name: Tests # NOTE(mhayden): Restricting branches prevents jobs from being doubled since # a push to a pull request triggers two events. on: pull_request: branches: - "*" push: branches: - main jobs: unit-tests: name: "๐Ÿ›ƒ Unit tests" runs-on: ubuntu-20.04 container: image: registry.fedoraproject.org/fedora:40 steps: # krb5-devel is needed to test internal/upload/koji package # gcc is needed to build the mock dnf-json binary for the unit tests # gpgme-devel is needed for container upload dependencies - name: Install build and test dependencies run: dnf -y install krb5-devel gcc git-core go gpgme-devel btrfs-progs-devel device-mapper-devel - name: Check out code into the Go module directory uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} - name: Mark the working directory as safe for git run: git config --global --add safe.directory "$(pwd)" - name: Run unit tests run: make unit-tests - uses: codecov/codecov-action@v4 if: env.CODECOV_TOKEN with: fail_ci_if_error: false verbose: true token: ${{ secrets.CODECOV_TOKEN }} env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} db-tests: name: "๐Ÿ—„ DB tests" runs-on: ubuntu-20.04 services: postgres: # 12 is used in deployments image: postgres:12 env: POSTGRES_USER: postgres POSTGRES_PASSWORD: foobar POSTGRES_DB: osbuildcomposer options: >- --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5 ports: - 5432:5432 steps: - name: Apt update run: sudo apt-get update # gpgme-devel is needed for container upload dependencies - name: Install test dependencies run: sudo apt-get install -y libgpgme-dev - uses: actions/checkout@v4 - uses: actions/setup-go@v5 with: go-version: "1.21" - env: PGUSER: postgres PGPASSWORD: foobar PGDATABASE: osbuildcomposer PGHOST: localhost PGPORT: 5432 run: | WORKDIR=$(readlink -f pkg/jobqueue/dbjobqueue/schemas) pushd $(mktemp -d) go mod init temp go install github.com/jackc/tern@latest $(go env GOPATH)/bin/tern migrate -m "$WORKDIR" popd - run: go test -tags=integration ./cmd/osbuild-composer-dbjobqueue-tests - run: go test -tags=integration ./cmd/osbuild-service-maintenance python-lint: name: "๐Ÿ Lint python scripts" runs-on: ubuntu-latest container: image: registry.fedoraproject.org/fedora:40 steps: - name: Install build and test dependencies run: dnf -y install python3-pylint git-core python3-requests - name: Check out code into the Go module directory uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} - name: Analysing the code with pylint run: | python3 -m pylint tools/koji-compose.py golang-lint: name: "โŒจ Golang Lint" runs-on: ubuntu-latest steps: - name: Set up Go 1.21 uses: actions/setup-go@v5 with: go-version: "1.21" id: go - name: Check out code into the Go module directory uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} - name: Install dependencies run: sudo tools/apt-install-deps.sh - name: Extract golangci-lint version from Makefile id: golangci_lint_version run: echo "GOLANGCI_LINT_VERSION=$(awk -F '=' '/^GOLANGCI_LINT_VERSION *=/{print $2}' Makefile)" >> "$GITHUB_OUTPUT" - name: Run golangci-lint uses: golangci/golangci-lint-action@v6 with: version: ${{ steps.golangci_lint_version.outputs.GOLANGCI_LINT_VERSION }} args: --verbose --timeout 5m0s packit-config-lint: name: "๐Ÿ“ฆ Packit config lint" runs-on: ubuntu-latest container: image: registry.fedoraproject.org/fedora:latest steps: - name: Install Packit run: dnf -y install packit - name: Check out code uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} - name: Validate Packit config run: | packit validate-config .packit.yaml prepare: name: "๐Ÿ” Check source preparation" runs-on: ubuntu-20.04 steps: - name: Set up Go 1.21 uses: actions/setup-go@v5 with: go-version: "1.21" id: go - name: Check out code into the Go module directory uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} - name: Check that source has been prepared run: | ./tools/prepare-source.sh if [ -n "$(git status --porcelain)" ]; then echo echo "Please include these changes in your branch: " git status -vv exit "1" else exit "0" fi check-snapshots: name: "๐Ÿ” Check for valid snapshot urls" runs-on: ubuntu-20.04 steps: - name: Check out code into the Go module directory uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} - name: Check for valid snapshot urls run: ./tools/check-snapshots --errors-only . check-runners: name: "๐Ÿ” Check for missing or unused runner repos" runs-on: ubuntu-20.04 steps: - name: Check out code into the Go module directory uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} - name: Check for missing or unused runner repos run: ./tools/check-runners shellcheck: name: "๐Ÿš Shellcheck" runs-on: ubuntu-20.04 steps: - uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} - name: Run ShellCheck uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 with: ignore: vendor # We don't want to fix the code in vendored dependencies env: # don't check /etc/os-release sourcing, allow useless cats to live inside our codebase, and # allow seemingly unreachable commands SHELLCHECK_OPTS: -e SC1091 -e SC2002 -e SC2317 - name: Do not doube trap signals inside test scripts run: | FILES_WITH_DOUBLE_TRAP=$(grep trap test/cases/* -R | cut -f1 -d: | sort | uniq -c | grep -v 1 || echo -n) echo "INFO: ----- files with possible double calls to 'trap' -----" echo "$FILES_WITH_DOUBLE_TRAP" echo "---------- END ----------" if [ -n "$FILES_WITH_DOUBLE_TRAP" ]; then echo "FAIL: Do not double 'trap' signals" echo "INFO: because this may lead to cleanup() function not being executed" exit 1 fi rpmlint: name: "๐Ÿ“ฆ RPMlint" runs-on: ubuntu-20.04 container: registry.fedoraproject.org/fedora:40 steps: - name: Install dependencies run: sudo dnf install -y rpmlint rpm-build make git-core - uses: actions/checkout@v4 with: ref: ${{ github.event.pull_request.head.sha }} - name: Create SRPM run: | git config --global --add safe.directory "$GITHUB_WORKSPACE" make srpm - name: Run rpmlint run: rpmlint --config rpmlint.config rpmbuild/SRPMS/* gitlab-ci-helper: name: "Gitlab CI trigger helper" runs-on: ubuntu-latest env: SKIP_CI: ${{ (github.event.pull_request.draft == true || contains(github.event.pull_request.labels.*.name, 'WIP')) && !contains(github.event.pull_request.labels.*.name, 'WIP+test') }} steps: - name: Write PR status run: echo "$SKIP_CI" > SKIP_CI.txt - name: Upload status uses: actions/upload-artifact@v4 with: name: PR_STATUS path: SKIP_CI.txt kube-linter: name: "๐ŸŽ€ kube-linter" runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: redhat-actions/oc-installer@v1 - name: Process template run: | make process-templates - uses: stackrox/kube-linter-action@v1.0.5 with: directory: processed-templates config: templates/.kube-linter-config.yml version: 0.3.0 cloud-cleaner-is-enabled: name: "๐Ÿงน cloud-cleaner-is-enabled" runs-on: ubuntu-latest steps: - name: Check if workflow is enabled run: | curl https://github.com/osbuild/cloud-cleaner/actions/workflows/run_ib.yml 2>/dev/null | grep -vz "This scheduled workflow is disabled" >/dev/null - name: How to enable cloud-cleaner if: failure() run: | echo "Cloud-cleaner is disabled" echo "Go to https://github.com/osbuild/cloud-cleaner/actions/workflows/run_ib.yml and" echo "https://github.com/osbuild/cloud-cleaner/actions/workflows/run_cloudx.yml and" echo "manually enable it!"