-
Notifications
You must be signed in to change notification settings - Fork 0
195 lines (174 loc) · 6.12 KB
/
oci-distribution-spec.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
name: OCI Distribution Spec
on:
# See the documentation for more intricate event dispatch here:
# https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions#on
push:
branches:
- "!dependabot/*"
- "*"
pull_request:
branches:
- "*"
jobs:
oci:
name: OCI Distribution Spec
runs-on: ubuntu-22.04
services:
postgres:
image: postgres:latest
env:
POSTGRES_USER: postgres_user
POSTGRES_PASSWORD: postgres_password
POSTGRES_DB: postgres_db
POSTGRES_PORT: 5432
ports:
- 5432:5432
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
redis:
image: redis:latest
ports:
- 6379:6379
options: >-
--health-cmd "redis-cli ping"
--health-interval 10s
--health-timeout 5s
--health-retries 5
steps:
- name: Enable pg_trgm extension
run: |
psql "postgresql://postgres_user:postgres_password@localhost:5432/postgres_db" \
--command="create extension if not exists pg_trgm;"
- uses: actions/checkout@v3
- uses: actions/checkout@v3
with:
repository: opencontainers/distribution-spec
ref: v1.1.0-rc1
path: dist-spec
- name: Set up Go 1.18
uses: actions/setup-go@v3
with:
go-version: 1.18
- name: Build conformance.test binary
run: |
cd dist-spec/conformance
CGO_ENABLED=0 go test -c -o conformance.test
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build and export to Docker
uses: docker/build-push-action@v3
with:
context: .
load: true
tags: localhost/quay
cache-from: type=gha
cache-to: type=gha
- name: Start Quay
run: |
IP=$(ip addr show dev eth0 | sed -n 's: *inet \([0-9.]*\)/.*:\1:p')
mkdir -p /tmp/config
cat >/tmp/config/config.yaml <<EOF
BUILDLOGS_REDIS: {"host": "$IP", "port": 6379}
DATABASE_SECRET_KEY: anothercrazykey!
DB_URI: postgresql://postgres_user:postgres_password@$IP:5432/postgres_db
DISTRIBUTED_STORAGE_CONFIG: {"default": ["LocalStorage", {"storage_path": "/datastorage/registry"}]}
DISTRIBUTED_STORAGE_PREFERENCE: ["default"]
SERVER_HOSTNAME: localhost
SETUP_COMPLETE: true
USER_EVENTS_REDIS: {"host": "$IP", "port": 6379}
DATA_MODEL_CACHE_CONFIG:
engine: memcached
endpoint: [127.0.0.1, 18080]
repository_blob_cache_ttl: 60s
catalog_page_cache_ttl: 60s
namespace_geo_restrictions_cache_ttl: 240s
# OCI Conformance tests don't expect tags to be cached.
# If we implement cache invalidation, we can enable it back.
active_repo_tags_cache_ttl: 0s
EOF
# Run the Quay container. See also:
# https://access.redhat.com/documentation/en-us/red_hat_quay/3.8/html/deploy_red_hat_quay_-_high_availability/deploying_red_hat_quay
docker run \
--detach \
--health-cmd="curl -fsS http://localhost:8080/health/instance" \
--health-interval=10s \
--health-retries=5 \
--health-timeout=5s \
--name=quay \
--publish=127.0.0.1:443:8443/tcp \
--publish=127.0.0.1:80:8080/tcp \
--volume=/tmp/config:/conf/stack:Z \
localhost/quay
for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20; do
status=$(docker inspect -f '{{.State.Health.Status}}' quay)
printf "[%s] status: %s\n" "$(date -u +'%F %T')" "$status"
if [ "$status" == "healthy" ]; then
break
fi
sleep 10
done
docker inspect --format='{{json .State.Health}}' quay
docker exec -i quay python <<EOF
from app import app
from data import model
from data.database import configure
configure(app.config)
myuser = model.user.create_user("myuser", "p@ssw0rd", "[email protected]", auto_verify=True)
myorg = model.organization.create_organization("myorg", "[email protected]", myuser)
EOF
- name: Run conformance tests
run: |
# Registry details
export OCI_ROOT_URL="http://localhost"
export OCI_NAMESPACE="myuser/myrepo"
export OCI_CROSSMOUNT_NAMESPACE="myorg/other"
export OCI_USERNAME="myuser"
export OCI_PASSWORD="p@ssw0rd"
# Which workflows to run
export OCI_TEST_PULL=1
export OCI_TEST_PUSH=1
export OCI_TEST_CONTENT_DISCOVERY=1
export OCI_TEST_CONTENT_MANAGEMENT=0
# Extra settings
export OCI_HIDE_SKIPPED_WORKFLOWS=0
export OCI_DEBUG=1
export OCI_DELETE_MANIFEST_BEFORE_BLOBS=0
./dist-spec/conformance/conformance.test
- name: Create report
run: |
mkdir -p .oci-test-results/ .logs/
mv report.html junit.xml .oci-test-results/ || true
docker logs quay >.logs/quay.log 2>&1 || true
if: always()
- name: Check logs
run: |
# Tracebacks should not appear in the logs under normal circumstances.
# Unfortunately, 3 trackbacks are logged immediately after the Quay
# container is started, and extra one is generated during OCI tests.
# To accommodate the current state and avoid further regressions until
# these issues are fixed, we allow a maximum of 4 trackbacks.
TRACEBACKS=$(grep Traceback .logs/quay.log | wc -l)
if [ "$TRACEBACKS" -gt 4 ]; then
echo >&2 ERROR: Traceback detected, check Quay logs.
exit 1
fi
if: always()
- name: Stop Quay
run: |
docker rm --force --volumes quay
if: always()
- name: Upload test results
uses: actions/upload-artifact@v4
with:
name: oci-test-results
path: .oci-test-results/
if: always()
- name: Upload Quay logs
uses: actions/upload-artifact@v4
with:
name: logs
path: .logs/
if: always()