Regression test for CryptHandle unlocking with both keyring and Clevis enabled #4279
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: stratisd CI | |
# yamllint disable-line rule:truthy | |
on: | |
push: | |
branches: | |
- master | |
paths-ignore: | |
- 'CHANGES.txt' | |
- '**/README.md' | |
- 'README_tests.md' | |
- 'tests/**' | |
- '.packit.yaml' | |
- 'plans/**' | |
- 'test/**' | |
pull_request: | |
branches: | |
- master | |
paths-ignore: | |
- 'CHANGES.txt' | |
- '**/README.md' | |
- 'README_tests.md' | |
- 'tests/**' | |
- '.packit.yaml' | |
- 'plans/**' | |
- 'test/**' | |
workflow_dispatch: | |
# cancel the in-progress workflow when PR is refreshed. | |
# yamllint disable rule:line-length | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.head_ref || github.sha }} | |
cancel-in-progress: true | |
jobs: | |
checks: | |
strategy: | |
matrix: | |
include: | |
- task: make -f Makefile fmt-ci | |
toolchain: 1.73.0 # CURRENT DEVELOPMENT RUST TOOLCHAIN | |
components: rustfmt | |
- task: make -f Makefile check-typos | |
toolchain: 1.73.0 # CURRENT DEVELOPMENT RUST TOOLCHAIN | |
components: cargo | |
runs-on: ubuntu-22.04 | |
container: | |
image: fedora:38 # CURRENT DEVELOPMENT ENVIRONMENT | |
options: --privileged -v /dev:/dev | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Install dependencies for Fedora | |
run: > | |
dnf install -y | |
clang | |
curl | |
cryptsetup-devel | |
dbus-devel | |
device-mapper-devel | |
libblkid-devel | |
make | |
ncurses | |
systemd-devel | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
components: ${{ matrix.components }} | |
toolchain: ${{ matrix.toolchain }} | |
- uses: baptiste0928/cargo-install@v2 | |
with: | |
crate: typos-cli | |
- name: Test ${{ matrix.task }} on ${{ matrix.toolchain }} toolchain | |
run: ${{ matrix.task }} | |
# TESTS WITH TANG | |
checks_with_tang: | |
strategy: | |
matrix: | |
include: | |
# MANDATORY CHECKS USING CURRENT DEVELOPMENT COMPILER | |
- task: >- | |
TANG_URL=tang | |
RUST_LOG=stratisd=debug | |
make -f Makefile test-clevis-loop | |
toolchain: 1.73.0 # CURRENT DEVELOPMENT RUST TOOLCHAIN | |
components: cargo | |
image: fedora:38 # CURRENT DEVELOPMENT ENVIRONMENT | |
runs-on: ubuntu-22.04 | |
container: | |
image: ${{ matrix.image }} | |
options: --privileged -v /dev:/dev -v /run/udev:/run/udev --ipc=host | |
services: | |
tang: | |
# yamllint disable rule:line-length | |
image: ghcr.io/stratis-storage/stratisd/tang:38 # CURRENT DEVELOPMENT ENVIRONMENT | |
credentials: | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
options: --privileged -p 80:80 | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Install dependencies for Fedora | |
# cracklib-dicts: https://github.com/stratis-storage/project/issues/581 | |
run: > | |
dnf install -y | |
clang | |
cryptsetup-devel | |
clevis | |
clevis-luks | |
cracklib-dicts | |
curl | |
dbus-devel | |
device-mapper-devel | |
device-mapper-persistent-data | |
libblkid-devel | |
make | |
ncurses | |
sudo | |
systemd-devel | |
systemd-udev | |
xfsprogs | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
components: ${{ matrix.components }} | |
toolchain: ${{ matrix.toolchain }} | |
- name: Test ${{ matrix.task }} on ${{ matrix.toolchain }} toolchain | |
run: ${{ matrix.task }} | |
stratis-cli-checks: | |
runs-on: ubuntu-22.04 | |
container: | |
image: fedora:34 # LOWEST DEVELOPMENT ENVIRONMENT | |
options: --privileged --userns=host --ipc=host -v /run/dbus/system_bus_socket:/run/dbus/system_bus_socket:ro -v /usr/share/dbus-1:/usr/share/dbus-1 | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Install dependencies | |
run: > | |
dnf install -y | |
asciidoc | |
clang | |
cryptsetup-devel | |
dbus-daemon | |
dbus-tools | |
dbus-devel | |
device-mapper-devel | |
libblkid-devel | |
git | |
glibc-static | |
make | |
ncurses | |
python3-coverage | |
python3-dbus-client-gen | |
python3-dbus-python-client-gen | |
python3-justbytes | |
python3-dateutil | |
python3-packaging | |
python3-psutil | |
python3-wcwidth | |
systemd-devel | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
components: cargo | |
toolchain: 1.71.1 # LOWEST SUPPORTED RUST TOOLCHAIN | |
- name: Build stratisd | |
run: PROFILEDIR=debug make -f Makefile build-all | |
- name: Install stratisd | |
run: PROFILEDIR=debug make -f Makefile install | |
- name: Workaround for dbus inotify | |
run: cp stratisd.conf /usr/share/dbus-1/system.d | |
- name: Check out stratis-cli | |
run: git clone https://github.com/stratis-storage/stratis-cli.git | |
- name: Run stratis-cli tests | |
run: > | |
RUST_LOG=stratisd=debug | |
STRATISD=/usr/libexec/stratisd | |
PYTHONPATH=./src | |
make dbus-tests | |
working-directory: ./stratis-cli | |
stratis-min-cli-checks: | |
runs-on: ubuntu-22.04 | |
container: | |
image: fedora:38 # CURRENT DEVELOPMENT ENVIRONMENT | |
options: --privileged --userns=host --ipc=host -v /dev:/dev -v /run/udev:/run/udev -v /usr/lib/udev:/usr/lib/udev -v /run/dbus/system_bus_socket:/run/dbus/system_bus_socket:ro -v /usr/share/dbus-1:/usr/share/dbus-1 | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Install dependencies | |
run: > | |
dnf install -y | |
asciidoc | |
clang | |
cryptsetup-devel | |
dbus-daemon | |
dbus-tools | |
dbus-devel | |
device-mapper-devel | |
device-mapper-persistent-data | |
libblkid-devel | |
git | |
glibc-static | |
make | |
ncurses | |
python3-coverage | |
python3-dbus-client-gen | |
python3-dbus-python-client-gen | |
python3-justbytes | |
python3-dateutil | |
python3-packaging | |
python3-psutil | |
python3-wcwidth | |
systemd-devel | |
xfsprogs | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
components: cargo | |
toolchain: 1.73.0 # CURRENT DEVELOPMENT RUST TOOLCHAIN | |
- name: Run stratisd-min cli tests | |
run: make test-stratisd-min | |
- name: Run stratis-min cli tests | |
run: make test-stratis-min | |
shell-checks: | |
runs-on: ubuntu-22.04 | |
container: | |
image: fedora:38 # CURRENT DEVELOPMENT ENVIRONMENT | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Install dependencies | |
run: > | |
dnf install -y | |
make | |
ncurses | |
shfmt | |
- name: Run shell check | |
run: make -f Makefile fmt-shell-ci | |
python-based-tests: | |
runs-on: ubuntu-22.04 | |
container: | |
image: fedora:38 # CURRENT DEVELOPMENT ENVIRONMENT | |
options: --privileged -v /dev:/dev | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Install dependencies for Fedora | |
run: > | |
dnf install -y | |
asciidoc | |
clang | |
cryptsetup-devel | |
curl | |
dbus-devel | |
dbus-tools | |
device-mapper-devel | |
device-mapper-persistent-data | |
glibc-static | |
libblkid-devel | |
make | |
ncurses | |
python3-justbytes | |
systemd-devel | |
systemd-udev | |
xfsprogs | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
components: cargo | |
toolchain: 1.73.0 # CURRENT DEVELOPMENT RUST TOOLCHAIN | |
- name: Build stratisd | |
run: PROFILEDIR=debug make -f Makefile build-all | |
- name: Install stratisd | |
run: PROFILEDIR=debug make -f Makefile install | |
- name: Check basic behavior of test_predict | |
run: > | |
STRATIS_PREDICT_USAGE=/usr/bin/stratis-predict-usage | |
PYTHONPATH=./src | |
make filesystem-predict-tests | |
working-directory: ./tests/client-dbus | |
tests-with-testing-repo: | |
strategy: | |
matrix: | |
include: | |
- rev: HEAD | |
args: --log-level=debug stratisd_cert --verify-devices --monitor-dbus --highest-revision-number=7 | |
- rev: v3.5.2 | |
args: stratisd_cert --verify-devices | |
runs-on: ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Run apt-get update | |
run: sudo apt-get -q update | |
- name: Install dependencies | |
run: > | |
DEBIAN_FRONTEND=noninteractive | |
sudo apt-get install -y | |
asciidoc | |
clang | |
curl | |
libblkid-dev | |
libcryptsetup-dev | |
libdbus-1-dev | |
libdevmapper-dev | |
libsystemd-dev | |
libudev-dev | |
make | |
thin-provisioning-tools | |
udev | |
xfsprogs | |
- name: Install Python dependencies | |
run: > | |
sudo python -m pip install | |
dbus-python | |
dbus-python-client-gen | |
psutil | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
components: cargo | |
toolchain: 1.71.1 # LOWEST SUPPORTED RUST TOOLCHAIN | |
- name: Build stratisd | |
run: PROFILEDIR=debug make -f Makefile build-all | |
- name: Install stratisd | |
run: sudo make PROFILEDIR=debug -f Makefile install | |
- name: Workaround for dbus inotify | |
run: sudo cp stratisd.conf /usr/share/dbus-1/system.d | |
- name: Reload udev | |
run: sudo udevadm control --reload | |
- name: Clone testing repo | |
run: git clone https://github.com/stratis-storage/testing.git | |
- name: Checkout revision ${{ matrix.rev }} | |
run: git checkout -b new-branch ${{ matrix.rev }} | |
working-directory: ./testing | |
- name: Run stratisd_cert.py | |
run: > | |
sudo | |
RUST_LOG=stratisd=debug | |
python3 test_harness.py | |
${{ matrix.args }} | |
working-directory: ./testing |