126ee1a849
Some checks failed
particle-os CI / Test particle-os (push) Failing after 1s
particle-os CI / Integration Test (push) Has been skipped
particle-os CI / Security & Quality (push) Failing after 1s
Test particle-os Basic Functionality / test-basic (push) Failing after 1s
particle-os CI / Build and Release (push) Has been skipped
208 lines
5 KiB
YAML
208 lines
5 KiB
YAML
name: particle-os CI
|
|
|
|
on:
|
|
push:
|
|
branches: [ main, develop ]
|
|
pull_request:
|
|
branches: [ main, develop ]
|
|
release:
|
|
types: [ published ]
|
|
|
|
env:
|
|
GO_VERSION: '1.21'
|
|
QEMU_VERSION: 'latest'
|
|
|
|
jobs:
|
|
# Test and validate particle-os
|
|
test:
|
|
name: Test particle-os
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v4
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
cache: true
|
|
|
|
- name: Install dependencies
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y qemu-utils
|
|
|
|
- name: Run tests
|
|
run: |
|
|
cd bib
|
|
go test -v ./...
|
|
|
|
- name: Build particle-os
|
|
run: |
|
|
cd bib
|
|
go build -o particle-os cmd/builder/main.go
|
|
|
|
- name: Test CLI
|
|
run: |
|
|
cd bib
|
|
./particle-os --help
|
|
./particle-os version
|
|
./particle-os list
|
|
|
|
- name: Validate recipes
|
|
run: |
|
|
cd bib
|
|
for recipe in ../recipes/*.yml; do
|
|
echo "Validating $recipe..."
|
|
./particle-os validate "$recipe"
|
|
done
|
|
|
|
# Build and test with real container extraction
|
|
integration-test:
|
|
name: Integration Test
|
|
runs-on: ubuntu-latest
|
|
needs: test
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v4
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
cache: true
|
|
|
|
- name: Install dependencies
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y qemu-utils podman
|
|
|
|
- name: Build particle-os
|
|
run: |
|
|
cd bib
|
|
go build -o particle-os cmd/builder/main.go
|
|
|
|
- name: Test container extraction
|
|
run: |
|
|
cd bib
|
|
# Test container inspection
|
|
./particle-os container debian:trixie-slim
|
|
|
|
- name: Test minimal build (if time allows)
|
|
run: |
|
|
cd bib
|
|
# Only run if we have time (CI time limits)
|
|
timeout 300 sudo ./particle-os build ../recipes/debian-minimal.yml || echo "Build timed out (expected in CI)"
|
|
|
|
# Build and release
|
|
build:
|
|
name: Build and Release
|
|
runs-on: ubuntu-latest
|
|
needs: [test, integration-test]
|
|
if: github.event_name == 'release'
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v4
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
cache: true
|
|
|
|
- name: Build particle-os
|
|
run: |
|
|
cd bib
|
|
go build -ldflags="-s -w" -o particle-os cmd/builder/main.go
|
|
|
|
- name: Create release artifacts
|
|
run: |
|
|
mkdir -p release
|
|
cd bib
|
|
tar -czf ../release/particle-os-linux-amd64.tar.gz particle-os
|
|
cd ..
|
|
|
|
# Create checksums
|
|
cd release
|
|
sha256sum particle-os-linux-amd64.tar.gz > particle-os-linux-amd64.tar.gz.sha256
|
|
|
|
- name: Upload release artifacts
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: particle-os-release
|
|
path: release/
|
|
|
|
- name: Create GitHub release
|
|
uses: softprops/action-gh-release@v1
|
|
with:
|
|
files: release/*
|
|
tag_name: ${{ github.ref_name }}
|
|
name: particle-os ${{ github.ref_name }}
|
|
body: |
|
|
## particle-os ${{ github.ref_name }}
|
|
|
|
Debian-native OS image builder with real system operations.
|
|
|
|
### What's New
|
|
- Production-ready OS building system
|
|
- Real container extraction and processing
|
|
- Real package management and system configuration
|
|
- Real QEMU image creation in multiple formats
|
|
|
|
### Downloads
|
|
- Linux AMD64: `particle-os-linux-amd64.tar.gz`
|
|
|
|
### Quick Start
|
|
```bash
|
|
tar -xzf particle-os-linux-amd64.tar.gz
|
|
sudo ./particle-os build recipes/debian-test.yml
|
|
```
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
# Security and quality checks
|
|
security:
|
|
name: Security & Quality
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v4
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
cache: true
|
|
|
|
- name: Run Go security checks
|
|
run: |
|
|
cd bib
|
|
go install golang.org/x/vuln/cmd/govulncheck@latest
|
|
govulncheck ./...
|
|
|
|
- name: Run Go linting
|
|
run: |
|
|
cd bib
|
|
go install golang.org/x/lint/golint@latest
|
|
golint ./...
|
|
|
|
- name: Check Go formatting
|
|
run: |
|
|
cd bib
|
|
if [ "$(gofmt -l . | wc -l)" -gt 0 ]; then
|
|
echo "Code is not formatted. Run 'gofmt -w .'"
|
|
exit 1
|
|
fi
|
|
|
|
- name: Check Go mod tidy
|
|
run: |
|
|
cd bib
|
|
go mod tidy
|
|
if [ -n "$(git status --porcelain)" ]; then
|
|
echo "go.mod or go.sum needs updating"
|
|
exit 1
|
|
fi
|