mirror of
https://github.com/ansible-middleware/keycloak.git
synced 2026-06-13 12:05:54 +00:00
Fix sanity and molecule tests
This commit is contained in:
Harsha Cherukuri
141
.github/workflows/cish-keycloak.yml
vendored
141
.github/workflows/cish-keycloak.yml
vendored
@@ -1,6 +1,7 @@
|
||||
---
|
||||
# Vendor of ansible-middleware/github-actions/.github/workflows/cish.yml (sync when CI workflow changes).
|
||||
# Podman Molecule jobs are skipped for fork pull requests (no org self-hosted runners / secrets).
|
||||
# Podman Molecule jobs: upstream uses self-hosted runners; forks and other repos use ubuntu-22.04 + podman.
|
||||
# Cross-repo PRs (fork → upstream) are skipped here so untrusted code does not run on org runners with secrets.
|
||||
name: CI
|
||||
on:
|
||||
workflow_call:
|
||||
@@ -205,30 +206,54 @@ jobs:
|
||||
STAGE_JBOSSNETWORK_API_SECRET: '${{ secrets.STAGE_JBOSSNETWORK_API_SECRET }}'
|
||||
|
||||
molecule_current:
|
||||
if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false }}
|
||||
runs-on: molecule-2.18
|
||||
if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name }}
|
||||
runs-on: ${{ github.repository == 'ansible-middleware/keycloak' && 'molecule-2.18' || 'ubuntu-22.04' }}
|
||||
strategy:
|
||||
matrix:
|
||||
python_version: ["3.12"]
|
||||
molecule_test: ${{ fromJSON(inputs.podman_tests_current) }}
|
||||
fail-fast: ${{ inputs.fail_fast }}
|
||||
env:
|
||||
PROXY: ${{ github.repository == 'ansible-middleware/keycloak' && '10.88.0.1:3128' || '' }}
|
||||
NO_PROXY: ${{ github.repository == 'ansible-middleware/keycloak' && 'localhost,.redhat.com,.ansible.com' || '' }}
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
path: ansible_collections/${{ inputs.fqcn }}
|
||||
|
||||
- name: Set up Python ${{ matrix.python_version }}
|
||||
if: ${{ github.repository != 'ansible-middleware/keycloak' }}
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: ${{ matrix.python_version }}
|
||||
cache: 'pip'
|
||||
cache-dependency-path: ansible_collections/${{ inputs.fqcn }}/requirements.txt
|
||||
|
||||
- name: Ensure podman is available
|
||||
run: |
|
||||
if ! command -v podman &> /dev/null; then
|
||||
echo "::warning::podman not found in PATH, attempting to install"
|
||||
dnf install -y podman 2>/dev/null || sudo dnf install -y podman || {
|
||||
echo "::error::Failed to install podman. The self-hosted runner image needs podman pre-installed."
|
||||
exit 1
|
||||
}
|
||||
if command -v podman &> /dev/null; then
|
||||
echo "podman $(podman --version)"
|
||||
exit 0
|
||||
fi
|
||||
echo "::warning::podman not found in PATH, attempting to install"
|
||||
if command -v apt-get &> /dev/null; then
|
||||
sudo apt-get update -y
|
||||
sudo apt-get install -y podman
|
||||
elif command -v dnf &> /dev/null; then
|
||||
sudo dnf install -y podman
|
||||
else
|
||||
echo "::error::Unsupported package manager; install podman on the runner image."
|
||||
exit 1
|
||||
fi
|
||||
echo "podman $(podman --version)"
|
||||
|
||||
- name: Use vfs storage for rootless podman (GitHub-hosted)
|
||||
if: ${{ github.repository != 'ansible-middleware/keycloak' }}
|
||||
run: |
|
||||
mkdir -p "${HOME}/.config/containers"
|
||||
printf '%s\n' '[storage]' 'driver = "vfs"' > "${HOME}/.config/containers/storage.conf"
|
||||
|
||||
- name: Initialize podman for current user
|
||||
run: |
|
||||
podman system migrate || true
|
||||
@@ -242,6 +267,10 @@ jobs:
|
||||
max_attempts: 3
|
||||
command: |
|
||||
python3.12 -m pip install --upgrade pip
|
||||
if [ "${{ github.repository }}" != "ansible-middleware/keycloak" ]; then
|
||||
python3.12 -m pip install --progress-bar off \
|
||||
'molecule>=24.2.0' 'molecule-plugins[podman]>=23.0.0' 'ansible-core~=2.18'
|
||||
fi
|
||||
if [ -f ansible_collections/${{ inputs.fqcn }}/requirements.txt ]; then
|
||||
echo "=== Installing python deps"
|
||||
python3.12 -m pip install --progress-bar off -r ansible_collections/${{ inputs.fqcn }}/requirements.txt
|
||||
@@ -269,34 +298,56 @@ jobs:
|
||||
PROD_JBOSSNETWORK_API_SECRET: '${{ secrets.PROD_JBOSSNETWORK_API_SECRET }}'
|
||||
STAGE_JBOSSNETWORK_API_CLIENTID: '${{ secrets.STAGE_JBOSSNETWORK_API_CLIENTID }}'
|
||||
STAGE_JBOSSNETWORK_API_SECRET: '${{ secrets.STAGE_JBOSSNETWORK_API_SECRET }}'
|
||||
PROXY: '10.88.0.1:3128'
|
||||
NO_PROXY: 'localhost,.redhat.com,.ansible.com'
|
||||
|
||||
molecule_middle:
|
||||
if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false }}
|
||||
runs-on: molecule-2.19
|
||||
if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name }}
|
||||
runs-on: ${{ github.repository == 'ansible-middleware/keycloak' && 'molecule-2.19' || 'ubuntu-22.04' }}
|
||||
strategy:
|
||||
matrix:
|
||||
python_version: ["3.12"]
|
||||
molecule_test: ${{ fromJSON(inputs.podman_tests_middle) }}
|
||||
fail-fast: ${{ inputs.fail_fast }}
|
||||
env:
|
||||
PROXY: ${{ github.repository == 'ansible-middleware/keycloak' && '10.88.0.1:3128' || '' }}
|
||||
NO_PROXY: ${{ github.repository == 'ansible-middleware/keycloak' && 'localhost,.redhat.com,.ansible.com' || '' }}
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
path: ansible_collections/${{ inputs.fqcn }}
|
||||
|
||||
- name: Set up Python ${{ matrix.python_version }}
|
||||
if: ${{ github.repository != 'ansible-middleware/keycloak' }}
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: ${{ matrix.python_version }}
|
||||
cache: 'pip'
|
||||
cache-dependency-path: ansible_collections/${{ inputs.fqcn }}/requirements.txt
|
||||
|
||||
- name: Ensure podman is available
|
||||
run: |
|
||||
if ! command -v podman &> /dev/null; then
|
||||
echo "::warning::podman not found in PATH, attempting to install"
|
||||
dnf install -y podman 2>/dev/null || sudo dnf install -y podman || {
|
||||
echo "::error::Failed to install podman. The self-hosted runner image needs podman pre-installed."
|
||||
exit 1
|
||||
}
|
||||
if command -v podman &> /dev/null; then
|
||||
echo "podman $(podman --version)"
|
||||
exit 0
|
||||
fi
|
||||
echo "::warning::podman not found in PATH, attempting to install"
|
||||
if command -v apt-get &> /dev/null; then
|
||||
sudo apt-get update -y
|
||||
sudo apt-get install -y podman
|
||||
elif command -v dnf &> /dev/null; then
|
||||
sudo dnf install -y podman
|
||||
else
|
||||
echo "::error::Unsupported package manager; install podman on the runner image."
|
||||
exit 1
|
||||
fi
|
||||
echo "podman $(podman --version)"
|
||||
|
||||
- name: Use vfs storage for rootless podman (GitHub-hosted)
|
||||
if: ${{ github.repository != 'ansible-middleware/keycloak' }}
|
||||
run: |
|
||||
mkdir -p "${HOME}/.config/containers"
|
||||
printf '%s\n' '[storage]' 'driver = "vfs"' > "${HOME}/.config/containers/storage.conf"
|
||||
|
||||
- name: Initialize podman for current user
|
||||
run: |
|
||||
podman system migrate || true
|
||||
@@ -310,6 +361,10 @@ jobs:
|
||||
max_attempts: 3
|
||||
command: |
|
||||
python3.12 -m pip install --upgrade pip
|
||||
if [ "${{ github.repository }}" != "ansible-middleware/keycloak" ]; then
|
||||
python3.12 -m pip install --progress-bar off \
|
||||
'molecule>=24.2.0' 'molecule-plugins[podman]>=23.0.0' 'ansible-core~=2.19'
|
||||
fi
|
||||
if [ -f ansible_collections/${{ inputs.fqcn }}/requirements.txt ]; then
|
||||
echo "=== Installing python deps"
|
||||
python3.12 -m pip install --progress-bar off -r ansible_collections/${{ inputs.fqcn }}/requirements.txt
|
||||
@@ -337,34 +392,56 @@ jobs:
|
||||
PROD_JBOSSNETWORK_API_SECRET: '${{ secrets.PROD_JBOSSNETWORK_API_SECRET }}'
|
||||
STAGE_JBOSSNETWORK_API_CLIENTID: '${{ secrets.STAGE_JBOSSNETWORK_API_CLIENTID }}'
|
||||
STAGE_JBOSSNETWORK_API_SECRET: '${{ secrets.STAGE_JBOSSNETWORK_API_SECRET }}'
|
||||
PROXY: '10.88.0.1:3128'
|
||||
NO_PROXY: 'localhost,.redhat.com,.ansible.com'
|
||||
|
||||
molecule_next:
|
||||
if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.fork == false }}
|
||||
runs-on: molecule-2.20
|
||||
if: ${{ github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name }}
|
||||
runs-on: ${{ github.repository == 'ansible-middleware/keycloak' && 'molecule-2.20' || 'ubuntu-22.04' }}
|
||||
strategy:
|
||||
matrix:
|
||||
python_version: ["3.12"]
|
||||
molecule_test: ${{ fromJSON(inputs.podman_tests_next) }}
|
||||
fail-fast: ${{ inputs.fail_fast }}
|
||||
env:
|
||||
PROXY: ${{ github.repository == 'ansible-middleware/keycloak' && '10.88.0.1:3128' || '' }}
|
||||
NO_PROXY: ${{ github.repository == 'ansible-middleware/keycloak' && 'localhost,.redhat.com,.ansible.com' || '' }}
|
||||
steps:
|
||||
- name: Check out code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
path: ansible_collections/${{ inputs.fqcn }}
|
||||
|
||||
- name: Set up Python ${{ matrix.python_version }}
|
||||
if: ${{ github.repository != 'ansible-middleware/keycloak' }}
|
||||
uses: actions/setup-python@v5
|
||||
with:
|
||||
python-version: ${{ matrix.python_version }}
|
||||
cache: 'pip'
|
||||
cache-dependency-path: ansible_collections/${{ inputs.fqcn }}/requirements.txt
|
||||
|
||||
- name: Ensure podman is available
|
||||
run: |
|
||||
if ! command -v podman &> /dev/null; then
|
||||
echo "::warning::podman not found in PATH, attempting to install"
|
||||
dnf install -y podman 2>/dev/null || sudo dnf install -y podman || {
|
||||
echo "::error::Failed to install podman. The self-hosted runner image needs podman pre-installed."
|
||||
exit 1
|
||||
}
|
||||
if command -v podman &> /dev/null; then
|
||||
echo "podman $(podman --version)"
|
||||
exit 0
|
||||
fi
|
||||
echo "::warning::podman not found in PATH, attempting to install"
|
||||
if command -v apt-get &> /dev/null; then
|
||||
sudo apt-get update -y
|
||||
sudo apt-get install -y podman
|
||||
elif command -v dnf &> /dev/null; then
|
||||
sudo dnf install -y podman
|
||||
else
|
||||
echo "::error::Unsupported package manager; install podman on the runner image."
|
||||
exit 1
|
||||
fi
|
||||
echo "podman $(podman --version)"
|
||||
|
||||
- name: Use vfs storage for rootless podman (GitHub-hosted)
|
||||
if: ${{ github.repository != 'ansible-middleware/keycloak' }}
|
||||
run: |
|
||||
mkdir -p "${HOME}/.config/containers"
|
||||
printf '%s\n' '[storage]' 'driver = "vfs"' > "${HOME}/.config/containers/storage.conf"
|
||||
|
||||
- name: Initialize podman for current user
|
||||
run: |
|
||||
podman system migrate || true
|
||||
@@ -378,6 +455,10 @@ jobs:
|
||||
max_attempts: 3
|
||||
command: |
|
||||
python3.12 -m pip install --upgrade pip
|
||||
if [ "${{ github.repository }}" != "ansible-middleware/keycloak" ]; then
|
||||
python3.12 -m pip install --progress-bar off \
|
||||
'molecule>=24.2.0' 'molecule-plugins[podman]>=23.0.0' 'ansible-core~=2.20'
|
||||
fi
|
||||
if [ -f ansible_collections/${{ inputs.fqcn }}/requirements.txt ]; then
|
||||
echo "=== Installing python deps"
|
||||
python3.12 -m pip install --progress-bar off -r ansible_collections/${{ inputs.fqcn }}/requirements.txt
|
||||
@@ -405,5 +486,3 @@ jobs:
|
||||
PROD_JBOSSNETWORK_API_SECRET: '${{ secrets.PROD_JBOSSNETWORK_API_SECRET }}'
|
||||
STAGE_JBOSSNETWORK_API_CLIENTID: '${{ secrets.STAGE_JBOSSNETWORK_API_CLIENTID }}'
|
||||
STAGE_JBOSSNETWORK_API_SECRET: '${{ secrets.STAGE_JBOSSNETWORK_API_SECRET }}'
|
||||
PROXY: '10.88.0.1:3128'
|
||||
NO_PROXY: 'localhost,.redhat.com,.ansible.com'
|
||||
|
||||
Reference in New Issue
Block a user