Bump the npm-production group across 1 directory with 4 updates #321
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Integration Tests | |
| on: | |
| pull_request: | |
| types: [opened, reopened, synchronize] | |
| branches: | |
| - main | |
| push: | |
| branches: | |
| - main | |
| schedule: | |
| - cron: '31 7 * * 3' | |
| workflow_dispatch: | |
| permissions: | |
| id-token: write | |
| packages: write | |
| contents: read | |
| attestations: write | |
| concurrency: | |
| group: ci-tests | |
| cancel-in-progress: false | |
| jobs: | |
| general-tests: | |
| name: General Tests | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| id: setup-node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version-file: .node-version | |
| cache: npm | |
| - name: Install Dependencies | |
| id: npm-ci | |
| run: npm ci | |
| - name: Check Format | |
| id: npm-format-check | |
| run: npm run format:check | |
| - name: Lint | |
| id: npm-lint | |
| run: npm run lint | |
| - name: Test | |
| id: npm-ci-test | |
| run: npm run test | |
| - name: Upload results to Codecov | |
| uses: codecov/codecov-action@v5 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| integration-tests: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| needs: general-tests | |
| strategy: | |
| max-parallel: 1 | |
| matrix: | |
| tests: | |
| - title: 'No arguments' | |
| purpose: | |
| 'Check that no versions are removed when running with no | |
| arguments.' | |
| folder: '01_no_arguments' | |
| - title: 'Include select tags (single arch)' | |
| purpose: | |
| 'Check that specific tags are removed correctly when specified. | |
| (single arch)' | |
| folder: '02_include_tags_single_arch' | |
| include-tags: '^1.3[23]-uclibc$' | |
| - title: 'Include select tags (multi-arch)' | |
| purpose: | |
| 'Check that specific tags and their dependents are removed | |
| correctly when specified. (multi-arch)' | |
| folder: '03_include_tags_multi_arch' | |
| include-tags: '^1.3[23]-uclibc$' | |
| - title: 'Include and exclude select tags (single arch)' | |
| purpose: | |
| 'Check that specific tags are included in the removal when | |
| specified, as well as excluded when specified. Exclusion trumps | |
| inclusion. (single arch)' | |
| folder: '04_include_exclude_tags_single_arch' | |
| include-tags: '^1.3[23]-uclibc$' | |
| exclude-tags: '^1.33-uclibc$' | |
| - title: 'Include and exclude select tags (multi-arch)' | |
| purpose: | |
| 'Check that specific tags and their dependents are included in the | |
| removal when specified, as well as excluded when specified. | |
| Exclusion trumps inclusion. (multi-arch)' | |
| folder: '05_include_exclude_tags_multi_arch' | |
| include-tags: '^1.3[23]-uclibc$' | |
| exclude-tags: '^1.33-uclibc$' | |
| - title: 'Keep n latest tags (single-arch)' | |
| purpose: 'Check that the latest n tags are kept. (single arch)' | |
| folder: '06_keep_n_tagged_single_arch' | |
| keep-n-tagged: 3 | |
| - title: 'Keep n latest tags (multi-arch)' | |
| purpose: | |
| 'Check that the latest n tags and their dependents are kept. | |
| (multi-arch)' | |
| folder: '07_keep_n_tagged_multi_arch' | |
| keep-n-tagged: 3 | |
| - title: 'Keep n latest untagged images (single arch)' | |
| purpose: | |
| 'Check that the latest n untagged images are kept. (single arch)' | |
| folder: '08_keep_n_untagged_single_arch' | |
| keep-n-untagged: 3 | |
| - title: 'Keep n latest untagged images (multi arch)' | |
| purpose: | |
| 'Check that the latest n untagged images are kept. (multi arch)' | |
| folder: '09_keep_n_untagged_multi_arch' | |
| keep-n-untagged: 2 | |
| - title: 'Keep n latest untagged and interleaved images (multi arch)' | |
| purpose: | |
| 'Check that the latest n untagged images are kept when multi-arch | |
| images are uploaded interleaved. (multi arch)' | |
| folder: '10_keep_n_untagged_multi_arch_interleaved' | |
| keep-n-untagged: 2 | |
| - title: 'All options (single arch)' | |
| purpose: | |
| 'Check that the combination of all options works correctly. | |
| (single arch)' | |
| folder: '11_all_options_single_arch' | |
| include-tags: '^1.35-uclibc$' | |
| exclude-tags: '^1.31-uclibc$' | |
| keep-n-tagged: 2 | |
| keep-n-untagged: 3 | |
| - title: 'All options (multi-arch)' | |
| purpose: | |
| 'Check that the combination of all options works correctly. | |
| (multi-arch)' | |
| folder: '12_all_options_multi_arch' | |
| include-tags: '^1.35-uclibc$' | |
| exclude-tags: '^1.31-uclibc$' | |
| keep-n-tagged: 2 | |
| keep-n-untagged: 2 | |
| - title: 'Dry run (multi-arch)' | |
| purpose: | |
| 'Check that using the dry-run option does not actually delete | |
| anything. (multi-arch)' | |
| folder: '13_dry_run_multi_arch' | |
| include-tags: '^1.35-uclibc$' | |
| exclude-tags: '^1.31-uclibc$' | |
| keep-n-tagged: 2 | |
| keep-n-untagged: 14 | |
| dry-run: true | |
| steps: | |
| # Setup for test execution | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version-file: .node-version | |
| cache: npm | |
| # Execution of respective test | |
| - name: 'Starting Test: ${{ matrix.tests.title }}' | |
| run: | | |
| echo "Purpose of test: ${{ matrix.tests.purpose }}" | |
| INCLUDE_TAGS="" | |
| if [ ! -z "${{ matrix.tests.include-tags }}" ]; then | |
| INCLUDE_TAGS="${{ matrix.tests.include-tags }}" | |
| fi | |
| EXCLUDE_TAGS="" | |
| if [ ! -z "${{ matrix.tests.exclude-tags }}" ]; then | |
| EXCLUDE_TAGS="${{ matrix.tests.exclude-tags }}" | |
| fi | |
| KEEP_N_TAGGED="" | |
| if [ ! -z "${{ matrix.tests.keep-n-tagged }}" ]; then | |
| KEEP_N_TAGGED="${{ matrix.tests.keep-n-tagged }}" | |
| fi | |
| KEEP_N_UNTAGGED="" | |
| if [ ! -z "${{ matrix.tests.keep-n-untagged }}" ]; then | |
| KEEP_N_UNTAGGED="${{ matrix.tests.keep-n-untagged }}" | |
| fi | |
| DRY_RUN="" | |
| if [ ! -z "${{ matrix.tests.dry-run }}" ]; then | |
| DRY_RUN="TRUE" | |
| fi | |
| DELAY="0" | |
| if [ ! -z "$KEEP_N_TAGGED" ] || [ ! -z "$KEEP_N_UNTAGGED" ]; then | |
| DELAY="3000" | |
| fi | |
| echo "INCLUDE_TAGS=$INCLUDE_TAGS" >> $GITHUB_ENV | |
| echo "EXCLUDE_TAGS=$EXCLUDE_TAGS" >> $GITHUB_ENV | |
| echo "KEEP_N_TAGGED=$KEEP_N_TAGGED" >> $GITHUB_ENV | |
| echo "KEEP_N_UNTAGGED=$KEEP_N_UNTAGGED" >> $GITHUB_ENV | |
| echo "DRY_RUN=$DRY_RUN" >> $GITHUB_ENV | |
| echo "DELAY=$DELAY" >> $GITHUB_ENV | |
| - name: ' > Debug: Print Matrix Variables' | |
| run: | | |
| echo "include-tags: ${{ matrix.tests.include-tags }}" | |
| echo "exclude-tags: ${{ matrix.tests.exclude-tags }}" | |
| echo "keep-n-tagged: ${{ matrix.tests.keep-n-tagged }}" | |
| echo "keep-n-untagged: ${{ matrix.tests.keep-n-untagged }}" | |
| echo "dry-run: ${{ matrix.tests.dry-run }}" | |
| - name: ' > Debug: Print Env Variables' | |
| run: | | |
| echo "include-tags: ${{ env.INCLUDE_TAGS }}" | |
| echo "exclude-tags: ${{ env.EXCLUDE_TAGS }}" | |
| echo "keep-n-tagged: ${{ env.KEEP_N_TAGGED }}" | |
| echo "keep-n-untagged: ${{ env.KEEP_N_UNTAGGED }}" | |
| echo "dry-run: ${{ env.DRY_RUN }}" | |
| - name: ' > Priming Test Environment' | |
| run: | | |
| node citester/index.js --token ${{ secrets.GITHUB_TOKEN }} \ | |
| --directory tests/${{ matrix.tests.folder }} \ | |
| --mode prime --delay ${{ env.DELAY }} | |
| - name: ' > Running Workflow' | |
| uses: ./ | |
| with: | |
| include-tags: ${{ env.INCLUDE_TAGS }} | |
| exclude-tags: ${{ env.EXCLUDE_TAGS }} | |
| keep-n-tagged: ${{ env.KEEP_N_TAGGED }} | |
| keep-n-untagged: ${{ env.KEEP_N_UNTAGGED }} | |
| dry-run: ${{ env.DRY_RUN }} | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: ' > Validating Outcome' | |
| run: | | |
| node citester/index.js --token ${{ secrets.GITHUB_TOKEN }} \ | |
| --directory tests/${{ matrix.tests.folder }} \ | |
| --mode validate | |
| attestation-tests: | |
| name: Attestation Tests | |
| runs-on: ubuntu-latest | |
| concurrency: | |
| group: attestation-tests-group | |
| env: | |
| REGISTRY: ghcr.io | |
| needs: integration-tests | |
| steps: | |
| # Setup for test execution | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Node.js | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version-file: .node-version | |
| cache: npm | |
| # referrer/attestation tests | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - id: lower-repo | |
| run: | | |
| echo "repository=${GITHUB_REPOSITORY@L}" >> $GITHUB_OUTPUT | |
| # attestation tagged | |
| - name: Attestation Tagged | |
| run: | |
| node citester/index.js --token ${{ secrets.GITHUB_TOKEN }} --directory | |
| tests/14_attestation_tagged --mode prime | |
| - name: Build and push image | |
| id: push1 | |
| uses: docker/build-push-action@v6.10.0 | |
| with: | |
| context: tests/14_attestation_tagged | |
| file: tests/14_attestation_tagged/Dockerfile | |
| push: true | |
| tags: | |
| ${{ env.REGISTRY }}/${{ steps.lower-repo.outputs.repository }}:test | |
| - name: Attest Image | |
| uses: actions/attest-build-provenance@v1 | |
| with: | |
| subject-name: | |
| ${{ env.REGISTRY }}/${{ steps.lower-repo.outputs.repository }} | |
| subject-digest: ${{ steps.push1.outputs.digest }} | |
| push-to-registry: true | |
| - name: Run Test | |
| uses: ./ | |
| with: | |
| include-tags: test | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Validate Test Results | |
| run: | |
| node citester/index.js --token ${{ secrets.GITHUB_TOKEN }} --directory | |
| tests/14_attestation_tagged --mode validate | |
| # # attestation untagged test | |
| # - name: Attestation UnTagged | |
| # run: | |
| # node citester/index.js --token ${{ secrets.GITHUB_TOKEN }} --directory | |
| # tests/15_attestation_untagged --mode prime | |
| # - name: Build and push image 1 | |
| # id: push2 | |
| # uses: docker/build-push-action@v6.10.0 | |
| # with: | |
| # context: tests/15_attestation_untagged | |
| # file: tests/15_attestation_untagged/Dockerfile1 | |
| # push: true | |
| # tags: | |
| # ${{ env.REGISTRY }}/${{ steps.lower-repo.outputs.repository }}:test | |
| # - name: Attest Image 1 | |
| # uses: actions/attest-build-provenance@v1 | |
| # with: | |
| # subject-name: | |
| # ${{ env.REGISTRY }}/${{ steps.lower-repo.outputs.repository }} | |
| # subject-digest: ${{ steps.push2.outputs.digest }} | |
| # push-to-registry: true | |
| # - name: Build and push image 2 | |
| # id: push3 | |
| # uses: docker/build-push-action@v6.10.0 | |
| # with: | |
| # context: tests/15_attestation_untagged | |
| # file: tests/15_attestation_untagged/Dockerfile2 | |
| # push: true | |
| # tags: | |
| # ${{ env.REGISTRY }}/${{ steps.lower-repo.outputs.repository }}:test | |
| # - name: Attest Image 2 | |
| # uses: actions/attest-build-provenance@v1 | |
| # with: | |
| # subject-name: | |
| # ${{ env.REGISTRY }}/${{ steps.lower-repo.outputs.repository }} | |
| # subject-digest: ${{ steps.push3.outputs.digest }} | |
| # push-to-registry: true | |
| # - name: Save Digests - Attestation UnTagged | |
| # run: | |
| # node citester/index.js --token ${{ secrets.GITHUB_TOKEN }} --directory | |
| # tests/15_attestation_untagged --mode save-expected --tag test | |
| # - name: Run Test - Attestation UnTagged | |
| # uses: ./ | |
| # with: | |
| # validate: true | |
| # token: ${{ secrets.GITHUB_TOKEN }} | |
| # - name: Validate Test Results - Attestation Tagged | |
| # run: | |
| # node citester/index.js --token ${{ secrets.GITHUB_TOKEN }} --directory | |
| # tests/attestation-untagged --mode validate |