diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index fc6a6cc..0000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,66 +0,0 @@ -version: 2.1 - -workflows: - version: 2 - build_and_deploy: - jobs: - - tag_version: - filters: - branches: - only: - - /^(release\/v\d+\.\d+\.\d+|hotfix\/v\d+\.\d+\.\d+)$/ - - build_and_deploy: - filters: - branches: - only: - - /^(release\/v\d+\.\d+\.\d+|hotfix\/\d+|bugfix.*|master|develop|.*feature\/.+)$/ - - - -jobs: - tag_version: - docker: - - image: cimg/node:14.9.0 - steps: - - checkout - - add_ssh_keys: - fingerprints: - - "55:e7:a0:69:e2:ed:e7:84:f2:82:f9:46:fc:c7:de:f0" - - run: - name: Bump npm version - command: | - git config user.email "50235421+ehrbase-tech-user@users.noreply.github.com" - git config user.name "ci-bot" - VERSION_NUMBER="$(echo $CIRCLE_BRANCH | awk -F'/' '{print $2;}')" - echo "Updating the application version from the branch to ${VERSION_NUMBER}" - npm version $VERSION_NUMBER - git push --set-upstream origin $CIRCLE_BRANCH - git push origin --tags - - build_and_deploy: - docker: - - image: cimg/node:14.9.0 - auth: - username: $DOCKER_USER - password: $DOCKER_HUB_PASSWORD - steps: - - checkout - - setup_remote_docker: - version: 19.03.13 - docker_layer_caching: true - - run: - name: Build and tag image and push - command: | - if [ $CIRCLE_BRANCH = "master" ]; then - TAG=$(node -p "require('./package.json').version") - elif [ $CIRCLE_BRANCH = "develop" ]; then - TAG=$CIRCLE_BRANCH - else - TAG="$(echo $CIRCLE_BRANCH | awk -F'/' '{print $2;}')-rc" - fi - docker build -t $DOCKER_USER/keycloak-theme-num:$TAG . - echo "$DOCKER_HUB_PASSWORD" | docker login -u "$DOCKER_USER" --password-stdin - docker push $DOCKER_USER/keycloak-theme-num:$TAG - -orbs: - node: circleci/node@4.1.0 diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..1f9e6f7 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,18 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates + +version: 2 +updates: + - package-ecosystem: npm + directory: "/" # Location of package manifests + schedule: + interval: weekly + day: monday + time: "04:00" + open-pull-requests-limit: 10 + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: weekly diff --git a/.github/workflows/build-for-development.yml b/.github/workflows/build-for-development.yml new file mode 100644 index 0000000..f8e9f7e --- /dev/null +++ b/.github/workflows/build-for-development.yml @@ -0,0 +1,30 @@ +name: Build for development + +on: + push: + branches: [ 'feature/**', 'dependabot/**' ] + +jobs: + test_and_scan: + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Set up Node 20 + uses: actions/setup-node@v4 + with: + node-version: '20' + cache: 'npm' + - name: Run Trivy vulnerability scanner in repo mode + uses: aquasecurity/trivy-action@master + with: + scan-type: 'fs' + ignore-unfixed: true + format: 'sarif' + output: 'trivy-results.sarif' + severity: 'CRITICAL,HIGH' + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: 'trivy-results.sarif' diff --git a/.github/workflows/create-release-branch.yml b/.github/workflows/create-release-branch.yml new file mode 100644 index 0000000..0e0f970 --- /dev/null +++ b/.github/workflows/create-release-branch.yml @@ -0,0 +1,84 @@ +name: Create release branch + +on: + workflow_dispatch: + branches: [ develop ] + inputs: + release: + description: 'Type of the release.' + type: choice + options: + - major + - minor + - patch + default: minor + +jobs: + create_branch: + if: github.event_name == 'workflow_dispatch' && github.ref == 'refs/heads/develop' + + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + ref: main + - name: Set up Node 20 + uses: actions/setup-node@v4 + with: + node-version: '20' + cache: 'npm' + - name: Create version + id: createVersion + run: | + CURRENT_VERSION=$(node -e "console.log(require('./package.json').version)") + echo "Current version: $CURRENT_VERSION" + MAJOR=`echo $CURRENT_VERSION | cut -d. -f1` + MINOR=`echo $CURRENT_VERSION | cut -d. -f2` + PATCH=`echo $CURRENT_VERSION | cut -d. -f3 | cut -d- -f1` + + if [ ${{ inputs.release }} == 'major' ]; then + MAJOR=$((MAJOR+1)) + MINOR=0 + PATCH=0 + elif [ ${{ inputs.release }} == 'minor' ]; then + MINOR=$((MINOR+1)) + PATCH=0 + else + PATCH=$((PATCH+1)) + fi + + VERSION=${MAJOR}.${MINOR}.${PATCH} + + echo + echo "Release version: $VERSION" + + echo "VERSION=$VERSION" >> "$GITHUB_OUTPUT" + + - name: Checkout + uses: actions/checkout@v4 + - name: Create release branch + env: + VERSION: ${{ steps.createVersion.outputs.VERSION }} + run: | + git config --global user.email "github-actions@example.com" + git config --global user.name "Github Actions" + + git branch release/$VERSION + git checkout release/$VERSION + + npm version ${VERSION}-SNAPSHOT + git add package.json + git commit -m "updated project version to ${VERSION}" + + git push --set-upstream origin release/$VERSION + + wrong_branch: + if: github.event_name == 'workflow_dispatch' && github.ref != 'refs/heads/develop' + + runs-on: ubuntu-latest + + steps: + - name: ERROR + run: echo 'This workflow only runs on develop branch!' diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml new file mode 100644 index 0000000..6aca866 --- /dev/null +++ b/.github/workflows/nightly.yml @@ -0,0 +1,29 @@ +name: Nightly + +on: + schedule: + - cron: '0 21 * * *' + +jobs: + verify: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Set up Node 20 + uses: actions/setup-node@v4 + with: + node-version: '20' + cache: 'npm' + - name: Run Trivy vulnerability scanner in repo mode + uses: aquasecurity/trivy-action@master + with: + scan-type: 'fs' + ignore-unfixed: true + format: 'sarif' + output: 'trivy-results.sarif' + severity: 'CRITICAL,HIGH' + - name: Upload Trivy scan results to GitHub Security tab + uses: github/codeql-action/upload-sarif@v3 + with: + sarif_file: 'trivy-results.sarif' diff --git a/.github/workflows/release-new-tag.yml b/.github/workflows/release-new-tag.yml new file mode 100644 index 0000000..ad06400 --- /dev/null +++ b/.github/workflows/release-new-tag.yml @@ -0,0 +1,31 @@ +name: Release new tag + +on: + push: + tags: + - '[0-9]+.[0-9]+.[0-9]+' + +jobs: + docker: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Set up Node 20 + uses: actions/setup-node@v4 + with: + node-version: '20' + cache: 'npm' + - name: Login to docker hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + - name: Build and push docker image + uses: docker/build-push-action@v5 + with: + load: true + tags: ${{ secrets.DOCKER_USERNAME }}/keycloak-theme-num:${{ github.ref_name }} + - name: Print Release Version + run: | + echo "### :rocket: ${{ github.ref_name }}" >> $GITHUB_STEP_SUMMARY diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..97bdddd --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,112 @@ +name: release + +on: + workflow_dispatch: + branches: [ 'release/**' ] + +env: + RELEASE_VERSION: '' + DEV_VERSION: '' + +jobs: + + read_version: + runs-on: ubuntu-latest + + outputs: + DEV_VERSION: ${{ steps.createVersion.outputs.DEV_VERSION}} + RELEASE_VERSION: ${{ steps.createVersion.outputs.RELEASE_VERSION}} + + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Set up Node 20 + uses: actions/setup-node@v4 + with: + node-version: '20' + cache: 'npm' + - name: Create new development version + id: createVersion + run: | + CURRENT_VERSION=$(node -e "console.log(require('./package.json').version)") + RELEASE_VERSION=`echo $CURRENT_VERSION | cut -d- -f1` + echo "Current version: $CURRENT_VERSION" + MAJOR=`echo $CURRENT_VERSION | cut -d. -f1` + MINOR=`echo $CURRENT_VERSION | cut -d. -f2` + + DEV_VERSION=${MAJOR}.$((MINOR+1)).0-SNAPSHOT + + echo + echo "Release version: $RELEASE_VERSION" + echo "Develop version: $DEV_VERSION" + + echo "RELEASE_VERSION=${RELEASE_VERSION}" >> "$GITHUB_OUTPUT" + echo "DEV_VERSION=${DEV_VERSION}" >> "$GITHUB_OUTPUT" + + echo "### :rocket: ${RELEASE_VERSION}" >> $GITHUB_STEP_SUMMARY + + update_dev: + needs: read_version + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Set up Node 20 + uses: actions/setup-node@v4 + with: + node-version: '20' + cache: 'npm' + - name: Create branch to update develop version + env: + DEV_VERSION: ${{ needs.read_version.outputs.DEV_VERSION }} + run: | + git config --global user.email "noreply@github.com" + git config --global user.name "Github Actions" + + git branch feature/update_develop_${DEV_VERSION} + git checkout feature/update_develop_${DEV_VERSION} + + npm version ${DEV_VERSION} + git commit -am "updated development version to ${DEV_VERSION}" + + git push --set-upstream origin feature/update_develop_${DEV_VERSION} + + - name: Create PR to merge changes to Develop and update Version + env: + RELEASE_VERSION: ${{ needs.read_version.outputs.RELEASE_VERSION }} + GH_TOKEN: ${{ github.token }} + run: | + PR_URL=`gh pr create -B develop --title "Merge release branch '${RELEASE_VERSION}' back to develop" --body "Merge release branch '${RELEASE_VERSION}' back to develop"` + echo $PR_URL + + release: + needs: read_version + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Set up Node 20 + uses: actions/setup-node@v4 + with: + node-version: '20' + cache: 'npm' + - name: Set the release version + env: + RELEASE_VERSION: ${{ needs.read_version.outputs.RELEASE_VERSION }} + run: | + git config --global user.email "noreply@github.com" + git config --global user.name "Github Actions" + + npm version ${RELEASE_VERSION} + git commit -am "updated release version to ${RELEASE_VERSION}" + git push + + - name: Create PR to merge release branch to main + env: + RELEASE_VERSION: ${{ needs.read_version.outputs.RELEASE_VERSION }} + GH_TOKEN: ${{ github.token }} + run: | + PR_URL=`gh pr create -B main --title "Merge release branch '${RELEASE_VERSION}'" --body "Merge release branch '${RELEASE_VERSION}'"` + echo $PR_URL diff --git a/login/messages/messages_de.properties b/login/messages/messages_de.properties index 1f4017f..4de4e7f 100644 --- a/login/messages/messages_de.properties +++ b/login/messages/messages_de.properties @@ -175,7 +175,8 @@ client_broker=Broker invalidUserMessage=Benutzername oder Passwort ung\u00fcltig invalidEmailMessage=E-Mail-Adresse ung\u00fcltig -accountDisabledMessage=Ihr Benutzerkonto wurde deaktiviert. Wenden Sie sich an Ihren Systemadministrator, um weitere Informationen zu erhalten. +#accountDisabledMessage=Ihr Benutzerkonto wurde deaktiviert. Wenden Sie sich an Ihren Systemadministrator, um weitere Informationen zu erhalten. +accountDisabledMessage=Benutzername oder Passwort ung\u00fcltig accountTemporarilyDisabledMessage=Ihr Benutzerkonto wurde vor\u00fcbergehend deaktiviert. Wenden Sie sich an Ihren Systemadministrator, um weitere Informationen zu erhalten, oder versuchen Sie es sp\u00e4ter noch einmal. expiredCodeMessage=Ihre Sitzung ist abgelaufen. Melden Sie sich bitte neu an. expiredActionMessage=Ihre Aktion ist abgelaufen. Melden Sie sich bitte neu an. diff --git a/login/messages/messages_en.properties b/login/messages/messages_en.properties index 23d1756..82d8ea7 100644 --- a/login/messages/messages_en.properties +++ b/login/messages/messages_en.properties @@ -171,7 +171,8 @@ client_broker=Broker invalidUserMessage=Invalid username or password invalidEmailMessage=Invalid email address -accountDisabledMessage=Your account is disabled. Contact your System Administrator for more information. +#accountDisabledMessage=Your account is disabled. Contact your System Administrator for more information. +accountDisabledMessage=Invalid username or password. accountTemporarilyDisabledMessage=Your account is temporarily disabled. Contact your System Administrator for more information or try again later. expiredCodeMessage=Your session has timed out. Try signing in again. expiredActionMessage=Your action has expired. Try signing in again. diff --git a/package-lock.json b/package-lock.json new file mode 100644 index 0000000..2d92b81 --- /dev/null +++ b/package-lock.json @@ -0,0 +1,12 @@ +{ + "name": "keycloak-theme-num", + "version": "1.1.0-SNAPSHOT", + "lockfileVersion": 3, + "requires": true, + "packages": { + "": { + "name": "keycloak-theme-num", + "version": "1.1.0-SNAPSHOT" + } + } +} diff --git a/package.json b/package.json index 4865d46..1d05041 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "keycloak-theme-num", - "version": "1.0.0", + "version": "1.1.0-SNAPSHOT", "description": "The Keycloak themes for the num-codex webapp", "scripts": { "test": "echo \"Error: no test specified\" && exit 1"