Conformance Checks #1118
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Conformance Checks | |
on: | |
push: | |
branches: [main] | |
pull_request: | |
branches: [main] | |
schedule: | |
- cron: '47 11 * * 1' | |
workflow_dispatch: | |
jobs: | |
build: | |
uses: panva/.github/.github/workflows/build-conformance-suite.yml@main | |
run: | |
runs-on: ubuntu-latest | |
needs: | |
- build | |
strategy: | |
fail-fast: false | |
matrix: | |
setup: | |
# Core 1.0 response_type=code | |
- plan: oidcc-client-basic-certification-test-plan | |
# Core 1.0 response_type=code id_token | |
- plan: oidcc-client-hybrid-certification-test-plan | |
# Comprehensive Core 1.0 client test | |
- plan: oidcc-client-test-plan | |
- plan: oidcc-client-test-plan | |
variant: | |
response_type: code id_token | |
# Financial-grade API Security Profile 1.0 - Part 2: Advanced | |
- plan: fapi1-advanced-final-client-test-plan | |
variant: | |
client_auth_type: 'private_key_jwt' | |
- plan: fapi1-advanced-final-client-test-plan | |
variant: | |
client_auth_type: 'mtls' | |
- plan: fapi1-advanced-final-client-test-plan | |
variant: | |
fapi_response_mode: 'plain_response' | |
fapi_auth_request_method: 'by_value' | |
# FAPI 2.0 Security Profile ID2 | |
- plan: fapi2-security-profile-id2-client-test-plan | |
variant: | |
client_auth_type: 'private_key_jwt' | |
sender_constrain: 'dpop' | |
- plan: fapi2-security-profile-id2-client-test-plan | |
variant: | |
client_auth_type: 'private_key_jwt' | |
sender_constrain: 'mtls' | |
- plan: fapi2-security-profile-id2-client-test-plan | |
variant: | |
client_auth_type: 'mtls' | |
sender_constrain: 'dpop' | |
- plan: fapi2-security-profile-id2-client-test-plan | |
variant: | |
client_auth_type: 'mtls' | |
sender_constrain: 'mtls' | |
# FAPI 2.0 Message Signing ID1 | |
- plan: fapi2-message-signing-id1-client-test-plan | |
- plan: fapi2-message-signing-id1-client-test-plan | |
variant: | |
fapi_client_type: 'plain_oauth' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Load Cached Conformance Suite Build | |
uses: actions/cache@v4 | |
id: cache | |
with: | |
path: ./conformance-suite | |
key: ${{ needs.build.outputs.cache-key }} | |
fail-on-cache-miss: true | |
- name: Run Conformance Suite | |
working-directory: ./conformance-suite | |
run: | | |
docker compose -f docker-compose-dev.yml up -d | |
while ! curl -skfail https://localhost.emobix.co.uk:8443/api/runner/available >/dev/null; do sleep 2; done | |
- name: Setup node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: lts/* | |
cache: 'npm' | |
- run: npm clean-install | |
- name: npm run conformance | |
run: | | |
set -o pipefail | |
npm run conformance | tee capture.txt | |
env: | |
NODE_TLS_REJECT_UNAUTHORIZED: 0 | |
SUITE_BASE_URL: https://localhost.emobix.co.uk:8443 | |
PLAN_NAME: ${{ matrix.setup.plan }} | |
VARIANT: ${{ toJSON(matrix.setup.variant) }} | |
- run: node ./conformance/.parse-logs.mjs capture.txt | |
- name: Upload test artifacts | |
id: artifact-upload-step | |
uses: actions/upload-artifact@v4 | |
with: | |
path: | | |
*.zip | |
*.txt | |
name: conformance results idx(${{ strategy.job-index }}) | |
if-no-files-found: error | |
if: ${{ always() }} | |
- if: ${{ success() }} | |
run: | | |
echo "### [:tada:](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}/artifacts/${{ steps.artifact-upload-step.outputs.artifact-id }})" >> $GITHUB_STEP_SUMMARY | |
- if: ${{ failure() }} | |
run: | | |
echo "### [:exclamation:](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}/artifacts/${{ steps.artifact-upload-step.outputs.artifact-id }})" >> $GITHUB_STEP_SUMMARY |