Skip to content
Back to pull request #1097

build(deps): bump actions/checkout from 4.1.1 to 4.1.2 #513

Sign in to view logs

build(deps): bump actions/checkout from 4.1.1 to 4.1.2

build(deps): bump actions/checkout from 4.1.1 to 4.1.2 #513

Workflow file for this run

.github/workflows/melange-test-pipelines.yaml at 9a8f23c
name: Test melange test command
on:
push:
branches: [ "main" ]
pull_request:
branches: [ "main" ]
jobs:
build-melange:
name: Build melange and add to artifact cache
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: '1.21'
check-latest: true
- name: build
run: |
make melange
- uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: melange-${{ github.run_id }}
path: ${{ github.workspace }}/melange
retention-days: 1
test-packages:
name: Test packages
needs:
- build-melange
# TODO: Set up a larger runner for this.
runs-on: ubuntu-latest
permissions:
contents: read
# This is a list of packages which we want to test against.
# Feel free to add additional packages to this matrix which exercise
# Melange `test` in new ways (e.g. new pipelines, etc.)
# Each test file is of the form <package-name>-test.yaml and gets
# constructed from the package name.
strategy:
fail-fast: false
matrix:
package:
- php-8.2-msgpack
- py3-pandas
- numpy
# The ones with -nopkg are packages which do not specify test
# packages, and they are added to the test environment by using flags.
# They make sure the flag `--test-package-append` works.
# We also do not specify the test package in the test file, so that
# we test that the main package gets correctly pulled from the file.
- php-8.2-msgpack-nopkg
- py3-pandas-nopkg
steps:
- uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
# Grab the melange we uploaded above, and install it.
- uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
with:
name: melange-${{ github.run_id }}
path: ${{ github.workspace }}/.melange-dir
run-id: ${{ github.run_id }}
- run: |
sudo mv ${{ github.workspace }}/.melange-dir/melange /usr/bin/melange
sudo chmod a+x /usr/bin/melange
melange version
- run: |
sudo apt-get -y install bubblewrap
# Make sure we have our tests files here.
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
- name: Run without additional test packages.
# Any package ending with -nopkg will fail if we do not add the
# extra test packages to it, so test in a separate leg.
if: ${{ ! endsWith( matrix.package, '-nopkg' ) }}
run: |
testfile="${{ matrix.package }}-test.yaml"
echo "Testing $testfile"
melange test --arch x86_64 --source-dir ./e2e-tests/test-fixtures \
./e2e-tests/$testfile ${{ matrix.package }} \
--repository-append https://packages.wolfi.dev/os \
--keyring-append https://packages.wolfi.dev/os/wolfi-signing.rsa.pub
- name: Run with additional test packages (--test-package-append).
# Any package ending with -nopkg will need to have test packages
# added to it. Note that we do not add a package to test either, pull
# that from the test file.
if: endsWith( matrix.package, '-nopkg' )
run: |
testfile="${{ matrix.package }}-test.yaml"
echo "Testing $testfile"
melange test --arch x86_64 --source-dir ./e2e-tests/test-fixtures \
./e2e-tests/$testfile \
--repository-append https://packages.wolfi.dev/os \
--keyring-append https://packages.wolfi.dev/os/wolfi-signing.rsa.pub \
--test-package-append busybox \
--test-package-append python-3