-
Notifications
You must be signed in to change notification settings - Fork 132
158 lines (145 loc) · 7.32 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
name: CI
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
test:
runs-on: ubuntu-18.04
strategy:
matrix:
install: [ pip, apt ]
upgrade: [ true, false ]
exclude:
- install: pip
upgrade: true
fail-fast: false
steps:
- name: "Check out NIPAP repository"
uses: actions/checkout@v2
- name: "Install dependencies and prepare NIPAP"
run: |
# Set up NIPAP repo
echo "deb http://spritelink.github.io/NIPAP/repos/apt stable main extra" | sudo tee /etc/apt/sources.list.d/nipap.list
wget -O - https://spritelink.github.io/NIPAP/nipap.gpg.key | sudo apt-key add -
sudo apt update -qq
# Install dependencies for build and test
sudo apt install -y \
devscripts \
fakeroot \
debhelper \
dh-python \
junit4 \
python-docutils \
python-nose \
python-requests \
python3-requests \
python-setuptools \
python3-setuptools \
python-wheel \
python3-wheel \
python3-all \
default-jdk \
gradle \
rename \
postgresql-10 \
postgresql-10-ip4r
# Drop and re-create cluster to be bound to default port
for version in `pg_lsclusters | tail -n-2 | awk '{ print $1 }'`; do sudo pg_dropcluster $version main; done
sudo pg_createcluster --start 10 main
sed -e 's/username = guest/username = unittest/' -e 's/password = guest/password = gottatest/' -e 's/port = 1337/port = 1338/' -e "s/#use_ssl = false/use_ssl = true/" nipap-cli/nipaprc > ~/.nipaprc
chmod 0600 ~/.nipaprc
# Set up CA and generate SSL cert
mkdir /tmp/ca
openssl genrsa -out /tmp/ca/ca.key 2048
openssl req -new -x509 -key /tmp/ca/ca.key -out /tmp/ca/ca.crt -subj '/C=SE/O=NIPAP Test CA'
sudo cp /tmp/ca/ca.crt /usr/local/share/ca-certificates/
sudo update-ca-certificates
openssl genrsa -out /tmp/ca/test.key 2048
openssl req -new -key /tmp/ca/test.key -out /tmp/ca/test.csr -subj "/CN=127.0.0.1"
openssl x509 -req -in /tmp/ca/test.csr -CA /tmp/ca/ca.crt -CAkey /tmp/ca/ca.key -CAcreateserial -out /tmp/ca/test.crt
cat /tmp/ca/test.crt /tmp/ca/test.crt > /tmp/ca/test.bundle.crt
sudo chmod -R a+r /tmp/ca
- name: "Install using pip"
if: ${{ matrix.install == 'pip' }}
run: |
# install nipap dependencies
sudo -H pip install -r nipap/requirements.txt
# SQL
sudo su -c "cd nipap/sql; PGPASSWORD=papin make install" postgres
# move configuration file into place
sudo mkdir /etc/nipap
sudo cp nipap/nipap.conf.dist /etc/nipap/nipap.conf
sudo sed -e "s/{{LISTEN_ADDRESS}}/127.0.0.1/" -e "s/{{LISTEN_PORT}}/1337/" -e "s/#ssl_port.\+$/ssl_port = 1338/" -e "s/#ssl_cert_file.\+$/ssl_cert_file = \/tmp\/ca\/test.bundle.crt/" -e "s/#ssl_key_file.\+$/ssl_key_file = \/tmp\/ca\/test.key/" -e "s/{{DB_USERNAME}}/nipap/" -e "s/{{DB_NAME}}/nipap/" -e "s/{{DB_PASSWORD}}/papin/" -e "s/{{DB_SSLMODE}}/require/" -e "s/{{DB_PORT}}/5432/" -e "s/{{DB_HOST}}/localhost/" -e "s/{{SYSLOG}}/true/" -i /etc/nipap/nipap.conf
# create local user for unittest
sudo nipap/nipap-passwd create-database
sudo nipap/nipap-passwd add -u unittest -p gottatest -n unittest
sudo nipap/nipap-passwd add -u readonly -p gottatest --readonly -n "Read-only user for running unit tests"
# install pynipap
cd pynipap; sudo python setup.py install; cd ..
cd pynipap; sudo python3 setup.py install; cd ..
# install nipap-cli dependencies
sudo -H pip3 install -r nipap-cli/requirements.txt
# start nipap backend
nipap/nipapd --no-pid-file -c /etc/nipap/nipap.conf
- name: "Install latest release from apt"
if: ${{ matrix.install == 'apt' && matrix.upgrade == true }}
run: |
# Install NIPAP packages from official repo
sudo apt install -qq nipapd nipap-www nipap-cli
# bump version so that we know we are upgrading beyond what is installed
(echo -e 'Version 9999.9.9\n------------------\n * Test version for automatic upgrade test'; cat NEWS) > NEWS2
mv NEWS2 NEWS
make bumpversion
# populate answers to nipapd package install questions and reconfigure
echo 'set nipapd/database_host localhost' | sudo debconf-communicate
echo 'set nipapd/local_db_autoconf true' | sudo debconf-communicate
echo 'set nipapd/startup true' | sudo debconf-communicate
echo 'set nipapd/local_db_upgrade true' | sudo debconf-communicate
sudo dpkg-reconfigure nipapd
# Enable SSL
sudo sed -e "s/#ssl_port.\+$/ssl_port = 1338/" -e "s/#ssl_cert_file.\+$/ssl_cert_file = \/tmp\/ca\/test.bundle.crt/" -e "s/#ssl_key_file.\+$/ssl_key_file = \/tmp\/ca\/test.key/" -i /etc/nipap/nipap.conf
# create local user for unittest and restart
sudo nipap-passwd add -u unittest -p gottatest -f /etc/nipap/local_auth.db -n unittest
sudo /etc/init.d/nipapd restart
# if upgrade, add some data to the database that we can verify later
nosetests tests/upgrade-before.py
- name: "Build and install Debian packages"
if: ${{ matrix.install == 'apt' }}
run: |
# build new NIPAP packages
make builddeb
# install the newly built nipap packages
sudo apt install -o Dpkg::Options::="--force-confnew" ./nipap*.deb ./python*-pynipap*.deb
# populate answers to nipapd package install questions and reconfigure
echo 'set nipapd/database_host localhost' | sudo debconf-communicate
echo 'set nipapd/local_db_autoconf true' | sudo debconf-communicate
echo 'set nipapd/startup true' | sudo debconf-communicate
echo 'set nipapd/local_db_upgrade true' | sudo debconf-communicate
sudo dpkg-reconfigure nipapd
# Enable SSL
if [ `grep -c ssl_port /etc/nipap/nipap.conf` -eq 0 ]; then \
# No SSL config in file - add from scratch
sudo sed '/^port *=.*/a ssl_port = 1338\nssl_cert_file = \/tmp\/ca\/test.bundle.crt\nssl_key_file = \/tmp\/ca\/test.key' -i /etc/nipap/nipap.conf; \
else \
sudo sed -e "s/#ssl_port.\+$/ssl_port = 1338/" -e "s/#ssl_cert_file.\+$/ssl_cert_file = \/tmp\/ca\/test.bundle.crt/" -e "s/#ssl_key_file.\+$/ssl_key_file = \/tmp\/ca\/test.key/" -i /etc/nipap/nipap.conf; \
fi
# create local user for unittests
sudo nipap/nipap-passwd add -u unittest -p gottatest -f /etc/nipap/local_auth.db -n "User for running unit tests"
sudo nipap/nipap-passwd add -u readonly -p gottatest -f /etc/nipap/local_auth.db --readonly -n "Read-only user for running unit tests"
sudo sed -e "s/db_host *= *[^ ]\+/db_host = localhost/" -i /etc/nipap/nipap.conf
sudo /etc/init.d/nipapd restart
- name: "Verify pre-upgrade data"
if: ${{ matrix.upgrade == true }}
run: nosetests tests/upgrade-after.py
- name: "Run test suite"
env:
REQUESTS_CA_BUNDLE: /etc/ssl/certs/ca-certificates.crt
run: |
nosetests tests/xmlrpc.py
nosetests tests/nipaptest.py
nosetests tests/test_cli.py
nosetests tests/nipap-ro.py
nosetests tests/test_rest.py
make -C jnipap test