Thanks to visit codestin.com
Credit goes to github.com

Skip to content
Keycloak Operator CI

Add configurable HTTP retry mechanism for OCSP validation #42409

Sign in to view logs

Add configurable HTTP retry mechanism for OCSP validation

Add configurable HTTP retry mechanism for OCSP validation #42409

Workflow file for this run

.github/workflows/operator-ci.yml at e202cdf
name: Keycloak Operator CI
on:
push:
branches-ignore:
- main
- dependabot/**
pull_request:
workflow_dispatch:
env:
MAVEN_ARGS: "-B -nsu -Daether.connector.http.connectionMaxTtl=25"
MINIKUBE_VERSION: v1.37.0
KUBERNETES_VERSION: v1.32.9 # OCP 4.19
MINIKUBE_MEMORY: 4096 # Without explicitly setting memory, minikube uses ~25% of available memory which might be too little on smaller GitHub runners for running the tests
defaults:
run:
shell: bash
concurrency:
# Only cancel jobs for PR updates
group: operator-ci-${{ github.ref }}
cancel-in-progress: true
permissions:
contents: read
jobs:
conditional:
name: Check conditional workflows and jobs
runs-on: ubuntu-latest
outputs:
operator: ${{ steps.conditional.outputs.operator }}
permissions:
contents: read
pull-requests: read
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- id: conditional
uses: ./.github/actions/conditional
with:
token: ${{ secrets.GITHUB_TOKEN }}
build:
name: Build distribution
if: needs.conditional.outputs.operator == 'true'
runs-on: ubuntu-latest
needs: conditional
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: Build Keycloak
uses: ./.github/actions/build-keycloak
with:
upload-m2-repo: false
upload-dist: true
test-local-apiserver:
name: Test local apiserver
runs-on: ubuntu-latest
needs: [build]
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: Setup Java
uses: ./.github/actions/java-setup
- name: Test operator running locally
run: |
./mvnw install -Poperator -pl :keycloak-operator -am
test-remote:
name: Test remote
runs-on: ubuntu-latest
needs: [build]
strategy:
matrix:
suite: [slow, fast]
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: Set version
id: vars
run: echo "version_remote=0.0.1-${GITHUB_SHA::6}" >> $GITHUB_ENV
- name: Setup Java
uses: ./.github/actions/java-setup
- name: Setup Minikube-Kubernetes
uses: manusa/actions-setup-minikube@b589f2d61bf96695c546929c72b38563e856059d # v2.14.0
with:
minikube version: ${{ env.MINIKUBE_VERSION }}
kubernetes version: ${{ env.KUBERNETES_VERSION }}
github token: ${{ secrets.GITHUB_TOKEN }}
driver: docker
start args: --addons=ingress --memory=${{ env.MINIKUBE_MEMORY }} --cni calico --cpus=max
- name: Download keycloak distribution
id: download-keycloak-dist
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: keycloak-dist
path: quarkus/container
- name: Build Keycloak Docker images
run: |
eval $(minikube -p minikube docker-env)
(cd quarkus/container && docker build --build-arg KEYCLOAK_DIST=$(ls keycloak-*.tar.gz) . -t keycloak:${{ env.version_remote }})
(cd operator && ./scripts/build-testing-docker-images.sh ${{ env.version_remote }} keycloak custom-keycloak)
- name: Test operator running in cluster
run: |
declare -A PARAMS
PARAMS["slow"]="-Dkc.quarkus.tests.groups=slow"
PARAMS["fast"]='-Dkc.quarkus.tests.groups=!slow'
eval $(minikube -p minikube docker-env)
./mvnw install -Poperator -pl :keycloak-operator -am \
-Dquarkus.container-image.build=true \
-Dquarkus.kubernetes.image-pull-policy=IfNotPresent \
-Dkc.operator.keycloak.image=keycloak:${{ env.version_remote }} \
-Dquarkus.kubernetes.env.vars.kc-operator-keycloak-image-pull-policy=Never \
-Dtest.operator.custom.image=custom-keycloak:${{ env.version_remote }} \
--no-transfer-progress -Dtest.operator.deployment=remote ${PARAMS["${{ matrix.suite }}"]}
test-olm:
name: Test OLM installation
runs-on: ubuntu-latest
needs: [build]
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- name: Setup Java
uses: ./.github/actions/java-setup
- name: Setup Minikube-Kubernetes
uses: manusa/actions-setup-minikube@b589f2d61bf96695c546929c72b38563e856059d # v2.14.0
with:
minikube version: ${{ env.MINIKUBE_VERSION }}
kubernetes version: ${{ env.KUBERNETES_VERSION }}
github token: ${{ secrets.GITHUB_TOKEN }}
driver: docker
start args: --memory=${{ env.MINIKUBE_MEMORY }} --addons=registry --insecure-registry=192.168.49.0/24
- name: Install OPM
uses: redhat-actions/openshift-tools-installer@144527c7d98999f2652264c048c7a9bd103f8a82 # v1.13.1
with:
source: github
opm: 1.21.0
- name: Install OC
uses: redhat-actions/openshift-tools-installer@144527c7d98999f2652264c048c7a9bd103f8a82 # v1.13.1
with:
oc: 4
- name: Install Yq
run: sudo snap install yq
- name: Install OLM
working-directory: operator
run: ./scripts/install-olm.sh
- name: Download keycloak distribution
id: download-keycloak-dist
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: keycloak-dist
path: quarkus/container
- name: Arrange OLM test installation
working-directory: operator
run: |
echo "Minikube IP $(minikube ip)"
eval $(minikube -p minikube docker-env)
REGISTRY=$(minikube ip):5000 ./scripts/olm-testing.sh ${GITHUB_SHA::6}
- name: Deploy an example Keycloak and wait for it to be ready
working-directory: operator/scripts
run: |
./check-crd-installed.sh keycloaks
./check-crd-installed.sh keycloakrealmimports
./deploy-examples.sh
- name: Single namespace cleanup
working-directory: operator/scripts
run: ./undeploy-examples.sh
- name: Arrange OLM test installation for all namespaces
working-directory: operator
run: |
kubectl patch csv keycloak-operator.v86400000.0.0 --type merge --patch '{"spec": {"installModes": [{"type": "AllNamespaces","supported": true}]}}'
kubectl patch operatorgroup og --type json --patch '[{"op":"remove","path":"/spec/targetNamespaces"}]'
- name: Deploy an example Keycloak in a different namespace and wait for it to be ready
working-directory: operator/scripts
run: |
kubectl create ns keycloak
./deploy-examples.sh keycloak
./undeploy-examples.sh keycloak
- name: Install ServiceMonitor CRD
working-directory: operator
run: |
kubectl apply -f src/test/resources/service-monitor-crds.yml
./scripts/check-crd-installed.sh servicemonitors
kubectl delete pod -l name=keycloak-operator
- name: Deploy an example Keycloak with ServiceMonitor
working-directory: operator/scripts
run: |
./deploy-examples.sh keycloak
kubectl -n keycloak wait servicemonitor/example-kc --for=jsonpath='{.metadata.name}' --timeout=60s
- name: Debug Custom Resources
if: failure()
run: |
kubectl get keycloaks -A -o yaml
kubectl get keycloakrealmimports -A -o yaml
- name: Gather inspect report
if: failure()
run: oc adm inspect ns
- name: Upload inspect report
if: failure()
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: oc-inspect
path: inspect.*
check:
name: Status Check - Keycloak Operator CI
if: always()
needs:
- conditional
- build
- test-local-apiserver
- test-remote
- test-olm
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
- uses: ./.github/actions/status-check
with:
jobs: ${{ toJSON(needs) }}