diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000..f7426449 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,253 @@ +name: CI + +on: + push: + branches: + - main + pull_request: + workflow_dispatch: + +env: + COMPOSER_HOME: ${{ github.workspace }}/.cache/composer + DEFAULT_PHP_VERSION: '8.1' + +jobs: +# php-checks: +# name: PHP checks +# runs-on: ubuntu-latest +# +# steps: +# - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 +# +# - uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 +# with: +# php-version: ${{ env.DEFAULT_PHP_VERSION }} +# tools: composer:72a8f8e653710e18d83e5dd531eb5a71fc3223e6 # v2.9.5 +# +# - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 +# with: +# path: .cache/composer +# key: composer-${{ hashFiles('composer.lock') }} +# +# - run: composer install +# +# - name: codeStyle +# run: make test-php-style +# +# - name: phpStan +# run: make test-php-phpstan +# +# - name: phpPhan +# run: make test-php-phan +# +# php-unit-tests-without-coverage: +# name: php unit tests ${{ matrix.php-version}} without coverage +# runs-on: ubuntu-latest +# strategy: +# fail-fast: false +# matrix: +# php-version : ['8.1', '8.2', '8.3'] +# +# steps: +# - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 +# +# - uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 +# with: +# php-version: ${{ matrix.php-version }} +# tools: composer:72a8f8e653710e18d83e5dd531eb5a71fc3223e6 # v2.9.5 +# coverage: xdebug +# +# - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 +# with: +# path: .cache/composer +# key: composer-${{ hashFiles('composer.lock') }} +# +# - run: composer install +# +# - name: unitTests-${{ matrix.php-version }} +# run: make test-php-unit +# +# php-unit-tests-with-coverage: +# name: php unit tests ${{ matrix.php-version}} with coverage +# runs-on: ubuntu-latest +# strategy: +# fail-fast: false +# matrix: +# php-version : ['8.1', '8.2', '8.3'] +# +# steps: +# - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 +# +# - uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 +# with: +# php-version: ${{ matrix.php-version }} +# tools: composer:72a8f8e653710e18d83e5dd531eb5a71fc3223e6 # v2.9.5 +# coverage: xdebug +# +# - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 +# with: +# path: .cache/composer +# key: composer-${{ hashFiles('composer.lock') }} +# +# - run: composer install +# +# - name: unitTests-${{ matrix.php-version }} +# run: make test-php-unit +# +# - name: coverage rename +# run: mv tests/output/clover.xml tests/output/clover-unitTests-${{ matrix.php-version }}.xml +# +# - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 +# with: +# name: coverage-unitTests-${{ matrix.php-version }} +# path: tests/output/clover-unitTests-${{ matrix.php-version }}.xml +# +# docs: +# name: docs +# runs-on: ubuntu-latest +# +# steps: +# - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 +# +# - uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 +# with: +# php-version: ${{ env.DEFAULT_PHP_VERSION }} +# tools: composer:72a8f8e653710e18d83e5dd531eb5a71fc3223e6 # v2.9.5 +# coverage: none +# +# - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 +# with: +# path: .cache/composer +# key: composer-${{ hashFiles('composer.lock') }} +# +# - run: composer install +# +# - name: docs generate +# uses: docker://phpdoc/phpdoc:3 +# +# - name: publish api docs +# uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0 +# if: github.event_name != 'pull_request' +# with: +# github_token: ${{ secrets.GITHUB_TOKEN }} +# publish_dir: docs +# publish_branch: docs +# force_orphan: true +# +# - name: compile docs hugo +# run: | +# mkdir docs-hugo +# cat docs-hugo-header.md README.md > docs-hugo/_index.md +# +# - name: publish docs hugo +# uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0 +# if: github.event_name != 'pull_request' +# with: +# github_token: ${{ secrets.GITHUB_TOKEN }} +# publish_dir: docs-hugo +# publish_branch: docs-hugo +# force_orphan: true + + build-ocis: + name: buildOcis + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + branch: ['master', 'stable'] + + steps: + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + + - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 + with: + go-version: '1.25' + + - uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320 # v5.0.0 + with: + version: '9.15.9' + + - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 + with: + node-version: '20' + + - name: clone ocis ${{ matrix.branch }} + run: | + source .drone.env + + if [ "${{ matrix.branch }}" = "master" ]; then + ocis_commit_id="$OCIS_COMMITID" + ocis_branch="$OCIS_BRANCH" + else + ocis_commit_id="$OCIS_STABLE_COMMITID" + ocis_branch="$OCIS_STABLE_BRANCH" + fi + + git clone -b "$ocis_branch" --single-branch https://github.com/owncloud/ocis.git repo_ocis + cd repo_ocis + git checkout "$ocis_commit_id" + + - name: generate ocis ${{ matrix.branch }} + working-directory: repo_ocis + run: make ci-node-generate + + - name: build ocis ${{ matrix.branch }} + working-directory: repo_ocis/ocis + run: | + make build + cp bin/ocis ${{ github.workspace }} + + - name: build ociswrapper + run: | + make -C repo_ocis/tests/ociswrapper build + cp repo_ocis/tests/ociswrapper/bin/ociswrapper ${{ github.workspace }}/ + + - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + with: + name: ocis-bin-${{ matrix.branch }} + path: | + ${{ github.workspace }}/ocis + ${{ github.workspace }}/ociswrapper + + php-integration-tests: + name: php integration tests ${{ matrix.php-version}} ${{ matrix.branch }} + runs-on: ubuntu-latest + needs: build-ocis + strategy: + fail-fast: false + matrix: + php-version: ['8.1', '8.2', '8.3'] + branch: ['master', 'stable'] + + steps: + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + + - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 + with: + go-version: '1.25' + + - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 + with: + name: ocis-bin-${{ matrix.branch }} + path: ${{ github.workspace }} + + - name: ocis + env: + OCIS_URL: "https://ocis:9200" + OCIS_LOG_LEVEL: "error" + IDM_ADMIN_PASSWORD: "admin" # override the random admin password from `ocis init` + PROXY_AUTOPROVISION_ACCOUNTS: "true" + PROXY_ROLE_ASSIGNMENT_DRIVER: "oidc" + OCIS_OIDC_ISSUER: "http://keycloak:8080/realms/oCIS" + PROXY_OIDC_REWRITE_WELLKNOWN: "true" + WEB_OIDC_CLIENT_ID: "web" + PROXY_USER_OIDC_CLAIM: "preferred_username" + PROXY_USER_CS3_CLAIM: "username" + OCIS_ADMIN_USER_ID: "" + OCIS_EXCLUDE_RUN_SERVICES: "idp" + GRAPH_ASSIGN_DEFAULT_USER_ROLE: "false" + GRAPH_USERNAME_MATCH: "none" + run: | + chmod +x ${{ github.workspace }}/ocis ${{ github.workspace }}/ociswrapper + ${{ github.workspace }}/ocis init --insecure true + ${{ github.workspace }}/ociswrapper serve --bin ${{ github.workspace }}/ocis --url ${{ env.OCIS_URL }}