Merge branch 'dev' of github.com:bcgov/sso-keycloak into k6config

bcgov · Sep 22, 2023 · 4d41887 · 4d41887
2 parents 050998e + 3a6ebb7
commit 4d41887
Show file tree

Hide file tree

Showing 183 changed files with 12,461 additions and 2,058 deletions.
diff --git a/.github/ISSUE_TEMPLATE/silver-custom-gold-custom-request.yml b/.github/ISSUE_TEMPLATE/silver-custom-gold-custom-request.yml
@@ -39,25 +39,9 @@ body:
       label: Silver custom realm name
       description: Please pick your SILVER custom realm name from the list below
       options:
-        - ff09qn3f
-        - 4qjrpzzl
-        - v4mbqqas
-        - jxoe2o46
-        - umafubc9 & tml5tvs
-        - cp1qly2d
-        - 5k8dbl4h
-        - gzyg46lx
-        - 8gyaubg & devhub& kq56c126
-        - fcf0kpqr & fygf50pt
-        - vtkayq4c
-        - kmas316h
-        - 3nwwef1
-        - 4piqfpfu
-        - gde0rjxl & secimg
-        - digitaltrust
-        - g7v0xlf4
-        - jbd6rnxw
-        - rzh2zkjq
+        - tz0e228w
+        - sbtyffu4
+        - ezb8kej4
     validations:
       required: true
   - type: input

diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml
@@ -6,11 +6,11 @@ jobs:
   pre-commit:
     runs-on: ubuntu-20.04
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Install asdf
         uses: asdf-vm/actions/setup@v1
       - name: Cache tools
-        uses: actions/cache@v2
+        uses: actions/cache@v3
         with:
           path: |
             /home/runner/.asdf
@@ -26,10 +26,11 @@ jobs:
           pip install -r requirements.txt
           asdf reshim
           pre-commit run --color=always --show-diff-on-failure --all-files
+
   commitlint:
     runs-on: ubuntu-20.04
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           fetch-depth: 0
-      - uses: wagoid/commitlint-github-action@v2
+      - uses: wagoid/commitlint-github-action@v5
diff --git a/.github/workflows/publish-image-backup-storage-test.yml b/.github/workflows/publish-image-backup-storage-test.yml
@@ -15,7 +15,7 @@ env:
 
 jobs:
   build-and-push-image:
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-20.04
     permissions:
       contents: read
       packages: write

diff --git a/.github/workflows/publish-image-kc-cron-job.yml b/.github/workflows/publish-image-kc-cron-job.yml
@@ -24,7 +24,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       - name: Log in to the GitHub Container registry
         uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9

diff --git a/.github/workflows/publish-image-keycloak-dev.yml b/.github/workflows/publish-image-keycloak-dev.yml
@@ -0,0 +1,65 @@
+name: Create and publish Keycloak Docker image - Dev
+
+on:
+  push:
+    branches:
+      - 'dev'
+
+env:
+  GITHUB_REGISTRY: ghcr.io
+  REDHAT_REGISTRY: registry.redhat.io
+  IMAGE_NAME: bcgov/sso
+
+jobs:
+  build-and-push-image:
+    runs-on: ubuntu-20.04
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Log in to the GitHub Container registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.GITHUB_REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Log in to the REDHAT Container registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REDHAT_REGISTRY }}
+          username: ${{ secrets.REDHAT_USERNAME }}
+          password: ${{ secrets.REDHAT_PASSWORD }}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Cache Docker layers
+        uses: actions/cache@v2
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-buildx-
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v3
+        with:
+          context: docker/keycloak
+          push: true
+          tags: ${{ env.GITHUB_REGISTRY }}/${{env.IMAGE_NAME}}:dev
+          file: docker/keycloak/Dockerfile-${{ startsWith(github.ref, 'refs/tags/7.4-37') && '7.4-37' || '7.6' }}
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new
+
+        # Temp fix
+        # https://github.com/docker/build-push-action/issues/252
+        # https://github.com/moby/buildkit/issues/1896
+      - name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
diff --git a/.github/workflows/siteminder-fetch-attributes.yml b/.github/workflows/siteminder-fetch-attributes.yml
@@ -0,0 +1,43 @@
+name: Run script to fetch SAML attributes
+
+on: workflow_dispatch
+
+jobs:
+  run-siteminder-script:
+    name: Fetch Attributes from SAML Response
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Check out repository
+        uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 16
+      - name: Generate env file
+        run: |
+          cd ${{ github.workspace }}/cy-siteminder-tests
+          echo "${{ secrets.SITEMINDER_TESTS_ENV }}" | base64 --decode > .env
+      - name: Set up docker buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Cache docker layers
+        uses: actions/cache@v3
+        with:
+          path: /tmp/.buildx-test-cache
+          key: ${{ runner.os }}-buildx-test-${{ github.sha }}
+          restore-keys: ${{ runner.os }}-buildx-test-
+      - name: Build docker image
+        uses: docker/build-push-action@v3
+        with:
+          context: cy-siteminder-tests/
+          push: false
+          load: true
+          tags: siteminder-tests
+          cache-from: type=local,src=/tmp/.buildx-test-cache
+          cache-to: type=local,dest=/tmp/.buildx-test-cache-new
+      - name: Move cache
+        run: |
+          rm -rf /tmp/.buildx-test-cache
+          mv /tmp/.buildx-test-cache-new /tmp/.buildx-test-cache
+      - name: Run siteminder tests
+        run: |
+          cd ${{ github.workspace }}/cy-siteminder-tests
+          docker run --rm -v $(pwd)/results:/e2e/results siteminder-tests cy:run:attrs
diff --git a/.github/workflows/siteminder-tests.yml b/.github/workflows/siteminder-tests.yml
@@ -6,36 +6,22 @@ on:
       environment:
         description: 'Environment under test'
         required: true
-        default: 'prod'
+        default: 'PROD'
         type: choice
-        options: ['dev', 'test', 'prod']
+        options: ['DEV', 'TEST', 'PROD']
       cluster:
         description: 'OCP'
         required: true
-        default: 'gold'
+        default: 'GOLD'
         type: choice
-        options: ['silver', 'gold']
+        options: ['GOLD', 'SILVER']
 jobs:
-  matrix-prep:
-    name: Generate matrix
-    runs-on: ubuntu-20.04
-    outputs:
-      datacenters: ${{ steps.set-matrix.outputs.datacenters }}
-      hostname: ${{ steps.set-matrix.outputs.hostname }}
-    steps:
-      - name: Fetch environment specific parameters
-        id: set-matrix
-        run: |
-          datacenters=$(echo "${{ secrets.SITEMINDER_TESTS_DATACENTERS }}" | jq '."${{ github.event.inputs.environment }}".datacenters')
-          hostname=$(echo "${{ secrets.SITEMINDER_TESTS_DATACENTERS }}" | jq -r '."${{ github.event.inputs.environment }}".hostname')
-          echo ::set-output name=datacenters::{\"include\":$(echo $datacenters)}
-          echo ::set-output name=hostname::$(echo "$hostname")
-
   run-siteminder-tests:
+    name: ${{ matrix.name }}
     runs-on: ubuntu-20.04
-    needs: matrix-prep
     strategy:
-      matrix: ${{ fromJson(needs.matrix-prep.outputs.datacenters) }}
+      matrix:
+        name: ['KAMLOOPS', 'CALGARY']
       max-parallel: 1
     steps:
       - name: Check out repository
@@ -45,20 +31,20 @@ jobs:
           node-version: 16
       - name: Generate env file
         run: |
-          cd ${{ github.workspace }}/siteminder-tests
+          cd ${{ github.workspace }}/cy-siteminder-tests
           echo "${{ secrets.SITEMINDER_TESTS_ENV }}" | base64 --decode > .env
       - name: Set up docker buildx
         uses: docker/setup-buildx-action@v2
       - name: Cache docker layers
-        uses: actions/cache@v2
+        uses: actions/cache@v3
         with:
           path: /tmp/.buildx-test-cache
           key: ${{ runner.os }}-buildx-test-${{ github.sha }}
           restore-keys: ${{ runner.os }}-buildx-test-
       - name: Build docker image
         uses: docker/build-push-action@v3
         with:
-          context: siteminder-tests/
+          context: cy-siteminder-tests/
           push: false
           load: true
           tags: siteminder-tests
@@ -69,24 +55,26 @@ jobs:
           rm -rf /tmp/.buildx-test-cache
           mv /tmp/.buildx-test-cache-new /tmp/.buildx-test-cache
       - name: Run siteminder tests
+        env:
+          HOST_ENTRY: ${{ github.event.inputs.environment }}_IDIM_${{ matrix.name }}_HOST
         run: |
-          cd ${{ github.workspace }}/siteminder-tests
+          cd ${{ github.workspace }}/cy-siteminder-tests
           docker run --rm -e ENVIRONMENT=${{ github.event.inputs.environment }} \
                           -e CLUSTER=${{ github.event.inputs.cluster }} \
-                          -v $(pwd)/results:/app/results \
-                          --add-host=${{ needs.matrix-prep.outputs.hostname }}:${{ matrix.ip }} \
+                          -v $(pwd)/results:/e2e/results \
+                          --add-host=${{ secrets[env.HOST_ENTRY] }} \
                           siteminder-tests
       - name: Upload test results
         if: always()
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
-          name: ${{ github.event.inputs.cluster }}-${{ github.event.inputs.environment }}-${{ matrix.name }}-results
-          path: ${{ github.workspace }}/siteminder-tests/results
+          name: ${{ github.event.inputs.cluster }}-${{ github.event.inputs.environment }}-${{ matrix.name }}-RESULTS
+          path: ${{ github.workspace }}/cy-siteminder-tests/results
       - name: Rocket.Chat Notification
         if: failure()
         uses: fjogeleit/http-request-action@master
         with:
           url: ${{ secrets.SSO_ALERTS }}
           method: 'POST'
           customHeaders: '{"Content-Type": "application/json"}'
-          data: '{"text": "Siteminder Tests Failed! @junmin.ahn @jsharman  @Marco  @zorin.samji @nithinshekar.kuruba", "attachments": [{"color": "#FF0000","author_name": "${{ github.actor }}", "title": "Failed test", "title_link": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "text": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "fields": [{"title": "Environment", "value": "${{ github.event.inputs.environment }}", "short": false}, {"title": "Cluster", "value": "${{ github.event.inputs.cluster }}", "short": false}]}]}'
+          data: '{"text": "Siteminder Tests Failed! @jsharman  @jlanglois  @Marco  @zorin.samji @nithinshekar.kuruba", "attachments": [{"color": "#FF0000","author_name": "${{ github.actor }}", "title": "Failed test", "title_link": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "text": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", "fields": [{"title": "Environment", "value": "${{ github.event.inputs.environment }}", "short": false}, {"title": "Cluster", "value": "${{ github.event.inputs.cluster }}", "short": false}]}]}'
diff --git a/.gitignore b/.gitignore
@@ -50,3 +50,5 @@ docker/keycloak/extensions/services/target
 screen_shots
 saml_trace
 results
+screenshots
+mds.json
diff --git a/.tool-versions b/.tool-versions
@@ -1,5 +1,5 @@
-nodejs 14.14.0
-python 3.8.6
+nodejs 16.14.0
+python 3.11.0
 kubectl 1.24.2
 oc 4.7.5
 helm 3.8.2

diff --git a/CODEOWNERS b/CODEOWNERS
@@ -1,3 +1,3 @@
 # These owners will be the default owners for everything in
 # the repo. Unless a later match takes precedence.
-* @junminahn @NithinKuruba @thegentlemanphysicist @arcshiftsolutions
+* @NithinKuruba @thegentlemanphysicist @arcshiftsolutions
diff --git a/COMPLIANCE.yaml b/COMPLIANCE.yaml
@@ -0,0 +1,10 @@
+name: compliance
+description: |
+  This repository does not contain any production application codebase. When this changes we will update this file.
+spec:
+- name: PIA
+  status: not-required
+  last-updated: '2022-10-31'
+- name: STRA
+  status: not-required
+  last-updated: '2022-10-31'
diff --git a/siteminder-tests/.env.example → cy-siteminder-tests/.env.example b/siteminder-tests/.env.example → cy-siteminder-tests/.env.example
diff --git a/cy-siteminder-tests/.eslintrc.json b/cy-siteminder-tests/.eslintrc.json
@@ -0,0 +1,23 @@
+{
+  "parser": "@typescript-eslint/parser",
+  "parserOptions": {
+    "ecmaVersion": 12,
+    "sourceType": "module"
+  },
+  "plugins": ["cypress", "chai-friendly"],
+  "extends": ["plugin:cypress/recommended"],
+
+  "rules": {
+    "cypress/no-assigning-return-values": "error",
+    "cypress/no-unnecessary-waiting": "error",
+    "cypress/assertion-before-screenshot": "warn",
+    "cypress/no-force": "warn",
+    "cypress/no-async-tests": "error",
+    "cypress/no-pause": "error",
+    "no-unused-expressions": 0,
+    "chai-friendly/no-unused-expressions": 2
+  },
+  "env": {
+    "cypress/globals": true
+  }
+}
diff --git a/cy-siteminder-tests/.prettierrc b/cy-siteminder-tests/.prettierrc
@@ -0,0 +1,5 @@
+{
+  "semi": false,
+  "singleQuote": true,
+  "printWidth": 90
+}
diff --git a/siteminder-tests/.tool-versions → cy-siteminder-tests/.tool-versions b/siteminder-tests/.tool-versions → cy-siteminder-tests/.tool-versions
diff --git a/cy-siteminder-tests/Dockerfile b/cy-siteminder-tests/Dockerfile
@@ -0,0 +1,19 @@
+FROM cypress/base:16.18.0
+
+WORKDIR /e2e
+
+COPY *.json /e2e/
+
+ENV CI=1
+
+RUN npm install
+
+COPY cypress.config.ts /e2e/
+
+COPY .env /e2e/
+
+ADD cypress /e2e/cypress
+
+ENTRYPOINT ["npm", "run"]
+
+CMD ["cy:run"]