chore(deps): update nginx docker digest to 447a866 #1573
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: ansible-test | |
on: | |
# Run CI against all pushes (direct commits, also merged PRs), Pull Requests | |
push: | |
branches: [main] | |
pull_request: | |
# The branches below must be a subset of the branches above | |
branches: [main] | |
# Run CI once per week (at 06:00 UTC) | |
# This ensures that even if there haven't been commits that we are still | |
# testing against latest version of ansible-test for each ansible-core | |
# version | |
schedule: | |
- cron: '0 6 * * 1' | |
# A workflow run is made up of one or more jobs that can run sequentially or in parallel | |
jobs: | |
ansible-sanity-tests: | |
name: Sanity (Ⓐ${{ matrix.ansible }}+py${{ matrix.python }}) | |
strategy: | |
matrix: | |
ansible: | |
# It's important that Sanity is tested against all stable-X.Y branches | |
# Testing against `devel` may fail as new tests are added. | |
- stable-2.15 | |
- stable-2.16 | |
- stable-2.17 | |
- devel | |
python: | |
- "3.11" | |
runs-on: >- | |
${{ contains(fromJson( | |
'["stable-2.9", "stable-2.10", "stable-2.11"]' | |
), matrix.ansible) && 'ubuntu-20.04' || 'ubuntu-latest' }} | |
steps: | |
# ansible-test requires the collection to be in a directory in the form | |
# .../ansible_collections/NAMESPACE/COLLECTION_NAME/ | |
- name: Check out code | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
with: | |
path: ansible_collections/telekom_mms/acme | |
- name: Set up Python ${{ matrix.ansible }} | |
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5 | |
with: | |
python-version: ${{ matrix.python }} | |
# Install the head of the given branch (devel, stable-2.10) | |
- name: Install ansible-base (${{ matrix.ansible }}) | |
run: python -m pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible }}.tar.gz --disable-pip-version-check | |
# run ansible-test sanity inside of Docker. | |
# The docker container has all the pinned dependencies that are required. | |
# Explicitly specify the version of Python we want to test | |
- name: Run sanity tests | |
run: ansible-test sanity --docker -v --color --python ${{ matrix.python }} | |
working-directory: ./ansible_collections/telekom_mms/acme | |
linting: | |
name: Ansible Lint | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out code | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
- name: Run Linting | |
uses: ansible/ansible-lint@95382d398ea1744bf6bfa47b030f14c38b3f6957 # 24.7.0 | |
integration-tests: | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: ansible_collections/telekom_mms/acme | |
strategy: | |
fail-fast: false | |
matrix: | |
ansible: | |
- devel | |
# - milestone | |
python: | |
- '3.11' | |
- '3.12' | |
include: | |
# Add new versions announced in | |
# https://github.com/ansible-collections/news-for-maintainers in a timely manner, | |
# consider dropping testing against EOL versions and versions you don't support. | |
# ansible-core 2.15 | |
- ansible: stable-2.15 | |
python: '3.9' | |
- ansible: stable-2.15 | |
python: '3.10' | |
- ansible: stable-2.15 | |
python: '3.11' | |
# ansible-core 2.16 | |
- ansible: stable-2.16 | |
python: '3.10' | |
- ansible: stable-2.16 | |
python: '3.11' | |
- ansible: stable-2.16 | |
python: '3.12' | |
# ansible-core 2.17 | |
- ansible: stable-2.17 | |
python: '3.10' | |
- ansible: stable-2.17 | |
python: '3.11' | |
- ansible: stable-2.17 | |
python: '3.12' | |
# start nginx as service to test validation via http-challenge local path | |
services: | |
nginx: | |
image: nginx@sha256:98f8ec75657d21b924fe4f69b6b9bff2f6550ea48838af479d8894a852000e40 | |
volumes: | |
- /tmp:/usr/share/nginx/html | |
ports: | |
- 5002:80 | |
steps: | |
- name: Check out code to collections-folder, so ansible finds it | |
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 | |
with: | |
path: ansible_collections/telekom_mms/acme | |
- name: Run Pebble and challtestsrv | |
run: curl https://raw.githubusercontent.com/letsencrypt/pebble/master/docker-compose.yml | docker-compose -f - up -d | |
- name: Set up Pebble | |
run: curl --request POST --data '{"ip":"10.30.50.1"}' http://localhost:8055/set-default-ipv4 | |
# change uid of nginx user in nginx service container to uid of github runner id to allow reading of created hash file by nginx process | |
- name: change uid of nginx user in container | |
run: docker exec -i ${{ job.services.nginx.id }} usermod -u 1001 nginx | |
# restart docker container to start nginx process with new uid | |
- name: restart docker container of service | |
run: docker restart ${{ job.services.nginx.id }} | |
- name: Set up Python ${{ matrix.ansible }} | |
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5 | |
with: | |
python-version: ${{ matrix.python }} | |
- name: Install ansible-base (${{ matrix.ansible }}) | |
run: python -m pip install https://github.com/ansible/ansible/archive/${{ matrix.ansible }}.tar.gz --disable-pip-version-check | |
- name: build the collection | |
run: ansible-galaxy collection build | |
- name: install the collection | |
run: ansible-galaxy collection install -p /home/runner/work/ansible-collection-acme/ansible-collection-acme *.tar.gz | |
- name: install community.crypto collection | |
run: ansible-galaxy collection install -p /home/runner/work/ansible-collection-acme/ansible-collection-acme community.crypto | |
- name: Run integration tests | |
run: ansible-test integration -v --color --retry-on-error --continue-on-error --diff --python ${{ matrix.python }} --requirements | |
working-directory: ./ansible_collections/telekom_mms/acme |