21537 - Add in keycloak user fetch for role #1758
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Auth API CI | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| paths: | |
| - "auth-api/**" | |
| defaults: | |
| run: | |
| shell: bash | |
| working-directory: ./auth-api | |
| jobs: | |
| setup-job: | |
| runs-on: ubuntu-20.04 | |
| if: github.repository == 'bcgov/sbc-auth' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - run: "true" | |
| linting: | |
| needs: setup-job | |
| runs-on: ubuntu-20.04 | |
| strategy: | |
| matrix: | |
| python-version: [3.8] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v1 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install dependencies | |
| run: | | |
| make setup | |
| - name: Lint with pylint | |
| id: pylint | |
| run: | | |
| make pylint | |
| - name: Lint with flake8 | |
| id: flake8 | |
| run: | | |
| make flake8 | |
| testing: | |
| needs: setup-job | |
| env: | |
| FLASK_ENV: "testing" | |
| DATABASE_TEST_URL: "postgresql://postgres:postgres@localhost:5432/postgres" | |
| JWT_OIDC_TEST_ISSUER: "http://localhost:8081/auth/realms/demo" | |
| JWT_OIDC_TEST_WELL_KNOWN_CONFIG: "http://localhost:8081/auth/realms/demo/.well-known/openid-configuration" | |
| JWT_OIDC_TEST_ALGORITHMS: "RS256" | |
| JWT_OIDC_TEST_AUDIENCE: "sbc-auth-web" | |
| JWT_OIDC_TEST_CLIENT_SECRET: "1111111111" | |
| JWT_OIDC_TEST_JWKS_CACHE_TIMEOUT: "6000" | |
| KEYCLOAK_TEST_ADMIN_CLIENTID: "sbc-auth-admin" | |
| KEYCLOAK_TEST_ADMIN_SECRET: "2222222222" | |
| KEYCLOAK_TEST_AUTH_AUDIENCE: "sbc-auth-web" | |
| KEYCLOAK_TEST_AUTH_CLIENT_SECRET: "1111111111" | |
| KEYCLOAK_TEST_BASE_URL: "http://localhost:8081" | |
| KEYCLOAK_TEST_REALMNAME: "demo" | |
| TOKEN_EXPIRY_PERIOD: 7 | |
| EMAIL_SECURITY_PASSWORD_SALT: "my_pwd_salt" | |
| EMAIL_TOKEN_SECRET_KEY: "mySecretKey" | |
| USE_TEST_KEYCLOAK_DOCKER: "YES" | |
| USE_DOCKER_MOCK: "YES" | |
| STAFF_ADMIN_EMAIL: "[email protected]" | |
| runs-on: ubuntu-20.04 | |
| services: | |
| postgres: | |
| image: postgres:12 | |
| env: | |
| POSTGRES_USER: postgres | |
| POSTGRES_PASSWORD: postgres | |
| POSTGRES_DB: postgres | |
| ports: | |
| - 5432:5432 | |
| # needed because the postgres container does not provide a healthcheck | |
| options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up Python ${{ matrix.python-version }} | |
| uses: actions/setup-python@v1 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: Install docker-compose | |
| run: | | |
| sudo curl -L https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose | |
| sudo chmod +x /usr/local/bin/docker-compose | |
| docker-compose version | |
| - name: Install dependencies | |
| run: | | |
| make setup | |
| - name: Test with pytest | |
| id: test | |
| run: | | |
| make test | |
| - name: Upload coverage to Codecov | |
| uses: codecov/codecov-action@v3 | |
| with: | |
| file: ./auth-api/coverage.xml | |
| flags: authapi | |
| name: codecov-auth-api | |
| fail_ci_if_error: false | |
| build-check: | |
| needs: setup-job | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: build to check strictness | |
| id: build | |
| run: | | |
| make build-nc |