Skip to content

[centos-workstation] fix registry perms for build job #4

[centos-workstation] fix registry perms for build job

[centos-workstation] fix registry perms for build job #4

Workflow file for this run

---
name: Tests
on:
pull_request:
branches:
- "*"
push:
branches:
- "main"
# for merge queue
merge_group:
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
lint:
name: "⌨ Lint & unittests"
runs-on: ubuntu-latest
steps:
- name: Set up Go 1.21
uses: actions/setup-go@v5
with:
go-version: "1.21"
id: go
- name: Check out code into the Go module directory
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Apt update
run: sudo apt update
# This is needed for the container upload dependencies
- name: Install libgpgme devel package
run: sudo apt install -y libgpgme-dev libbtrfs-dev libdevmapper-dev
- name: Run golangci-lint
uses: golangci/golangci-lint-action@v6
with:
version: v1.55.2
args: --timeout 5m0s
working-directory: bib
- name: Run unit tests
run: (cd bib && go test -race ./...)
shellcheck:
name: "🐚 Shellcheck"
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Run ShellCheck
uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38
with:
ignore: vendor # We don't want to fix the code in vendored dependencies
env:
# don't check /etc/os-release sourcing, allow useless cats to live inside our codebase, and
# allow seemingly unreachable commands
SHELLCHECK_OPTS: -e SC1091 -e SC2002 -e SC2317
integration:
# TODO: run this also via tmt/testing-farm
name: "Integration"
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Setup up python
uses: actions/setup-python@v5
- name: Apt update
run: sudo apt update
- name: Install test dependencies
run: |
sudo apt update
sudo apt install -y python3-pytest python3-paramiko python3-boto3 flake8 qemu-system-x86 qemu-efi-aarch64 qemu-system-arm qemu-user-static pylint libosinfo-bin
- name: Diskspace (before)
run: |
df -h
sudo du -sh * /var/tmp /tmp /var/lib/containers | sort -sh
- name: Workaround podman issues in GH actions
run: |
# see https://github.com/osbuild/bootc-image-builder/issues/446
sudo rm -rf /var/lib/containers/storage
sudo mkdir -p /etc/containers
echo -e "[storage]\ndriver = \"overlay\"\nrunroot = \"/run/containers/storage\"\ngraphroot = \"/var/lib/containers/storage\"" | sudo tee /etc/containers/storage.conf
- name: Install python test deps
run: |
# make sure test deps are available for root
sudo -E pip install --user -r test/requirements.txt
- name: Workarounds for GH runner diskspace
run: |
# use custom basetemp here because /var/tmp is on a smaller disk
# than /mnt
sudo mkdir -p /mnt/var/tmp/bib-tests
# on GH runners /mnt has 70G free space, use that for our container
# storage
sudo mkdir -p /mnt/var/lib/containers
sudo mount -o bind /mnt/var/lib/containers /var/lib/containers
- run: |
mkdir -p /var/tmp/osbuild-test-store
- name: Cache osbuild env
uses: actions/cache@v4
with:
path: /var/tmp/osbuild-test-store
key: no-key-needed-here
# - name: Run tests
# env:
# AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
# AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# run: |
# # podman needs (parts of) the environment but will break when
# # XDG_RUNTIME_DIR is set.
# # TODO: figure out what exactly podman needs
# sudo -E XDG_RUNTIME_DIR= pytest-3 --basetemp=/mnt/var/tmp/bib-tests
- name: Diskspace (after)
if: ${{ always() }}
run: |
df -h
sudo du -sh * /var/tmp /tmp /var/lib/containers | sort -sh