SAML-Portal: Mention SAML in confidential app description #10757
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- '*' | |
- '!gh-pages' | |
tags: | |
- '*' | |
pull_request: | |
branches: | |
- '*' | |
- '!gh-pages' | |
jobs: | |
authui-test: | |
if: ${{ github.repository != 'oursky/authgear-server' }} | |
runs-on: ubuntu-24.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version-file: "./.tool-versions" | |
- run: npm ci | |
working-directory: ./authui | |
- name: Run npm audit | |
env: | |
AUDIT_LEVEL: ${{ vars.NPM_AUDIT_LEVEL }} | |
run: | | |
if [ -z "${AUDIT_LEVEL}" ]; then | |
npm audit | |
else | |
npm audit --audit-level="${AUDIT_LEVEL}" | |
fi | |
working-directory: ./authui | |
if: ${{ !cancelled() }} | |
- run: npm run typecheck | |
working-directory: ./authui | |
if: ${{ !cancelled() }} | |
- run: npm run eslint | |
working-directory: ./authui | |
if: ${{ !cancelled() }} | |
- run: npm run stylelint | |
working-directory: ./authui | |
if: ${{ !cancelled() }} | |
- run: npm run prettier | |
working-directory: ./authui | |
if: ${{ !cancelled() }} | |
- run: npm run test | |
working-directory: ./authui | |
if: ${{ !cancelled() }} | |
- run: make check-tidy | |
working-directory: ./authui | |
if: ${{ !cancelled() }} | |
- run: npm run build | |
working-directory: ./authui | |
if: ${{ !cancelled() }} | |
- run: npm run ensure-reproducible-build | |
working-directory: ./authui | |
if: ${{ !cancelled() }} | |
- run: npm run browserslist-coverage-lint | |
working-directory: ./authui | |
if: ${{ !cancelled() }} | |
portal-test: | |
if: ${{ github.repository != 'oursky/authgear-server' }} | |
runs-on: ubuntu-24.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: ./.github/actions/install-native-deps | |
- uses: actions/setup-node@v4 | |
with: | |
node-version-file: "./.tool-versions" | |
- run: npm ci | |
working-directory: ./portal | |
- name: Run npm audit | |
env: | |
AUDIT_LEVEL: ${{ vars.NPM_AUDIT_LEVEL }} | |
run: | | |
if [ -z "${AUDIT_LEVEL}" ]; then | |
npm audit | |
else | |
npm audit --audit-level="${AUDIT_LEVEL}" | |
fi | |
working-directory: ./portal | |
if: ${{ !cancelled() }} | |
- run: npm run typecheck | |
working-directory: ./portal | |
if: ${{ !cancelled() }} | |
- run: npm run eslint | |
working-directory: ./portal | |
if: ${{ !cancelled() }} | |
- run: npm run stylelint | |
working-directory: ./portal | |
if: ${{ !cancelled() }} | |
- run: npm run prettier | |
working-directory: ./portal | |
if: ${{ !cancelled() }} | |
- run: npm run test | |
working-directory: ./portal | |
if: ${{ !cancelled() }} | |
- run: npm run gentype | |
working-directory: ./portal | |
if: ${{ !cancelled() }} | |
- run: make check-tidy | |
working-directory: ./portal | |
if: ${{ !cancelled() }} | |
- run: npm run build | |
working-directory: ./portal | |
if: ${{ !cancelled() }} | |
- run: npm run ensure-reproducible-build | |
working-directory: ./portal | |
if: ${{ !cancelled() }} | |
- run: npm run browserslist-coverage-lint | |
working-directory: ./portal | |
if: ${{ !cancelled() }} | |
portal-image: | |
if: ${{ github.repository != 'oursky/authgear-server' }} | |
runs-on: ubuntu-24.04 | |
needs: portal-test | |
env: | |
TARGET: portal | |
IMAGE_NAME: authgear-portal | |
steps: | |
- uses: actions/checkout@v4 | |
- run: make build-image TARGET=$TARGET IMAGE_NAME=$IMAGE_NAME | |
- run: make tag-image IMAGE_NAME=$IMAGE_NAME | |
- name: docker login | |
if: ${{ github.repository == 'authgear/authgear-server' && github.event_name == 'push' }} | |
env: | |
DOCKER_USERNAME: ${{ secrets.QUAY_USERNAME }} | |
DOCKER_PASSWORD: ${{ secrets.QUAY_ROBOT_TOKEN }} | |
run: | | |
printf "$DOCKER_PASSWORD" | docker login --password-stdin --username "$DOCKER_USERNAME" quay.io | |
- run: make push-image IMAGE_NAME=$IMAGE_NAME | |
if: ${{ github.repository == 'authgear/authgear-server' && github.event_name == 'push' }} | |
- name: docker logout | |
if: ${{ always() }} | |
run: | | |
docker logout quay.io | |
authgear-test: | |
if: ${{ github.repository != 'oursky/authgear-server' }} | |
runs-on: ubuntu-24.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: ./.github/actions/install-native-deps | |
- uses: actions/setup-go@v4 | |
with: | |
go-version-file: "./go.mod" | |
- uses: actions/setup-node@v4 | |
with: | |
node-version-file: "./.tool-versions" | |
- run: make vendor | |
- run: make check-dockerignore | |
if: ${{ !cancelled() }} | |
- run: make govulncheck | |
if: ${{ !cancelled() }} | |
# We cannot enable this until we move to mjml@5 | |
# https://github.com/mjmlio/mjml/issues/2589 | |
#- run: npm audit | |
# working-directory: ./scripts/npm | |
# if: ${{ !cancelled() }} | |
- run: make ensure-important-modules-up-to-date | |
if: ${{ !cancelled() }} | |
- run: make lint | |
if: ${{ !cancelled() }} | |
- run: make test | |
if: ${{ !cancelled() }} | |
- run: make fmt | |
if: ${{ !cancelled() }} | |
- run: make check-tidy | |
if: ${{ !cancelled() }} | |
authgear-e2e: | |
if: ${{ github.repository != 'oursky/authgear-server' }} | |
runs-on: ubuntu-24.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: ./.github/actions/install-native-deps | |
- uses: actions/setup-go@v4 | |
with: | |
go-version-file: "./go.mod" | |
- run: make vendor | |
# Cache docker images | |
- run: mkdir -p ~/.cache/images | |
- id: cache-docker-images | |
uses: actions/cache@v3 | |
with: | |
path: ~/.cache/images | |
key: ${{ runner.os }}-e2e-docker-images | |
continue-on-error: true | |
env: | |
SEGMENT_DOWNLOAD_TIMEOUT_MINS: 5 | |
- name: Load docker image cache | |
if: ${{ steps.cache-docker-images.outputs.cache-hit == 'true' }} | |
run: | | |
set -x | |
for image in $(grep 'image: ' ./e2e/docker-compose.yaml | awk '{ print $2 }'); do | |
safe_image_name=$(echo -n "$image" | tr '/:' '_') | |
docker load -i ~/.cache/images/"$safe_image_name".tar || true | |
done | |
- run: make -C e2e ci | |
if: ${{ !cancelled() }} | |
env: | |
COMPOSE_INTERACTIVE_NO_CLI: 1 | |
- name: Save docker image cache | |
run: | | |
set -x | |
for image in $(grep 'image: ' ./e2e/docker-compose.yaml | awk '{ print $2 }'); do | |
safe_image_name=$(echo -n "$image" | tr '/:' '_') | |
docker save "$image" -o ~/.cache/images/"$safe_image_name".tar | |
done | |
authgear-image: | |
if: ${{ github.repository != 'oursky/authgear-server' }} | |
runs-on: ubuntu-24.04 | |
needs: ["authgear-test", "authui-test"] | |
env: | |
TARGET: authgear | |
IMAGE_NAME: authgear-server | |
steps: | |
- uses: actions/checkout@v4 | |
- run: make build-image TARGET=$TARGET IMAGE_NAME=$IMAGE_NAME | |
- run: make tag-image IMAGE_NAME=$IMAGE_NAME | |
- name: docker login | |
if: ${{ github.repository == 'authgear/authgear-server' && github.event_name == 'push' }} | |
env: | |
DOCKER_USERNAME: ${{ secrets.QUAY_USERNAME }} | |
DOCKER_PASSWORD: ${{ secrets.QUAY_ROBOT_TOKEN }} | |
run: | | |
printf "$DOCKER_PASSWORD" | docker login --password-stdin --username "$DOCKER_USERNAME" quay.io | |
- run: make push-image IMAGE_NAME=$IMAGE_NAME | |
if: ${{ github.repository == 'authgear/authgear-server' && github.event_name == 'push' }} | |
- name: docker logout | |
if: ${{ always() }} | |
run: | | |
docker logout quay.io | |
release: | |
if: ${{ github.repository != 'oursky/authgear-server' }} | |
runs-on: ubuntu-24.04 | |
needs: ["portal-test", "authgear-test"] | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: ./.github/actions/install-native-deps | |
- uses: actions/setup-go@v4 | |
with: | |
go-version-file: "./go.mod" | |
- uses: actions/setup-node@v4 | |
with: | |
node-version-file: "./.tool-versions" | |
- run: make vendor | |
- run: make binary | |
- uses: oursky/action-gh-release@v2 | |
if: ${{ github.repository == 'authgear/authgear-server' && startsWith(github.ref, 'refs/tags/') && !startsWith(github.ref, 'refs/tags/staging-') }} | |
with: | |
draft: true | |
files: | | |
./dist/* |