Skip to content
Conformance Checks

Conformance Checks #9

Sign in to view logs

Conformance Checks

Conformance Checks #9

Workflow file for this run

.github/workflows/conformance.yml at 731b298
name: Conformance Checks
on:
push:
branches: [main]
pull_request:
branches: [main]
schedule:
- cron: '20 11 * * 1'
workflow_dispatch:
jobs:
build:
uses: panva/.github/.github/workflows/build-conformance-suite.yml@main
run:
runs-on: ubuntu-latest
needs:
- build
env:
NODE_TLS_REJECT_UNAUTHORIZED: 0
DEBUG: runner,moduleId*
SUITE_BASE_URL: https://localhost.emobix.co.uk:8443
PLAN_NAME: ${{ matrix.setup.plan }}
VARIANT: ${{ toJSON(matrix.setup) }}
strategy:
fail-fast: false
matrix:
setup:
# OIDC BASIC
- plan: oidcc-client-basic-certification-test-plan
# OIDC IMPLICIT
- plan: oidcc-client-implicit-certification-test-plan
# OIDC HYBRID
- plan: oidcc-client-hybrid-certification-test-plan
# OIDC CONFIG
- plan: oidcc-client-config-certification-test-plan
# OIDC DYNAMIC
# TODO: work around the request_uri lodging service EOL
# - plan: oidcc-client-dynamic-certification-test-plan
# FAPI 1.0 ID-2
- plan: fapi-rw-id2-client-test-plan
client_auth_type: mtls
- plan: fapi-rw-id2-client-test-plan
client_auth_type: private_key_jwt
# FAPI 1.0 Advanced Final
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: private_key_jwt
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: mtls
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: mtls
fapi_auth_request_method: pushed
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: private_key_jwt
fapi_auth_request_method: pushed
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: mtls
fapi_response_mode: jarm
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: private_key_jwt
fapi_response_mode: jarm
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: mtls
fapi_auth_request_method: pushed
fapi_response_mode: jarm
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: private_key_jwt
fapi_auth_request_method: pushed
fapi_response_mode: jarm
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: mtls
fapi_auth_request_method: pushed
fapi_response_mode: jarm
fapi_client_type: plain_oauth
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: mtls
fapi_response_mode: jarm
fapi_client_type: plain_oauth
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: private_key_jwt
fapi_auth_request_method: pushed
fapi_response_mode: jarm
fapi_client_type: plain_oauth
- plan: fapi1-advanced-final-client-test-plan
client_auth_type: private_key_jwt
fapi_response_mode: jarm
fapi_client_type: plain_oauth
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set Conformance Suite Version
run: |
export VERSION=($(curl --silent "https://gitlab.com/api/v4/projects/4175605/releases" | jq -r '.[0].tag_name'))
echo "VERSION=$VERSION" >> $GITHUB_ENV
- name: Load Cached Conformance Suite Build
uses: actions/cache@v3
id: cache
with:
path: ./conformance-suite
key: ${{ needs.build.outputs.cache-key }}
fail-on-cache-miss: true
- name: Run Conformance Suite
working-directory: ./conformance-suite
run: |
docker-compose -f docker-compose-dev.yml up -d
while ! curl -skfail https://localhost.emobix.co.uk:8443/api/runner/available >/dev/null; do sleep 2; done
- run: git clone --depth 1 --single-branch --branch main https://github.com/panva/openid-client-certification-suite.git runner
- uses: actions/setup-node@v4
with:
node-version: lts/iron # 20
cache: 'npm'
- run: npm clean-install
working-directory: ./runner
- run: npm install ${{ github.repository }}#${{ github.sha }}
working-directory: ./runner
- run: npm run test
working-directory: ./runner
- name: Upload test artifacts
uses: actions/upload-artifact@v3
with:
path: runner/export-*.zip
name: ${{ matrix.setup.plan }} failed html results
if-no-files-found: ignore
if: ${{ failure() }}
- name: Upload test logs
uses: actions/upload-artifact@v3
with:
if-no-files-found: warn
name: ${{ matrix.setup.plan }} runner logs
path: runner/logs/*.log
if: ${{ failure() }}