mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 12:37:00 +01:00
Code Issues Actions 16 Packages Projects Releases Wiki Activity

fixing up the integration script (#2392)

Browse source
This commit is contained in:
James Hodgkinson 2023-12-28 08:46:47 +10:00 committed by GitHub
parent 83727b21c7
commit 0e50451715
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 28 additions and 38 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
.github/workflows/debian_package_kanidm.yml vendored
View file

@ -18,12 +18,14 @@ jobs:
strategy: strategy:
matrix: matrix:
image: image:
- ubuntu:22.04 - name: ubuntu
- debian:12 version: 22.04
- name: debian
version: 12
fail-fast: false fail-fast: false
runs-on: ubuntu-latest runs-on: ubuntu-latest
container: container:
image: ${{ matrix.image }} image: "${{ matrix.image.name }}:${{ matrix.image.version }}"
env: env:
DEBIAN_FRONTEND: noninteractive DEBIAN_FRONTEND: noninteractive
steps: steps:
@ -45,10 +47,11 @@ jobs:
run: cargo install wasm-pack run: cargo install wasm-pack
- name: Build packages (kanidm-unixd) - name: Build packages (kanidm-unixd)
run: make -f platform/debian/Makefile debs/kanidm-unixd run: make -f platform/debian/Makefile debs/kanidm-unixd
- name: Upload debs - name: Upload debs
uses: actions/upload-artifact@v4 uses: actions/upload-artifact@v4
with: with:
name: ubuntu-packages name: "${{ matrix.image.name }}${{ matrix.image.version }}"
path: | path: |
target/*.deb target/*.deb
upload-to-releases: upload-to-releases:
@ -59,19 +62,17 @@ jobs:
name: Upload to releases name: Upload to releases
needs: build-deb-package needs: build-deb-package
runs-on: ubuntu-latest runs-on: ubuntu-latest
if: ${{ github.ref == 'refs/heads/master' && github.repository == 'kanidm/kanidm' }}
steps: steps:
- name: Download previously built debs - name: Download previously built debs
uses: actions/download-artifact@v4 uses: actions/download-artifact@v4
with:
name: ubuntu-packages
- name: List packages - name: List packages
run: | run: |
ls find $(pwd) -name '*.deb'
- uses: "marvinpinto/action-automatic-releases@latest" - uses: "marvinpinto/action-automatic-releases@latest"
with: with:
repo_token: "${{ secrets.GITHUB_TOKEN }}" repo_token: "${{ secrets.GITHUB_TOKEN }}"
automatic_release_tag: "debs" automatic_release_tag: "debs"
prerelease: true prerelease: true
title: ".deb Packages" title: ".deb Packages"
files: "*.deb" files: "*.deb"
if: ${{ github.ref == 'refs/heads/master' && github.repository == 'kanidm/kanidm' }}

2
.github/workflows/kanidm_individual_book.yml vendored
View file

@ -80,7 +80,7 @@ jobs:
# https://github.com/actions/upload-artifact # https://github.com/actions/upload-artifact
uses: actions/upload-artifact@v4 uses: actions/upload-artifact@v4
with: with:
name: individual name: "individual${{inputs.tag }}"
path: ${{inputs.tag }}.tar.gz path: ${{inputs.tag }}.tar.gz
env: env:
ACTIONS_RUNNER_DEBUG: true ACTIONS_RUNNER_DEBUG: true

45
scripts/setup_dev_environment.sh
View file

@ -83,76 +83,65 @@ if [ "${REMOVE_TEST_DB}" -eq 1 ]; then
rm /tmp/kanidm/kanidm.db || true rm /tmp/kanidm/kanidm.db || true
fi fi
echo "Resetting the admin user..." IDM_ADMIN_USER="idm_admin@localhost"
${KANIDMD} recover-account admin -o json 2>&1
ADMIN_PASS_STR="$(${KANIDMD} recover-account admin -o json 2>&1)"
ADMIN_PASS=$(echo "${ADMIN_PASS_STR}" | rg password | jq -r .password)
if [ -z "${ADMIN_PASS}" ] || [ "${ADMIN_PASS}" == "null " ]; then
echo "Failed to reset admin password!"
echo "${ADMIN_PASS_STR}"
exit 1
fi
echo "admin pass: '${ADMIN_PASS}'"
echo "Resetting the idm_admin user..." echo "Resetting the idm_admin user..."
IDM_ADMIN_PASS=$(${KANIDMD} recover-account idm_admin -o json 2>&1 | rg password | jq -r .password) IDM_ADMIN_PASS=$(${KANIDMD} recover-account idm_admin -o json 2>&1 | rg password | jq -r .password)
if [ -z "${IDM_ADMIN_PASS}" ] || [ "${IDM_ADMIN_PASS}" == "null " ]; then if [ -z "${IDM_ADMIN_PASS}" ] || [ "${IDM_ADMIN_PASS}" == "null " ]; then
echo "Failed to reset admin password!" echo "Failed to reset idm_admin password!"
exit 1 exit 1
fi fi
echo "idm_admin pass: '${IDM_ADMIN_PASS}'" echo "idm_admin pass: '${IDM_ADMIN_PASS}'"
echo "login with admin"
${KANIDM} login -D admin --password "${ADMIN_PASS}"
echo "login with idm_admin" echo "login with idm_admin"
${KANIDM} login -D idm_admin --password "${IDM_ADMIN_PASS}" ${KANIDM} login -D "${IDM_ADMIN_USER}" --password "${IDM_ADMIN_PASS}"
# create group test_users # create group test_users
${KANIDM} group create "${TEST_GROUP}" -D idm_admin ${KANIDM} group create "${TEST_GROUP}" -D "${IDM_ADMIN_USER}"
# create testuser (person) # create testuser (person)
${KANIDM} person create "${TEST_USER_NAME}" "${TEST_USER_DISPLAY}" -D idm_admin ${KANIDM} person create "${TEST_USER_NAME}" "${TEST_USER_DISPLAY}" -D "${IDM_ADMIN_USER}"
echo "Adding ${TEST_USER_NAME} to ${TEST_GROUP}" echo "Adding ${TEST_USER_NAME} to ${TEST_GROUP}"
${KANIDM} group add-members "${TEST_GROUP}" "${TEST_USER_NAME}" -D idm_admin ${KANIDM} group add-members "${TEST_GROUP}" "${TEST_USER_NAME}" -D "${IDM_ADMIN_USER}"
echo "Enable experimental UI for admin idm_admin ${TEST_USER_NAME}" echo "Enable experimental UI for admin idm_admin ${TEST_USER_NAME}"
${KANIDM} group add-members idm_ui_enable_experimental_features admin idm_admin "${TEST_USER_NAME}" -D idm_admin ${KANIDM} group add-members idm_ui_enable_experimental_features "${IDM_ADMIN_USER}" "${TEST_USER_NAME}" -D "${IDM_ADMIN_USER}"
# create oauth2 rp for kanidm.com # create oauth2 rp for kanidm.com
echo "Creating the kanidm.com OAuth2 RP" echo "Creating the kanidm.com OAuth2 RP"
${KANIDM} system oauth2 create "kanidm_com" "Kanidm.com" "https://kanidm.com" -D admin ${KANIDM} system oauth2 create "kanidm_com" "Kanidm.com" "https://kanidm.com" -D "${IDM_ADMIN_USER}"
echo "Creating the kanidm.com OAuth2 RP Scope Map" echo "Creating the kanidm.com OAuth2 RP Scope Map"
${KANIDM} system oauth2 update-scope-map "kanidm_com" "${TEST_GROUP}" openid -D admin ${KANIDM} system oauth2 update-scope-map "kanidm_com" "${TEST_GROUP}" openid -D "${IDM_ADMIN_USER}"
echo "Creating the kanidm.com OAuth2 RP Supplemental Scope Map" echo "Creating the kanidm.com OAuth2 RP Supplemental Scope Map"
${KANIDM} system oauth2 update-sup-scope-map "kanidm_com" "${TEST_GROUP}" admin -D admin ${KANIDM} system oauth2 update-sup-scope-map "kanidm_com" "${TEST_GROUP}" admin -D "${IDM_ADMIN_USER}"
# create oauth2 rp for localhost:10443 - for oauth2 proxy testing # create oauth2 rp for localhost:10443 - for oauth2 proxy testing
echo "Creating the ${OAUTH2_RP_ID} OAuth2 RP" echo "Creating the ${OAUTH2_RP_ID} OAuth2 RP"
${KANIDM} system oauth2 create "${OAUTH2_RP_ID}" "${OAUTH2_RP_DISPLAY}" "https://localhost:10443" -D admin ${KANIDM} system oauth2 create "${OAUTH2_RP_ID}" "${OAUTH2_RP_DISPLAY}" "https://localhost:10443" -D "${IDM_ADMIN_USER}"
echo "Creating the ${OAUTH2_RP_ID} OAuth2 RP Scope Map - Group ${TEST_GROUP}" echo "Creating the ${OAUTH2_RP_ID} OAuth2 RP Scope Map - Group ${TEST_GROUP}"
${KANIDM} system oauth2 update-scope-map "${OAUTH2_RP_ID}" "${TEST_GROUP}" openid -D admin ${KANIDM} system oauth2 update-scope-map "${OAUTH2_RP_ID}" "${TEST_GROUP}" openid -D "${IDM_ADMIN_USER}"
echo "Creating the ${OAUTH2_RP_ID} OAuth2 RP Supplemental Scope Map" echo "Creating the ${OAUTH2_RP_ID} OAuth2 RP Supplemental Scope Map"
${KANIDM} system oauth2 update-sup-scope-map "${OAUTH2_RP_ID}" "${TEST_GROUP}" admin -D admin ${KANIDM} system oauth2 update-sup-scope-map "${OAUTH2_RP_ID}" "${TEST_GROUP}" admin -D "${IDM_ADMIN_USER}"
echo "Creating the OAuth2 RP Secondary Supplemental Crab-baite Scope Map.... wait, no that's not a thing." echo "Creating the OAuth2 RP Secondary Supplemental Crab-baite Scope Map.... wait, no that's not a thing."
echo "Checking the OAuth2 RP Exists" echo "Checking the OAuth2 RP Exists"
${KANIDM} system oauth2 list -D admin | rg -A10 "${OAUTH2_RP_ID}" ${KANIDM} system oauth2 list -D "${IDM_ADMIN_USER}" | rg -A10 "${OAUTH2_RP_ID}"
# config auth2 # config auth2
echo "Pulling secret for the ${OAUTH2_RP_ID} OAuth2 RP" echo "Pulling secret for the ${OAUTH2_RP_ID} OAuth2 RP"
OAUTH2_SECRET="$(${KANIDM} system oauth2 show-basic-secret -o json "${OAUTH2_RP_ID}" -D admin)" OAUTH2_SECRET="$(${KANIDM} system oauth2 show-basic-secret -o json "${OAUTH2_RP_ID}" -D "${IDM_ADMIN_USER}")"
echo "${OAUTH2_SECRET}" echo "${OAUTH2_SECRET}"
echo "Creating cred reset link for ${TEST_USER_NAME}" echo "Creating cred reset link for ${TEST_USER_NAME}"
${KANIDM} person credential create-reset-token "${TEST_USER_NAME}" -D idm_admin ${KANIDM} person credential create-reset-token "${TEST_USER_NAME}" -D "${IDM_ADMIN_USER}"
echo "Done!" echo "Done!"
echo "###################################" echo "###################################"
echo "admin password: ${ADMIN_PASS}"
echo "idm_admin password: ${IDM_ADMIN_PASS}" echo "idm_admin password: ${IDM_ADMIN_PASS}"
echo "UI URL: ${KANIDM_URL}" echo "UI URL: ${KANIDM_URL}"
echo "OAuth2 RP ID: ${OAUTH2_RP_ID}" echo "OAuth2 RP ID: ${OAUTH2_RP_ID}"