Skip to content

WIP: Add build caching to CI tests #565

WIP: Add build caching to CI tests

WIP: Add build caching to CI tests #565

Workflow file for this run

name: CI
on: [push, pull_request]
defaults:
run:
shell: bash
jobs:
lint:
runs-on: ubuntu-latest
container: ubuntu:focal
steps:
- name: Install Git
run: |
apt-get update && apt-get install --yes git
- uses: actions/checkout@v4
- name: Install dependencies
run: |
DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt-get install --yes --no-install-recommends \
build-essential python3-virtualenv python3-dev enchant file apache2-dev jq
virtualenv .venv
# TODO: this should be one step, but there are too many conflicting dependencies
./.venv/bin/pip install -r securedrop/requirements/python3/test-requirements.txt
./.venv/bin/pip install -r securedrop/requirements/python3/requirements.txt
./.venv/bin/pip install -r securedrop/requirements/python3/develop-requirements.txt
- name: Run lint
run: |
git config --global --add safe.directory $GITHUB_WORKSPACE
source .venv/bin/activate
make lint
build-image:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/cache/restore@v4
id: cache
with:
path: ".cache"
key: ${{ runner.os }}-image-${{ hashFiles('securedrop/dockerfiles/focal/python3/*') }}
- if: ${{ steps.cache.outputs.cache-hit == 'true' }}
name: Load layers from cache
continue-on-error: true
run: |
docker load -i .cache/layers.tar
rm .cache/layers.tar
- name: Build image
run: |
DOCKER_BUILD_VERBOSE=true ./securedrop/bin/dev-shell true
- name: Export image layers
run: |
mkdir -p .cache
docker save -o .cache/layers.tar $(docker images -aq)
- uses: actions/cache/save@v4
with:
path: ".cache"
key: ${{ steps.cache.outputs.cache-primary-key }}
test-app:
runs-on: ubuntu-latest
needs:
- build-image
steps:
- uses: actions/checkout@v4
- uses: actions/cache/restore@v4
id: cache
with:
path: ".cache"
key: ${{ runner.os }}-image-${{ hashFiles('securedrop/dockerfiles/focal/python3/*') }}
- if: ${{ steps.cache.outputs.cache-hit == 'true' }}
name: Load layers from cache
continue-on-error: true
run: |
docker load -i .cache/layers.tar
rm .cache/layers.tar
- name: Build image
run: |
DOCKER_BUILD_VERBOSE=true ./securedrop/bin/dev-shell true
- name: Run application tests
run: |
make test-app
test-functional:
runs-on: ubuntu-latest
needs:
- build-image
steps:
- uses: actions/checkout@v4
- uses: actions/cache/restore@v4
id: cache
with:
path: ".cache"
key: ${{ runner.os }}-image-${{ hashFiles('securedrop/dockerfiles/focal/python3/*') }}
- if: ${{ steps.cache.outputs.cache-hit == 'true' }}
name: Load layers from cache
continue-on-error: true
run: |
docker load -i .cache/layers.tar
rm .cache/layers.tar
- name: Build image
run: |
DOCKER_BUILD_VERBOSE=true ./securedrop/bin/dev-shell true
- name: Run functional tests
run: |
make test-functional
test-pageslayout:
runs-on: ubuntu-latest
needs:
- build-image
steps:
- uses: actions/checkout@v4
- uses: actions/cache/restore@v4
id: cache
with:
path: ".cache"
key: ${{ runner.os }}-image-${{ hashFiles('securedrop/dockerfiles/focal/python3/*') }}
- if: ${{ steps.cache.outputs.cache-hit == 'true' }}
name: Load layers from cache
continue-on-error: true
run: |
docker load -i .cache/layers.tar
rm .cache/layers.tar
- name: Build image
run: |
DOCKER_BUILD_VERBOSE=true ./securedrop/bin/dev-shell true
- name: Run page layout tests
run: |
make test-pageslayout
- name: Validate HTML (informational)
run: |
make validate-test-html || true
- name: Validate accessibility (informational)
run: |
make accessibility-summary || true
rust:
runs-on: ubuntu-latest
# Keep version in sync with rust-toolchain.toml
container: rust:1.78.0
steps:
- uses: actions/checkout@v4
- name: Install dependencies
run: |
rustup component add rustfmt
rustup component add clippy
- name: Lint and test Rust code
run: |
make rust-lint
make rust-test
updater-gui-tests:
runs-on: ubuntu-latest
container: debian:bullseye
steps:
- name: Install dependencies
run: |
apt-get update && apt-get install --yes git libqt5designer5 python3-venv
- uses: actions/checkout@v4
- name: Install Python dependencies
run: |
cd journalist_gui
python3 -m venv .venv/ && source .venv/bin/activate
pip install --require-hashes -r dev-requirements.txt
- name: Run tests
run: |
cd journalist_gui
source .venv/bin/activate
QT_QPA_PLATFORM=offscreen python3 test_gui.py -v