Skip to content

Build It

Jump to bottom
Brian Demers edited this page May 14, 2018 · 2 revisions

Snapshot Builds

If you want to consume SNAPSHOT versions of the Okta Authentication SDK, you can pick them on oss.sonatype.org. Take a look at the Sonatype OSSRH usage guide.

If you want to build or contribute, keep reading.

Local Builds

If you want to build locally, simply clone the project and run mvn install (just like any other Maven based project).

A few things to note:

  • The default build will also include running Integration Tests that require a connection to a live server
    • You can skip the ITs by adding -DskipITs the command line.
    • To run the ITs you can simply configure the build with an ~/.okta/okta.yaml file, environment variables, or Java system properties. See Client properties references.
  • Before submitting a Pull Request it is recommended you run a mvn clean install -Pci build. This include a Findbugs/Findbugs Sec, PMD checks, and license header checks.

Running the ITs

In order to run the ITs against your Okta Organization, you need to setup enable Factor support and configure a couple group polices.

Factors

Log into your Okta admin console select: Security -> Multifactor -> Factor Types. Enable all of the factors that do NOT have a Configure button. After saving your factor list should look like this:

Group Policies

Create a new group named require-mfa (remember the groupId you will need to populate the OKTA_AUTHN_ITS_MFAENROLLGROUPID environment variable, see below). Head to /admin/access/policies#sign-on in your Okta Org, click the Add New Okta Sign-on Policy button. Enter the values:

  • Policy Name: require-mfa
  • Assign to Groups: require-mfa

Click the Create Policy and Add Rule. Enable Prompt for Factor then press the Create Rule button.

CI Builds

This project uses Travis-CI, which means the CI builds are defined in the .travis.yml.

There are four types of builds CI builds

  1. Nightly CRON Job Simply runs a OWASP dependency check NOTE: Due to the nature of this scan, false positives are detected, so a failing build may just require an suppression setting in src/owasp-suppression.xml

  2. Pull Request from outside this repository ITs will be skip as Travis secrets are NOT included for branches outside of this repository

  3. Pull Requests from within this repository ITs will be run, this is equivalent to running a -Pci build mentioned above

  4. Master builds Once a PR or other push happens to master a SNAPSHOTs are published to oss.sonatype.org, and javadocs are published to: https://developer.okta.com/okta-auth-java/development/apidocs/

CI Environment Variables

NOTE these environment variables are ONLY available for pull requests made from with this repository

  • OSSRH_USERNAME - oss.sonatype.org username/keyId
  • OSSRH_SECRET - oss.sonatype.org password/apiToken
  • OKTA_CLIENT_ORGURL - The org URL of the Okta tenant used for ITs
  • OKTA_CLIENT_TOKEN - The API token associated with the Okta tenant used for the ITs
  • OKTA_AUTHN_ITS_MFAENROLLGROUPID - The Group ID who's members require MFA to login

Misc

For information on how to perform a release, see the Release Guide.

Clone this wiki locally