Add OpenSCAP json tailoring (HMS-3826) #3296
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Tests | |
| # NOTE(mhayden): Restricting branches prevents jobs from being doubled since | |
| # a push to a pull request triggers two events. | |
| on: # yamllint disable-line rule:truthy | |
| pull_request: | |
| branches: | |
| - "*" | |
| push: | |
| branches: | |
| - main | |
| # for merge queue | |
| merge_group: | |
| jobs: | |
| unit-tests-f39: | |
| name: "π Unit tests (Fedora 39)" | |
| runs-on: ubuntu-latest | |
| container: | |
| image: registry.fedoraproject.org/fedora:39 | |
| steps: | |
| - name: Check out code into the Go module directory | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Set up repository for pinned osbuild commit | |
| run: ./test/scripts/setup-osbuild-repo | |
| # krb5-devel is needed to test internal/upload/koji package | |
| # gcc is needed to build the mock depsolver binary for the unit tests | |
| # gpgme-devel is needed for container upload dependencies | |
| - name: Install build and test dependencies | |
| run: dnf -y install krb5-devel gcc git-core go gpgme-devel osbuild-depsolve-dnf btrfs-progs-devel device-mapper-devel | |
| - name: Mark the working directory as safe for git | |
| run: git config --global --add safe.directory "$(pwd)" | |
| - name: Run unit tests | |
| run: go test -v -race ./... | |
| - name: Run depsolver tests with force-dnf to make sure it's not skipped for any reason | |
| run: go test -v -race ./pkg/dnfjson/... -force-dnf | |
| unit-tests-f40: | |
| name: "π Unit tests (Fedora 40)" | |
| runs-on: ubuntu-latest | |
| container: | |
| image: registry.fedoraproject.org/fedora:40 | |
| steps: | |
| - name: Check out code into the Go module directory | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Set up repository for pinned osbuild commit | |
| run: ./test/scripts/setup-osbuild-repo | |
| # krb5-devel is needed to test internal/upload/koji package | |
| # gcc is needed to build the mock depsolver binary for the unit tests | |
| # gpgme-devel is needed for container upload dependencies | |
| - name: Install build and test dependencies | |
| run: dnf -y install krb5-devel gcc git-core go gpgme-devel osbuild-depsolve-dnf btrfs-progs-devel device-mapper-devel | |
| - name: Mark the working directory as safe for git | |
| run: git config --global --add safe.directory "$(pwd)" | |
| - name: Run unit tests | |
| run: go test -v -race ./... | |
| - name: Run depsolver tests with force-dnf to make sure it's not skipped for any reason | |
| run: go test -v -race ./pkg/dnfjson/... -force-dnf | |
| container-resolver-tests: | |
| name: "π Container resolver tests" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Set up Go 1.21 | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: "1.21" | |
| id: go | |
| - name: Check out code into the Go module directory | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Apt update | |
| run: sudo apt update | |
| # This is needed for the container resolver dependencies | |
| - name: Install libgpgme devel package | |
| run: sudo apt install -y libgpgme-dev libbtrfs-dev libdevmapper-dev podman | |
| # We need to run the test as root, since we use the root | |
| # containers-storage for the local resolvers | |
| - name: Run unit tests | |
| run: sudo go test -v ./pkg/container/... --force-local-resolver | |
| unit-tests-c9s: | |
| name: "π Unit tests (CentOS Stream 9)" | |
| runs-on: ubuntu-latest | |
| container: | |
| image: quay.io/centos/centos:stream9 | |
| env: | |
| GOFLAGS: "-tags=exclude_graphdriver_btrfs" | |
| steps: | |
| - name: Install dnf plugins | |
| run: dnf -y install dnf-plugins-core | |
| - name: Enable crb repo | |
| run: dnf config-manager --set-enabled crb | |
| - name: Check out code into the Go module directory | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Set up repository for pinned osbuild commit | |
| run: ./test/scripts/setup-osbuild-repo | |
| - name: Install build and test dependencies | |
| run: dnf -y install krb5-devel gcc git-core go gpgme-devel osbuild-depsolve-dnf device-mapper-devel | |
| - name: Mark the working directory as safe for git | |
| run: git config --global --add safe.directory "$(pwd)" | |
| - name: Run unit tests | |
| run: go test -v -race ./... | |
| - name: Run depsolver tests with force-dnf to make sure it's not skipped for any reason | |
| run: go test -v -race ./pkg/dnfjson/... -force-dnf | |
| lint: | |
| name: "β¨ Lint" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Set up Go 1.21 | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: "1.21" | |
| id: go | |
| - name: Check out code into the Go module directory | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Apt update | |
| run: sudo apt update | |
| # This is needed to lint internal/upload/koji package | |
| - name: Install kerberos devel package | |
| run: sudo apt install -y libkrb5-dev | |
| # This is needed for the container upload dependencies | |
| - name: Install libgpgme devel package | |
| run: sudo apt install -y libgpgme-dev libbtrfs-dev libdevmapper-dev | |
| - name: Run golangci-lint | |
| uses: golangci/golangci-lint-action@v6 | |
| with: | |
| version: v1.59.1 | |
| args: --verbose --timeout 5m0s | |
| shellcheck: | |
| name: "π Shellcheck" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Run ShellCheck | |
| uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 | |
| with: | |
| ignore: vendor # We don't want to fix the code in vendored dependencies | |
| env: | |
| # don't check /etc/os-release sourcing, allow useless cats to live inside our codebase, and | |
| # allow seemingly unreachable commands | |
| SHELLCHECK_OPTS: -e SC1091 -e SC2002 -e SC2317 | |
| python-test: | |
| name: "π pytest (imgtestlib)" | |
| runs-on: ubuntu-latest | |
| container: | |
| image: registry.fedoraproject.org/fedora:latest | |
| steps: | |
| - name: Install build and test dependencies | |
| run: dnf -y install python3-pytest podman skopeo | |
| - name: Check out code into the Go module directory | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Testing imgtestlib | |
| run: | | |
| python3 -m pytest -v | |
| python-lint: | |
| name: "π Lint (test scripts)" | |
| runs-on: ubuntu-latest | |
| container: | |
| image: registry.fedoraproject.org/fedora:latest | |
| steps: | |
| - name: Install build and test dependencies | |
| run: dnf -y install python3-pylint git-core grep python3-pytest | |
| - name: Check out code into the Go module directory | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Analysing the code with pylint | |
| run: | | |
| python3 -m pylint --version | |
| python3 -m pylint $(grep -l "/usr/bin/env python3" -r test/scripts) test/scripts/*.py |