Skip to content

feat: support android webauthn origins #5058

feat: support android webauthn origins

feat: support android webauthn origins #5058

Workflow file for this run

name: CI
on:
push:
branches:
- master
tags:
- "*"
pull_request:
# Cancel in-progress runs in current workflow.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
sdk-generate:
name: Generate SDKs
runs-on: ubuntu-latest
steps:
- uses: ory/ci/sdk/generate@master
with:
token: ${{ secrets.ORY_BOT_PAT }}
test:
name: Run tests and lints
runs-on: ubuntu-latest
needs:
- sdk-generate
services:
postgres:
image: postgres:14
env:
POSTGRES_DB: postgres
POSTGRES_PASSWORD: test
POSTGRES_USER: test
ports:
- 5432:5432
mysql:
image: mysql:8.0
env:
MYSQL_ROOT_PASSWORD: test
ports:
- 3306:3306
env:
TEST_MAILHOG_SMTP: "smtp://test:[email protected]:1025/?disable_starttls=true"
TEST_MAILHOG_API: http://127.0.0.1:8025
TEST_SELFSERVICE_OIDC_HYDRA_ADMIN: http://localhost:4445
TEST_SELFSERVICE_OIDC_HYDRA_PUBLIC: http://localhost:4444
TEST_SELFSERVICE_OIDC_HYDRA_INTEGRATION_ADDR: http://127.0.0.1:4499
TEST_DATABASE_POSTGRESQL: "postgres://test:test@localhost:5432/postgres?sslmode=disable"
TEST_DATABASE_MYSQL: "mysql://root:test@(localhost:3306)/mysql?parseTime=true&multiStatements=true"
TEST_DATABASE_COCKROACHDB: "cockroach://root@localhost:26257/defaultdb?sslmode=disable"
steps:
- run: |
docker create --name cockroach -p 26257:26257 \
cockroachdb/cockroach:v22.2.6 start-single-node --insecure
docker start cockroach
name: Start CockroachDB
- run: |
docker create --name mailhog -p 8025:8025 -p 1025:1025 \
mailhog/mailhog:v1.0.0 \
MailHog -invite-jim -jim-linkspeed-affect=0.25 -jim-reject-auth=0.25 -jim-reject-recipient=0.25 -jim-reject-sender=0.25 -jim-disconnect=0.25 -jim-linkspeed-min=1250 -jim-linkspeed-max=12500
docker start mailhog
name: Start MailHog
- run: |
docker create --name hydra -p 4445:4445 -p 4444:4444 \
-e DSN=memory \
-e URLS_SELF_ISSUER=http://localhost:4444/ \
-e URLS_LOGIN=http://localhost:4499/login \
-e URLS_CONSENT=http://localhost:4499/consent \
-e LOG_LEAK_SENSITIVE_VALUES=true \
-e SECRETS_SYSTEM=someverylongsecretthatis32byteslong \
oryd/hydra:v2.2.0@sha256:6c0f9195fe04ae16b095417b323881f8c9008837361160502e11587663b37c09 serve all --dev
docker start hydra
docker logs -f hydra &> /tmp/hydra.log &
name: Start Hydra
- uses: ory/ci/checkout@master
with:
fetch-depth: 2
- uses: actions/setup-go@v4
with:
go-version: "1.23"
- run: go list -json > go.list
- name: Run nancy
uses: sonatype-nexus-community/[email protected]
with:
nancyVersion: v1.0.42
- run: npm install
name: Install node deps
- name: Run golangci-lint
uses: golangci/golangci-lint-action@v6
env:
GOGC: 100
with:
args: --timeout 10m0s
version: v1.61.0
- name: Build Kratos
run: make install
- name: Run go-acc (tests)
run: make test-coverage
- name: Submit to Codecov
run: |
bash <(curl -s https://codecov.io/bash)
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
test-e2e:
name: Run end-to-end tests
runs-on: ubuntu-latest
needs:
- sdk-generate
services:
postgres:
image: postgres:14
env:
POSTGRES_DB: postgres
POSTGRES_PASSWORD: test
POSTGRES_USER: test
ports:
- 5432:5432
mysql:
image: mysql:8.0
env:
MYSQL_ROOT_PASSWORD: test
ports:
- 3306:3306
mailslurper:
image: oryd/mailslurper:latest-smtps
ports:
- 4436:4436
- 4437:4437
- 1025:1025
env:
TEST_DATABASE_POSTGRESQL: "postgres://test:test@localhost:5432/postgres?sslmode=disable"
TEST_DATABASE_MYSQL: "mysql://root:test@(localhost:3306)/mysql?parseTime=true&multiStatements=true"
TEST_DATABASE_COCKROACHDB: "cockroach://root@localhost:26257/defaultdb?sslmode=disable"
strategy:
fail-fast: false
matrix:
database: ["postgres", "cockroach", "sqlite", "mysql"]
steps:
- uses: actions/setup-node@v3
with:
node-version: 16
- run: |
docker create --name cockroach -p 26257:26257 \
cockroachdb/cockroach:v22.2.6 start-single-node --insecure
docker start cockroach
name: Start CockroachDB
- uses: browser-actions/setup-chrome@latest
name: Install Chrome
# - uses: browser-actions/setup-firefox@latest
# name: Install Firefox
# - uses: browser-actions/setup-geckodriver@latest
# name: Install Geckodriver
# with:
# geckodriver-version: 0.32.0
- uses: ory/ci/checkout@master
with:
fetch-depth: 2
- run: |
npm ci
cd test/e2e; npm ci
npm i -g expo-cli
name: Install node deps
- run: |
sudo apt-get install -y moreutils gettext
name: Install tools
- name: Setup Go
uses: actions/setup-go@v4
with:
go-version: "1.23"
- name: Install selfservice-ui-react-native
uses: actions/checkout@v3
with:
repository: ory/kratos-selfservice-ui-react-native
path: react-native-ui
- run: |
cd react-native-ui
npm install
- name: Install selfservice-ui-node
uses: actions/checkout@v3
with:
repository: ory/kratos-selfservice-ui-node
path: node-ui
- run: |
cd node-ui
npm install --legacy-peer-deps
- name: Install selfservice-ui-react-nextjs
uses: actions/checkout@v3
with:
repository: ory/kratos-selfservice-ui-react-nextjs
path: react-ui
- run: |
cd react-ui
npm ci
- run: |
echo 'RN_UI_PATH='"$(realpath react-native-ui)" >> $GITHUB_ENV
echo 'NODE_UI_PATH='"$(realpath node-ui)" >> $GITHUB_ENV
echo 'REACT_UI_PATH='"$(realpath react-ui)" >> $GITHUB_ENV
- name: "Run Cypress tests"
run: ./test/e2e/run.sh ${{ matrix.database }}
env:
RN_UI_PATH: react-native-ui
NODE_UI_PATH: node-ui
REACT_UI_PATH: react-ui
CYPRESS_RECORD_KEY: ${{ secrets.CYPRESS_RECORD_KEY }}
- if: failure()
uses: actions/upload-artifact@v4
with:
name: cypress-${{ matrix.database }}-logs
path: test/e2e/*.e2e.log
test-e2e-playwright:
name: Run Playwright end-to-end tests
runs-on: ubuntu-latest
needs:
- sdk-generate
services:
postgres:
image: postgres:14
env:
POSTGRES_DB: postgres
POSTGRES_PASSWORD: test
POSTGRES_USER: test
ports:
- 5432:5432
mysql:
image: mysql:8.0
env:
MYSQL_ROOT_PASSWORD: test
ports:
- 3306:3306
mailslurper:
image: oryd/mailslurper:latest-smtps
ports:
- 4436:4436
- 4437:4437
- 1025:1025
env:
TEST_DATABASE_POSTGRESQL: "postgres://test:test@localhost:5432/postgres?sslmode=disable"
TEST_DATABASE_MYSQL: "mysql://root:test@(localhost:3306)/mysql?parseTime=true&multiStatements=true"
TEST_DATABASE_COCKROACHDB: "cockroach://root@localhost:26257/defaultdb?sslmode=disable"
strategy:
fail-fast: false
matrix:
database: ["postgres", "cockroach", "sqlite", "mysql"]
steps:
- uses: actions/setup-node@v3
with:
node-version: 16
- run: |
docker create --name cockroach -p 26257:26257 \
cockroachdb/cockroach:v22.2.6 start-single-node --insecure
docker start cockroach
name: Start CockroachDB
- uses: ory/ci/checkout@master
with:
fetch-depth: 2
- run: |
npm ci
cd test/e2e; npm ci
npx playwright install --with-deps
npm i -g expo-cli
name: Install node deps
- run: |
sudo apt-get install -y moreutils gettext
name: Install tools
- name: Setup Go
uses: actions/setup-go@v4
with:
go-version: "1.23"
- run: go build -tags sqlite,json1 .
- name: Install selfservice-ui-react-native
uses: actions/checkout@v3
with:
repository: ory/kratos-selfservice-ui-react-native
path: react-native-ui
- run: |
cd react-native-ui
npm install
- name: Install selfservice-ui-node
uses: actions/checkout@v3
with:
repository: ory/kratos-selfservice-ui-node
path: node-ui
- run: |
cd node-ui
npm install --legacy-peer-deps
- name: Install selfservice-ui-react-nextjs
uses: actions/checkout@v3
with:
repository: ory/kratos-selfservice-ui-react-nextjs
path: react-ui
- run: |
cd react-ui
npm ci
- run: |
echo 'RN_UI_PATH='"$(realpath react-native-ui)" >> $GITHUB_ENV
echo 'NODE_UI_PATH='"$(realpath node-ui)" >> $GITHUB_ENV
echo 'REACT_UI_PATH='"$(realpath react-ui)" >> $GITHUB_ENV
- name: "Set up environment"
run: test/e2e/run.sh --only-setup
- name: "Run Playwright tests"
run: |
cd test/e2e
npm run playwright
env:
DB: ${{ matrix.database }}
RN_UI_PATH: react-native-ui
NODE_UI_PATH: node-ui
REACT_UI_PATH: react-ui
- if: failure()
uses: actions/upload-artifact@v4
with:
name: playwright-${{ matrix.database }}-logs
path: test/e2e/*.e2e.log
- if: failure()
uses: actions/upload-artifact@v4
with:
name: playwright-test-results-${{ matrix.database }}-${{ github.sha }}
path: |
test/e2e/test-results/
test/e2e/playwright-report/
docs-cli:
runs-on: ubuntu-latest
name: Build CLI docs
needs:
- test
steps:
- uses: ory/ci/docs/cli-next@master
with:
token: ${{ secrets.ORY_BOT_PAT }}
arg: "."
output-dir: docs/kratos
changelog:
name: Generate changelog
runs-on: ubuntu-latest
if: ${{ github.ref_type == 'tag' || github.ref_name == 'master' }}
needs:
- test
- test-e2e
steps:
- uses: ory/ci/changelog@master
with:
token: ${{ secrets.ORY_BOT_PAT }}
sdk-release:
name: Release SDKs
runs-on: ubuntu-latest
if: ${{ github.ref_type == 'tag' }}
needs:
- test
- test-e2e
- sdk-generate
- release
steps:
- uses: ory/ci/sdk/release@master
with:
token: ${{ secrets.ORY_BOT_PAT }}
swag-spec-location: "spec/api.json"
release:
name: Generate release
runs-on: ubuntu-latest
if: ${{ github.ref_type == 'tag' }}
needs:
- test
- test-e2e
- changelog
steps:
- uses: ory/ci/releaser@master
with:
token: ${{ secrets.ORY_BOT_PAT }}
goreleaser_key: ${{ secrets.GORELEASER_KEY }}
cosign_pwd: ${{ secrets.COSIGN_PWD }}
docker_username: ${{ secrets.DOCKERHUB_USERNAME }}
docker_password: ${{ secrets.DOCKERHUB_PASSWORD }}
render-version-schema:
name: Render version schema
runs-on: ubuntu-latest
if: ${{ github.ref_type == 'tag' }}
needs:
- release
steps:
- uses: ory/ci/releaser/render-version-schema@master
with:
token: ${{ secrets.ORY_BOT_PAT }}
schema-path: .schemastore/config.schema.json
newsletter-draft:
name: Draft newsletter
runs-on: ubuntu-latest
if: ${{ github.ref_type == 'tag' }}
needs:
- release
steps:
- uses: ory/ci/newsletter@master
with:
mailchimp_list_id: f605a41b53
mailchmip_segment_id: 6479477
mailchimp_api_key: ${{ secrets.MAILCHIMP_API_KEY }}
draft: "true"
ssh_key: ${{ secrets.ORY_BOT_SSH_KEY }}
slack-approval-notification:
name: Pending approval Slack notification
runs-on: ubuntu-latest
if: ${{ github.ref_type == 'tag' }}
needs:
- newsletter-draft
steps:
- uses: ory/ci/newsletter/slack-notify@master
with:
slack-webhook-url: ${{ secrets.SLACK_WEBHOOK_URL }}
newsletter-send:
name: Send newsletter
runs-on: ubuntu-latest
needs:
- newsletter-draft
if: ${{ github.ref_type == 'tag' }}
environment: production
steps:
- uses: ory/ci/newsletter@master
with:
mailchimp_list_id: f605a41b53
mailchmip_segment_id: 6479477
mailchimp_api_key: ${{ secrets.MAILCHIMP_API_KEY }}
draft: "false"
ssh_key: ${{ secrets.ORY_BOT_SSH_KEY }}