Merge pull request #168 from dmcgowan/imgcrypt-v2 #370
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [ main ] | |
| pull_request: | |
| branches: [ main ] | |
| jobs: | |
| checks: | |
| name: Project Checks | |
| runs-on: ubuntu-22.04 | |
| timeout-minutes: 5 | |
| steps: | |
| - uses: actions/setup-go@v3 | |
| with: | |
| go-version: 1.22 | |
| - name: Set env | |
| shell: bash | |
| run: | | |
| echo "GOPATH=${{ github.workspace }}" >> $GITHUB_ENV | |
| echo "${{ github.workspace }}/bin" >> $GITHUB_PATH | |
| - uses: actions/checkout@v3 | |
| with: | |
| path: src/github.com/containerd/imgcrypt | |
| fetch-depth: 25 | |
| - uses: containerd/[email protected] | |
| with: | |
| working-directory: src/github.com/containerd/imgcrypt | |
| linters: | |
| name: Linters | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 10 | |
| strategy: | |
| matrix: | |
| os: [ubuntu-22.04] | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| path: src/github.com/containerd/imgcrypt | |
| - name: Set env | |
| shell: bash | |
| run: | | |
| echo "GOPATH=${{ github.workspace }}" >> $GITHUB_ENV | |
| echo "${{ github.workspace }}/bin" >> $GITHUB_PATH | |
| - uses: golangci/golangci-lint-action@v3 | |
| with: | |
| version: v1.61.0 | |
| working-directory: src/github.com/containerd/imgcrypt | |
| args: --timeout 120s | |
| tests: | |
| strategy: | |
| matrix: | |
| go: ["1.22", "1.21"] | |
| os: [ubuntu-22.04, windows-2022] | |
| name: Tests / ${{ matrix.os }} / ${{ matrix.go }} | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 15 | |
| needs: [linters, checks] | |
| steps: | |
| - uses: actions/checkout@v3 | |
| with: | |
| repository: containerd/containerd | |
| path: src/github.com/containerd/containerd | |
| - uses: actions/checkout@v3 | |
| with: | |
| path: src/github.com/containerd/imgcrypt | |
| - uses: actions/setup-go@v3 | |
| with: | |
| go-version: ${{ matrix.go }} | |
| - name: Set env | |
| shell: bash | |
| run: | | |
| echo "GOPATH=${{ github.workspace }}" >> $GITHUB_ENV | |
| echo "${{ github.workspace }}/bin" >> $GITHUB_PATH | |
| - name: Tests | |
| run: | | |
| make test | |
| make | |
| working-directory: src/github.com/containerd/imgcrypt | |
| - name: Dependencies | |
| shell: bash | |
| if: ${{ startsWith(matrix.os, 'ubuntu-') }} | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y gnutls-bin softhsm2 libseccomp-dev libbtrfs-dev | |
| make binaries | |
| sudo make install | |
| sudo rm /usr/local/bin/ctr | |
| mkdir ../../lumjjb && pushd ../../lumjjb | |
| git clone https://github.com/lumjjb/simple-ocicrypt-keyprovider && cd simple-ocicrypt-keyprovider | |
| make | |
| sudo cp simple_crypt /usr/local/bin | |
| popd | |
| RUNC_COMMIT=v1.1.9 | |
| pushd ../.. | |
| rm -fR opencontainers/runc && mkdir -p opencontainers && cd opencontainers | |
| git clone https://github.com/opencontainers/runc.git && cd runc | |
| git checkout "${RUNC_COMMIT}" | |
| make BUILDTAGS='apparmor seccomp selinux' runc | |
| sudo make install | |
| popd | |
| working-directory: src/github.com/containerd/containerd | |
| - name: Integration Tests | |
| shell: bash | |
| if: ${{ startsWith(matrix.os, 'ubuntu-') }} | |
| run: | | |
| CONTAINERD=$(type -P containerd) KEYPROVIDER=/usr/local/bin/simple_crypt ./script/tests/test_encryption.sh | |
| working-directory: src/github.com/containerd/imgcrypt |