feat: use predictable container names for remote access and self updates #260
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test | |
on: | |
workflow_dispatch: | |
# Use a manual approval process before PR's are given access to | |
# the secrets which are required to run the integration tests. | |
# The PR code should be manually approved to see if it can be trusted. | |
# When in doubt, do not approve the test run. | |
# Reference: https://dev.to/petrsvihlik/using-environment-protection-rules-to-secure-secrets-when-building-external-forks-with-pullrequesttarget-hci | |
pull_request_target: | |
branches: [ main ] | |
merge_group: | |
jobs: | |
approve: | |
name: Approve | |
environment: | |
# For security reasons, all pull requests need to be approved first before granting access to secrets | |
# So the environment should be set to have a reviewer/s inspect it before approving it | |
name: ${{ github.event_name == 'pull_request_target' && 'Test Pull Request' || 'Test Auto' }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Wait for approval | |
run: echo "Approved" | |
test: | |
name: Test ${{ matrix.job.name }} | |
runs-on: ubuntu-latest | |
needs: approve | |
environment: | |
name: Test Auto | |
env: | |
TEST_IMAGE: ${{ matrix.job.image }} | |
strategy: | |
fail-fast: false | |
matrix: | |
job: | |
# docker | |
- { target: tedge-container-bundle, name: "docker v27", image: "docker:27-dind" } | |
- { target: tedge-container-bundle, name: "docker v26", image: "docker:26-dind" } | |
- { target: tedge-container-bundle, name: "docker v25", image: "docker:25-dind" } | |
- { target: tedge-container-bundle, name: "docker v20", image: "docker:20-dind" } | |
# podman | |
- { target: tedge-container-bundle, name: "podman", image: debian-systemd-podman-cli } | |
- { target: tedge-container-bundle, name: "podman v5", image: "podman-v5" } | |
- { target: tedge-container-bundle, name: "podman v4", image: "podman-v4" } | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || '' }} | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
install: true | |
- uses: taiki-e/install-action@just | |
- uses: reubenmiller/setup-go-c8y-cli@main | |
- name: install c8y-tedge extension | |
run: c8y extension install thin-edge/c8y-tedge | |
- name: create .env file | |
run: | | |
touch .env | |
echo 'C8Y_BASEURL="${{ secrets.C8Y_BASEURL }}"' >> .env | |
echo 'C8Y_USER="${{ secrets.C8Y_USER }}"' >> .env | |
echo 'C8Y_PASSWORD="${{ secrets.C8Y_PASSWORD }}"' >> .env | |
cat .env | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: '3.11' | |
cache: 'pip' | |
cache-dependency-path: | | |
tests/requirements.txt | |
- name: Install dependencies | |
run: | | |
just venv | |
just build-test | |
- name: Run tests | |
run: just test | |
- name: Upload test results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: reports-${{ matrix.job.name }} | |
path: output | |
- name: Send report to commit | |
uses: joonvena/[email protected] | |
with: | |
gh_access_token: ${{ secrets.GITHUB_TOKEN }} | |
report_path: 'output' | |
show_passed_tests: 'true' |