Release QA - OS Matrix - Install from repo #24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release QA - OS Matrix - Install from repo | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| gitCheckoutRef: | |
| description: 'Git reference to checkout (defaults to the chosen branch or tag above when left empty)' | |
| required: false | |
| default: '' | |
| expectedSnoopyPackageVersion: | |
| description: 'Version of a Snoopy package (without the release number) to expect (gets latest Snoopy version tag from git when not given)' | |
| required: false | |
| default: '' | |
| # Commented out, as we can't do this automatically with the git push tag | |
| # release: | |
| # types: [published] | |
| # push: | |
| # branches: | |
| # - release-qa-os-matrix-install-from-repo | |
| # - introduce-distro-packaging | |
| jobs: | |
| release-qa-os-matrix-install-from-repo: | |
| name: Install on ${{matrix.container}} | |
| runs-on: ubuntu-20.04 | |
| ### Define the list of container images | |
| # | |
| container: ${{ matrix.container }} | |
| strategy: | |
| matrix: | |
| container: | |
| # Disabled because fakeroot hangs in a Docker container | |
| #- archlinux:base-devel | |
| - almalinux/8-base:latest | |
| - almalinux/9-base:latest | |
| - quay.io/centos/centos:stream9 | |
| - debian:buster | |
| - debian:bullseye | |
| - debian:bookworm | |
| - opensuse/leap:15.5 | |
| - opensuse/leap:15.6 | |
| - ubuntu:20.04 | |
| - ubuntu:22.04 | |
| - ubuntu:24.04 | |
| ### | |
| ### Steps to run | |
| ### | |
| steps: | |
| ### Install prerequisites | |
| # | |
| # Arch | |
| - run: | | |
| pacman-key --init | |
| pacman -Syu --noconfirm git curl tar gzip | |
| if: ${{ startsWith(matrix.container, 'archlinux:') }} | |
| # CentOS | |
| - run: yum install -y --allowerasing git curl tar gzip | |
| if: ${{ startsWith(matrix.container, 'almalinux/') || startsWith(matrix.container, 'quay.io/centos/centos:') }} | |
| # Debian / Ubuntu | |
| # ('dpkg-dev' is here to provide 'dpkg-architecture' command) | |
| # ('debconf-utils' is here to provide 'debconf-set-selections' command) | |
| - run: | | |
| DEBIAN_FRONTEND=noninteractive apt-get update -y | |
| DEBIAN_FRONTEND=noninteractive apt-get install -y git curl tar gzip dpkg-dev debconf-utils | |
| echo "snoopy snoopy/install-ld-preload boolean true" | debconf-set-selections | |
| if: ${{ startsWith(matrix.container, 'ubuntu:') || startsWith(matrix.container, 'debian:') }} | |
| # OpenSUSE | |
| - run: zypper -n install git curl tar gzip | |
| if: ${{ startsWith(matrix.container, 'opensuse/') }} | |
| ### Fetch the code | |
| # | |
| # This one is only needed to get that `extract-...` script. | |
| # NOTICE: For SUSE, make sure to install tar+gzip before running this action | |
| # | |
| - uses: actions/checkout@v2 | |
| with: | |
| # This awkward "ref" expression is a workaround to get a semblance | |
| # of an "if" statement into the workflow definition. | |
| ref: ${{ (github.event.inputs.gitCheckoutRef == '') && github.ref || github.event.inputs.gitCheckoutRef }} | |
| # Work around the fix for CVE-2022-24765 | |
| - run: git config --global --add safe.directory $GITHUB_WORKSPACE || true | |
| ### Install the package (& verify the installed version) | |
| # | |
| - name: Extract and run the installation steps | |
| shell: bash | |
| run: | | |
| MATRIX_CONTAINER='${{ matrix.container }}' | |
| ARG_EXPECTED_SNOOPY_PACKAGE_VERSION='${{ github.event.inputs.expectedSnoopyPackageVersion }}' | |
| CMD_FLAG_CHECK_LIBRARY_VERSION="" | |
| CMD_FLAG_CHECK_PACKAGE_VERSION="" | |
| if [ "$ARG_EXPECTED_SNOOPY_PACKAGE_VERSION" == "" ]; then | |
| CMD_FLAG_CHECK_LIBRARY_VERSION="-c" | |
| CMD_FLAG_CHECK_PACKAGE_VERSION="-p" | |
| else | |
| CMD_FLAG_CHECK_LIBRARY_VERSION="-C $ARG_EXPECTED_SNOOPY_PACKAGE_VERSION" | |
| # CMD_FLAG_CHECK_PACKAGE_VERSION="-P $ARG_EXPECTED_SNOOPY_PACKAGE_VERSION" | |
| CMD_FLAG_CHECK_PACKAGE_VERSION="-p" # This one uses the value of -C, but changes it into a package tag | |
| fi | |
| if [ "$ARG_EXPECTED_SNOOPY_PACKAGE_VERSION" != "" ]; then | |
| SNOOPY_VERSION="$ARG_EXPECTED_SNOOPY_PACKAGE_VERSION" | |
| else | |
| SNOOPY_VERSION=`./dev-tools/libexec/get-release-version.sh -m git` | |
| fi | |
| if [[ $SNOOPY_VERSION =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then | |
| CMD_FLAG_CHANNEL_TESTING="" | |
| else | |
| CMD_FLAG_CHANNEL_TESTING="-t" | |
| fi | |
| # Arch repos have some symlinks that raw.githubusercontent.com does not handle properly, | |
| # making package installation fail with some gpg signature issue (in reality, 404 or invalid content). | |
| if [[ $MATRIX_CONTAINER =~ ^archlinux ]]; then | |
| CMD_FLAG_RAW_GITHUBUSERCONTENT="" | |
| else | |
| CMD_FLAG_RAW_GITHUBUSERCONTENT="-r" | |
| fi | |
| ./dev-tools/libexec/extract-native-package-install-steps.sh \ | |
| -a \ | |
| -e \ | |
| $CMD_FLAG_RAW_GITHUBUSERCONTENT \ | |
| $CMD_FLAG_CHECK_LIBRARY_VERSION \ | |
| $CMD_FLAG_CHECK_PACKAGE_VERSION \ | |
| $CMD_FLAG_CHANNEL_TESTING | |
| ### Verify Snoopy operation | |
| # | |
| - name: Verify Snoopy operation | |
| run: | | |
| touch /var/log/snoopy.log | |
| echo "output = file:/var/log/snoopy.log" >> /etc/snoopy.ini | |
| /bin/echo "Snoopy is alive and well" | |
| cat /var/log/snoopy.log | grep -v ': grep' | grep "Snoopy is alive and well" |