on: workflow_call: inputs: ref: required: true type: string repo: required: true type: string pr_event_number: type: string secrets: TEST_SIGNING_SECRET: env: FORCE_COLOR: 1 CLICOLOR_FORCE: 1 RUST_LOG_STYLE: always jobs: test: timeout-minutes: 40 runs-on: ubuntu-latest steps: - uses: earthly/actions-setup@43211c7a0eae5344d6d79fb4aaf209c8f8866203 # v1.0.13 with: use-cache: false - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false fetch-depth: 0 ref: ${{ inputs.ref }} repository: ${{ inputs.repo }} - name: Run build id: build run: | earthly --ci +test lint: timeout-minutes: 40 runs-on: ubuntu-latest steps: - uses: earthly/actions-setup@43211c7a0eae5344d6d79fb4aaf209c8f8866203 # v1.0.13 with: use-cache: false - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false fetch-depth: 0 ref: ${{ inputs.ref }} repository: ${{ inputs.repo }} - name: Run build id: build run: | earthly --ci +lint integration-tests: permissions: packages: write timeout-minutes: 60 runs-on: ubuntu-latest steps: - name: Maximize build space uses: ublue-os/remove-unwanted-software@cc0becac701cf642c8f0a6613bbdaf5dc36b259e # v9 - uses: earthly/actions-setup@43211c7a0eae5344d6d79fb4aaf209c8f8866203 # v1.0.13 with: use-cache: false # Setup repo and add caching - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false fetch-depth: 0 ref: ${{ inputs.ref }} repository: ${{ inputs.repo }} - name: Run integration tests run: | earthly bootstrap earthly --ci -P ./integration-tests+all docker-build: timeout-minutes: 60 runs-on: ubuntu-latest permissions: contents: read packages: write id-token: write steps: - name: Maximize build space uses: ublue-os/remove-unwanted-software@cc0becac701cf642c8f0a6613bbdaf5dc36b259e # v9 - uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 with: install: true - uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0 # Setup repo and add caching - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false fetch-depth: 0 ref: ${{ inputs.ref }} repository: ${{ inputs.repo }} - uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v1 - name: Run Build env: GH_TOKEN: ${{ github.token }} GH_PR_EVENT_NUMBER: ${{ inputs.pr_event_number }} COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} run: just test-docker-build empty-files-build: timeout-minutes: 60 runs-on: ubuntu-latest permissions: contents: read packages: write id-token: write steps: - name: Maximize build space uses: ublue-os/remove-unwanted-software@cc0becac701cf642c8f0a6613bbdaf5dc36b259e # v9 - uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 with: install: true - uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0 # Setup repo and add caching - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false fetch-depth: 0 ref: ${{ inputs.ref }} repository: ${{ inputs.repo }} - uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v1 - name: Run Build env: GH_TOKEN: ${{ github.token }} GH_PR_EVENT_NUMBER: ${{ inputs.pr_event_number }} COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} run: just test-empty-files-build rechunk-build: timeout-minutes: 40 runs-on: ubuntu-24.04 permissions: contents: read packages: write id-token: write steps: - name: Maximize build space uses: ublue-os/remove-unwanted-software@cc0becac701cf642c8f0a6613bbdaf5dc36b259e # v9 - uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2 with: install-dir: /usr/bin use-sudo: true - uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false fetch-depth: 0 ref: ${{ inputs.ref }} repository: ${{ inputs.repo }} - uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v1 - name: Run Build env: GH_TOKEN: ${{ github.token }} GH_PR_EVENT_NUMBER: ${{ inputs.pr_event_number }} COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} run: | export CARGO_HOME=$HOME/.cargo just test-fresh-rechunk-build just test-rechunk-build arm64-build: timeout-minutes: 90 runs-on: ubuntu-24.04-arm # runs-on: ubuntu-latest permissions: contents: read packages: write id-token: write steps: - name: Maximize build space uses: ublue-os/remove-unwanted-software@cc0becac701cf642c8f0a6613bbdaf5dc36b259e # v9 # - name: Set up QEMU # uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0 - uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 with: install: true - uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false fetch-depth: 0 ref: ${{ inputs.ref }} repository: ${{ inputs.repo }} - uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v1 - name: Run Build env: GH_TOKEN: ${{ github.token }} GH_PR_EVENT_NUMBER: ${{ inputs.pr_event_number }} COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} run: just test-arm64-build docker-build-external-login: timeout-minutes: 60 runs-on: ubuntu-latest permissions: contents: read packages: write id-token: write steps: - name: Maximize build space uses: ublue-os/remove-unwanted-software@cc0becac701cf642c8f0a6613bbdaf5dc36b259e # v9 - uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 with: install: true - name: Docker Login uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0 if: inputs.repo == 'blue-build/cli' with: registry: ghcr.io username: ${{ github.actor }} password: ${{ github.token }} - uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0 # Setup repo and add caching - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false fetch-depth: 0 ref: ${{ inputs.ref }} repository: ${{ inputs.repo }} - uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v1 - name: Run Build env: GH_TOKEN: ${{ github.token }} GH_PR_EVENT_NUMBER: ${{ inputs.pr_event_number }} COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} run: just test-docker-build-external-login podman-build: timeout-minutes: 60 runs-on: ubuntu-latest permissions: contents: read packages: write id-token: write steps: - name: Maximize build space uses: ublue-os/remove-unwanted-software@cc0becac701cf642c8f0a6613bbdaf5dc36b259e # v9 - uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2 - uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0 # Setup repo and add caching - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false fetch-depth: 0 ref: ${{ inputs.ref }} repository: ${{ inputs.repo }} - uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v1 - name: Run Build env: GH_TOKEN: ${{ github.token }} GH_PR_EVENT_NUMBER: ${{ inputs.pr_event_number }} COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} run: just test-podman-build buildah-build: timeout-minutes: 60 runs-on: ubuntu-latest permissions: contents: read packages: write id-token: write steps: - name: Maximize build space uses: ublue-os/remove-unwanted-software@cc0becac701cf642c8f0a6613bbdaf5dc36b259e # v9 - uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2 - uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0 # Setup repo and add caching - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false fetch-depth: 0 ref: ${{ inputs.ref }} repository: ${{ inputs.repo }} - uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v1 - name: Run Build env: GH_TOKEN: ${{ github.token }} GH_PR_EVENT_NUMBER: ${{ inputs.pr_event_number }} COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} run: just test-buildah-build iso-from-image: timeout-minutes: 60 runs-on: ubuntu-latest permissions: contents: read packages: write id-token: write steps: - name: Maximize build space uses: ublue-os/remove-unwanted-software@cc0becac701cf642c8f0a6613bbdaf5dc36b259e # v9 - uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 with: install: true - uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false fetch-depth: 0 ref: ${{ inputs.ref }} repository: ${{ inputs.repo }} - uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v1 - name: Run Build env: GH_TOKEN: ${{ github.token }} GH_PR_EVENT_NUMBER: ${{ inputs.pr_event_number }} COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} run: just test-generate-iso-image iso-from-recipe: timeout-minutes: 60 runs-on: ubuntu-latest permissions: contents: read packages: write id-token: write steps: - name: Maximize build space uses: ublue-os/remove-unwanted-software@cc0becac701cf642c8f0a6613bbdaf5dc36b259e # v9 - uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 with: install: true - uses: actions-rust-lang/setup-rust-toolchain@fb51252c7ba57d633bc668f941da052e410add48 # v1.13.0 - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false fetch-depth: 0 ref: ${{ inputs.ref }} repository: ${{ inputs.repo }} - uses: extractions/setup-just@e33e0265a09d6d736e2ee1e0eb685ef1de4669ff # v1 - name: Run Build env: GH_TOKEN: ${{ github.token }} GH_PR_EVENT_NUMBER: ${{ inputs.pr_event_number }} COSIGN_PRIVATE_KEY: ${{ secrets.TEST_SIGNING_SECRET }} run: just test-generate-iso-image