Update wait-on-check-action #1028
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: PKI Tests | |
on: [push, pull_request] | |
jobs: | |
init: | |
name: Initialization | |
uses: ./.github/workflows/init.yml | |
secrets: inherit | |
build: | |
name: Waiting for build | |
needs: init | |
runs-on: ubuntu-latest | |
steps: | |
- name: Wait for build | |
uses: lewagon/[email protected] | |
with: | |
ref: ${{ github.ref }} | |
check-name: 'Building JSS' | |
repo-token: ${{ secrets.GITHUB_TOKEN }} | |
wait-interval: 30 | |
if: github.event_name == 'push' | |
- name: Wait for build | |
uses: lewagon/[email protected] | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
check-name: 'Building JSS' | |
repo-token: ${{ secrets.GITHUB_TOKEN }} | |
wait-interval: 30 | |
if: github.event_name == 'pull_request' | |
pki-build-test: | |
name: Building PKI | |
needs: [init, build] | |
runs-on: ubuntu-latest | |
env: | |
SHARED: /tmp/workdir/jss | |
steps: | |
- name: Clone repository | |
uses: actions/checkout@v3 | |
- name: Retrieve jss-runner image | |
uses: actions/cache@v3 | |
with: | |
key: jss-runner-${{ github.sha }} | |
path: jss-runner.tar | |
- name: Load jss-runner image | |
run: docker load --input jss-runner.tar | |
- name: Run container | |
run: | | |
IMAGE=jss-runner \ | |
NAME=pki \ | |
HOSTNAME=pki.example.com \ | |
tests/bin/runner-init.sh | |
- name: Import Tomcat JSS packages | |
run: | | |
docker pull quay.io/dogtagpki/tomcatjss-dist:7 | |
docker create --name=tomcatjss-dist quay.io/dogtagpki/tomcatjss-dist:7 | |
docker cp tomcatjss-dist:/root/RPMS/. /tmp/RPMS/ | |
docker rm -f tomcatjss-dist | |
- name: Import LDAP SDK packages | |
run: | | |
docker pull quay.io/dogtagpki/ldapjdk-dist:4 | |
docker create --name=ldapjdk-dist quay.io/dogtagpki/ldapjdk-dist:4 | |
docker cp ldapjdk-dist:/root/RPMS/. /tmp/RPMS/ | |
docker rm -f ldapjdk-dist | |
- name: Import IDM Console Framework packages | |
run: | | |
docker pull quay.io/dogtagpki/idm-console-framework-dist:1 | |
docker create --name=idm-console-framework-dist quay.io/dogtagpki/idm-console-framework-dist:1 | |
docker cp idm-console-framework-dist:/root/RPMS/. /tmp/RPMS/ | |
docker rm -f idm-console-framework-dist | |
- name: Install build dependencies | |
run: | | |
docker cp /tmp/RPMS/. pki:/root/RPMS/ | |
docker exec pki bash -c "dnf localinstall -y /root/RPMS/*" | |
docker exec pki dnf install -y git rpm-build | |
docker exec pki git clone \ | |
-b v10 \ | |
--single-branch \ | |
https://github.com/dogtagpki/pki | |
docker exec pki dnf build-dep -y --spec pki/pki.spec | |
- name: Build and install PKI | |
run: | | |
docker exec pki pki/build.sh rpm | |
docker exec pki bash -c "dnf install -y /root/build/pki/RPMS/*.rpm" | |
ca-test: | |
name: Testing CA | |
needs: [init, build] | |
runs-on: ubuntu-latest | |
env: | |
SHARED: /tmp/workdir/jss | |
steps: | |
- name: Clone repository | |
uses: actions/checkout@v3 | |
- name: Retrieve jss-runner image | |
uses: actions/cache@v3 | |
with: | |
key: jss-runner-${{ github.sha }} | |
path: jss-runner.tar | |
- name: Load jss-runner image | |
run: docker load --input jss-runner.tar | |
- name: Run container | |
run: | | |
IMAGE=jss-runner \ | |
NAME=pki \ | |
HOSTNAME=pki.example.com \ | |
tests/bin/runner-init.sh | |
- name: Install DS and PKI packages | |
run: docker exec pki dnf install -y 389-ds-base pki-ca | |
- name: Install DS | |
run: docker exec pki ${SHARED}/tests/bin/ds-create.sh | |
- name: Install CA | |
run: docker exec pki pkispawn -f /usr/share/pki/server/examples/installation/ca.cfg -s CA -v | |
- name: Run PKI healthcheck | |
run: docker exec pki pki-healthcheck --debug | |
- name: Verify CA admin | |
run: | | |
docker exec pki pki-server cert-export ca_signing --cert-file ca_signing.crt | |
docker exec pki pki client-cert-import ca_signing --ca-cert ca_signing.crt | |
docker exec pki pki client-cert-import \ | |
--pkcs12 /root/.dogtag/pki-tomcat/ca_admin_cert.p12 \ | |
--pkcs12-password-file /root/.dogtag/pki-tomcat/ca/pkcs12_password.conf | |
docker exec pki pki -n caadmin ca-user-show caadmin | |
- name: Gather artifacts | |
if: always() | |
run: | | |
tests/bin/ds-artifacts-save.sh pki | |
tests/bin/pki-artifacts-save.sh pki | |
- name: Remove CA | |
run: docker exec pki pkidestroy -i pki-tomcat -s CA -v | |
- name: Remove DS | |
run: docker exec pki ${SHARED}/tests/bin/ds-remove.sh | |
- name: Upload artifacts | |
if: always() | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ca | |
path: | | |
/tmp/artifacts/pki |