-
-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Switch from Ant build to Maven and add GitHub Actions CI #18
base: master
Are you sure you want to change the base?
Changes from all commits
c9138a5
b5892ed
89cdc24
ec01352
1b4b623
19f5d29
b88e6aa
ca52802
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
name: CI | ||
on: [push, pull_request] | ||
jobs: | ||
build: | ||
name: Build and Test (${{ matrix.os }} / OpenJDK ${{ matrix.jdk }}) | ||
strategy: | ||
fail-fast: true | ||
matrix: | ||
jdk: ['8'] | ||
os: [ubuntu-latest] | ||
runs-on: ${{ matrix.os }} | ||
steps: | ||
- uses: actions/checkout@v3 | ||
- name: Set up JDK ${{ matrix.jdk }} | ||
uses: actions/setup-java@v3 | ||
with: | ||
java-version: ${{ matrix.jdk }} | ||
distribution: 'temurin' | ||
- name: Cache Maven packages | ||
uses: actions/cache@v3 | ||
with: | ||
path: ~/.m2 | ||
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | ||
restore-keys: ${{ runner.os }}-m2 | ||
- name: Maven Build | ||
run: mvn clean package -DskipTests | ||
- name: Test | ||
run: mvn verify |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,2 @@ | ||
build/ | ||
.* | ||
target/ | ||
!.gitignore |
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,108 @@ | ||
<?xml version="1.0"?> | ||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | ||
|
||
<modelVersion>4.0.0</modelVersion> | ||
|
||
<parent> | ||
<groupId>org.exist-db</groupId> | ||
<artifactId>exist-apps-parent</artifactId> | ||
<version>1.12.0</version> | ||
<relativePath/> | ||
</parent> | ||
|
||
<groupId>org.exist-db.apps</groupId> | ||
<artifactId>existdb-saml-xquery</artifactId> | ||
<version>1.7.0-SNAPSHOT</version> | ||
|
||
|
||
<name>eXist-db SAML XQuery</name> | ||
<description>SAML v2.0 Implementation in XQuery</description> | ||
<url>https://github.com/eXist-db/existdb-saml</url> | ||
|
||
<scm> | ||
<url>https://github.com/eXist-db/existdb-saml.git</url> | ||
<connection>scm:git:https://github.com/eXist-db/existdb-saml.git</connection> | ||
<developerConnection>scm:git:https://github.com/eXist-db/existdb-saml.git</developerConnection> | ||
</scm> | ||
|
||
<properties> | ||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> | ||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> | ||
|
||
<!-- used in the EXPath Package Descriptor --> | ||
<package-name>http://exist-db.org/apps/exsaml</package-name> | ||
|
||
<exist.version>6.0.1</exist.version> | ||
|
||
<exist.saml.username>exsaml</exist.saml.username> | ||
<exist.saml.library.path>/db/system/repo/${project.artifactId}-${project.version}</exist.saml.library.path> | ||
|
||
</properties> | ||
|
||
<build> | ||
<resources> | ||
<resource> | ||
<directory>src/main/xar-resources</directory> | ||
<filtering>false</filtering> | ||
</resource> | ||
<resource> | ||
<directory>src/main/xar-resources-filtered</directory> | ||
<filtering>true</filtering> | ||
</resource> | ||
</resources> | ||
|
||
<testResources> | ||
<testResource> | ||
<directory>src/test/resources</directory> | ||
<filtering>false</filtering> | ||
</testResource> | ||
<testResource> | ||
<directory>src/test/resources-filtered</directory> | ||
<filtering>true</filtering> | ||
</testResource> | ||
</testResources> | ||
|
||
<plugins> | ||
<plugin> | ||
<groupId>org.apache.maven.plugins</groupId> | ||
<artifactId>maven-dependency-plugin</artifactId> | ||
</plugin> | ||
|
||
<plugin> | ||
<groupId>ro.kuberam.maven.plugins</groupId> | ||
<artifactId>kuberam-expath-plugin</artifactId> | ||
<executions> | ||
<execution> | ||
<id>create-xar</id> | ||
<phase>package</phase> | ||
<goals> | ||
<goal>make-xar</goal> | ||
</goals> | ||
<configuration> | ||
<descriptor>xar-assembly.xml</descriptor> | ||
<finalName>${package-final-name}</finalName> | ||
</configuration> | ||
</execution> | ||
</executions> | ||
</plugin> | ||
<plugin> | ||
<groupId>org.apache.maven.plugins</groupId> | ||
<artifactId>maven-gpg-plugin</artifactId> | ||
<configuration> | ||
<useAgent>true</useAgent> | ||
</configuration> | ||
</plugin> | ||
<plugin> | ||
<groupId>org.apache.maven.plugins</groupId> | ||
<artifactId>maven-release-plugin</artifactId> | ||
<configuration> | ||
<mavenExecutorId>forked-path </mavenExecutorId> | ||
<!-- avoid a bug with GPG plugin hanging http://jira.codehaus.org/browse/MGPG-9 --> | ||
<autoVersionSubmodules>true</autoVersionSubmodules> | ||
<tagNameFormat>@{project.version}</tagNameFormat> | ||
</configuration> | ||
</plugin> | ||
</plugins> | ||
</build> | ||
|
||
</project> |
This file was deleted.
This file was deleted.
This file was deleted.
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
xquery version "3.1"; | ||
|
||
import module namespace sm = "http://exist-db.org/xquery/securitymanager"; | ||
import module namespace xmldb = "http://exist-db.org/xquery/xmldb"; | ||
|
||
(: the target collection into which the app is deployed :) | ||
declare variable $target external; | ||
|
||
declare variable $saml-user-name := "${exist.saml.username}"; | ||
declare variable $saml-request-ids-collection-name := "saml-request-ids"; | ||
declare variable $saml-request-ids-collection-path := $target || "/" || $saml-request-ids-collection-name; | ||
declare variable $saml-request-ids-collection-uri := xs:anyURI($saml-request-ids-collection-path); | ||
|
||
let $_ := | ||
if (fn:not(xmldb:collection-available($saml-request-ids-collection-path))) | ||
then | ||
xmldb:create-collection($target, $saml-request-ids-collection-name) | ||
else() | ||
return | ||
let $_ := sm:chmod($saml-request-ids-collection-uri, "rwxr-x---") | ||
return | ||
sm:chown($saml-request-ids-collection-uri, $saml-user-name || ":" || $saml-user-name) |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
xquery version "3.1"; | ||
|
||
import module namespace sm = "http://exist-db.org/xquery/securitymanager"; | ||
|
||
declare variable $saml-user-name := "${exist.saml.username}"; | ||
|
||
(: Create the default 'exsaml' user account :) | ||
if (fn:not(sm:user-exists($saml-user-name))) | ||
then | ||
sm:create-account($saml-user-name, $saml-user-name, (), "existdb-saml", "existdb-saml-xquery SAML Authentication Account") | ||
else() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not happy with this PR, and tend to disapprove.
First, this is a rather big change that replaces build system "ant" with build system "maven", without explaining what this change improves. "I need a better build system" is a bit vague.
I understand your goal of "add a full set of Integration Tests where we test against a Mock IDP provider", but what does maven provide that could not be done by ant? Can you sketch the mock testing procedures?
Second, I strongly dislike all those dependencies that maven pulls into the build process. I'd like to simplify the code rather than complexing it.
Third, pulling arbitrary maven artefacts into security relevant code builds, is that a good idea?
I'm open for discussion, but I don't see good reasons to apply this PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fair point!
I need a better build system that manages the build lifecycle so that I can:
Whilst the above may be possible to achieve with Ant, it would require writing hundreds if not thousands of lines of Ant code which is completely bespoke to this project. Instead, by using Maven I can use their standard build lifecycle and existing plugins that we already use in other eXist-db projects to achieve this easily without having to write a large amount of one-off Ant code.
The plugins are only part of the build process itself, they are not part of the build artefact. Ant also uses a load of 3rd party libraries to carry out its builds process. So there is little difference between Maven and Ant from that perspective!
I think you may have misunderstood how Maven works in practice. If you take a look at the
pom.xml
in this PR you will see that there is NO<dependencies>
section, and therefore there are NO Maven artefacts pulled into the built artefact.I will send a follow-up PR shortly with full integration test suite where this code is tested against an IDP. I think that should be evidence enough that this is required ;-)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maven is really a step forward.... (Yeap I was an ant fan)