OIDC Keycloak support #107
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: E2E Tests | |
| on: | |
| workflow_dispatch: | |
| issue_comment: | |
| types: [created] | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| issues: write | |
| checks: write | |
| jobs: | |
| check-comment: | |
| if: ${{ false && github.event_name == 'issue_comment' && github.event.issue.pull_request && contains(github.event.comment.body, '/test e2e') }} | |
| runs-on: ubuntu-latest | |
| outputs: | |
| should-run: ${{ steps.check-permissions.outputs.result }} | |
| ref: ${{ steps.get-ref.outputs.ref }} | |
| steps: | |
| - name: Check if commenter has permissions | |
| id: check-permissions | |
| uses: actions/github-script@v7 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| result-encoding: string | |
| script: | | |
| const { owner, repo } = context.repo; | |
| const issue_number = context.issue.number; | |
| const commenter = context.payload.comment.user.login; | |
| // Check if commenter is the PR author | |
| const { data: pr } = await github.rest.pulls.get({ | |
| owner, | |
| repo, | |
| pull_number: issue_number | |
| }); | |
| const isPRAuthor = commenter === pr.user.login; | |
| // Check if commenter is a repository maintainer | |
| const { data: permission } = await github.rest.repos.getCollaboratorPermissionLevel({ | |
| owner, | |
| repo, | |
| username: commenter | |
| }); | |
| const isMaintainer = ['admin', 'maintain', 'write'].includes(permission.permission); | |
| return (isPRAuthor || isMaintainer) ? 'true' : 'false'; | |
| - name: Get PR branch reference | |
| id: get-ref | |
| if: steps.check-permissions.outputs.result == 'true' | |
| uses: actions/github-script@v7 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| result-encoding: string | |
| script: | | |
| const { owner, repo } = context.repo; | |
| const issue_number = context.issue.number; | |
| const { data: pr } = await github.rest.pulls.get({ | |
| owner, | |
| repo, | |
| pull_number: issue_number | |
| }); | |
| return pr.head.ref; | |
| - name: Add reaction to comment | |
| if: steps.check-permissions.outputs.result == 'true' | |
| uses: actions/github-script@v7 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| script: | | |
| const { owner, repo } = context.repo; | |
| try { | |
| await github.rest.reactions.createForIssueComment({ | |
| owner, | |
| repo, | |
| comment_id: context.payload.comment.id, | |
| content: 'rocket' | |
| }); | |
| } catch (error) { | |
| console.log('Unable to add reaction, continuing workflow:', error); | |
| } | |
| - name: Notify if permission denied | |
| if: steps.check-permissions.outputs.result != 'true' | |
| uses: actions/github-script@v7 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| script: | | |
| const { owner, repo } = context.repo; | |
| await github.rest.issues.createComment({ | |
| owner, | |
| repo, | |
| issue_number: context.issue.number, | |
| body: '⚠️ Only PR authors and repository maintainers can trigger E2E tests.' | |
| }); | |
| try { | |
| await github.rest.reactions.createForIssueComment({ | |
| owner, | |
| repo, | |
| comment_id: context.payload.comment.id, | |
| content: '-1' | |
| }); | |
| } catch (error) { | |
| console.log('Unable to add reaction, continuing workflow:', error); | |
| } | |
| pr-check: | |
| if: ${{ false && github.event_name == 'pull_request' }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Create pending check | |
| uses: actions/github-script@v7 | |
| id: create-check | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| script: | | |
| const { owner, repo } = context.repo; | |
| const { data: check } = await github.rest.checks.create({ | |
| owner, | |
| repo, | |
| name: 'E2E Tests', | |
| head_sha: context.payload.pull_request.head.sha, | |
| status: 'completed', | |
| conclusion: 'neutral', | |
| output: { | |
| title: 'E2E Tests', | |
| summary: 'To run E2E tests, comment `/test e2e` on this PR' | |
| } | |
| }); | |
| return check.id; | |
| e2e-test: | |
| if: ${{ false && needs.check-comment.outputs.should-run == 'true' }} | |
| needs: [check-comment] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Create in-progress check | |
| uses: actions/github-script@v7 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| script: | | |
| const { owner, repo } = context.repo; | |
| const issue_number = context.issue.number; | |
| // Get the PR details to get the HEAD SHA | |
| const { data: pr } = await github.rest.pulls.get({ | |
| owner, | |
| repo, | |
| pull_number: issue_number | |
| }); | |
| // Create a check run | |
| await github.rest.checks.create({ | |
| owner, | |
| repo, | |
| name: 'E2E Tests', | |
| head_sha: pr.head.sha, | |
| status: 'in_progress', | |
| output: { | |
| title: 'E2E Tests', | |
| summary: 'Running E2E tests...' | |
| } | |
| }); | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| with: | |
| ref: ${{ needs.check-comment.outputs.ref }} | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: "1.23" | |
| cache: true | |
| - name: Add hostname entry | |
| run: sudo echo "127.0.0.1 redpanda-test" | sudo tee -a /etc/hosts | |
| - name: Create client directory structure | |
| run: mkdir -p test/e2e/internal/client | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Install dev dependencies | |
| run: make dev-deps | |
| - name: Install Swagger CLI | |
| run: | | |
| go install github.com/swaggo/swag/cmd/swag@latest | |
| go install github.com/go-swagger/go-swagger/cmd/swagger@latest | |
| - name: Generate Swagger docs | |
| run: make swagger | |
| - name: Generate E2E client | |
| run: make e2e-client | |
| - name: Run E2E tests | |
| id: e2e-tests | |
| run: make e2e-test | |
| continue-on-error: true | |
| - name: Update check with results | |
| if: always() | |
| uses: actions/github-script@v7 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| script: | | |
| const { owner, repo } = context.repo; | |
| const issue_number = context.issue.number; | |
| // Get the PR details to get the HEAD SHA | |
| const { data: pr } = await github.rest.pulls.get({ | |
| owner, | |
| repo, | |
| pull_number: issue_number | |
| }); | |
| const testsPassed = '${{ steps.e2e-tests.outcome }}' === 'success'; | |
| // Update the check run | |
| await github.rest.checks.create({ | |
| owner, | |
| repo, | |
| name: 'E2E Tests', | |
| head_sha: pr.head.sha, | |
| status: 'completed', | |
| conclusion: testsPassed ? 'success' : 'failure', | |
| output: { | |
| title: testsPassed ? 'E2E Tests Passed' : 'E2E Tests Failed', | |
| summary: testsPassed ? | |
| '✅ All E2E tests passed successfully!' : | |
| '❌ Some E2E tests failed. Check the logs for details.' | |
| } | |
| }); | |
| - name: Notify completion | |
| uses: actions/github-script@v7 | |
| if: always() | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| script: | | |
| const { owner, repo } = context.repo; | |
| const status = '${{ steps.e2e-tests.outcome }}' === 'success' ? '✅ passed' : '❌ failed'; | |
| await github.rest.issues.createComment({ | |
| owner, | |
| repo, | |
| issue_number: context.issue.number, | |
| body: `E2E tests ${status}. [View Run](${process.env.GITHUB_SERVER_URL}/${process.env.GITHUB_REPOSITORY}/actions/runs/${process.env.GITHUB_RUN_ID})` | |
| }); |