-
Notifications
You must be signed in to change notification settings - Fork 0
135 lines (119 loc) · 3.88 KB
/
ci.yml
File metadata and controls
135 lines (119 loc) · 3.88 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: CI
on:
push:
branches:
- '**'
tags:
- 'v*'
pull_request:
permissions:
contents: read
jobs:
lint-and-tests:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Bash syntax checks
run: |
bash -n \
cmd/boxctl \
lib/*.sh \
lib/firewall/*.sh \
lib/supervisor/*.sh \
tests/integration/test_phase2.sh \
tests/integration/test_real_kernel.sh \
tests/integration/test_arch_package_smoke.sh \
tests/fixtures/mockbin/ip \
tests/fixtures/mockbin/iptables \
packaging/scripts/systemd-lifecycle.sh \
packaging/arch/box4linux.install
- name: ShellCheck (if available)
run: |
if command -v shellcheck >/dev/null 2>&1; then
# SC1091: dynamic source paths are expected in this repo layout.
# SC2034: shared globals/constants are intentionally defined in common libs.
shellcheck \
-e SC1091,SC2034 \
cmd/boxctl \
lib/*.sh \
lib/firewall/*.sh \
lib/supervisor/*.sh \
tests/integration/test_phase2.sh \
tests/integration/test_real_kernel.sh \
tests/integration/test_arch_package_smoke.sh \
packaging/scripts/systemd-lifecycle.sh
shellcheck -e SC1091,SC2034 -s sh packaging/arch/box4linux.install
else
echo "shellcheck not available; skipping"
fi
- name: Mock integration tests
run: ./tests/integration/test_phase2.sh
- name: Real-kernel integration tests (skip-capable)
run: sudo ./tests/integration/test_real_kernel.sh
build-arch-package:
runs-on: ubuntu-latest
needs:
- lint-and-tests
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Build Arch package in container
run: |
docker run --rm \
-v "$PWD":/work \
-w /work \
archlinux:base-devel \
bash -lc '
set -euo pipefail
# Avoid relying on distro default unprivileged accounts (for example `nobody`)
# because some base images can mark them as expired.
useradd -m -U builder
chown -R builder:builder /work
su builder -s /bin/bash -c "cd /work/packaging/arch && makepkg --nodeps --noconfirm -f"
'
- name: Capture package path
id: pkg
run: |
pkg_path="$(ls -1 packaging/arch/*.pkg.tar.* | head -n 1)"
echo "package_path=${pkg_path}" >> "${GITHUB_OUTPUT}"
echo "Built package: ${pkg_path}"
- name: Upload Arch package artifact
uses: actions/upload-artifact@v4
with:
name: box4linux-arch-pkg
path: ${{ steps.pkg.outputs.package_path }}
smoke-package:
runs-on: ubuntu-latest
needs:
- build-arch-package
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Download Arch package artifact
uses: actions/download-artifact@v4
with:
name: box4linux-arch-pkg
path: ./dist
- name: Package smoke test
run: |
pkg_path="$(ls -1 ./dist/*.pkg.tar.* | head -n 1)"
./tests/integration/test_arch_package_smoke.sh "${pkg_path}"
release:
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/v')
needs:
- smoke-package
permissions:
contents: write
steps:
- name: Download Arch package artifact
uses: actions/download-artifact@v4
with:
name: box4linux-arch-pkg
path: ./dist
- name: Publish release assets
uses: softprops/action-gh-release@v2
with:
files: ./dist/*.pkg.tar.*
generate_release_notes: true