-artifact@v4 | |
| if: github.event_name != 'pull_request' | |
| with: | |
| name: digests${{ steps.suffix.outputs.suffix }} | |
| path: /tmp/digests/* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| oidc_sso_test: | |
| runs-on: ubuntu-latest | |
| needs: compile_and_lint | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download SQLPage binary | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: sqlpage-linux-debug | |
| path: target/debug/ | |
| - name: Make binary executable | |
| run: chmod +x target/debug/sqlpage | |
| - name: Set up Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: '20' | |
| - name: Install Playwright | |
| working-directory: tests/end-to-end | |
| run: | | |
| npm ci | |
| npx playwright install chromium --with-deps | |
| - name: Build Keycloak image | |
| working-directory: "examples/single sign on" | |
| run: docker build -t keycloak-sso -f keycloak.Dockerfile . | |
| - name: Start Keycloak | |
| run: | | |
| docker run -d --name keycloak \ | |
| -e KEYCLOAK_ADMIN=admin \ | |
| -e KEYCLOAK_ADMIN_PASSWORD=admin \ | |
| -p 8181:8181 \ | |
| keycloak-sso | |
| - name: Wait for Keycloak to be ready | |
| run: | | |
| echo "Waiting for Keycloak to start..." | |
| for i in {1..60}; do | |
| if curl -s -f http://localhost:8181/realms/sqlpage_demo/.well-known/openid-configuration > /dev/null 2>&1; then | |
| echo "Keycloak is ready!" | |
| break | |
| fi | |
| echo "Attempt $i: Keycloak not ready yet..." | |
| sleep 5 | |
| done | |
| curl -f http://localhost:8181/realms/sqlpage_demo/.well-known/openid-configuration || (docker logs keycloak && exit 1) | |
| - name: Start SQLPage with OIDC config | |
| working-directory: "examples/single sign on" | |
| run: | | |
| ../../target/debug/sqlpage & | |
| sleep 3 | |
| env: | |
| SQLPAGE_CONFIGURATION_DIRECTORY: ./sqlpage | |
| - name: Verify SQLPage is running | |
| run: | | |
| curl -f http://localhost:8080/ || exit 1 | |
| - name: Run OIDC SSO tests | |
| working-directory: tests/end-to-end | |
| run: npx playwright test oidc-sso.spec.ts --reporter=line | |
| env: | |
| SQLPAGE_URL: http://localhost:8080 | |
| - name: Show Keycloak logs on failure | |
| if: failure() | |
| run: docker logs keycloak | |
| - name: Upload test results | |
| uses: actions/upload-artifact@v4 | |
| if: failure() | |
| with: | |
| name: oidc-test-results | |
| path: tests/end-to-end/test-results/ | |
| docker_push: | |
| runs-on: ubuntu-latest | |
| if: github.event_name != 'pull_request' | |
| needs: | |
| - docker_build | |
| steps: | |
| - name: Download digests | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: digests* | |
| merge-multiple: true | |
| path: /tmp/digests | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Docker meta | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY_IMAGE }} | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ env.REGISTRY_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Create manifest list and push | |
| working-directory: /tmp/digests | |
| run: | | |
| docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ | |
| $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) | |
| - name: Inspect image | |
| run: | | |
| docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }} |