mirror of
https://codeberg.org/forgejo/forgejo
synced 2024-12-05 02:54:46 +01:00
f817d97f85
Refs: https://codeberg.org/forgejo/forgejo/issues/2051 Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2053 Reviewed-by: Loïc Dachary <dachary@noreply.codeberg.org> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org> (cherry picked from commit01abf4d505
) [CI] Forgejo Actions based release process (squash) no ownca The private Forgejo instance trusted with the release signing keys no longer requires the installation of the ownca certificate authority. Refs: https://codeberg.org/forgejo/docs/pulls/338 (cherry picked from commit72f9ae796d
) (cherry picked from commitb0ca4236d7
) (cherry picked from commit81619cf8b5
) (cherry picked from commit2cb32c1a2b
)
99 lines
3.8 KiB
YAML
99 lines
3.8 KiB
YAML
name: Integration tests for the release process
|
|
|
|
on:
|
|
push:
|
|
paths:
|
|
- Makefile
|
|
- Dockerfile
|
|
- Dockerfile.rootless
|
|
- docker/**
|
|
- .forgejo/workflows/build-release.yml
|
|
- .forgejo/workflows/build-release-integration.yml
|
|
|
|
jobs:
|
|
release-simulation:
|
|
if: ${{ !startsWith(vars.ROLE, 'forgejo-') }}
|
|
runs-on: self-hosted
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
|
|
- id: forgejo
|
|
uses: https://code.forgejo.org/actions/setup-forgejo@v1
|
|
with:
|
|
user: root
|
|
password: admin1234
|
|
image-version: 1.21
|
|
lxc-ip-prefix: 10.0.9
|
|
|
|
- name: publish the forgejo release
|
|
run: |
|
|
set -x
|
|
|
|
version=1.2.3
|
|
cat > /etc/docker/daemon.json <<EOF
|
|
{
|
|
"insecure-registries" : ["${{ steps.forgejo.outputs.host-port }}"]
|
|
}
|
|
EOF
|
|
systemctl restart docker
|
|
|
|
apt-get install -qq -y xz-utils
|
|
|
|
dir=$(mktemp -d)
|
|
trap "rm -fr $dir" EXIT
|
|
|
|
url=http://root:admin1234@${{ steps.forgejo.outputs.host-port }}
|
|
export FORGEJO_RUNNER_LOGS="${{ steps.forgejo.outputs.runner-logs }}"
|
|
|
|
#
|
|
# Create a new project with a fake forgejo and the release workflow only
|
|
#
|
|
cp -a .forgejo/testdata/build-release/* $dir
|
|
mkdir -p $dir/.forgejo/workflows
|
|
cp .forgejo/workflows/build-release.yml $dir/.forgejo/workflows
|
|
cp $dir/Dockerfile $dir/Dockerfile.rootless
|
|
|
|
forgejo-test-helper.sh push $dir $url root forgejo
|
|
sha=$(forgejo-test-helper.sh branch_tip $url root/forgejo main)
|
|
|
|
#
|
|
# Push a tag to trigger the release workflow and wait for it to complete
|
|
#
|
|
forgejo-curl.sh api_json --data-raw '{"tag_name": "v'$version'", "target": "'$sha'"}' $url/api/v1/repos/root/forgejo/tags
|
|
forgejo-curl.sh api_json -X PUT --data-raw '{"data":"${{ steps.forgejo.outputs.token }}"}' $url/api/v1/repos/root/forgejo/actions/secrets/TOKEN
|
|
forgejo-curl.sh api_json -X PUT --data-raw '{"data":"root"}' $url/api/v1/repos/root/forgejo/actions/secrets/DOER
|
|
LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha
|
|
|
|
#
|
|
# uncomment to see the logs even when everything is reported to be working ok
|
|
#
|
|
#cat $FORGEJO_RUNNER_LOGS
|
|
|
|
#
|
|
# Minimal sanity checks. e2e test is for the setup-forgejo
|
|
# action and the infrastructure playbook. Since the binary
|
|
# is a script shell it does not test the sanity of the cross
|
|
# build, only the sanity of the naming of the binaries.
|
|
#
|
|
for arch in amd64 arm64 arm-6 ; do
|
|
binary=forgejo-$version-linux-$arch
|
|
for suffix in '' '.xz' ; do
|
|
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix > $binary$suffix
|
|
if test "$suffix" = .xz ; then
|
|
unxz --keep $binary$suffix
|
|
fi
|
|
chmod +x $binary
|
|
./$binary --version | grep $version
|
|
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix.sha256 > $binary$suffix.sha256
|
|
shasum -a 256 --check $binary$suffix.sha256
|
|
rm $binary$suffix
|
|
done
|
|
done
|
|
|
|
sources=forgejo-src-$version.tar.gz
|
|
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources > $sources
|
|
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources.sha256 > $sources.sha256
|
|
shasum -a 256 --check $sources.sha256
|
|
|
|
docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version
|
|
docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version-rootless
|