Skip to content

Switch to keycloak in authentication #1687

Switch to keycloak in authentication

Switch to keycloak in authentication #1687

Workflow file for this run

# This is a basic workflow to help you get started with Actions
name: apartment-application-service CI
on:
push:
branches: [main]
pull_request:
branches: [main]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
env:
SECRET_KEY: topsecret123
DATABASE_URL: postgres://postgres:postgres@localhost/apartment-application
OIKOTIE_VENDOR_ID: test
ELASTICSEARCH_VERSION: '7.9.1'
ELASTICSEARCH_HOST: localhost
ELASTICSEARCH_URL: http://localhost
APARTMENT_INDEX_NAME: test-apartment
PUBLIC_PGP_KEY: |
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGiBGDJ7egRBACtiOeDD28VV1rViZ0ondhlGdnfEDqgsuGnUPywfDb8h5B9bHxQ
cQj8NuygD9wBInx/H5eO4UkfBjQaUIaWBUSWiynyPfcicOdPOqEFiyliEmB3daqf
H74Tt9dMOaHj43rXal3URKtgiFa/foGa2H5oAXQMtLg8xOrFB/x/BiuBVwCg4dD9
eh/NKo1mSpD6BH3CGlCwdzkD/Re9dmg9lL0K1b+JCjzQ4xF5XzzfMX0dtW9zJbTj
pCjmIrv86FO1wWZq17pMvMStcu08slkMHa8XkIfslN+3CnMDKhBABBDakatKxfu+
5Ka7EQK0PAyGeG8qdqzrOBP97/ws91ymsgkQeBfYNPncbLTbIsI9N2dBUsL5XmoD
/ztzA/0VNNsp3jOD5OfPJ9IqW5WoCQgz0aX1zzzhwwR4MMVXwkXMenS+aVKOhVqu
e2xtA+ueYoR96oZzI/CzSS8/+li8WY5nnNbGRaYeQDtdkrmsMSnUGhfohZE/+S7J
PD4W+KEjYVHee9lpWngzQ5OL8QiwDT+CFeb+ExoBtLf7lLKnEbSMQXBhcnRtZW50
IEFwcGxpY2F0aW9uIFNlcnZpY2UgKFRlc3Qga2V5IGZvciBhcGFydG1lbnQgYXBw
bGljYXRpb24gc2VydmljZS4gTm90IGZvciBwcm9kdWN0aW9uIHVzZSEpIDxhcGFy
dG1lbnRfYXBwbGljYXRpb25fc2VydmljZUBoZWxzaW5raT6IfAQTEQIAPBYhBADC
erfH00QwdNYDkE4ComjeRsaUBQJgye3oAhsDBQsJCAcCAyICAQYVCgkICwIEFgID
AQIeBwIXgAAKCRBOAqJo3kbGlBQiAJwNdjAua7cpuV3f2qHXTDewO4hQDQCgtKiN
QnGOKTK4V36ZkjfcbuPQL2K5AQwEYMnt6BAEAJS4fy4zxq7PxJHE5eICfykvgJ3j
hw4IwHdHpoCbqc5Tjd7f14u8OWWCXhQJ8lcPPeeuEzNPqeRIefd6Y/XlBl+NoJCE
oiGaCh29PhN2G5MnVsUJjXOr7dZXjKucmHkiG1EZP1Ef98n/Z5CxeDcXqNuSow+Q
zTc8Q3fgTlNwaoDPAAMFA/dXidxWhIUpRCCBOK2tD5y2GGvum7sttfiLlJuK1ep4
5TZsfvxSDE941iXGmG3M+FcABQdqUrh0M9r/IW+i5B9MyKu/SQeBb7HnhVJSe27l
TxP9CHmOb2GtrvwkXjUn8/Vn1A36p8seEXIt+AKjEVktrMOtqlz51ZncijThL7y6
iGAEGBECACAWIQQAwnq3x9NEMHTWA5BOAqJo3kbGlAUCYMnt6AIbDAAKCRBOAqJo
3kbGlDPeAJ9zGF5H44WpF8P8FqA3rhHKaKT+XgCfQFgR78yp9qzhShwbKdpjcowW
vMc=
=WxtF
-----END PGP PUBLIC KEY BLOCK-----
PRIVATE_PGP_KEY: |
-----BEGIN PGP PRIVATE KEY BLOCK-----
lQG7BGDJ7egRBACtiOeDD28VV1rViZ0ondhlGdnfEDqgsuGnUPywfDb8h5B9bHxQ
cQj8NuygD9wBInx/H5eO4UkfBjQaUIaWBUSWiynyPfcicOdPOqEFiyliEmB3daqf
H74Tt9dMOaHj43rXal3URKtgiFa/foGa2H5oAXQMtLg8xOrFB/x/BiuBVwCg4dD9
eh/NKo1mSpD6BH3CGlCwdzkD/Re9dmg9lL0K1b+JCjzQ4xF5XzzfMX0dtW9zJbTj
pCjmIrv86FO1wWZq17pMvMStcu08slkMHa8XkIfslN+3CnMDKhBABBDakatKxfu+
5Ka7EQK0PAyGeG8qdqzrOBP97/ws91ymsgkQeBfYNPncbLTbIsI9N2dBUsL5XmoD
/ztzA/0VNNsp3jOD5OfPJ9IqW5WoCQgz0aX1zzzhwwR4MMVXwkXMenS+aVKOhVqu
e2xtA+ueYoR96oZzI/CzSS8/+li8WY5nnNbGRaYeQDtdkrmsMSnUGhfohZE/+S7J
PD4W+KEjYVHee9lpWngzQ5OL8QiwDT+CFeb+ExoBtLf7lLKnEQAAoKyc8fSyfvsN
lW+Q1V4d2k8x1wPfC/y0jEFwYXJ0bWVudCBBcHBsaWNhdGlvbiBTZXJ2aWNlIChU
ZXN0IGtleSBmb3IgYXBhcnRtZW50IGFwcGxpY2F0aW9uIHNlcnZpY2UuIE5vdCBm
b3IgcHJvZHVjdGlvbiB1c2UhKSA8YXBhcnRtZW50X2FwcGxpY2F0aW9uX3NlcnZp
Y2VAaGVsc2lua2k+iHwEExECADwWIQQAwnq3x9NEMHTWA5BOAqJo3kbGlAUCYMnt
6AIbAwULCQgHAgMiAgEGFQoJCAsCBBYCAwECHgcCF4AACgkQTgKiaN5GxpQUIgCc
DXYwLmu3Kbld39qh10w3sDuIUA0AoLSojUJxjikyuFd+mZI33G7j0C9inQExBGDJ
7egQBACUuH8uM8auz8SRxOXiAn8pL4Cd44cOCMB3R6aAm6nOU43e39eLvDllgl4U
CfJXDz3nrhMzT6nkSHn3emP15QZfjaCQhKIhmgodvT4TdhuTJ1bFCY1zq+3WV4yr
nJh5IhtRGT9RH/fJ/2eQsXg3F6jbkqMPkM03PEN34E5TcGqAzwADBQP3V4ncVoSF
KUQggTitrQ+cthhr7pu7LbX4i5SbitXqeOU2bH78UgxPeNYlxphtzPhXAAUHalK4
dDPa/yFvouQfTMirv0kHgW+x54VSUntu5U8T/Qh5jm9hra78JF41J/P1Z9QN+qfL
HhFyLfgCoxFZLazDrapc+dWZ3Io04S+8ugAA+gP5E4f6C5Jhj/ocVoNf/0nZi7/4
1a4K2OCfvt7OUkRkExCIYAQYEQIAIBYhBADCerfH00QwdNYDkE4ComjeRsaUBQJg
ye3oAhsMAAoJEE4ComjeRsaUM94An3MYXkfjhakXw/wWoDeuEcpopP5eAJ9AWBHv
zKn2rOFKHBsp2mNyjBa8xw==
=OOZq
-----END PGP PRIVATE KEY BLOCK-----
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
check:
runs-on: ubuntu-latest
strategy:
matrix:
part: [requirements, style, lint, migrations]
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: '3.8'
cache: 'pip'
cache-dependency-path: requirements-dev.txt
- name: Install app requirements
run: pip install -r requirements.txt
if: ${{ matrix.part == 'migrations' }}
- name: Install development tools
run: pip install -r requirements-dev.txt
- name: Check requirements files
if: ${{ matrix.part == 'requirements' }}
run: ./check-requirements-files
- name: Check code style
if: ${{ matrix.part == 'style' }}
run: black --check .
- name: Linting
if: ${{ matrix.part == 'lint' }}
run: |
flake8
isort . --check-only --diff
- name: Check migrations
if: ${{ matrix.part == 'migrations' }}
env:
DATABASE_URL: "sqlite:///"
run: |
./manage.py makemigrations --no-input --dry-run
./manage.py makemigrations --no-input --check
test:
runs-on: ubuntu-latest
strategy:
matrix:
python: [3.8, 3.9]
services:
postgres:
image: postgres:12
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: apartment-application
ports:
- 5432:5432
# needed because the postgres container does not provide a healthcheck
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup Python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: ${{ matrix.python }}
cache: 'pip'
cache-dependency-path: requirements*.txt
- name: Update apt packages
run: sudo apt-get update
- name: psycopg2 prerequisites
run: sudo apt-get install libpq-dev
- name: Install poppler-utils for pdftotext # used in tests
run: sudo apt-get install poppler-utils
- name: Install dependencies
run: |
pip install -U pip
pip install codecov -r requirements.txt -r requirements-dev.txt
# https://github.com/marketplace/actions/setup-elasticsearch
- name: Configure sysctl limits
run: |
sudo swapoff -a
sudo sysctl -w vm.swappiness=1
sudo sysctl -w fs.file-max=262144
sudo sysctl -w vm.max_map_count=262144
- uses: getong/[email protected]
with:
elasticsearch version: ${{env.ELASTICSEARCH_VERSION}}
host port: 9200
container port: 9200
host node port: 9300
node port: 9300
discovery type: 'single-node'
- name: Run migrations
run: |
./manage.py migrate
- name: Run tests
run: |
pytest -ra -vvv --doctest-modules --cov=.
- name: Run codecov
run: codecov