add ci workflow (closes #2)

2023-12-22 16:31:37 +01:00 · 2023-12-22 16:31:37 +01:00 · 785d1c4637
commit 785d1c4637
parent ae3fdb775f
3 changed files with 59 additions and 4 deletions
--- a/.gitea/workflows/prod.yml
+++ b/.gitea/workflows/prod.yml
@ -0,0 +1,44 @@
+name: deploy
+
+on:
+  push:
+    branches: [ main ]
+
+jobs:
+  release-image:
+    runs-on: act-runner-user
+    env:
+      DOCKER_ORG: gcg
+      DOCKER_LATEST: latest
+    steps:
+      - name: Checkout
+        uses: https://github.com/actions/checkout@v4
+
+      - name: Build
+        run: |
+          mvn package
+
+      - name: Remove old version
+        run: |
+          rm -rf /opt/data/keycloak/providers/spring-security-crypto-*.jar
+          rm -rf /opt/data/keycloak/providers/keycloak-mailcow-*.jar
+
+      - name: Deploy
+        run: |
+          export SPRINGSEC_VERSION=$(xmlstarlet sel -N x="http://maven.apache.org/POM/4.0.0" -t -m 'x:project/x:properties/x:version.springsec' -v . pom.xml)
+          curl -sL --output \
+            https://repo1.maven.org/maven2/org/springframework/security/spring-security-crypto/$SPRINGSEC_VERSION/spring-security-crypto-$SPRINGSEC_VERSION.jar
+            /opt/data/keycloak/providers/spring-security-crypto-$SPRINGSEC_VERSION.jar
+          export SPI_VERSION=$(xmlstarlet sel -N x="http://maven.apache.org/POM/4.0.0" -t -m 'x:project/x:version' -v . pom.xml)
+          cp -r target/keycloak-mailcow-$KEYCLOAK_VERSION.jar /opt/data/keycloak/providers/keycloak-mailcow-$KEYCLOAK_VERSION.jar
+
+      - name: Notification
+        uses: actions/telegram-action@main
+        if: always()
+        with:
+          chat_id: ${{ secrets.TG_CHAT_ID }}
+          token: ${{ secrets.TG_TOKEN }}
+
+      - name: Trigger Stack Webhook
+        run: |
+          curl -X POST https://docker.cantorgymnasium.de/api/stacks/webhooks/7f03c15f-dcf2-47cf-938e-6502b8520923
--- a/README.md
+++ b/README.md
@ -1,3 +1,13 @@
 # keycloak-mailcow

-Keycloak User Storage Provider for mailcow
+Keycloak User Storage SPI for mailcow
+
+Connects to a mailcow MariaDB database and uses the `username` and `password` columns of the `mailbox` table for authentication.
+
+Currently, only BCrypt-hashed passwords are supported.
+
+## References
+
+- https://www.baeldung.com/java-keycloak-custom-user-providers
+- https://github.com/mailcow/mailcow-dockerized/blob/master/data/web/inc/functions.inc.php
+- https://www.keycloak.org/docs/latest/server_development/index.html#_user-storage-spi
--- a/pom.xml
+++ b/pom.xml
@ -3,16 +3,17 @@
 	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">

 	<name>Keycloak mailcow</name>
-	<description />
+	<description>Connect to mailcow database for authentication</description>
 	<modelVersion>4.0.0</modelVersion>

 	<groupId>de.cantorgymnasium</groupId>
 	<artifactId>keycloak-mailcow</artifactId>
-	<version>0.0.2</version>
+	<version>1.0.0</version>
 	<packaging>jar</packaging>

 	<properties>
 		<version.keycloak>23.0.1</version.keycloak>
+		<version.springsec>6.2.1</version.springsec>
 	</properties>

 	<dependencies>
@ -54,7 +55,7 @@
 		<dependency>
 			<groupId>org.springframework.security</groupId>
 			<artifactId>spring-security-crypto</artifactId>
-			<version>6.2.1</version>
+			<version>${version.springsec}</version>
 		</dependency>
 	</dependencies>