fedora-40 image refresh and naughty pattern for 7139 #9426
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: test | |
on: [pull_request] | |
jobs: | |
bots: | |
runs-on: ubuntu-22.04 | |
container: | |
image: ghcr.io/cockpit-project/tasks | |
options: --user root | |
permissions: | |
pull-requests: none | |
steps: | |
- name: Clone repository | |
uses: actions/checkout@v4 | |
# https://github.blog/2022-04-12-git-security-vulnerability-announced/ | |
- name: Pacify git's permission check | |
run: git config --global --add safe.directory /__w/bots/bots | |
- name: Run test | |
run: test/run | |
cockpituous: | |
runs-on: ubuntu-22.04 | |
permissions: | |
# enough permissions for tests-scan to work | |
pull-requests: read | |
statuses: write | |
steps: | |
- name: Clone repository | |
uses: actions/checkout@v4 | |
with: | |
# need this to get origin/main for git diff | |
fetch-depth: 0 | |
- name: Rebase to target branch | |
run: | | |
git config user.name github-actions | |
git config user.email [email protected] | |
git rebase origin/${{ github.event.pull_request.base.ref }} | |
- name: Check whether there are changes that might affect the deployment | |
id: changes | |
run: | | |
git log --exit-code --stat HEAD --not origin/${{ github.event.pull_request.base.ref }} -- \ | |
':!.github/workflows' \ | |
':!README.md' \ | |
':!HACKING.md' \ | |
':!images' \ | |
':!image-create' \ | |
':!image-customize' \ | |
':!image-trigger' \ | |
':!naughty' \ | |
':!machine/machine_core' \ | |
':!lib/allowlist.py' \ | |
':!lib/testmap.py' \ | |
':!test/' \ | |
':!vm-run' \ | |
>&2 || echo "changed=true" >> "$GITHUB_OUTPUT" | |
- name: Ensure branch was proposed from origin | |
if: steps.changes.outputs.changed | |
run: test "${{ github.event.pull_request.head.repo.url }}" = "${{ github.event.pull_request.base.repo.url }}" | |
- name: Clone cockpituous repository | |
if: steps.changes.outputs.changed | |
uses: actions/checkout@v4 | |
with: | |
repository: cockpit-project/cockpituous | |
path: cockpituous | |
- name: Install test dependencies | |
if: steps.changes.outputs.changed | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y make python3-pytest | |
# HACK: Ubuntu 22.04 has podman 3.4, which isn't compatible with podman-remote 4 in our tasks container | |
# This PPA is a backport of podman 4.3 from Debian 12; drop this when moving `runs-on:` to ubuntu-24.04 | |
- name: Update to newer podman | |
if: steps.changes.outputs.changed | |
run: | | |
sudo add-apt-repository -y ppa:quarckster/containers | |
sudo apt install -y podman | |
systemctl --user daemon-reload | |
- name: Test local CI deployment | |
if: steps.changes.outputs.changed | |
run: | | |
set -ex | |
if [ -n '${{ github.event.pull_request.number }}' ]; then | |
echo '${{ secrets.GITHUB_TOKEN }}' > /tmp/github-token | |
pr_args='--pr-repository ${{ github.event.pull_request.base.user.login }}/bots --pr ${{ github.event.pull_request.number }} --github-token=/tmp/github-token' | |
repo='${{ github.event.pull_request.head.repo.clone_url }}' | |
branch='${{ github.event.pull_request.head.ref }}' | |
else | |
# push event; skip testing a PR | |
repo='${{ github.event.repository.clone_url }}' | |
branch="${GITHUB_REF##*/}" | |
fi | |
cd cockpituous | |
COCKPIT_BOTS_REPO=$repo COCKPIT_BOTS_BRANCH=$branch python3 -m pytest -vv ${pr_args:-} |