Skip to content

Bugfix/66602 keycloak access token is not refreshing properly #999

Bugfix/66602 keycloak access token is not refreshing properly

Bugfix/66602 keycloak access token is not refreshing properly #999

name: Test Docker Stack
on:
push:
branches:
- main
pull_request:
branches:
- main
jobs:
docker:
timeout-minutes: 20
runs-on: ubuntu-24.04
env:
# Overwrite dev.env to use http
PROXY_DEFAULT_ENTRYPOINTS: web
PROXY_DEFAULT_SCHEME: http
# Overwrite Addresses in dev.env
FRONTEND_ADDRESS: werkstatthub.docker.localhost
DOCS_ADDRESS: docs.werkstatthub.docker.localhost
KEYCLOAK_ADDRESS: keycloak.werkstatthub.docker.localhost
API_ADDRESS: api.werkstatthub.docker.localhost
DOCS_BUILD_WITH_PDF: 0
COMPOSE_PROFILES: full
steps:
# Setup environment
- name: Checkout
uses: actions/checkout@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
if: ${{ !env.ACT }}
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{github.actor}}
password: ${{secrets.GITHUB_TOKEN}}
- name: Install Python Development package (only ACT)
if: ${{ env.ACT }}
run: sudo apt-get update && sudo apt-get install python3-dev -y
- name: Setup python venv
run: python3 -m venv .venv
- name: Install python dependecies
run: |
source .venv/bin/activate
pip3 install -r requirements.txt
deactivate
# Tag Containers
- name: Build containers and save cache (only on main)
if: ${{ github.ref_name == 'main' && github.ref_type == 'branch'}}
run: |
docker compose \
--env-file=dev.env \
-f docker-compose.yml \
-f cache-from-override.yml \
-f cache-to-override.yml \
build
- name: Build containers (other than main)
if: ${{ github.ref_name != 'main' && github.ref_type == 'branch'}}
run: |
docker compose \
--env-file=dev.env \
-f docker-compose.yml \
-f cache-from-override.yml \
build
# Start Containers
- name: Start containers and wait for healthy state
run: |
docker compose \
--env-file=dev.env \
-f docker-compose.yml \
-f cache-from-override.yml \
up -d --wait
# Wait for Traefik to generate routes
- name: Proxy setup delay
run: sleep 10s
# Test API
- name: Check if API is healthy
run: |
curl -fs -o /dev/null -w 'http_code:%{http_code}' \
$PROXY_DEFAULT_SCHEME://$API_ADDRESS/v1/health/ping \
|| exit 1
- name: Check for strict-transport-security header
run: |
curl -sIX GET $PROXY_DEFAULT_SCHEME://$API_ADDRESS/v1/health/ping \
| grep -iq "strict-transport-security" \
|| exit 1
- name: Run pytest
run: |
source .venv/bin/activate
pytest ./api
deactivate
# Test documentation
- name: Check if documentation is reachable
run: |
curl -fs -o /dev/null -w 'http_code:%{http_code}' \
$PROXY_DEFAULT_SCHEME://$DOCS_ADDRESS \
|| exit 1
# Test MongoDB
- name: Check if MongoDB is reachable
run: |
curl -fs -o /dev/null -w 'http_code:%{http_code}' \
http://localhost:27017 \
|| exit 1
# Test Nautilus
- name: Check if Nautilus is reachable
run: |
curl -fs -o /dev/null -w 'http_code:%{http_code}' \
http://localhost:3000/health \
|| exit 1
# Test Keycloak
- name: Check if Keycloak is healthy
run: |
curl -fs -o /dev/null -w 'http_code:%{http_code}' \
$PROXY_DEFAULT_SCHEME://$KEYCLOAK_ADDRESS/health/live \
|| exit 1
# Test Frontend
- name: Check if Frontend is reachable
run: |
curl -fs -o /dev/null -w 'http_code:%{http_code}' \
$PROXY_DEFAULT_SCHEME://$FRONTEND_ADDRESS \
|| exit 1
# Clean up
- name: Stop containers
if: always()
run: docker compose --env-file=dev.env down -v