feat(core): add SAML app audit logs (#6931) #9679
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This integration test ci job is used to test the DB alterations compatibility with the current codebase. | |
name: Alteration compatibility integration test | |
on: | |
push: | |
branches: | |
- master | |
pull_request: | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
check-alteration-changes: | |
runs-on: ubuntu-latest | |
outputs: | |
has-alteration-changes: ${{ steps.changes-detection.outputs.has-alteration-changes }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
# compare the current codebase with HEAD and check if there are any changes under the alterations folder | |
# if the event is a pull request, we need to compare the merge base with HEAD, otherwise we compare the current commit with the previous commit | |
- name: Check for alteration changes | |
id: changes-detection | |
run: | | |
if [[ "${{ github.event_name }}" == "pull_request" ]]; then | |
BASE=$(git merge-base origin/${{ github.base_ref }} HEAD) | |
else | |
BASE=${{ github.event.before }} | |
fi | |
CHANGE_FILES=$(git diff --name-only $BASE | grep 'packages/schemas/alterations/' || true) | |
if [ -n "$CHANGE_FILES" ]; then | |
echo "$CHANGE_FILES" | |
echo "has-alteration-changes=true" >> $GITHUB_OUTPUT | |
echo "Alteration changes detected" | |
else | |
echo "has-alteration-changes=false" >> $GITHUB_OUTPUT | |
echo "No alteration changes detected" | |
fi | |
package: | |
needs: check-alteration-changes | |
runs-on: ubuntu-latest | |
if: ${{ needs.check-alteration-changes.outputs.has-alteration-changes == 'true' }} | |
env: | |
INTEGRATION_TEST: true | |
DEV_FEATURES_ENABLED: false | |
steps: | |
- uses: logto-io/actions-package-logto-artifact@v3 | |
with: | |
artifact-name: alteration-integration-test-${{ github.sha }} | |
branch: ${{ github.base_ref }} | |
pnpm-version: 9 | |
run-logto: | |
strategy: | |
fail-fast: false | |
matrix: | |
target: [api, experience, console] | |
needs: package | |
runs-on: ubuntu-latest | |
env: | |
INTEGRATION_TEST: true | |
DEV_FEATURES_ENABLED: false | |
DB_URL: postgres://postgres:postgres@localhost:5432/postgres | |
steps: | |
- uses: logto-io/actions-run-logto-integration-tests@v4 | |
with: | |
branch: ${{ github.base_ref }} | |
logto-artifact: alteration-integration-test-${{ github.sha }} | |
test-target: ${{ matrix.target }} | |
db-alteration-target: ${{ github.head_ref }} | |
pnpm-version: 9 | |
# Automatically rerun the workflow since the integration tests are moody | |
# From this genius: https://github.com/orgs/community/discussions/67654#discussioncomment-8038649 | |
rerun-on-failure: | |
needs: run-logto | |
if: failure() && fromJSON(github.run_attempt) < 3 | |
runs-on: ubuntu-latest | |
steps: | |
- env: | |
GH_REPO: ${{ github.repository }} | |
GH_TOKEN: ${{ github.token }} | |
GH_DEBUG: api | |
run: gh workflow run rerun.yml -F run_id=${{ github.run_id }} | |
alteration-compatibility-conclusion: | |
needs: run-logto | |
runs-on: ubuntu-latest | |
if: always() && (needs.run-logto.result == 'success' || needs.run-logto.result == 'skipped') | |
steps: | |
- name: Conclusion | |
run: echo "Alteration compatibility integration test completed successfully" |