Skip to content

Merge pull request #22 from canonical/IAM-893 #108

Merge pull request #22 from canonical/IAM-893

Merge pull request #22 from canonical/IAM-893 #108

Workflow file for this run

name: CI Tasks for Ory Hydra
on:
push:
branches:
- canonical
tags:
- "*"
pull_request:
# Cancel in-progress runs in current workflow.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
oidc-conformity:
name: Run OIDC conformity tests
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: ory/ci/checkout@master
with:
# We must fetch at least the immediate parents so that if this is
# a pull request then we can checkout the head.
fetch-depth: 2
- uses: actions/setup-go@v3
with:
go-version: "1.21"
- name: Start service
run: ./test/conformance/start.sh
- name: Run tests
run: ./test/conformance/test.sh -v -short -parallel 16
sdk-generate:
name: Generate SDKs
runs-on: ubuntu-latest
outputs:
sdk-cache-key: ${{ steps.sdk-generate.outputs.sdk-cache-key }}
steps:
- uses: ory/ci/sdk/generate@master
with:
token: ${{ secrets.ORY_BOT_PAT }}
id: sdk-generate
test:
name: Run tests and lints
runs-on: ubuntu-latest
needs:
- sdk-generate
services:
postgres:
image: postgres:11.8
env:
POSTGRES_DB: postgres
POSTGRES_PASSWORD: test
POSTGRES_USER: test
ports:
- 5432:5432
mysql:
image: mysql:8.0.26
env:
MYSQL_ROOT_PASSWORD: test
ports:
- 3306:3306
env:
TEST_DATABASE_POSTGRESQL: "postgres://test:test@localhost:5432/postgres?sslmode=disable"
TEST_DATABASE_MYSQL: "mysql://root:test@(localhost:3306)/mysql?multiStatements=true&parseTime=true"
TEST_DATABASE_COCKROACHDB: "cockroach://root@localhost:26257/defaultdb?sslmode=disable"
steps:
- run: |
docker create --name cockroach -p 26257:26257 \
cockroachdb/cockroach:v22.1.10 start-single-node --insecure
docker start cockroach
name: Start CockroachDB
- uses: ory/ci/checkout@master
with:
fetch-depth: 2
- uses: actions/cache@v2
with:
path: |
internal/httpclient
key: ${{ needs.sdk-generate.outputs.sdk-cache-key }}
- uses: actions/setup-go@v4
with:
go-version: "1.21"
- run: go list -json > go.list
- name: Run nancy
uses: sonatype-nexus-community/[email protected]
with:
nancyVersion: v1.0.42
- name: Run golangci-lint
uses: golangci/golangci-lint-action@v3
env:
GOGC: 100
with:
args: --timeout 10m0s
version: v1.55.2
skip-pkg-cache: true
- name: Run go-acc (tests)
run: |
make .bin/go-acc
.bin/go-acc -o coverage.out ./... -- -failfast -timeout=20m -tags sqlite,json1
- name: Upload Go test results
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3
with:
name: Go-results
path: test.json
test-hsm:
name: Run HSM tests
needs:
- sdk-generate
runs-on: ubuntu-latest
env:
HSM_ENABLED: true
HSM_LIBRARY: /usr/lib/softhsm/libsofthsm2.so
HSM_TOKEN_LABEL: hydra
HSM_PIN: 1234
steps:
- uses: ory/ci/checkout@master
- uses: actions/cache@v2
with:
path: |
internal/httpclient
key: ${{ needs.sdk-generate.outputs.sdk-cache-key }}
- uses: actions/setup-go@v3
with:
go-version: "1.21"
- name: Setup HSM libs and packages
run: |
sudo apt install -y softhsm opensc
sudo rm -rf /var/lib/softhsm/tokens
sudo mkdir -p /var/lib/softhsm/tokens
sudo chmod -R a+rwx /var/lib/softhsm
sudo chmod a+rx /etc/softhsm
sudo chmod a+r /etc/softhsm/*
- name: HSM tests
run: |
pkcs11-tool --module /usr/lib/softhsm/libsofthsm2.so --slot 0 --init-token --so-pin 0000 --init-pin --pin 1234 --label hydra
go test -p 1 -failfast -short -timeout=20m -tags=sqlite,hsm ./...
test-e2e:
name: Run end-to-end tests
runs-on: ubuntu-latest
needs:
- sdk-generate
strategy:
matrix:
database: ["memory", "postgres", "mysql", "cockroach"]
args: ["", "--jwt"]
services:
postgres:
image: postgres:11.8
env:
POSTGRES_DB: postgres
POSTGRES_PASSWORD: test
POSTGRES_USER: test
ports:
- 5432:5432
mysql:
image: mysql:8.0.26
env:
MYSQL_ROOT_PASSWORD: test
ports:
- 3306:3306
env:
TEST_DATABASE_POSTGRESQL: "postgres://test:test@localhost:5432/postgres?sslmode=disable"
TEST_DATABASE_MYSQL: "mysql://root:test@(localhost:3306)/mysql?multiStatements=true&parseTime=true"
TEST_DATABASE_COCKROACHDB: "cockroach://root@localhost:26257/defaultdb?sslmode=disable"
steps:
- run: |
docker create --name cockroach -p 26257:26257 \
cockroachdb/cockroach:v22.1.10 start-single-node --insecure
docker start cockroach
name: Start CockroachDB
- uses: ory/ci/checkout@master
- uses: actions/setup-go@v3
with:
go-version: "1.21"
- uses: actions/cache@v2
with:
path: ./test/e2e/hydra
key: ${{ runner.os }}-hydra
- uses: actions/cache@v2
with:
path: |
internal/httpclient
key: ${{ needs.sdk-generate.outputs.sdk-cache-key }}
- run: ./test/e2e/circle-ci.bash ${{ matrix.database }} ${{ matrix.args }}
docs-cli:
runs-on: ubuntu-latest
name: Build CLI docs
needs:
- test
steps:
- uses: ory/ci/docs/cli-next@master
with:
token: ${{ secrets.ORY_BOT_PAT }}
output-dir: docs/hydra/cli
changelog:
name: Generate changelog
runs-on: ubuntu-latest
if: ${{ github.ref_type == 'tag' || github.ref_name == 'master' }}
needs:
- test
- test-hsm
- test-e2e
steps:
- uses: ory/ci/changelog@master
with:
token: ${{ secrets.ORY_BOT_PAT }}