@continuoussecuritytooling/keycloak-reporter 1.0.0 → 1.0.2-1857

package/.bin/start-server.mjs

@@ -11,8 +11,6 @@ import { fileURLToPath } from 'node:url'
 import { promisify } from 'node:util'
 import tar from 'tar-fs'
 
-// renovate: datasource=docker depName=quay.io/keycloak/keycloak
-const KEYCLOAK_VERSION = '25.0.6';
 const DIR_NAME = path.dirname(fileURLToPath(import.meta.url))
 const SERVER_DIR = path.resolve(DIR_NAME, '../tmp/server')
 const SCRIPT_EXTENSION = process.platform === 'win32' ? '.bat' : '.sh'
@@ -26,7 +24,7 @@ await startServer()
 async function startServer () {
   await downloadServer()
 
-  console.info('Starting server…')
+  console.info('Starting server …')
 
   const args = process.argv.slice(2)
   const child = spawn(
@@ -34,8 +32,8 @@ async function startServer () {
     ['start-dev', ...args],
     {
       env: {
-        KEYCLOAK_ADMIN: 'admin',
-        KEYCLOAK_ADMIN_PASSWORD: 'admin',
+        KC_BOOTSTRAP_ADMIN_USERNAME: 'master-admin',
+        KC_BOOTSTRAP_ADMIN_PASSWORD: 'admin',
         ...process.env
       }
     }
@@ -46,7 +44,7 @@ async function startServer () {
 }
 
 async function downloadServer () {
-  const directoryExists = fs.existsSync(SERVER_DIR)
+  const directoryExists = fs.existsSync(path.join(SERVER_DIR, `bin/kc${SCRIPT_EXTENSION}`))
 
   if (directoryExists) {
     console.info('Server installation found, skipping download.')
@@ -55,22 +53,28 @@ async function downloadServer () {
 
   console.info('Downloading and extracting server…')
 
-  const asset = await getAsset()
-  const assetStream = await getAssetAsStream(asset)
+  const nightlyAsset = await getNightlyAsset()
+  //console.log(nightlyAsset)
+  const assetStream = await getAssetAsStream(nightlyAsset)
 
   await extractTarball(assetStream, SERVER_DIR, { strip: 1 })
 }
 
-async function getAsset () {
+async function getNightlyAsset () {
   const api = new Octokit()
+  const tag = process.env.kcVersion || 'nightly';
   const release = await api.repos.getReleaseByTag({
     owner: 'keycloak',
     repo: 'keycloak',
-    tag: KEYCLOAK_VERSION
+    tag: tag
   })
+  let assertName = `keycloak-${tag}.tar.gz`
+  if (tag == 'nightly') {
+    assertName = 'keycloak-999.0.0-SNAPSHOT.tar.gz'
+  }
 
   return release.data.assets.find(
-    ({ name }) => name === `keycloak-${KEYCLOAK_VERSION}.tar.gz`
+    ({ name }) => name === assertName
   )
 }
 
@@ -86,4 +90,4 @@ async function getAssetAsStream (asset) {
 
 function extractTarball (stream, path, options) {
   return pipelineAsync(stream, gunzip(), tar.extract(path, options))
-}
+}

package/.github/workflows/pipeline.yml

@@ -16,9 +16,8 @@ jobs:
     strategy:
       matrix:
         node_version:
-          - 18
           - 20
-          - 21
+          - 22
         os:
           - ubuntu-latest
           - macOS-latest
@@ -99,9 +98,8 @@ jobs:
       fail-fast: true
       matrix:
         node_version:
-          - 18
           - 20
-          - 21
+          - 22
         os:
           - ubuntu-latest
     steps:
@@ -171,7 +169,7 @@ jobs:
       - uses: actions/setup-node@v4
         with:
           # renovate: datasource=docker depName=node
-          node-version: '20'
+          node-version: '22'
       - name: 'Build Package'
         run: |
           npm run clean
@@ -200,13 +198,14 @@ jobs:
             APP_VERSION=${{env.APP_VERSION}}
 
       - name: Push To NPM Registry
-        id: push-to-npm-tagged
+        id: push-to-npm-preview
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }}
         run: |
           echo "//registry.npmjs.org/:_authToken=$NODE_AUTH_TOKEN" >> ~/.npmrc
+          npm version --no-git-tag-version ${{env.APP_VERSION}}-${{ github.run_number }}
           npm publish
-        if: github.ref_type == 'tag' || github.tag != ''
+        if: github.ref == 'refs/heads/develop'
 
       - name: Push To Docker Hub
         id: push-to-dockerhub-preview
@@ -218,14 +217,3 @@ jobs:
           username: continuoussecuritytooling
           password: ${{ secrets.DOCKER_HUB_TOKEN }}
         if: github.ref == 'refs/heads/develop'
-
-      - name: Push To Docker Hub
-        id: push-to-dockerhub-tagged
-        uses: redhat-actions/push-to-registry@v2
-        with:
-          image: ${{ steps.build-image.outputs.image }}
-          tags: 'latest ${{env.APP_VERSION}}'
-          registry: registry.hub.docker.com
-          username: continuoussecuritytooling
-          password: ${{ secrets.DOCKER_HUB_TOKEN }}
-        if: github.ref_type == 'tag' || github.tag != ''

package/.github/workflows/release.yml

@@ -62,6 +62,16 @@ jobs:
                     npm version --no-git-tag-version ${{ github.event.inputs.releaseversion }}
                     npm run build
 
+            -   name: Write version vars
+                run: |
+                    BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"`
+                    BRANCH=${GITHUB_REF_NAME#v}
+                    APP_VERSION=$(cat package.json | grep version| head -1 | awk -F: '{ print $2 }' | sed 's/[",]//g')
+                    echo Version: $APP_VERSION
+                    echo "VERSION=$APP_VERSION" >> $GITHUB_ENV
+                    echo "APP_VERSION=$APP_VERSION" >> $GITHUB_ENV
+                    echo "BUILD_DATE=$BUILD_DATE" >> $GITHUB_ENV
+
             -   name: Install Helm
                 uses: azure/setup-helm@v4
 
@@ -172,8 +182,31 @@ jobs:
                 env:
                     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
+            -   name: Build Container Image
+                id: build-image
+                uses: redhat-actions/buildah-build@v2
+                with:
+                    image: continuoussecuritytooling/keycloak-reporting-cli
+                    tags: 'latest ${{ github.event.inputs.releaseversion }}'
+                    containerfiles: |
+                        ./Dockerfile
+                    build-args: |
+                        BUILD_DATE=${{ env.BUILD_DATE }}
+                        APP_VERSION=${{ github.event.inputs.releaseversion }}
+
+            -   name: Push To Docker Hub
+                id: push-to-dockerhub-preview
+                uses: redhat-actions/push-to-registry@v2
+                with:
+                    image: ${{ steps.build-image.outputs.image }}
+                    tags: 'latest ${{ github.event.inputs.releaseversion }}'
+                    registry: registry.hub.docker.com
+                    username: continuoussecuritytooling
+                    password: ${{ secrets.DOCKER_HUB_TOKEN }}
+
             -   name: Publish npm package
                 run: |
+                    npm version --no-git-tag-version ${{ github.event.inputs.releaseversion }}
                     npm publish
                 env:
                     NODE_AUTH_TOKEN: ${{ secrets.NPM_AUTH_TOKEN }}

package/CHANGELOG.md

@@ -1,3 +1,34 @@
+## [1.0.2](https://github.com/ContinuousSecurityTooling/keycloak-reporter/compare/v1.0.1...v1.0.2) (2024-11-22)
+
+
+### Bug Fixes
+
+* **deps:** update dependency @continuoussecuritytooling/keycloak-auditor to v2.0.8 ([c235380](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/c23538068b54f0f326642e83c132d69b3a7cfcc7))
+* **deps:** update dependency @continuoussecuritytooling/keycloak-auditor to v2.0.9 ([3b7ca63](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/3b7ca632baccdc660aca70402d2c02d9b4ceabc4))
+* **deps:** update dependency @keycloak/keycloak-admin-client to v26.0.5 ([ecc5d2f](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/ecc5d2fe7a9ff8de6b99d356f9f828d2b21941e4))
+* **deps:** update dependency @keycloak/keycloak-admin-client to v26.0.6 ([2cd12b7](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/2cd12b7e0ea627cde535203e21fe4a181e97e1a9))
+* **deps:** update dependency npm to v10.9.1 ([cd1e62a](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/cd1e62a35980b3d7c4cd1fbbda631b600c89031c))
+
+
+
+## [1.0.1](https://github.com/ContinuousSecurityTooling/keycloak-reporter/compare/v1.0.0...v1.0.1) (2024-10-31)
+
+
+### Bug Fixes
+
+* Correcting docker publish on release ([8930206](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/89302069cd56c8ec324cf5a028dd52e07ba3212a))
+* **deps:** update dependency @keycloak/keycloak-admin-client to v26.0.1 ([4b640f2](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/4b640f2b9899bbc4055c08c9c6d807639495f3fd))
+* **deps:** update dependency @keycloak/keycloak-admin-client to v26.0.2 ([7b2b427](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/7b2b42793de329365109e85d0f8f9dcc24ef66b1))
+* **deps:** update dependency @keycloak/keycloak-admin-client to v26.0.4 ([12f2a15](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/12f2a154ee328505691cc8b635f3c916b08e2f0d))
+* **deps:** update dependency openid-client to v6.1.0 ([1238436](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/1238436517af761c1cb27e28a1ecd27a0f501b95))
+* **deps:** update dependency openid-client to v6.1.1 ([46c92db](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/46c92db73ed39b4c0f4a07f12369270460affaef))
+* **deps:** update dependency openid-client to v6.1.3 ([530087b](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/530087b716f8fbe6a7cbe304edfc03107c25189b))
+* **Tests:** Adjust end2end config for keycloak v26 ([79c6d9c](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/79c6d9c61b27157cb915f5532e2eb29674e2b763))
+* **Tests:** Adjust test spec ([431c1c6](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/431c1c6d6fa951d5c4d987b89d66a644cef5e250))
+* **Tests:** Adjust test to changed config ([8163c80](https://github.com/ContinuousSecurityTooling/keycloak-reporter/commit/8163c80f7a46659d52ab88e9af0b3caf5d412218))
+
+
+
 # [1.0.0](https://github.com/ContinuousSecurityTooling/keycloak-reporter/compare/v0.8.12...v1.0.0) (2024-10-17)
 
 

package/Dockerfile

@@ -1,4 +1,4 @@
-FROM node:20.18.0-slim
+FROM node:22.11.0-slim
 
 ARG BUILD_DATE
 ARG APP_VERSION

package/charts/keycloak-reporter/Chart.yaml

@@ -15,14 +15,14 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.3.5
+version: 1.3.7
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
 # renovate: datasource=docker depName=ContinuousSecurityTooling/keycloak-reporter
-appVersion: 1.0.0
+appVersion: 1.0.2
 maintainers:
   # Martin Reinhardt
   - name: hypery2k

package/charts/keycloak-reporter/README.md

@@ -1,6 +1,6 @@
 # keycloak-reporter
 
-![Version: 1.3.5](https://img.shields.io/badge/Version-1.3.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.0.0](https://img.shields.io/badge/AppVersion-1.0.0-informational?style=flat-square)
+![Version: 1.3.7](https://img.shields.io/badge/Version-1.3.7-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 1.0.2](https://img.shields.io/badge/AppVersion-1.0.2-informational?style=flat-square)
 
 Keycloak user and client reporting tool for automated regular access checks.