Running with gitlab-runner 13.12.0 (7a6612da)  on gitlab-runners-bigbang-gitlab-runner-gitlab-runner-7df565ccnfc6 RsVhcwun  feature flags: FF_GITLAB_REGISTRY_HELPER_IMAGE:true section_start:1625072288:resolve_secrets Resolving secrets section_end:1625072288:resolve_secrets section_start:1625072288:prepare_executor Preparing the "kubernetes" executor Using Kubernetes namespace: gitlab-runners Using Kubernetes executor with image registry.dso.mil/platform-one/big-bang/pipeline-templates/pipeline-templates/k3d-builder:0.0.5 ... section_end:1625072288:prepare_executor section_start:1625072288:prepare_script Preparing environment Waiting for pod gitlab-runners/runner-rsvhcwun-project-2324-concurrent-0mwgc8 to be running, status is Pending Running on runner-rsvhcwun-project-2324-concurrent-0mwgc8 via gitlab-runners-bigbang-gitlab-runner-gitlab-runner-7df565ccnfc6... section_end:1625072292:prepare_script section_start:1625072292:get_sources Getting source from Git repository Fetching changes with git depth set to 50... Initialized empty Git repository in /builds/RsVhcwun/0/platform-one/big-bang/apps/security-tools/keycloak/.git/ Created fresh repository. Checking out f379a05c as refs/merge-requests/31/head... Skipping Git submodules setup section_end:1625072292:get_sources section_start:1625072292:step_script Executing "step_script" stage of the job script $ if [ -z ${PIPELINE_REPO_BRANCH} ]; then # collapsed multi-line command $ git clone -b ${PIPELINE_REPO_BRANCH} ${PIPELINE_REPO} ${PIPELINE_REPO_DESTINATION} Cloning into '../pipeline-repo'... $ echo "Directory structure of repository:" Directory structure of repository: $ tree . . |-- CHANGELOG.md |-- CODEOWNERS |-- CONTRIBUTING.md |-- README.md |-- chart | |-- Chart.yaml | |-- Kptfile | |-- OWNERS | |-- README.md | |-- charts | | |-- gluon-0.1.1.tgz | | `-- postgresql-10.3.13.tgz | |-- ci | | |-- h2-values.yaml | | `-- postgres-ha-values.yaml | |-- requirements.lock | |-- requirements.yaml | |-- resources | | `-- dev | | |-- baby-yoda.json | | |-- baby-yoda.yaml | | `-- dod_cas.pem | |-- templates | | |-- NOTES.txt | | |-- _helpers.tpl | | |-- bigbang | | | |-- network-policies | | | | |-- allow-dns-http-https-egress.yaml | | | | |-- allow-helm-test.yaml | | | | |-- allow-internal-postgres.yaml | | | | |-- allow-istio.yaml | | | | |-- allow-monitoring.yaml | | | | |-- allow-namespace.yaml | | | | |-- allow-postgres-egress.yaml | | | | |-- always-allow-https.yaml | | | | |-- always-allow-jgroups.yaml | | | | |-- always-deny-ingress.yaml | | | | `-- default-deny-all.yaml | | | `-- virtualservice.yaml | | |-- configmap-startup.yaml | | |-- hpa.yaml | | |-- ingress.yaml | | |-- networkpolicy.yaml | | |-- poddisruptionbudget.yaml | | |-- prometheusrule.yaml | | |-- rbac.yaml | | |-- route.yaml | | |-- secrets.yaml | | |-- service-headless.yaml | | |-- service-http.yaml | | |-- serviceaccount.yaml | | |-- servicemonitor.yaml | | |-- statefulset.yaml | | |-- test | | | |-- configmap-test.yaml | | | `-- pod-test.yaml | | `-- tests | | `-- test-ui.yaml | |-- tests | | `-- cypress | | |-- cypress.json | | `-- keycloak-health.spec.js | |-- values.schema.json | `-- values.yaml |-- development | |-- Earthfile | |-- README.md | |-- baby-yoda.json | |-- baby-yoda.yaml | |-- bigbang.cli | |-- certs | | |-- dod_cas.pem | | |-- tls.crt | | `-- tls.key | |-- cypress | | |-- README.md | | |-- fixtures | | | `-- example.json | | |-- integration | | | |-- auth.spec.js | | | |-- newuser.spec.js | | | |-- reg.spec.js | | | `-- spec.js | | |-- plugins | | | `-- index.js | | `-- support | | |-- commands.js | | `-- index.js | |-- cypress.json | |-- disable-theme-cache.cli | |-- js-console.war | |-- keystore_creation | | |-- source_files | | | |-- cas.pem | | | |-- tls-enc.key | | | `-- tls.crt | | `-- x509_local.sh | |-- plugin | | |-- README.md | | |-- build.gradle | | |-- gradle | | | `-- wrapper | | | |-- gradle-wrapper.jar | | | `-- gradle-wrapper.properties | | |-- gradlew | | |-- gradlew.bat | | |-- lombok.config | | |-- settings.gradle | | `-- src | | |-- main | | | |-- java | | | | `-- dod | | | | `-- p1 | | | | `-- keycloak | | | | |-- authentication | | | | | |-- RequireGroupAuthenticator.java | | | | | `-- RequireGroupAuthenticatorFactory.java | | | | |-- common | | | | | |-- CommonConfig.java | | | | | |-- YAMLConfig.java | | | | | |-- YAMLConfigEmailAutoJoin.java | | | | | `-- YAMLConfigX509.java | | | | `-- registration | | | | |-- RegistrationValidation.java | | | | |-- RegistrationX509Password.java | | | | |-- UpdateX509.java | | | | `-- X509Tools.java | | | `-- resources | | | |-- META-INF | | | | |-- jboss-deployment-structure.xml | | | | |-- keycloak-themes.json | | | | `-- services | | | | |-- org.keycloak.authentication.AuthenticatorFactory | | | | |-- org.keycloak.authentication.FormActionFactory | | | | `-- org.keycloak.authentication.RequiredActionFactory | | | `-- theme | | | |-- client-detail.html | | | `-- p1-sso | | | |-- account | | | | |-- account.ftl | | | | |-- applications.ftl | | | | |-- messages | | | | | `-- messages_en.properties | | | | |-- password.ftl | | | | |-- resources -> ../custom-resources | | | | |-- sessions.ftl | | | | |-- template.ftl | | | | |-- theme.properties | | | | `-- totp.ftl | | | |-- admin | | | | |-- resources -> ../custom-resources | | | | `-- theme.properties | | | |-- custom-resources | | | | |-- css | | | | | |-- bootstrap.css | | | | | `-- new-ui.css | | | | |-- img | | | | | |-- favicon.ico | | | | | |-- nerd.png | | | | | |-- p1-logo-alt.png | | | | | |-- p1-logo-tall.png | | | | | |-- p1-logo.png | | | | | |-- tech-bg.jpg | | | | | |-- trash-fill.svg | | | | | `-- yoda-mission-obsessed.png | | | | |-- js | | | | | `-- base64url.js | | | | `-- partials | | | | `-- client-detail.html | | | `-- login | | | |-- login-config-totp.ftl | | | |-- login-x509-info.ftl | | | |-- login.ftl | | | |-- messages | | | | `-- messages_en.properties | | | |-- register.ftl | | | |-- resources -> ../custom-resources | | | |-- template.ftl | | | |-- terms.ftl | | | `-- theme.properties | | `-- test | | `-- java | | `-- dod | | `-- p1 | | `-- keycloak | | |-- authentication | | | |-- RequireGroupAuthenticatorFactoryTest.java | | | `-- RequireGroupAuthenticatorTest.java | | |-- registration | | | `-- RegistrationValidationTest.java | | `-- utils | | `-- Utils.java | |-- x509.sh | `-- x509_reduced.sh |-- docs | |-- AFFINITY.md | |-- configuration.md | |-- create-a-test-case.md | |-- img | | |-- add-test-user.png | | |-- impersonate-user.png | | |-- invite-link.png | | |-- login.png | | |-- navigate-to-registration.png | | |-- realm-baby-yoda.png | | |-- users.png | | `-- welcome.png | `-- p1-declarative-groups.md `-- tests `-- test-values.yaml 62 directories, 148 files $ echo "Generic configuration validation tests:" Generic configuration validation tests: $ if [ $(ls -1 tests/test-values.y*ml 2>/dev/null | wc -l) -gt 0 ]; then # collapsed multi-line command Checking test values... WARN - StatefulSet RELEASE-NAME-postgresql is using default Service Account WARN - RELEASE-NAME-postgresql in the StatefulSet RELEASE-NAME-postgresql does not have a memory limit set WARN - RELEASE-NAME-postgresql in the StatefulSet RELEASE-NAME-postgresql does not have a CPU limit set WARN - RELEASE-NAME-postgresql in the StatefulSet RELEASE-NAME-postgresql does not have QoS class of Guaranteed WARN - RELEASE-NAME-postgresql in the StatefulSet RELEASE-NAME-postgresql has ability to run as root WARN - RELEASE-NAME-postgresql in the StatefulSet RELEASE-NAME-postgresql has a UID of less than 1000 WARN - StatefulSet RELEASE-NAME-postgresql using defaulting to image UID WARN - RELEASE-NAME-postgresql in the StatefulSet RELEASE-NAME-postgresql is not using a read only root filesystem WARN - pgchecker in the StatefulSet RELEASE-NAME-keycloa is missing livenessProbe WARN - pgchecker in the StatefulSet RELEASE-NAME-keycloa is missing readinessProbe WARN - keycloak in the StatefulSet RELEASE-NAME-keycloa has a UID of less than 1000 WARN - pgchecker in the StatefulSet RELEASE-NAME-keycloa has a UID of less than 1000 WARN - StatefulSet RELEASE-NAME-keycloa using defaulting to image UID WARN - keycloak in the StatefulSet RELEASE-NAME-keycloa is not using a read only root filesystem WARN - pgchecker in the StatefulSet RELEASE-NAME-keycloa is not using a read only root filesystem WARN - keycloak-cypress-test in the Pod keycloak-cypress-test is missing livenessProbe WARN - keycloak-cypress-test in the Pod keycloak-cypress-test is missing readinessProbe WARN - keycloak-cypress-test in the Pod keycloak-cypress-test does not have a memory requests set WARN - keycloak-cypress-test in the Pod keycloak-cypress-test does not have a CPU requests set WARN - keycloak-cypress-test in the Pod keycloak-cypress-test does not have a memory limit set WARN - keycloak-cypress-test in the Pod keycloak-cypress-test does not have a CPU limit set WARN - keycloak-cypress-test in the Pod keycloak-cypress-test does not have QoS class of Guaranteed WARN - keycloak-cypress-test in the Pod keycloak-cypress-test has ability to run as root 80 tests, 57 passed, 23 warnings, 0 failures Checking chart values... WARN - StatefulSet RELEASE-NAME-postgresql is using default Service Account WARN - RELEASE-NAME-postgresql in the StatefulSet RELEASE-NAME-postgresql is not using a read only root filesystem WARN - RELEASE-NAME-postgresql in the StatefulSet RELEASE-NAME-postgresql does not have a memory limit set WARN - RELEASE-NAME-postgresql in the StatefulSet RELEASE-NAME-postgresql does not have a CPU limit set WARN - RELEASE-NAME-postgresql in the StatefulSet RELEASE-NAME-postgresql does not have QoS class of Guaranteed WARN - RELEASE-NAME-postgresql in the StatefulSet RELEASE-NAME-postgresql has ability to run as root WARN - RELEASE-NAME-postgresql in the StatefulSet RELEASE-NAME-postgresql has a UID of less than 1000 WARN - StatefulSet RELEASE-NAME-postgresql using defaulting to image UID WARN - keycloak in the StatefulSet RELEASE-NAME-keycloa is not using a read only root filesystem WARN - pgchecker in the StatefulSet RELEASE-NAME-keycloa is not using a read only root filesystem WARN - pgchecker in the StatefulSet RELEASE-NAME-keycloa is missing livenessProbe WARN - pgchecker in the StatefulSet RELEASE-NAME-keycloa is missing readinessProbe WARN - keycloak in the StatefulSet RELEASE-NAME-keycloa has a UID of less than 1000 WARN - pgchecker in the StatefulSet RELEASE-NAME-keycloa has a UID of less than 1000 WARN - StatefulSet RELEASE-NAME-keycloa using defaulting to image UID 41 tests, 26 passed, 15 warnings, 0 failures $ if [ -d "tests/policy" ]; then # collapsed multi-line command section_end:1625072294:step_script section_start:1625072294:cleanup_file_variables Cleaning up file based variables section_end:1625072294:cleanup_file_variables Job succeeded