This repository has been archived by the owner on Jan 15, 2025. It is now read-only.
feat: Add external input support for container encapsulation #1704
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Inspired by https://github.com/rust-analyzer/rust-analyzer/blob/master/.github/workflows/ci.yaml | |
# but tweaked in several ways. If you make changes here, consider doing so across other | |
# repositories in e.g. ostreedev etc. | |
name: Rust | |
permissions: | |
actions: read | |
on: | |
push: | |
branches: [main] | |
pull_request: | |
branches: [main] | |
workflow_dispatch: {} | |
env: | |
CARGO_TERM_COLOR: always | |
jobs: | |
tests: | |
runs-on: ubuntu-latest | |
container: quay.io/coreos-assembler/fcos-buildroot:testing-devel | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Code lints | |
run: ./ci/lints.sh | |
- name: Install deps | |
run: ./ci/installdeps.sh | |
# xref containers/containers-image-proxy-rs | |
- name: Cache Dependencies | |
uses: Swatinem/rust-cache@v2 | |
with: | |
key: "tests" | |
- name: cargo fmt (check) | |
run: cargo fmt -- --check -l | |
- name: Build | |
run: cargo test --no-run | |
- name: Individual checks | |
run: (cd cli && cargo check) && (cd lib && cargo check) | |
- name: Run tests | |
run: cargo test -- --nocapture --quiet | |
- name: Manpage generation | |
run: mkdir -p target/man && cargo run --features=docgen -- man --directory target/man | |
- name: cargo clippy | |
run: cargo clippy | |
build: | |
runs-on: ubuntu-latest | |
container: quay.io/coreos-assembler/fcos-buildroot:testing-devel | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Install deps | |
run: ./ci/installdeps.sh | |
- name: Cache Dependencies | |
uses: Swatinem/rust-cache@v2 | |
with: | |
key: "build" | |
- name: Build | |
run: cargo build --release --features=internal-testing-api | |
- name: Upload binary | |
uses: actions/upload-artifact@v2 | |
with: | |
name: ostree-ext-cli | |
path: target/release/ostree-ext-cli | |
build-minimum-toolchain: | |
name: "Build using MSRV" | |
runs-on: ubuntu-latest | |
container: quay.io/coreos-assembler/fcos-buildroot:testing-devel | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Install deps | |
run: ./ci/installdeps.sh | |
- name: Detect crate MSRV | |
shell: bash | |
run: | | |
msrv=$(cargo metadata --format-version 1 --no-deps | \ | |
jq -r '.packages[1].rust_version') | |
echo "Crate MSRV: $msrv" | |
echo "ACTION_MSRV_TOOLCHAIN=$msrv" >> $GITHUB_ENV | |
- name: Remove system Rust toolchain | |
run: dnf remove -y rust cargo | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: ${{ env['ACTION_MSRV_TOOLCHAIN'] }} | |
- name: Cache Dependencies | |
uses: Swatinem/rust-cache@v2 | |
with: | |
key: "min" | |
- name: cargo check | |
run: cargo check | |
cargo-deny: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: EmbarkStudios/cargo-deny-action@v1 | |
with: | |
log-level: warn | |
command: check bans sources licenses | |
integration: | |
name: "Integration" | |
needs: build | |
runs-on: ubuntu-latest | |
container: quay.io/fedora/fedora-coreos:testing-devel | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Download ostree-ext-cli | |
uses: actions/download-artifact@v2 | |
with: | |
name: ostree-ext-cli | |
- name: Install | |
run: install ostree-ext-cli /usr/bin && rm -v ostree-ext-cli | |
- name: Integration tests | |
run: ./ci/integration.sh | |
ima: | |
name: "Integration (IMA)" | |
needs: build | |
runs-on: ubuntu-latest | |
container: quay.io/fedora/fedora-coreos:testing-devel | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Download ostree-ext-cli | |
uses: actions/download-artifact@v2 | |
with: | |
name: ostree-ext-cli | |
- name: Install | |
run: install ostree-ext-cli /usr/bin && rm -v ostree-ext-cli | |
- name: Integration tests | |
run: ./ci/ima.sh | |
privtest: | |
name: "Privileged testing" | |
needs: build | |
runs-on: ubuntu-latest | |
container: | |
image: quay.io/fedora/fedora-coreos:testing-devel | |
options: "--privileged --pid=host -v /var/tmp:/var/tmp -v /run/dbus:/run/dbus -v /run/systemd:/run/systemd -v /:/run/host" | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Download | |
uses: actions/download-artifact@v2 | |
with: | |
name: ostree-ext-cli | |
- name: Install | |
run: install ostree-ext-cli /usr/bin && rm -v ostree-ext-cli | |
- name: Integration tests | |
run: ./ci/priv-integration.sh | |
container-build: | |
name: "Container build" | |
needs: build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v3 | |
- name: Checkout coreos-layering-examples | |
uses: actions/checkout@v3 | |
with: | |
repository: coreos/coreos-layering-examples | |
path: coreos-layering-examples | |
- name: Download | |
uses: actions/download-artifact@v2 | |
with: | |
name: ostree-ext-cli | |
- name: Integration tests | |
run: ./ci/container-build-integration.sh |