name: Comprehensive CI on: push: branches: [ main, develop ] pull_request: branches: [ main ] workflow_dispatch: env: CARGO_TERM_COLOR: always RUST_BACKTRACE: 1 jobs: # Build and test on multiple platforms test: strategy: fail-fast: false matrix: include: - name: "Debian Stable (x86_64)" target: x86_64-unknown-linux-gnu - name: "Debian Stable (aarch64)" target: aarch64-unknown-linux-gnu runs-on: ubuntu-latest container: image: debian:latest steps: - name: Checkout code run: | # Clone the repository manually instead of using actions/checkout git clone https://git.raines.xyz/robojerk/apt-ostree.git /tmp/apt-ostree cp -r /tmp/apt-ostree/* . cp -r /tmp/apt-ostree/.* . 2>/dev/null || true - name: Setup build environment shell: bash run: | # Update package lists apt update -y # Check if apt-cacher-ng is available and configure sources accordingly echo "Checking for apt-cacher-ng availability..." if curl -s --connect-timeout 5 http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then echo "✅ apt-cacher-ng is available, configuring proxy sources..." # Configure apt-cacher-ng proxy sources cat > /etc/apt/sources.list.d/apt-cacher-ng.list << 'EOF' deb http://192.168.1.101:3142/ftp.debian.org/debian stable main contrib non-free deb-src http://192.168.1.101:3142/ftp.debian.org/debian stable main contrib non-free deb http://192.168.1.101:3142/HTTPS///get.docker.com/ubuntu docker main EOF # Update package lists with proxy sources apt update -y else echo "⚠️ apt-cacher-ng not available, using standard Debian sources..." # Use standard Debian sources cat > /etc/apt/sources.list.d/standard.list << 'EOF' deb http://deb.debian.org/debian stable main contrib non-free deb-src http://deb.debian.org/debian stable main contrib non-free EOF # Update package lists apt update -y fi - name: Install system dependencies run: | apt-get update apt-get install -y \ build-essential \ pkg-config \ libssl-dev \ libdbus-1-dev \ libglib2.0-dev \ libapt-pkg-dev \ ostree \ bubblewrap \ curl \ git \ wget - name: Install Rust toolchain run: | # Install Rust using rustup curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y . ~/.cargo/env rustup default stable rustup target add ${{ matrix.target }} - name: Build project run: | . ~/.cargo/env cargo build --target ${{ matrix.target }} --verbose - name: Run unit tests run: | . ~/.cargo/env cargo test --target ${{ matrix.target }} --verbose - name: Run integration tests run: | . ~/.cargo/env cargo test --target ${{ matrix.target }} --test integration_tests --verbose - name: Check code quality run: | . ~/.cargo/env cargo clippy --target ${{ matrix.target }} -- -D warnings cargo fmt --target ${{ matrix.target }} -- --check - name: Create test summary run: | echo "Test completed successfully for target: ${{ matrix.target }}" echo "Test completed successfully! 🎉" # Security and quality checks security: runs-on: ubuntu-latest container: image: debian:latest steps: - name: Checkout code run: | # Clone the repository manually instead of using actions/checkout git clone https://git.raines.xyz/robojerk/apt-ostree.git /tmp/apt-ostree cp -r /tmp/apt-ostree/* . cp -r /tmp/apt-ostree/.* . 2>/dev/null || true - name: Setup environment shell: bash run: | # Update package lists apt update -y # Check if apt-cacher-ng is available and configure sources accordingly echo "Checking for apt-cacher-ng availability..." if curl -s --connect-timeout 5 http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then echo "✅ apt-cacher-ng is available, configuring proxy sources..." # Configure apt-cacher-ng proxy sources cat > /etc/apt/sources.list.d/apt-cacher-ng.list << 'EOF' deb http://192.168.1.101:3142/ftp.debian.org/debian stable main contrib non-free deb-src http://192.168.1.101:3142/ftp.debian.org/debian stable main contrib non-free deb http://192.168.1.101:3142/HTTPS///get.docker.com/ubuntu docker main EOF # Update package lists with proxy sources apt update -y else echo "⚠️ apt-cacher-ng not available, using standard Debian sources..." # Use standard Debian sources cat > /etc/apt/sources.list.d/standard.list << 'EOF' deb http://deb.debian.org/debian stable main contrib non-free deb-src http://deb.debian.org/debian stable main contrib non-free EOF # Update package lists apt update -y fi - name: Install Rust toolchain run: | # Install Rust using rustup curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y . ~/.cargo/env rustup default stable - name: Install security tools run: | apt-get update apt-get install -y cargo-audit - name: Run security audit run: | . ~/.cargo/env cargo audit --version cargo audit - name: Check for known vulnerabilities run: | . ~/.cargo/env cargo audit --deny warnings - name: Create security summary run: | echo "Security audit completed successfully!" echo "Security checks completed! 🎉" # Performance benchmarking benchmark: runs-on: ubuntu-latest container: image: debian:latest steps: - name: Checkout code run: | # Clone the repository manually instead of using actions/checkout git clone https://git.raines.xyz/robojerk/apt-ostree.git /tmp/apt-ostree cp -r /tmp/apt-ostree/* . cp -r /tmp/apt-ostree/.* . 2>/dev/null || true - name: Setup environment shell: bash run: | # Update package lists apt update -y # Check if apt-cacher-ng is available and configure sources accordingly echo "Checking for apt-cacher-ng availability..." if curl -s --connect-timeout 5 http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then echo "✅ apt-cacher-ng is available, configuring proxy sources..." # Configure apt-cacher-ng proxy sources cat > /etc/apt/sources.list.d/apt-cacher-ng.list << 'EOF' deb http://192.168.1.101:3142/ftp.debian.org/debian stable main contrib non-free deb-src http://192.168.1.101:3142/ftp.debian.org/debian stable main contrib non-free deb http://192.168.1.101:3142/HTTPS///get.docker.com/ubuntu docker main EOF # Update package lists with proxy sources apt update -y else echo "⚠️ apt-cacher-ng not available, using standard Debian sources..." # Use standard Debian sources cat > /etc/apt/sources.list.d/standard.list << 'EOF' deb http://deb.debian.org/debian stable main contrib non-free deb-src http://deb.debian.org/debian stable main contrib non-free EOF # Update package lists apt update -y fi - name: Install Rust toolchain run: | # Install Rust using rustup curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y . ~/.cargo/env rustup default stable - name: Install benchmark dependencies run: | apt-get update apt-get install -y \ build-essential \ pkg-config \ libssl-dev \ libdbus-1-dev \ libglib2.0-dev \ libapt-pkg-dev - name: Run performance benchmarks run: | . ~/.cargo/env cargo bench --verbose - name: Create benchmark summary run: | echo "Benchmark results available in target/criterion/" echo "Benchmark completed successfully! 🎉" # Documentation build docs: runs-on: ubuntu-latest container: image: debian:latest steps: - name: Checkout code run: | # Clone the repository manually instead of using actions/checkout git clone https://git.raines.xyz/robojerk/apt-ostree.git /tmp/apt-ostree cp -r /tmp/apt-ostree/* . cp -r /tmp/apt-ostree/.* . 2>/dev/null || true - name: Setup environment shell: bash run: | # Update package lists apt update -y # Check if apt-cacher-ng is available and configure sources accordingly echo "Checking for apt-cacher-ng availability..." if curl -s --connect-timeout 5 http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then echo "✅ apt-cacher-ng is available, configuring proxy sources..." # Configure apt-cacher-ng proxy sources cat > /etc/apt/sources.list.d/apt-cacher-ng.list << 'EOF' deb http://192.168.1.101:3142/ftp.debian.org/debian stable main contrib non-free deb-src http://192.168.1.101:3142/ftp.debian.org/debian stable main contrib non-free deb http://192.168.1.101:3142/HTTPS///get.docker.com/ubuntu docker main EOF # Update package lists with proxy sources apt update -y else echo "⚠️ apt-cacher-ng not available, using standard Debian sources..." # Use standard Debian sources cat > /etc/apt/sources.list.d/standard.list << 'EOF' deb http://deb.debian.org/debian stable main contrib non-free deb-src http://deb.debian.org/debian stable main contrib non-free EOF # Update package lists apt update -y fi - name: Install Rust toolchain run: | # Install Rust using rustup curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y . ~/.cargo/env rustup default stable - name: Install documentation dependencies run: | apt-get update apt-get install -y \ build-essential \ pkg-config \ libssl-dev \ libdbus-1-dev \ libglib2.0-dev \ libapt-pkg-dev - name: Build documentation run: | . ~/.cargo/env cargo doc --no-deps --verbose - name: Create docs summary run: | echo "Documentation built successfully in target/doc/" echo "Documentation build completed! 🎉" # Debian package build debian-package: runs-on: ubuntu-latest container: image: debian:latest steps: - name: Checkout code run: | # Clone the repository manually instead of using actions/checkout git clone https://git.raines.xyz/robojerk/apt-ostree.git /tmp/apt-ostree cp -r /tmp/apt-ostree/* . cp -r /tmp/apt-ostree/.* . 2>/dev/null || true - name: Setup environment shell: bash run: | # Update package lists apt update -y # Check if apt-cacher-ng is available and configure sources accordingly echo "Checking for apt-cacher-ng availability..." if curl -s --connect-timeout 5 http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then echo "✅ apt-cacher-ng is available, configuring proxy sources..." # Configure apt-cacher-ng proxy sources cat > /etc/apt/sources.list.d/apt-cacher-ng.list << 'EOF' deb http://192.168.1.101:3142/ftp.debian.org/debian stable main contrib non-free deb-src http://192.168.1.101:3142/ftp.debian.org/debian stable main contrib non-free deb http://192.168.1.101:3142/HTTPS///get.docker.com/ubuntu docker main EOF # Update package lists with proxy sources apt update -y else echo "⚠️ apt-cacher-ng not available, using standard Debian sources..." # Use standard Debian sources cat > /etc/apt/sources.list.d/standard.list << 'EOF' deb http://deb.debian.org/debian stable main contrib non-free deb-src http://deb.debian.org/debian stable main contrib non-free EOF # Update package lists apt update -y fi - name: Install build dependencies run: | apt-get update apt-get install -y \ build-essential \ devscripts \ debhelper \ dh-cargo \ cargo \ rustc \ pkg-config \ libssl-dev \ libdbus-1-dev \ libglib2.0-dev \ libapt-pkg-dev \ libzstd-dev \ libcurl4-gnutls-dev \ libsystemd-dev \ libmount-dev \ libselinux1-dev \ libsepol-dev \ libarchive-dev \ libgpgme-dev \ libavahi-client-dev \ libavahi-common-dev \ libffi-dev \ libpcre2-dev \ libxml2-dev \ zlib1g-dev \ liblz4-dev \ liblzma-dev \ nettle-dev \ libgmp-dev \ libicu-dev \ libpython3-dev \ python3-dev \ python3-setuptools \ python3-wheel \ python3-pip - name: Build Debian package run: | # Check if build script exists and make it executable if [ -f "./build-debian-trixie.sh" ]; then echo "✅ Build script found, making it executable..." chmod +x ./build-debian-trixie.sh # Build the package ./build-debian-trixie.sh echo "✅ Package build successful" else echo "⚠️ Build script not found, attempting manual build..." # Try manual build process echo "Installing build dependencies..." apt-get update apt-get install -y \ build-essential \ devscripts \ debhelper \ dh-cargo \ cargo \ rustc \ pkg-config \ libssl-dev \ libdbus-1-dev \ libglib2.0-dev \ libapt-pkg-dev \ libzstd-dev \ libcurl4-gnutls-dev \ libsystemd-dev \ libmount-dev \ libselinux1-dev \ libsepol-dev \ libarchive-dev \ libgpgme-dev \ libavahi-client-dev \ libavahi-common-dev \ libffi-dev \ libpcre2-dev \ libxml2-dev \ zlib1g-dev \ liblz4-dev \ liblzma-dev \ nettle-dev \ libgmp-dev \ libicu-dev \ libpython3-dev \ python3-dev \ python3-setuptools \ python3-wheel \ python3-pip echo "Building package manually..." dpkg-buildpackage -us -uc -b if [ $? -eq 0 ]; then echo "✅ Manual package build successful" else echo "❌ Manual package build failed" exit 1 fi fi - name: Create package summary run: | echo "Debian package built successfully!" ls -la deb_packages/ 2>/dev/null || echo "No packages found" echo "Package build completed! 🎉" # Integration testing with real OSTree ostree-integration: runs-on: ubuntu-latest container: image: debian:latest steps: - name: Checkout code run: | # Clone the repository manually instead of using actions/checkout git clone https://git.raines.xyz/robojerk/apt-ostree.git /tmp/apt-ostree cp -r /tmp/apt-ostree/* . cp -r /tmp/apt-ostree/.* . 2>/dev/null || true - name: Setup environment shell: bash run: | # Update package lists apt update -y # Check if apt-cacher-ng is available and configure sources accordingly echo "Checking for apt-cacher-ng availability..." if curl -s --connect-timeout 5 http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then echo "✅ apt-cacher-ng is available, configuring proxy sources..." # Configure apt-cacher-ng proxy sources cat > /etc/apt/sources.list.d/apt-cacher-ng.list << 'EOF' deb http://192.168.1.101:3142/ftp.debian.org/debian stable main contrib non-free deb-src http://192.168.1.101:3142/ftp.debian.org/debian stable main contrib non-free deb http://192.168.1.101:3142/HTTPS///get.docker.com/ubuntu docker main EOF # Update package lists with proxy sources apt update -y else echo "⚠️ apt-cacher-ng not available, using standard Debian sources..." # Use standard Debian sources cat > /etc/apt/sources.list.d/standard.list << 'EOF' deb http://deb.debian.org/debian stable main contrib non-free deb-src http://deb.debian.org/debian stable main contrib non-free EOF # Update package lists apt update -y fi - name: Install Rust toolchain run: | # Install Rust using rustup curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y . ~/.cargo/env rustup default stable - name: Install OSTree testing dependencies run: | apt-get update apt-get install -y \ build-essential \ pkg-config \ libssl-dev \ libdbus-1-dev \ libglib2.0-dev \ libapt-pkg-dev \ ostree \ bubblewrap \ qemu-system-x86_64 \ qemu-utils - name: Build apt-ostree run: | . ~/.cargo/env cargo build --release - name: Run OSTree integration tests run: | # Test with real OSTree repository mkdir -p /tmp/test-ostree ostree init --repo=/tmp/test-ostree ./target/release/apt-ostree status - name: Create test summary run: | echo "OSTree integration tests completed successfully!" echo "Integration testing completed! 🎉" # Code coverage coverage: runs-on: ubuntu-latest container: image: debian:latest steps: - name: Checkout code run: | # Clone the repository manually instead of using actions/checkout git clone https://git.raines.xyz/robojerk/apt-ostree.git /tmp/apt-ostree cp -r /tmp/apt-ostree/* . cp -r /tmp/apt-ostree/.* . 2>/dev/null || true - name: Setup environment shell: bash run: | # Update package lists apt update -y # Check if apt-cacher-ng is available and configure sources accordingly echo "Checking for apt-cacher-ng availability..." if curl -s --connect-timeout 5 http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then echo "✅ apt-cacher-ng is available, configuring proxy sources..." # Configure apt-cacher-ng proxy sources cat > /etc/apt/sources.list.d/apt-cacher-ng.list << 'EOF' deb http://192.168.1.101:3142/ftp.debian.org/debian stable main contrib non-free deb-src http://192.168.1.101:3142/ftp.debian.org/debian stable main contrib non-free deb http://192.168.1.101:3142/HTTPS///get.docker.com/ubuntu docker main EOF # Update package lists with proxy sources apt update -y else echo "⚠️ apt-cacher-ng not available, using standard Debian sources..." # Use standard Debian sources cat > /etc/apt/sources.list.d/standard.list << 'EOF' deb http://deb.debian.org/debian stable main contrib non-free deb-src http://deb.debian.org/debian stable main contrib non-free EOF # Update package lists apt update -y fi - name: Install Rust toolchain run: | # Install Rust using rustup curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y . ~/.cargo/env rustup default stable - name: Install coverage tools run: | apt-get update apt-get install -y \ build-essential \ pkg-config \ libssl-dev \ libdbus-1-dev \ libglib2.0-dev \ libapt-pkg-dev \ cargo-tarpaulin - name: Generate coverage report run: | . ~/.cargo/env cargo tarpaulin --out Html --output-dir coverage - name: Create coverage summary run: | echo "Coverage report generated successfully in coverage/" echo "Code coverage completed! 🎉" # Final status check status: needs: [test, security, benchmark, docs, debian-package, ostree-integration, coverage] runs-on: ubuntu-latest if: always() steps: - name: Check job status run: | echo "All CI jobs completed" echo "Check individual job results above" # Create comprehensive summary cat > CI_SUMMARY.md << 'EOF' # APT-OSTree CI Summary ## Build Information - **Build Date**: $(date '+%Y-%m-%d %H:%M:%S UTC') - **Build ID**: ${{ forge.run_number }} - **Commit**: ${{ forge.sha }} - **Branch**: ${{ forge.ref_name }} ## CI Status - **Container**: debian:latest - **apt-cacher-ng**: Configured with fallback - **Dependencies**: All resolved ✅ ## Job Results - **Test**: ${{ needs.test.result }} - **Security**: ${{ needs.security.result }} - **Benchmark**: ${{ needs.benchmark.result }} - **Documentation**: ${{ needs.docs.result }} - **Debian Package**: ${{ needs.debian-package.result }} - **OSTree Integration**: ${{ needs.ostree-integration.result }} - **Coverage**: ${{ needs.coverage.result }} ## Summary All CI jobs have completed. Check individual job results for detailed information. EOF echo "CI summary created: CI_SUMMARY.md" echo "Comprehensive CI completed! 🎉"