-
Notifications
You must be signed in to change notification settings - Fork 2
198 lines (173 loc) · 6.28 KB
/
docker.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
#
# GitHub actions for building and testing.
#
# For best support, use `-latest` for runners spinning up containers. More at
# https://help.github.com/en/actions/reference/virtual-environments-for-github-hosted-runners.
name: Docker
on:
push:
branches: [ master ]
pull_request:
concurrency:
group: docker-${{ github.ref }}
cancel-in-progress: true
env:
CI: 'true'
# Using a job name that doesn't contain the OS name, to minimize the risk of
# confusion with the OS names of the containers, which are the relevant ones.
jobs:
linux:
runs-on: ubuntu-latest
container: ${{ matrix.container }}
strategy:
fail-fast: false
matrix:
# Alpine Linux 3.15 has musl 1.2.2, Amazon Linux 2 has glibc 2.26.
container: [ 'alpine:3.15', 'amazonlinux:2' ]
timeout-minutes: 60
steps:
# OpenSSL gets updated by apk, but that is the Alpine way, so it's fine.
- name: Alpine setup
if: startsWith(matrix.container, 'alpine')
run: |
apk upgrade -U
apk add git curl bash gcc make m4 patch musl-dev linux-headers lddtree shadow openssh-client file unzip perl g++ musl-locales dejagnu sudo
apk del util-linux-dev
curl --output /usr/bin/paxctl https://bin.chevah.com:20443/third-party-stuff/alpine/paxctl-3.12
chmod +x /usr/bin/paxctl
- name: Amazon setup
if: startsWith(matrix.container, 'amazonlinux')
run: |
yum -y upgrade
yum -y install git-core gcc make m4 patch tar unzip perl perl-Test-Simple perl-IPC-Cmd xz gcc-c++ dejagnu bzip2 sudo
# To avoid linking against libdb and gdmb libraries on Amazon Linux 2.
# Can't simply uninstall libdb-devel and gdmb-devel, they are required by perl-IPC-Cmd.
rm -v /usr/include/libdb/db.h
rm -v /usr/include/gdbm.h
# This is for avoiding building the NIS module with Python 3.12.
rm -v /usr/include/rpc/rpc.h
- name: Ubuntu setup
if: startsWith(matrix.container, 'ubuntu')
run: |
apt update
apt --yes dist-upgrade
apt --yes install wget curl gcc make m4 patch openssh-client unzip git libtest-simple-perl xz-utils g++ dejagnu sudo
# actions/checkout doesn't work on Amazon Linux 2, requires glibc 2.27.
- name: Clone repo independently
run: |
git clone https://github.com/chevah/pythia.git
cd pythia
git checkout ${GITHUB_HEAD_REF}
- name: Chevah user setup
run: |
useradd -g adm -s /bin/bash -m chevah
echo '%adm ALL=NOPASSWD: ALL' > /etc/sudoers
- name: Build Pythia
timeout-minutes: 30
run: |
chown -R chevah pythia
cd pythia
su chevah -c "./build.sh build"
- name: Test Pythia
timeout-minutes: 5
run: |
cd pythia
su chevah -c "./build.sh test"
- name: Test compat
timeout-minutes: 10
env:
USER: chevah
CODECOV_TOKEN: local
run: |
cd pythia
su chevah -c "./build.sh compat"
# Using `~/` is problematic under Docker, use `/root/`.
# Remove key in same step to avoid leaving it on disk if publishing fails.
- name: Upload testing package
timeout-minutes: 5
run: |
mkdir -pv /root/.ssh/
cd pythia
touch priv_key
chmod 600 priv_key
echo "${{ secrets.SFTPPLUS_BIN_PRIV_KEY }}" > priv_key
echo "${{ secrets.SFTPPLUS_BIN_HOST_KEY }}" > /root/.ssh/known_hosts
./publish_dist.sh ; rm priv_key
# If one of the above steps fails, fire up tmate for remote debugging.
# Not all platforms are supported by tmate.
# Currently not supported: Alpine, Amazon 2, CentOS 5 (no glibc or too old).
- name: Tmate debug on failure
if: ${{ !cancelled() && runner.debug }}
uses: chevah/action-tmate@v3
with:
sudo: false
limit-access-to-actor: true
linux-arm64:
runs-on: ubuntu-24.04-arm
# Amazon Linux 2 has glibc 2.26.
container: amazonlinux:2
strategy:
fail-fast: false
timeout-minutes: 60
steps:
- name: Amazon setup
if: startsWith(matrix.container, 'amazonlinux')
run: |
yum -y upgrade
yum -y install git-core gcc make m4 patch tar unzip perl perl-Test-Simple perl-IPC-Cmd xz gcc-c++ dejagnu bzip2 sudo
# To avoid linking against libdb and gdmb libraries on Amazon Linux 2.
# Can't simply uninstall libdb-devel and gdmb-devel, they are required by perl-IPC-Cmd.
rm -v /usr/include/libdb/db.h
rm -v /usr/include/gdbm.h
# This is for avoiding building the NIS module with Python 3.12.
rm -v /usr/include/rpc/rpc.h
# actions/checkout doesn't work on Amazon Linux 2, requires glibc 2.27.
- name: Clone repo independently
run: |
git clone https://github.com/chevah/pythia.git
cd pythia
git checkout ${GITHUB_HEAD_REF}
- name: Chevah user setup
run: |
useradd -g adm -s /bin/bash -m chevah
echo '%adm ALL=NOPASSWD: ALL' > /etc/sudoers
- name: Build Pythia
timeout-minutes: 30
run: |
chown -R chevah pythia
cd pythia
su chevah -c "./build.sh build"
- name: Test Pythia
timeout-minutes: 5
run: |
cd pythia
su chevah -c "./build.sh test"
- name: Test compat
timeout-minutes: 10
env:
USER: chevah
CODECOV_TOKEN: local
run: |
cd pythia
su chevah -c "./build.sh compat"
# Using `~/` is problematic under Docker, use `/root/`.
# Remove key in same step to avoid leaving it on disk if publishing fails.
- name: Upload testing package
timeout-minutes: 5
run: |
mkdir -pv /root/.ssh/
cd pythia
touch priv_key
chmod 600 priv_key
echo "${{ secrets.SFTPPLUS_BIN_PRIV_KEY }}" > priv_key
echo "${{ secrets.SFTPPLUS_BIN_HOST_KEY }}" > /root/.ssh/known_hosts
./publish_dist.sh ; rm priv_key
# If one of the above steps fails, fire up tmate for remote debugging.
# Not all platforms are supported by tmate.
# Currently not supported: Alpine, Amazon 2, CentOS 5 (no glibc or too old).
- name: Tmate debug on failure
if: ${{ !cancelled() && runner.debug }}
uses: chevah/action-tmate@v3
with:
sudo: false
limit-access-to-actor: true