-
Notifications
You must be signed in to change notification settings - Fork 47
131 lines (107 loc) · 3.45 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
name: CI
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
jobs:
checks:
name: Project Checks
runs-on: ubuntu-22.04
timeout-minutes: 5
steps:
- uses: actions/setup-go@v3
with:
go-version: 1.21
- name: Set env
shell: bash
run: |
echo "GOPATH=${{ github.workspace }}" >> $GITHUB_ENV
echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
- uses: actions/checkout@v3
with:
path: src/github.com/containerd/imgcrypt
fetch-depth: 25
- uses: containerd/[email protected]
with:
working-directory: src/github.com/containerd/imgcrypt
linters:
name: Linters
runs-on: ${{ matrix.os }}
timeout-minutes: 10
strategy:
matrix:
os: [ubuntu-22.04]
steps:
- uses: actions/checkout@v3
with:
path: src/github.com/containerd/imgcrypt
- name: Set env
shell: bash
run: |
echo "GOPATH=${{ github.workspace }}" >> $GITHUB_ENV
echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
- uses: golangci/golangci-lint-action@v3
with:
version: v1.54.1
working-directory: src/github.com/containerd/imgcrypt
args: --timeout 120s
tests:
strategy:
matrix:
go: ["1.21", "1.20"]
os: [ubuntu-22.04, windows-2022]
name: Tests / ${{ matrix.os }} / ${{ matrix.go }}
runs-on: ${{ matrix.os }}
timeout-minutes: 15
needs: [linters, checks]
steps:
- uses: actions/checkout@v3
with:
repository: containerd/containerd
path: src/github.com/containerd/containerd
- uses: actions/checkout@v3
with:
path: src/github.com/containerd/imgcrypt
- uses: actions/setup-go@v3
with:
go-version: ${{ matrix.go }}
- name: Set env
shell: bash
run: |
echo "GOPATH=${{ github.workspace }}" >> $GITHUB_ENV
echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
- name: Tests
run: |
make test
make
working-directory: src/github.com/containerd/imgcrypt
- name: Dependencies
shell: bash
if: ${{ startsWith(matrix.os, 'ubuntu-') }}
run: |
sudo apt-get update
sudo apt-get install -y gnutls-bin softhsm2 libseccomp-dev libbtrfs-dev
make binaries
sudo make install
sudo rm /usr/local/bin/ctr
mkdir ../../lumjjb && pushd ../../lumjjb
git clone https://github.com/lumjjb/simple-ocicrypt-keyprovider && cd simple-ocicrypt-keyprovider
make
sudo cp simple_crypt /usr/local/bin
popd
RUNC_COMMIT=$(grep opencontainers/runc go.mod | awk '{print $2}')
pushd ../..
rm -fR opencontainers/runc && mkdir -p opencontainers && cd opencontainers
git clone https://github.com/opencontainers/runc.git && cd runc
git checkout "${RUNC_COMMIT}"
make BUILDTAGS='apparmor seccomp selinux' runc
sudo make install
popd
working-directory: src/github.com/containerd/containerd
- name: Integration Tests
shell: bash
if: ${{ startsWith(matrix.os, 'ubuntu-') }}
run: |
CONTAINERD=$(type -P containerd) KEYPROVIDER=/usr/local/bin/simple_crypt ./script/tests/test_encryption.sh
working-directory: src/github.com/containerd/imgcrypt