diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 00000000..3c066bd4 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,63 @@ +# SALTSTACK CODE OWNERS + +# See https://help.github.com/articles/about-codeowners/ +# for more info about the CODEOWNERS file + +# Lines starting with '#' are comments. +# Each line is a file pattern followed by one or more owners. + +# This file uses an fnmatch-style matching pattern. + +# Team Core +* @saltstack/team-core + +# Team Boto +salt/*/*boto* @saltstack/team-core + +# Team Cloud +salt/cloud/* @saltstack/team-core +salt/utils/openstack/* @saltstack/team-core +salt/utils/aws.py @saltstack/team-core +salt/*/*cloud* @saltstack/team-core + +# Team NetAPI +salt/cli/api.py @saltstack/team-core +salt/client/netapi.py @saltstack/team-core +salt/netapi/* @saltstack/team-core + +# Team Network +salt/proxy/* @saltstack/team-core + +# Team SPM +salt/cli/spm.py @saltstack/team-core +salt/spm/* @saltstack/team-core + +# Team SSH +salt/cli/ssh.py @saltstack/team-core +salt/client/ssh/* @saltstack/team-core +salt/roster/* @saltstack/team-core +salt/runners/ssh.py @saltstack/team-core +salt/*/thin.py @saltstack/team-core + +# Team State +salt/state.py @saltstack/team-core + +# Team SUSE +salt/*/*btrfs* @saltstack/team-core +salt/*/*kubernetes* @saltstack/team-core +salt/*/*pkg* @saltstack/team-core +salt/*/*snapper* @saltstack/team-core +salt/*/*xfs* @saltstack/team-core +salt/*/*zypper* @saltstack/team-core + +# Team Transport +salt/transport/* @saltstack/team-core +salt/utils/zeromq.py @saltstack/team-core + +# Team Windows +salt/*/*win* @saltstack/team-core +salt/modules/reg.py @saltstack/team-core +salt/states/reg.py @saltstack/team-core +tests/*/*win* @saltstack/team-core +tests/*/test_reg.py @saltstack/team-core +tests/pytests/* @saltstack/team-core @s0undt3ch diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md new file mode 100644 index 00000000..f518f3d4 --- /dev/null +++ b/.github/ISSUE_TEMPLATE.md @@ -0,0 +1,11 @@ +### Description of Issue + + +### Setup +(Please provide relevant configs and/or SLS files (Be sure to remove sensitive info).) + +### Steps to Reproduce Issue +(Include debug logs if possible and relevant.) + +### Versions Report +(Provided by running `salt --versions-report`. Please also mention any differences in master/minion versions.) diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 00000000..6f61f033 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,48 @@ +--- +name: Bug report +about: Create a report to help us improve +title: "[BUG]" +labels: Bug, needs-triage +assignees: '' + +--- + +**Description** +A clear and concise description of what the bug is. + +**Setup** +(Please provide relevant configs and/or SLS files (be sure to remove sensitive info. There is no general set-up of Salt.) + +Please be as specific as possible and give set-up details. + +- [ ] on-prem machine +- [ ] VM (Virtualbox, KVM, etc. please specify) +- [ ] VM running on a cloud service, please be explicit and add details +- [ ] container (Kubernetes, Docker, containerd, etc. please specify) +- [ ] or a combination, please be explicit +- [ ] jails if it is FreeBSD +- [ ] classic packaging +- [ ] onedir packaging +- [ ] used bootstrap to install + + +**Steps to Reproduce the behavior** +(Include debug logs if possible and relevant) + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**Screenshots** +If applicable, add screenshots to help explain your problem. + +**Versions Report** +
salt --versions-report +(Provided by running salt --versions-report. Please also mention any differences in master/minion versions.) + +```yaml +PASTE HERE +``` +
+ +**Additional context** +Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 00000000..c465f8de --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,11 @@ +blank_issues_enabled: true +contact_links: + - name: Salt Community Slack + url: https://saltstackcommunity.slack.com/ + about: Please ask and answer questions here. + - name: Salt-Users Forum + url: https://groups.google.com/forum/#!forum/salt-users + about: Please ask and answer questions here. + - name: Salt on LiberaChat + url: https://web.libera.chat/#salt + about: Please ask and answer questions here. diff --git a/.github/ISSUE_TEMPLATE/docs.md b/.github/ISSUE_TEMPLATE/docs.md new file mode 100644 index 00000000..311e9316 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/docs.md @@ -0,0 +1,23 @@ +--- +name: Docs +about: Issue related to Salt Documentation +title: "[DOCS]" +labels: Documentation, needs-triage +assignees: '' + +--- + +**Description** +A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + +**Suggested Fix** +What did you expect to see in the documentation that is missing or needs updating? + +**Type of documentation** +This could be Salt documentation, Salt modules, the Salt Repo or the Getting Started guide. + +**Location or format of documentation** +Insert page URL if applicable. + +**Additional context** +Add any other context or screenshots about the feature request here. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 00000000..e35351f1 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,23 @@ +--- +name: Feature request +about: Suggest an idea for this project +title: "[FEATURE REQUEST]" +labels: Feature, needs-triage +assignees: '' + +--- + +**Is your feature request related to a problem? Please describe.** +A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + +**Describe the solution you'd like** +A clear and concise description of what you want to happen. + +**Describe alternatives you've considered** +A clear and concise description of any alternative solutions or features you've considered. + +**Additional context** +Add any other context or screenshots about the feature request here. + +**Please Note** +If this feature request would be considered a substantial change or addition, this should go through a SEP process here https://github.com/saltstack/salt-enhancement-proposals, instead of a feature request. diff --git a/.github/ISSUE_TEMPLATE/tech-debt.md b/.github/ISSUE_TEMPLATE/tech-debt.md new file mode 100644 index 00000000..a13303e3 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/tech-debt.md @@ -0,0 +1,14 @@ +--- +name: Tech Debt +about: Issue is related to tech debt. This includes compatibility changes for newer versions of software and OSes that salt interacts with. +title: "[TECH DEBT]" +labels: tech-debt +assignees: '' + +--- + +### Description of the tech debt to be addressed, include links and screenshots + + +### Versions Report +(Provided by running `salt --versions-report`. Please also mention any differences in master/minion versions.) diff --git a/.github/ISSUE_TEMPLATE/test-failure.md b/.github/ISSUE_TEMPLATE/test-failure.md new file mode 100644 index 00000000..6eec4274 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/test-failure.md @@ -0,0 +1,10 @@ +--- +name: Test Failure +about: Jenkins Test Failure issues +title: "[TEST FAILURE]" +labels: 'Test-Failure' +assignees: '' + +--- + +Please paste the link from the specific build where the failure first started: diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 00000000..7d63a7c6 --- /dev/null +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,24 @@ +### What does this PR do? + +### What issues does this PR fix or reference? +Fixes: + +### Previous Behavior +Remove this section if not relevant + +### New Behavior +Remove this section if not relevant + +### Merge requirements satisfied? +**[NOTICE] Bug fixes or features added to Salt require tests.** + +- [ ] Docs +- [ ] Changelog - https://docs.saltproject.io/en/master/topics/development/changelog.html +- [ ] Tests written/updated + +### Commits signed with GPG? +Yes/No + +Please review [Salt's Contributing Guide](https://docs.saltproject.io/en/master/topics/development/contributing.html) for best practices. + +See GitHub's [page on GPG signing](https://help.github.com/articles/signing-commits-using-gpg/) for more information about signing commits with GPG. diff --git a/.github/actionlint.yaml b/.github/actionlint.yaml new file mode 100644 index 00000000..f37fdbea --- /dev/null +++ b/.github/actionlint.yaml @@ -0,0 +1,14 @@ +self-hosted-runner: + # Labels of self-hosted runner in array of string + labels: + - bastion + - x86_64 + - arm64 + - aarch64 + - amd64 + - repo-nightly + - repo-staging + - repo-release + - medium + - large + - macos-13-xlarge diff --git a/.github/actions/build-onedir-deps/action.yml b/.github/actions/build-onedir-deps/action.yml new file mode 100644 index 00000000..511fe5a5 --- /dev/null +++ b/.github/actions/build-onedir-deps/action.yml @@ -0,0 +1,65 @@ +--- +name: build-onedir-deps +description: Build Onedir Dependencies +inputs: + platform: + required: true + type: string + description: The platform to build + arch: + required: true + type: string + description: The platform arch to build + python-version: + required: true + type: string + description: The python version to build + package-name: + required: false + type: string + description: The onedir package name to create + default: salt + cache-prefix: + required: true + type: string + description: Seed used to invalidate caches + + +env: + COLUMNS: 190 + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + RELENV_BUILDENV: 1 + + +runs: + using: composite + + steps: + + - name: Cache Deps Onedir Package Directory + id: onedir-pkg-cache + uses: actions/cache@v3.3.1 + with: + path: artifacts/${{ inputs.package-name }} + key: > + ${{ inputs.cache-prefix }}|${{ inputs.python-version }}|deps|${{ inputs.platform }}|${{ inputs.arch }}|${{ inputs.package-name }}|${{ + hashFiles( + format('{0}/.relenv/**/*.xz', github.workspace), + 'requirements/static/pkg/*/*.txt', + '.github/actions/build-onedir-deps/action.yml', + '.github/workflows/build-deps-onedir-*.yml', + 'cicd/shared-gh-workflows-context.yml' + ) + }} + + - name: Install Salt Onedir Package Dependencies + shell: bash + if: steps.onedir-pkg-cache.outputs.cache-hit != 'true' + run: | + tools pkg build onedir-dependencies --arch ${{ inputs.arch }} --python-version ${{ inputs.python-version }} --package-name artifacts/${{ inputs.package-name }} --platform ${{ inputs.platform }} + + - name: Cleanup Salt Onedir Directory + shell: bash + run: | + tools pkg pre-archive-cleanup artifacts/${{ inputs.package-name }} diff --git a/.github/actions/build-onedir-salt/action.yml b/.github/actions/build-onedir-salt/action.yml new file mode 100644 index 00000000..50969bb8 --- /dev/null +++ b/.github/actions/build-onedir-salt/action.yml @@ -0,0 +1,108 @@ +--- +name: build-onedir-salt +description: Build Onedir Package +inputs: + platform: + required: true + type: string + description: The platform to build + arch: + required: true + type: string + description: The platform arch to build + package-name: + required: false + type: string + description: The onedir package name to create + default: salt + cache-prefix: + required: true + type: string + description: Seed used to invalidate caches + python-version: + required: true + type: string + description: The python version to build + salt-version: + type: string + required: true + description: The Salt version to set prior to building packages. + + +env: + COLUMNS: 190 + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + RELENV_BUILDENV: 1 + + +runs: + using: composite + + steps: + + - name: Download Cached Deps Onedir Package Directory + id: onedir-bare-cache + uses: actions/cache@v3.3.1 + with: + path: artifacts/${{ inputs.package-name }} + key: > + ${{ inputs.cache-prefix }}|${{ inputs.python-version }}|deps|${{ inputs.platform }}|${{ inputs.arch }}|${{ inputs.package-name }}|${{ + hashFiles( + format('{0}/.relenv/**/*.xz', github.workspace), + 'requirements/static/pkg/*/*.txt', + '.github/actions/build-onedir-deps/action.yml', + '.github/workflows/build-deps-onedir-*.yml', + 'cicd/shared-gh-workflows-context.yml' + ) + }} + + - name: Download Source Tarball + uses: actions/download-artifact@v3 + with: + name: salt-${{ inputs.salt-version }}.tar.gz + + - name: Install Salt Into Onedir + shell: bash + run: | + tools pkg build salt-onedir salt-${{ inputs.salt-version }}.tar.gz --platform ${{ inputs.platform }} --package-name artifacts/${{ inputs.package-name }} + + - name: Cleanup Salt Onedir Directory + shell: bash + run: | + tools pkg pre-archive-cleanup artifacts/${{ inputs.package-name }} + + - name: Create Archive + shell: bash + run: | + cd artifacts/ + tar -cJf ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.tar.xz ${{ inputs.package-name }} + + - name: Create Archive (Zipfile) + if: ${{ inputs.platform == 'windows' }} + shell: powershell + run: | + cd artifacts + py -3 -m zipfile -c "${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.zip" ${{ inputs.package-name }} + + - name: Create Hash Files + shell: bash + run: | + tools pkg generate-hashes artifacts/${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.* + + - name: Upload Onedir Tarball as an Artifact + uses: actions/upload-artifact@v3 + with: + name: ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.tar.xz + path: artifacts/${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.tar.xz* + retention-days: 7 + if-no-files-found: error + + - name: Upload Onedir Zipfile as an Artifact + if: ${{ inputs.platform == 'windows' }} + uses: actions/upload-artifact@v3 + with: + name: ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.zip + path: artifacts/${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.zip* + retention-days: 7 + if-no-files-found: error diff --git a/.github/actions/build-source-tarball/action.yml b/.github/actions/build-source-tarball/action.yml new file mode 100644 index 00000000..f755951f --- /dev/null +++ b/.github/actions/build-source-tarball/action.yml @@ -0,0 +1,61 @@ +--- +name: build-source-tarball +description: Build Source Tarball +inputs: + salt-version: + type: string + required: true + description: The Salt version to set prior to building the tarball. + nox-version: + required: false + type: string + description: The version of Nox to install + default: "2022.8.7" + + +env: + COLUMNS: 190 + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + + +runs: + using: composite + + steps: + + - name: Download Release Patch + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + uses: actions/download-artifact@v3 + with: + name: salt-${{ inputs.salt-version }}.patch + + - name: Configure Git + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + shell: bash + run: | + tools pkg configure-git + + - name: Apply Release Patch + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + shell: bash + run: | + tools pkg apply-release-patch salt-${{ inputs.salt-version }}.patch --delete + + - name: Create Source Tarball + shell: bash + run: | + tools pkg source-tarball + + - name: Create Hash Files + shell: bash + run: | + tools pkg generate-hashes dist/salt-${{ inputs.salt-version }}.tar.gz + + - name: Upload Source Tarball as an Artifact + uses: actions/upload-artifact@v3 + with: + name: salt-${{ inputs.salt-version }}.tar.gz + path: dist/salt-*.tar.gz* + retention-days: 7 + if-no-files-found: error diff --git a/.github/actions/cached-virtualenv/action.yml b/.github/actions/cached-virtualenv/action.yml new file mode 100644 index 00000000..f135d911 --- /dev/null +++ b/.github/actions/cached-virtualenv/action.yml @@ -0,0 +1,93 @@ +--- +name: cached-virtualenv +description: Setup a cached python virtual environment + +inputs: + name: + required: true + type: string + description: The Virtualenv Name + cache-seed: + required: true + type: string + description: Seed used to invalidate caches +outputs: + cache-hit: + value: ${{ steps.cache-virtualenv.outputs.cache-hit }} + cache-key: + value: ${{ steps.setup-cache-key.outputs.cache-key }} + python-executable: + value: ${{ steps.define-python-executable.outputs.python-executable }} + + +env: + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + + +runs: + using: composite + + steps: + + - name: Get Python Version + id: get-python-version + uses: ./.github/actions/get-python-version + with: + python-binary: python3 + + - name: Setup Cache Key + shell: bash + id: setup-cache-key + run: | + echo "cache-key=${{ inputs.cache-seed }}|${{ runner.os }}|${{ runner.arch }}|cached-venv|${{ steps.get-python-version.outputs.version }}|${{ inputs.name }}" >> "${GITHUB_OUTPUT}" + + - name: Define VirtualEnv path + shell: bash + id: virtualenv-path + run: | + cd ${{ github.workspace }} > /dev/null 2>&1 || true + VENVS_PATH=$(echo ".venvs/py${{ steps.get-python-version.outputs.version }}" | python3 -c 'import sys, pathlib; sys.stdout.write(pathlib.Path.cwd().joinpath(sys.stdin.read()).as_posix())') + echo "venvs-path=$VENVS_PATH" | tee -a "$GITHUB_OUTPUT" + VENV_PATH=$(echo ".venvs/py${{ steps.get-python-version.outputs.version }}/${{ inputs.name }}" | python3 -c 'import sys, pathlib; sys.stdout.write(pathlib.Path.cwd().joinpath(sys.stdin.read()).as_posix())') + echo "venv-path=$VENV_PATH" | tee -a "$GITHUB_OUTPUT" + + - name: Cache VirtualEnv + id: cache-virtualenv + uses: actions/cache@v3.3.1 + with: + key: ${{ steps.setup-cache-key.outputs.cache-key }} + path: ${{ steps.virtualenv-path.outputs.venv-path }} + + - name: Create Virtualenv + shell: bash + if: ${{ steps.cache-virtualenv.outputs.cache-hit != 'true' }} + run: | + mkdir -p ${{ steps.virtualenv-path.outputs.venvs-path }} + python3 -m venv --upgrade ${{ steps.virtualenv-path.outputs.venv-path }} + + - name: Define python executable output + shell: bash + id: define-python-executable + run: | + shopt -s nocasematch + if [[ "${{ runner.os }}" =~ "win" ]]; then + BIN_DIR="${{ steps.virtualenv-path.outputs.venv-path }}/Scripts" + PY_EXE="$BIN_DIR/python.exe" + else + BIN_DIR="${{ steps.virtualenv-path.outputs.venv-path }}/bin" + PY_EXE="$BIN_DIR/python3" + if [ ! -f "$PY_EXE" ]; then + echo "The '${PY_EXE}' binary does not exist. Setting it to '$BIN_DIR/python' ..." + PY_EXE="$BIN_DIR/python" + fi + if [ ! -f "$PY_EXE" ]; then + echo "The '${PY_EXE}' binary does not exist. Showing the tree output for '${BIN_DIR}' ..." + tree -a "$BIN_DIR" + exit 1 + fi + fi + shopt -u nocasematch + $PY_EXE --version + echo "python-executable=$PY_EXE" | tee -a "${GITHUB_OUTPUT}" + echo "${BIN_DIR}" | tee -a "${GITHUB_PATH}" diff --git a/.github/actions/download-artifact/action.yml b/.github/actions/download-artifact/action.yml new file mode 100644 index 00000000..5646eb93 --- /dev/null +++ b/.github/actions/download-artifact/action.yml @@ -0,0 +1,39 @@ +# This actions was inspired by https://github.com/alehechka/download-tartifact +--- +name: Download Tar Artifact +description: > + Download and extract a tar artifact that was previously uploaded in the + workflow by the upload-tartifact action + +inputs: + name: + description: Artifact name + required: false + path: + description: Destination path + required: false + archive-name: + description: > + By default `inputs.name`(last resort, `archive`) is what's used to name the archive. + This parameter allows a customizing that archive name. This will allow uploading multiple + archives under the same 'name', like the underlying official action does + without overriding the existing archives. + required: false + +runs: + using: composite + steps: + - uses: actions/download-artifact@v3 + with: + name: ${{ inputs.name }} + path: ${{ inputs.path }} + + - shell: bash + working-directory: ${{ inputs.path }} + run: | + tar -xvf ${{ inputs.archive-name || inputs.name || 'archive' }}.tar.gz + + - shell: bash + working-directory: ${{ inputs.path }} + run: | + rm -f ${{ inputs.archive-name || inputs.name || 'archive' }}.tar.gz diff --git a/.github/actions/get-python-version/action.yml b/.github/actions/get-python-version/action.yml new file mode 100644 index 00000000..f2b045f7 --- /dev/null +++ b/.github/actions/get-python-version/action.yml @@ -0,0 +1,45 @@ +--- +name: get-python-version +description: Setup Relenv +inputs: + python-binary: + required: true + type: string + description: The python binary to get the version from +outputs: + binary: + value: ${{ steps.get-python-version.outputs.binary }} + version: + value: ${{ steps.get-python-version.outputs.version }} + full-version: + value: ${{ steps.get-python-version.outputs.full-version }} + version-sha256sum: + value: ${{ steps.get-python-version.outputs.version-sha256sum }} + + +runs: + using: composite + + steps: + + - name: Install System Packages + if: ${{ runner.os == 'macOS' }} + shell: bash + run: | + brew install coreutils + + - name: Get Python Version + id: get-python-version + shell: bash + run: | + echo "Python Binary: ${{ inputs.python-binary }}" + echo "binary=${{ inputs.python-binary }}" >> "$GITHUB_OUTPUT" + PY_VERSION=$(${{ inputs.python-binary }} -c "import sys; sys.stdout.write('{}.{}'.format(*sys.version_info))") + echo "PY_VERSION=$PY_VERSION" + echo "version=$PY_VERSION" >> "$GITHUB_OUTPUT" + PY_FULL_VERSION=$(${{ inputs.python-binary }} -c "import sys; sys.stdout.write('{}.{}.{}'.format(*sys.version_info))") + echo "PY_FULL_VERSION=$PY_FULL_VERSION" + echo "full-version=$PY_FULL_VERSION" >> "$GITHUB_OUTPUT" + VERSION_SHA256SUM=$(${{ inputs.python-binary }} --version --version | sha256sum | cut -d ' ' -f 1) + echo "VERSION_SHA256SUM=$VERSION_SHA256SUM" + echo "version-sha256sum=$VERSION_SHA256SUM" >> "$GITHUB_OUTPUT" diff --git a/.github/actions/setup-actionlint/action.yml b/.github/actions/setup-actionlint/action.yml new file mode 100644 index 00000000..f1a81aaf --- /dev/null +++ b/.github/actions/setup-actionlint/action.yml @@ -0,0 +1,33 @@ +--- +name: setup-actionlint +description: Setup actionlint +inputs: + version: + description: The version of actionlint + default: 1.6.26 + cache-seed: + required: true + type: string + description: Seed used to invalidate caches + +runs: + using: composite + steps: + + - name: Cache actionlint Binary + uses: actions/cache@v3.3.1 + with: + path: /usr/local/bin/actionlint + key: ${{ inputs.cache-seed }}|${{ runner.os }}|${{ runner.arch }}|actionlint|${{ inputs.version }} + + - name: Setup actionlint + shell: bash + run: | + if ! command -v actionlint; then + bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) ${{ inputs.version }} + mv ./actionlint /usr/local/bin/actionlint + fi + - name: Show actionlint Version + shell: bash + run: | + actionlint --version diff --git a/.github/actions/setup-pre-commit/action.yml b/.github/actions/setup-pre-commit/action.yml new file mode 100644 index 00000000..82b8eef5 --- /dev/null +++ b/.github/actions/setup-pre-commit/action.yml @@ -0,0 +1,48 @@ +--- +name: setup-pre-commit +description: Setup 'pre-commit' + +inputs: + version: + type: string + description: Pre-commit version to install + required: true + default: 3.0.3 + cache-seed: + required: true + type: string + description: Seed used to invalidate caches + +env: + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + + +runs: + using: composite + + steps: + + - uses: ./.github/actions/cached-virtualenv + id: pre-commit-virtualenv + with: + name: pre-commit + cache-seed: ${{ inputs.cache-seed }} + + - name: Install Pre-Commit + if: ${{ steps.pre-commit-virtualenv.outputs.cache-hit != 'true' }} + shell: bash + run: | + ${{ steps.pre-commit-virtualenv.outputs.python-executable }} -m pip install pre-commit==${{ inputs.version }} + + - name: Cache Pre-Commit Hooks + uses: actions/cache@v3.3.1 + id: pre-commit-hooks-cache + with: + key: ${{ steps.pre-commit-virtualenv.outputs.cache-key }}|${{ inputs.version }}|${{ hashFiles('.pre-commit-config.yaml') }} + path: ~/.cache/pre-commit + + - name: Install Pre-Commit Hooks + shell: bash + run: | + pre-commit install --install-hooks diff --git a/.github/actions/setup-python-tools-scripts/action.yml b/.github/actions/setup-python-tools-scripts/action.yml new file mode 100644 index 00000000..9d5ff710 --- /dev/null +++ b/.github/actions/setup-python-tools-scripts/action.yml @@ -0,0 +1,78 @@ +--- +name: setup-python-tools-scripts +description: Setup 'python-tools-scripts' + +inputs: + cache-prefix: + required: true + type: string + description: Seed used to invalidate caches + cwd: + type: string + description: The directory the salt checkout is located in + default: "." + +outputs: + version: + value: ${{ steps.get-version.outputs.version }} + + +env: + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + + +runs: + using: composite + + steps: + + - name: Get Python Version + id: get-python-version + uses: ./.github/actions/get-python-version + with: + python-binary: python3 + + - name: Define Cache Hash + id: venv-hash + shell: bash + run: | + VENV_NAME_HASH=$(echo "${{ inputs.cache-prefix }}|${{ github.workflow }}|${{ + steps.get-python-version.outputs.version-sha256sum }}|${{ + hashFiles('requirements/**/*.txt', 'tools/**/*.py') }}" | sha256sum | cut -d ' ' -f 1) + echo "TOOLS_VIRTUALENV_CACHE_SEED=$VENV_NAME_HASH" | tee -a "${GITHUB_ENV}" + echo "venv-hash=$VENV_NAME_HASH" | tee -a "${GITHUB_OUTPUT}" + + - uses: ./.github/actions/cached-virtualenv + id: tools-virtualenv + with: + name: tools.${{ steps.venv-hash.outputs.venv-hash }} + cache-seed: tools|${{ steps.venv-hash.outputs.venv-hash }} + + - name: Restore Python Tools Virtualenvs Cache + uses: actions/cache@v3.3.1 + with: + path: ${{ inputs.cwd }}/.tools-venvs + key: ${{ inputs.cache-prefix }}|${{ steps.venv-hash.outputs.venv-hash }} + + - name: Install 'python-tools-scripts' + shell: bash + working-directory: ${{ inputs.cwd }} + run: | + PYTHON_EXE=${{ steps.tools-virtualenv.outputs.python-executable }} + (${PYTHON_EXE} -m pip install --help | grep break-system-packages > /dev/null 2>&1) && exitcode=0 || exitcode=1 + if [ $exitcode -eq 0 ]; then + ${PYTHON_EXE} -m pip install --break-system-packages -r requirements/static/ci/py${{ steps.get-python-version.outputs.version }}/tools.txt + else + ${PYTHON_EXE} -m pip install -r requirements/static/ci/py${{ steps.get-python-version.outputs.version }}/tools.txt + fi + + - name: Get 'python-tools-scripts' Version + id: get-version + shell: bash + working-directory: ${{ inputs.cwd }} + run: | + # The first time `tools` runs with newer virtual enviroments we need to disregard the output + tools --debug --version + VERSION=$(tools --version | tail -n 1) + echo "version=$VERSION" >> "${GITHUB_OUTPUT}" diff --git a/.github/actions/setup-relenv/action.yml b/.github/actions/setup-relenv/action.yml new file mode 100644 index 00000000..c4cfd33f --- /dev/null +++ b/.github/actions/setup-relenv/action.yml @@ -0,0 +1,66 @@ +--- +name: setup-relenv +description: Setup Relenv +inputs: + platform: + required: true + type: string + description: The platform to build + arch: + required: true + type: string + description: The platform arch to build + python-version: + required: true + type: string + description: The version of python to build + cache-seed: + required: true + type: string + description: Seed used to invalidate caches + version: + required: false + type: string + description: The version of relenv to use + default: 0.13.2 + +outputs: + version: + value: ${{ inputs.version }} + + +env: + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + + +runs: + using: composite + + steps: + + - name: Install Relenv + shell: bash + run: | + python3 -m pip install relenv==${{ inputs.version }} + + - name: Cache Relenv Data Directory + uses: actions/cache@v3.3.1 + with: + path: ${{ github.workspace }}/.relenv + key: ${{ inputs.cache-seed }}|relenv|${{ inputs.version }}|${{ inputs.python-version }}|${{ inputs.platform }}|${{ inputs.arch }} + + - name: Fetch Toolchain + if: ${{ inputs.platform == 'linux' }} + shell: bash + env: + RELENV_FETCH_VERSION: "${{ inputs.version }}" + run: | + python3 -m relenv toolchain fetch --arch=${{ inputs.arch }} + + - name: Fetch Native Python Build + shell: bash + env: + RELENV_FETCH_VERSION: "${{ inputs.version }}" + run: | + python3 -m relenv fetch --arch=${{ inputs.arch }} --python=${{ inputs.python-version }} diff --git a/.github/actions/setup-salt-version/action.yml b/.github/actions/setup-salt-version/action.yml new file mode 100644 index 00000000..9f21d6f0 --- /dev/null +++ b/.github/actions/setup-salt-version/action.yml @@ -0,0 +1,43 @@ +--- +name: setup-salt-version +description: Setup Salt Version +inputs: + cwd: + type: string + default: "" + salt-version: + type: string + default: "" + description: > + The Salt version to set prior to running tests or building packages. + If not set, it is discover at run time, like, for example, capturing + the output of running `python3 salt/version.py` + validate-version: + type: boolean + default: false + description: Validate the passed version. + release: + type: boolean + default: false + description: This is a release of salt. +outputs: + salt-version: + value: ${{ steps.setup-salt-version.outputs.salt-version }} + description: The Salt version written to `salt/_version.txt` + +env: + COLUMNS: 190 + +runs: + using: composite + + steps: + + - name: Setup Salt Version + id: setup-salt-version + shell: bash + run: | + if [ "${{ inputs.cwd }}" != "" ]; then + cd "${{ inputs.cwd }}" + fi + tools pkg set-salt-version ${{ inputs.validate-version == 'true' && '--validate-version' || '' }} ${{ inputs.release == 'true' && '--release' || '' }} ${{ inputs.salt-version }} diff --git a/.github/actions/setup-shellcheck/action.yml b/.github/actions/setup-shellcheck/action.yml new file mode 100644 index 00000000..2c86c98a --- /dev/null +++ b/.github/actions/setup-shellcheck/action.yml @@ -0,0 +1,35 @@ +--- +name: setup-shellcheck +description: Setup shellcheck +inputs: + version: + description: The version of shellcheck + default: v0.9.0 + cache-seed: + required: true + type: string + description: Seed used to invalidate caches + +runs: + using: composite + steps: + + - name: Cache shellcheck Binary + uses: actions/cache@v3.3.1 + with: + path: /usr/local/bin/shellcheck + key: ${{ inputs.cache-seed }}|${{ runner.os }}|${{ runner.arch }}|shellcheck|${{ inputs.version }} + + - name: Setup shellcheck + shell: bash + run: | + if ! command -v shellcheck; then + wget https://github.com/koalaman/shellcheck/releases/download/${{ inputs.version }}/shellcheck-${{ inputs.version }}.${{ runner.os }}.x86_64.tar.xz + tar xf shellcheck-${{ inputs.version }}.${{ runner.os }}.x86_64.tar.xz + mv shellcheck-${{ inputs.version }}/shellcheck /usr/local/bin/shellcheck + rm -rf shellcheck-${{ inputs.version }}.${{ runner.os }}.x86_64.tar.xz shellcheck-${{ inputs.version }} + fi + - name: Show shellcheck Version + shell: bash + run: | + shellcheck --version diff --git a/.github/actions/upload-artifact/action.yml b/.github/actions/upload-artifact/action.yml new file mode 100644 index 00000000..4afd8b3e --- /dev/null +++ b/.github/actions/upload-artifact/action.yml @@ -0,0 +1,57 @@ +# This actions was inspired by https://github.com/alehechka/upload-tartifact +--- +name: Upload Tar Artifact +description: Compress files with tar prior to artifacting to keep file privileges. + +inputs: + name: + description: Artifact name + default: artifact + required: false + path: + description: > + A file, directory or wildcard pattern that describes what to upload. + Note: The path provided will be maintained through tar, so after + download-tartifact, and subfolder structure will remain intact. + required: true + if-no-files-found: + description: > + The desired behavior if no files are found using the provided path. + Available Options: + warn: Output a warning but do not fail the action + error: Fail the action with an error message + ignore: Do not output any warnings or errors, the action does not fail + default: 'warn' + required: false + retention-days: + description: > + Duration after which artifact will expire in days. 0 means using default retention. + Minimum 1 day. + Maximum 90 days unless changed from the repository settings page. + required: false + archive-name: + description: > + By default `archive` is what's used to name the archive. This parameter + allows a customizing that archive name. This will allow uploading multiple + archives under the same 'name', like the underlying official action does + without overriding the existing archives. + required: false + +runs: + using: composite + steps: + - shell: bash + run: | + shopt -s globstar || echo "'globstar' not available" + tar -cavf ${{ inputs.archive-name || inputs.name || 'archive' }}.tar.gz ${{ inputs.path }} + + - uses: actions/upload-artifact@v3 + with: + name: ${{ inputs.name }} + path: ${{ inputs.archive-name || inputs.name || 'archive' }}.tar.gz + if-no-files-found: ${{ inputs.if-no-files-found }} + retention-days: ${{ inputs.retention-days }} + + - shell: bash + run: | + rm -f ${{ inputs.archive-name || inputs.name || 'archive' }}.tar.gz diff --git a/.github/config.yml b/.github/config.yml new file mode 100644 index 00000000..6bf3cadf --- /dev/null +++ b/.github/config.yml @@ -0,0 +1,57 @@ +# Configuration for welcome - https://github.com/behaviorbot/welcome +# Configuration for new-issue-welcome - https://github.com/behaviorbot/new-issue-welcome +# Comment to be posted to on first time issues +newIssueWelcomeComment: > + Hi there! Welcome to the Salt Community! Thank you for making your first contribution. We have + a lengthy process for issues and PRs. Someone from the Core Team will follow up as soon as + possible. In the meantime, here’s some information that may help as you continue your Salt + journey. + + Please be sure to review our [Code of Conduct](https://github.com/saltstack/salt/blob/master/CODE_OF_CONDUCT.md). + Also, check out some of our community + resources including: + + - [Community Wiki](https://github.com/saltstack/community/wiki) + - [Salt’s Contributor Guide](https://docs.saltproject.io/en/master/topics/development/contributing.html) + - [Join our Community Slack](https://via.vmw.com/salt-slack) + - [IRC on LiberaChat](https://web.libera.chat/#salt) + - [Salt Project YouTube channel](https://www.youtube.com/channel/UCpveTIucFx9ljGelW63-BWg) + - [Salt Project Twitch channel](https://www.twitch.tv/saltprojectoss) + + There are lots of ways to get involved in our community. Every month, there are around a dozen + opportunities to meet with other contributors and the Salt Core team and collaborate in real + time. The best way to keep track is by subscribing to the Salt Community Events Calendar. + + If you have additional questions, email us at saltproject@vmware.com. We’re glad + you’ve joined our community and look forward to doing awesome things with + you! + +# Comment to be posted to on PRs from first time contributors in your repository +newPRWelcomeComment: > + Hi there! Welcome to the Salt Community! Thank you for making your first contribution. We have + a lengthy process for issues and PRs. Someone from the Core Team will follow up as soon as + possible. In the meantime, here’s some information that may help as you continue your Salt + journey. + + Please be sure to review our [Code of Conduct](https://github.com/saltstack/salt/blob/master/CODE_OF_CONDUCT.md). + Also, check out some of our community + resources including: + + - [Community Wiki](https://github.com/saltstack/community/wiki) + - [Salt’s Contributor Guide](https://docs.saltproject.io/en/master/topics/development/contributing.html) + - [Join our Community Slack](https://via.vmw.com/salt-slack) + - [IRC on LiberaChat](https://web.libera.chat/#salt) + - [Salt Project YouTube channel](https://www.youtube.com/channel/UCpveTIucFx9ljGelW63-BWg) + - [Salt Project Twitch channel](https://www.twitch.tv/saltprojectoss) + + There are lots of ways to get involved in our community. Every month, there are around a dozen + opportunities to meet with other contributors and the Salt Core team and collaborate in real + time. The best way to keep track is by subscribing to the Salt Community Events Calendar. + + If you have additional questions, email us at saltproject@vmware.com. We’re glad + you’ve joined our community and look forward to doing awesome things with + you! + +# Comment to be posted to on pull requests merged by a first time user +firstPRMergeComment: > + Congratulations on your first PR being merged! :tada: diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..b6b53613 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,34 @@ +version: 2 +updates: + # master branch + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "daily" + target-branch: master + labels: + - "test:full" + # Don't open PRs for regular version updates + open-pull-requests-limit: 0 + + # 3006.x release branch + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "daily" + target-branch: 3006.x + labels: + - "test:full" + # Don't open PRs for regular version updates + open-pull-requests-limit: 0 + + # freeze release branch + - package-ecosystem: "pip" + directory: "/" + schedule: + interval: "daily" + target-branch: freeze + labels: + - "test:full" + # Don't open PRs for regular version updates + open-pull-requests-limit: 0 diff --git a/.github/stale.yml b/.github/stale.yml new file mode 100644 index 00000000..b34faf36 --- /dev/null +++ b/.github/stale.yml @@ -0,0 +1,39 @@ +# Probot Stale configuration file + +# Number of days of inactivity before an issue becomes stale +# 600 is approximately 1 year and 8 months +daysUntilStale: 90 + +# Number of days of inactivity before a stale issue is closed +daysUntilClose: false + +# Issues with these labels will never be considered stale +exemptLabels: + - Confirmed + - Release Blocker + - Critical + - P1 + - P2 + - Bug + - Feature + - Test Failure + -ZD + +# Label to use when marking an issue as stale +staleLabel: stale + +# Comment to post when marking an issue as stale. Set to `false` to disable +markComment: | + This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. + + If this issue is closed prematurely, please leave a comment and we will gladly reopen the issue. + +# Comment to post when removing the stale label. Set to `false` to disable +unmarkComment: | + Thank you for updating this issue. It is no longer marked as stale. + +# Comment to post when closing a stale issue. Set to `false` to disable +closeComment: false + +# Limit to only `issues` or `pulls` +only: issues diff --git a/.github/workflows/backport.yml b/.github/workflows/backport.yml new file mode 100644 index 00000000..b70b84df --- /dev/null +++ b/.github/workflows/backport.yml @@ -0,0 +1,48 @@ +name: Backport PR +run-name: "Backport PR #${{ github.event.number }}" + +on: + pull_request_target: + types: + - "labeled" + - "closed" + +permissions: + contents: write + pull-requests: write + +jobs: + backport: + name: Backport PR + runs-on: + - ubuntu-latest + if: | + github.event.pull_request.merged == true + && ( + contains(github.event.pull_request.labels.*.name, 'backport:master') || + contains(github.event.pull_request.labels.*.name, 'backport:3006.x') || + contains(github.event.pull_request.labels.*.name, 'backport:3005.x') + ) + && ( + (github.event.action == 'labeled' && ( + contains(github.event.pull_request.labels.*.name, 'backport:master') || + contains(github.event.pull_request.labels.*.name, 'backport:3006.x') || + contains(github.event.pull_request.labels.*.name, 'backport:3005.x') + )) + || (github.event.action == 'closed') + ) + steps: + - name: Backport Action + uses: sqren/backport-github-action@v8.9.7 + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + auto_backport_label_prefix: "backport:" + add_original_reviewers: true + + - name: Info log + if: ${{ success() }} + run: jq -C '.' ~/.backport/backport.info.log + + - name: Debug log + if: ${{ failure() }} + run: jq -C '.' ~/.backport/backport.debug.log diff --git a/.github/workflows/build-deb-packages.yml b/.github/workflows/build-deb-packages.yml new file mode 100644 index 00000000..4d7bbdcc --- /dev/null +++ b/.github/workflows/build-deb-packages.yml @@ -0,0 +1,132 @@ +--- +name: Build DEB Packages + +on: + workflow_call: + inputs: + salt-version: + type: string + required: true + description: The Salt version to set prior to building packages. + relenv-version: + type: string + required: true + description: The relenv version to set prior to building packages. + python-version: + required: true + type: string + description: The version of python to use with relenv + source: + required: true + type: string + description: The backend to build the packages with + cache-prefix: + required: true + type: string + description: Seed used to invalidate caches + +env: + COLUMNS: 190 + AWS_MAX_ATTEMPTS: "10" + AWS_RETRY_MODE: "adaptive" + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + build: + name: DEB + runs-on: + - self-hosted + - linux + - ${{ matrix.arch }} + strategy: + fail-fast: false + matrix: + arch: + - x86_64 + - aarch64 + source: + - ${{ inputs.source }} + + container: + image: ghcr.io/saltstack/salt-ci-containers/packaging:debian-12 + + steps: + # Checkout here so we can easily use custom actions + - uses: actions/checkout@v4 + + # Checkout here for the build process + - name: Checkout in build directory + uses: actions/checkout@v4 + with: + path: + pkgs/checkout/ + + - name: Download Onedir Tarball as an Artifact + uses: actions/download-artifact@v3 + with: + name: salt-${{ inputs.salt-version }}-onedir-linux-${{ matrix.arch }}.tar.xz + path: pkgs/checkout/artifacts/ + + - name: Download Release Patch + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + uses: actions/download-artifact@v3 + with: + name: salt-${{ inputs.salt-version }}.patch + path: pkgs/checkout/ + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cwd: pkgs/checkout/ + cache-prefix: ${{ inputs.cache-prefix }} + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ inputs.salt-version }}" + cwd: pkgs/checkout/ + + - name: Configure Git + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + working-directory: pkgs/checkout/ + run: | + tools pkg configure-git + + - name: Apply release patch + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + working-directory: pkgs/checkout/ + run: | + tools pkg apply-release-patch salt-${{ inputs.salt-version }}.patch --delete + + - name: Build Deb + working-directory: pkgs/checkout/ + run: | + tools pkg build deb --relenv-version=${{ inputs.relenv-version }} --python-version=${{ inputs.python-version }} ${{ + inputs.source == 'onedir' && + format('--onedir=salt-{0}-onedir-linux-{1}.tar.xz', inputs.salt-version, matrix.arch) + || + format('--arch={0}', matrix.arch) + }} + + - name: Cleanup + run: | + rm -rf pkgs/checkout/ + + - name: Set Artifact Name + id: set-artifact-name + run: | + if [ "${{ inputs.source }}" != "src" ]; then + echo "artifact-name=salt-${{ inputs.salt-version }}-${{ matrix.arch }}-deb" >> "$GITHUB_OUTPUT" + else + echo "artifact-name=salt-${{ inputs.salt-version }}-${{ matrix.arch }}-deb-from-src" >> "$GITHUB_OUTPUT" + fi + + - name: Upload DEBs + uses: actions/upload-artifact@v3 + with: + name: ${{ steps.set-artifact-name.outputs.artifact-name }} + path: ${{ github.workspace }}/pkgs/* + retention-days: 7 + if-no-files-found: error diff --git a/.github/workflows/build-deps-ci-action-macos.yml b/.github/workflows/build-deps-ci-action-macos.yml new file mode 100644 index 00000000..125a6713 --- /dev/null +++ b/.github/workflows/build-deps-ci-action-macos.yml @@ -0,0 +1,135 @@ +--- +name: Install Test Dependencies + +on: + workflow_call: + inputs: + distro-slug: + required: true + type: string + description: The OS slug to run tests against + nox-session: + required: true + type: string + description: The nox session to run + salt-version: + type: string + required: true + description: The Salt version to set prior to running tests. + cache-prefix: + required: true + type: string + description: Seed used to invalidate caches + platform: + required: true + type: string + description: The platform being tested + arch: + required: true + type: string + description: The platform arch being tested + nox-version: + required: true + type: string + description: The nox version to install + python-version: + required: false + type: string + description: The python version to run tests with + default: "3.10" + package-name: + required: false + type: string + description: The onedir package name to use + default: salt + + +env: + COLUMNS: 190 + PIP_INDEX_URL: "https://pypi-proxy.saltstack.net/root/local/+simple/" + PIP_EXTRA_INDEX_URL: "https://pypi.org/simple" + GITHUB_ACTIONS_PIPELINE: "1" + +jobs: + + dependencies: + name: Install + runs-on: ${{ inputs.distro-slug }} + timeout-minutes: 90 + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(python3 -c 'import random, sys; sys.stdout.write(str(random.randint(1, 15)))'); echo "Sleeping $t seconds"; sleep "$t" + + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Cache nox.${{ inputs.distro-slug }}.tar.* for session ${{ inputs.nox-session }} + id: nox-dependencies-cache + uses: actions/cache@v3.3.1 + with: + path: nox.${{ inputs.distro-slug }}.tar.* + key: ${{ inputs.cache-prefix }}|testrun-deps|${{ inputs.arch }}|${{ inputs.distro-slug }}|${{ inputs.nox-session }}|${{ inputs.python-version }}|${{ + hashFiles('requirements/**/*.txt', 'cicd/golden-images.json', 'noxfile.py') + }} + + - name: Download Onedir Tarball as an Artifact + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.tar.xz + path: artifacts/ + + - name: Decompress Onedir Tarball + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + shell: bash + run: | + python3 -c "import os; os.makedirs('artifacts', exist_ok=True)" + cd artifacts + tar xvf ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.tar.xz + + - name: Set up Python ${{ inputs.python-version }} + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + uses: actions/setup-python@v4 + with: + python-version: "${{ inputs.python-version }}" + + - name: Install System Dependencies + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + run: | + brew install openssl@3 + + - name: Install Nox + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + run: | + python3 -m pip install 'nox==${{ inputs.nox-version }}' + + - name: Install Dependencies + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + env: + PRINT_TEST_SELECTION: "0" + PRINT_SYSTEM_INFO: "0" + run: | + export PYCURL_SSL_LIBRARY=openssl + export LDFLAGS="-L/usr/local/opt/openssl@3/lib" + export CPPFLAGS="-I/usr/local/opt/openssl@3/include" + export PKG_CONFIG_PATH="/usr/local/opt/openssl@3/lib/pkgconfig" + nox --install-only -e ${{ inputs.nox-session }} + + - name: Cleanup .nox Directory + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + run: | + nox --force-color -e "pre-archive-cleanup(pkg=False)" + + - name: Compress .nox Directory + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + run: | + nox --force-color -e compress-dependencies -- ${{ inputs.distro-slug }} + + - name: Upload Nox Requirements Tarball + uses: actions/upload-artifact@v3 + with: + name: nox-${{ inputs.distro-slug }}-${{ inputs.nox-session }} + path: nox.${{ inputs.distro-slug }}.tar.* diff --git a/.github/workflows/build-deps-ci-action.yml b/.github/workflows/build-deps-ci-action.yml new file mode 100644 index 00000000..0d596c0e --- /dev/null +++ b/.github/workflows/build-deps-ci-action.yml @@ -0,0 +1,160 @@ +--- +name: Install Test Dependencies + +on: + workflow_call: + inputs: + distro-slug: + required: true + type: string + description: The OS slug to run tests against + nox-session: + required: true + type: string + description: The nox session to run + salt-version: + type: string + required: true + description: The Salt version to set prior to running tests. + cache-prefix: + required: true + type: string + description: Seed used to invalidate caches + platform: + required: true + type: string + description: The platform being tested + arch: + required: true + type: string + description: The platform arch being tested + nox-version: + required: true + type: string + description: The nox version to install + python-version: + required: false + type: string + description: The python version to run tests with + default: "3.10" + package-name: + required: false + type: string + description: The onedir package name to use + default: salt + + +env: + COLUMNS: 190 + AWS_MAX_ATTEMPTS: "10" + AWS_RETRY_MODE: "adaptive" + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + + dependencies: + name: Install + runs-on: + - self-hosted + - linux + - bastion + timeout-minutes: 90 + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(shuf -i 1-30 -n 1); echo "Sleeping $t seconds"; sleep "$t" + + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Cache nox.${{ inputs.distro-slug }}.tar.* for session ${{ inputs.nox-session }} + id: nox-dependencies-cache + uses: actions/cache@v3.3.1 + with: + path: nox.${{ inputs.distro-slug }}.tar.* + key: ${{ inputs.cache-prefix }}|testrun-deps|${{ inputs.arch }}|${{ inputs.distro-slug }}|${{ inputs.nox-session }}|${{ inputs.python-version }}|${{ + hashFiles('requirements/**/*.txt', 'cicd/golden-images.json', 'noxfile.py') + }} + + - name: Download Onedir Tarball as an Artifact + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.tar.xz + path: artifacts/ + + - name: Decompress Onedir Tarball + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + shell: bash + run: | + python3 -c "import os; os.makedirs('artifacts', exist_ok=True)" + cd artifacts + tar xvf ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.tar.xz + + - name: PyPi Proxy + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + run: | + sed -i '7s;^;--index-url=https://pypi-proxy.saltstack.net/root/local/+simple/ --extra-index-url=https://pypi.org/simple\n;' requirements/static/ci/*/*.txt + + - name: Setup Python Tools Scripts + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-prefix }}-build-deps-ci + + - name: Get Salt Project GitHub Actions Bot Environment + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Start VM + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + id: spin-up-vm + run: | + tools --timestamps vm create --environment "${SPB_ENVIRONMENT}" --retries=2 ${{ inputs.distro-slug }} + + - name: List Free Space + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + run: | + tools --timestamps vm ssh ${{ inputs.distro-slug }} -- df -h || true + + - name: Upload Checkout To VM + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + run: | + tools --timestamps vm rsync ${{ inputs.distro-slug }} + + - name: Install Dependencies + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + run: | + tools --timestamps vm install-dependencies --nox-session=${{ inputs.nox-session }} ${{ inputs.distro-slug }} + + - name: Cleanup .nox Directory + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + run: | + tools --timestamps vm pre-archive-cleanup ${{ inputs.distro-slug }} + + - name: Compress .nox Directory + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + run: | + tools --timestamps vm compress-dependencies ${{ inputs.distro-slug }} + + - name: Download Compressed .nox Directory + if: steps.nox-dependencies-cache.outputs.cache-hit != 'true' + run: | + tools --timestamps vm download-dependencies ${{ inputs.distro-slug }} + + - name: Destroy VM + if: always() && steps.nox-dependencies-cache.outputs.cache-hit != 'true' + run: | + tools --timestamps vm destroy --no-wait ${{ inputs.distro-slug }} + + - name: Upload Nox Requirements Tarball + uses: actions/upload-artifact@v3 + with: + name: nox-${{ inputs.distro-slug }}-${{ inputs.nox-session }} + path: nox.${{ inputs.distro-slug }}.tar.* diff --git a/.github/workflows/build-deps-onedir-linux.yml b/.github/workflows/build-deps-onedir-linux.yml new file mode 100644 index 00000000..8d149c46 --- /dev/null +++ b/.github/workflows/build-deps-onedir-linux.yml @@ -0,0 +1,83 @@ +--- +name: Build Packaging Dependencies Onedir + +on: + workflow_call: + inputs: + salt-version: + type: string + required: true + description: The Salt version to set prior to building packages. + github-hosted-runners: + type: boolean + required: true + self-hosted-runners: + type: boolean + required: true + cache-seed: + required: true + type: string + description: Seed used to invalidate caches + relenv-version: + required: true + type: string + description: The version of relenv to use + python-version: + required: true + type: string + description: The version of python to use with relenv + +env: + RELENV_DATA: "${{ github.workspace }}/.relenv" + COLUMNS: 190 + AWS_MAX_ATTEMPTS: "10" + AWS_RETRY_MODE: "adaptive" + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + + build-deps-linux: + name: Linux + if: ${{ inputs.self-hosted-runners }} + strategy: + fail-fast: false + matrix: + arch: + - x86_64 + - aarch64 + runs-on: + - self-hosted + - linux + - ${{ matrix.arch }} + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(python3 -c 'import random, sys; sys.stdout.write(str(random.randint(1, 15)))'); echo "Sleeping $t seconds"; sleep "$t" + + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-seed }}-build-deps-linux-${{ matrix.arch }} + + - name: Setup Relenv + id: setup-relenv + uses: ./.github/actions/setup-relenv + with: + platform: linux + arch: ${{ matrix.arch }} + version: ${{ inputs.relenv-version }} + cache-seed: ${{ inputs.cache-seed }} + python-version: ${{ inputs.python-version }} + + - name: Install Salt Packaging Dependencies into Relenv Onedir + uses: ./.github/actions/build-onedir-deps + with: + platform: linux + arch: ${{ matrix.arch }} + python-version: "${{ inputs.python-version }}" + cache-prefix: ${{ inputs.cache-seed }}|relenv|${{ steps.setup-relenv.outputs.version }} diff --git a/.github/workflows/build-deps-onedir-macos.yml b/.github/workflows/build-deps-onedir-macos.yml new file mode 100644 index 00000000..2886c3f9 --- /dev/null +++ b/.github/workflows/build-deps-onedir-macos.yml @@ -0,0 +1,88 @@ +--- +name: Build Packaging Dependencies Onedir + +on: + workflow_call: + inputs: + salt-version: + type: string + required: true + description: The Salt version to set prior to building packages. + github-hosted-runners: + type: boolean + required: true + self-hosted-runners: + type: boolean + required: true + cache-seed: + required: true + type: string + description: Seed used to invalidate caches + relenv-version: + required: true + type: string + description: The version of relenv to use + python-version: + required: true + type: string + description: The version of python to use with relenv + +env: + RELENV_DATA: "${{ github.workspace }}/.relenv" + COLUMNS: 190 + AWS_MAX_ATTEMPTS: "10" + AWS_RETRY_MODE: "adaptive" + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + + build-deps-macos: + name: macOS + if: ${{ inputs.github-hosted-runners }} + strategy: + fail-fast: false + max-parallel: 2 + matrix: + arch: + - x86_64 + - aarch64 + runs-on: + - ${{ matrix.arch == 'aarch64' && 'macos-13-xlarge' || 'macos-12' }} + + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(python3 -c 'import random, sys; sys.stdout.write(str(random.randint(1, 15)))'); echo "Sleeping $t seconds"; sleep "$t" + + - uses: actions/checkout@v4 + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-seed }}-build-deps-macos + + - name: Setup Relenv + id: setup-relenv + uses: ./.github/actions/setup-relenv + with: + platform: darwin + arch: ${{ matrix.arch == 'aarch64' && 'arm64' || matrix.arch }} + version: ${{ inputs.relenv-version }} + cache-seed: ${{ inputs.cache-seed }} + python-version: ${{ inputs.python-version }} + + - name: Install Salt Packaging Dependencies into Relenv Onedir + uses: ./.github/actions/build-onedir-deps + with: + platform: darwin + arch: ${{ matrix.arch }} + python-version: "${{ inputs.python-version }}" + cache-prefix: ${{ inputs.cache-seed }}|relenv|${{ steps.setup-relenv.outputs.version }} diff --git a/.github/workflows/build-deps-onedir-windows.yml b/.github/workflows/build-deps-onedir-windows.yml new file mode 100644 index 00000000..af741e06 --- /dev/null +++ b/.github/workflows/build-deps-onedir-windows.yml @@ -0,0 +1,86 @@ +--- +name: Build Packaging Dependencies Onedir + +on: + workflow_call: + inputs: + salt-version: + type: string + required: true + description: The Salt version to set prior to building packages. + github-hosted-runners: + type: boolean + required: true + self-hosted-runners: + type: boolean + required: true + cache-seed: + required: true + type: string + description: Seed used to invalidate caches + relenv-version: + required: true + type: string + description: The version of relenv to use + python-version: + required: true + type: string + description: The version of python to use with relenv + +env: + RELENV_DATA: "${{ github.workspace }}/.relenv" + COLUMNS: 190 + AWS_MAX_ATTEMPTS: "10" + AWS_RETRY_MODE: "adaptive" + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + + build-deps-windows: + name: Windows + if: ${{ inputs.github-hosted-runners }} + strategy: + fail-fast: false + max-parallel: 2 + matrix: + arch: + - x86 + - amd64 + runs-on: windows-latest + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(python3 -c 'import random, sys; sys.stdout.write(str(random.randint(1, 15)))'); echo "Sleeping $t seconds"; sleep "$t" + + - uses: actions/checkout@v4 + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-seed }}-build-deps-windows-${{ matrix.arch }} + + - name: Setup Relenv + id: setup-relenv + uses: ./.github/actions/setup-relenv + with: + platform: windows + arch: ${{ matrix.arch }} + version: ${{ inputs.relenv-version }} + cache-seed: ${{ inputs.cache-seed }} + python-version: ${{ inputs.python-version }} + + - name: Install Salt Packaging Dependencies into Relenv Onedir + uses: ./.github/actions/build-onedir-deps + with: + platform: windows + arch: ${{ matrix.arch }} + python-version: "${{ inputs.python-version }}" + cache-prefix: ${{ inputs.cache-seed }}|relenv|${{ steps.setup-relenv.outputs.version }} diff --git a/.github/workflows/build-docs.yml b/.github/workflows/build-docs.yml new file mode 100644 index 00000000..2afb5d8c --- /dev/null +++ b/.github/workflows/build-docs.yml @@ -0,0 +1,105 @@ +--- +name: Build Documentation + +on: + workflow_call: + inputs: + salt-version: + type: string + required: true + description: The Salt version to set prior to building packages. + cache-seed: + required: true + type: string + description: Seed used to invalidate caches + +env: + COLUMNS: 190 + AWS_MAX_ATTEMPTS: "10" + AWS_RETRY_MODE: "adaptive" + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + build: + name: Build + runs-on: + - self-hosted + - linux + - medium + - x86_64 + strategy: + fail-fast: false + matrix: + docs-output: + - linkcheck + - spellcheck + - html + - epub + # - pdf + + steps: + - uses: actions/checkout@v4 + + - name: Download Release Patch + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + uses: actions/download-artifact@v3 + with: + name: salt-${{ inputs.salt-version }}.patch + + - name: Get Python Version + id: get-python-version + uses: ./.github/actions/get-python-version + with: + python-binary: python3 + + - name: Setup Python Tools Scripts + id: python-tools-scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-seed }} + + - name: Configure Git + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools pkg configure-git + + - name: Apply release patch + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools pkg apply-release-patch salt-${{ inputs.salt-version }}.patch --delete + + - name: Cache Python Tools Docs Virtualenv + id: tools-venvs-dependencies-cache + uses: actions/cache@v3.3.1 + with: + path: .tools-venvs/docs + key: ${{ inputs.cache-seed }}|${{ github.workflow }}|${{ github.job }}|tools-venvs|${{ steps.python-tools-scripts.outputs.version }}|docs|${{ steps.get-python-version.outputs.version }}|${{ hashFiles('requirements/**/docs.txt') }} + + - name: Prepare Docs Build + run: | + git clone https://gitlab.com/saltstack/open/docs/builddocs.git .builddocs + sudo mkdir -p /usr/share/fonts/truetype /usr/share/fonts/opentype + sudo cp -rfv .builddocs/builddocs/files/fonts/truetype/*.ttf /usr/share/fonts/truetype/ + sudo cp -rfv .builddocs/builddocs/files/fonts/opentype/*.otf /usr/share/fonts/opentype/ + sudo fc-cache -f -v + + - name: Build Documentation (${{ matrix.docs-output }}) + id: build-docs + shell: bash + continue-on-error: ${{ matrix.docs-output == 'linkcheck' || matrix.docs-output == 'spellcheck' }} + env: + LATEST_RELEASE: "${{ inputs.salt-version }}" + SALT_ON_SALTSTACK: "1" + ARCHIVE_FILENAME: "${{ format('salt-{0}-docs-{1}.tar.xz', inputs.salt-version, matrix.docs-output) }}" + run: | + tools docs ${{ matrix.docs-output }} + + - name: Upload Built Documentation Artifact(${{ matrix.docs-output }}) + if: ${{ steps.build-docs.outputs.has-artifacts == 'true' }} + uses: actions/upload-artifact@v3 + with: + name: ${{ steps.build-docs.outputs.artifact-name }} + path: ${{ steps.build-docs.outputs.artifact-path }} + retention-days: 7 + if-no-files-found: error diff --git a/.github/workflows/build-macos-packages.yml b/.github/workflows/build-macos-packages.yml new file mode 100644 index 00000000..9b332489 --- /dev/null +++ b/.github/workflows/build-macos-packages.yml @@ -0,0 +1,158 @@ +--- +name: Build macOS Packages + +on: + workflow_call: + inputs: + salt-version: + type: string + required: true + description: The Salt version to set prior to building packages. + relenv-version: + type: string + required: true + description: The relenv version to set prior to building packages. + python-version: + required: true + type: string + description: The version of python to use with relenv + sign-packages: + type: boolean + default: false + description: Sign Packages + environment: + type: string + description: The GitHub Environment where this workflow should run + default: ci + source: + required: true + type: string + description: The backend to build the packages with + cache-prefix: + required: true + type: string + description: Seed used to invalidate caches + +env: + COLUMNS: 190 + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + + build-pkgs: + name: macOS + environment: ${{ inputs.environment }} + strategy: + fail-fast: false + matrix: + arch: + - x86_64 + - aarch64 + source: + - ${{ inputs.source }} + + runs-on: + - ${{ matrix.arch == 'aarch64' && 'macos-13-xlarge' || 'macos-12' }} + + steps: + - name: Check Package Signing Enabled + shell: bash + id: check-pkg-sign + run: | + if [ "${{ inputs.sign-packages }}" == "true" ]; then + if [ "${{ (secrets.MAC_SIGN_APPLE_ACCT != '' && contains(fromJSON('["nightly", "staging"]'), inputs.environment)) && 'true' || 'false' }}" != "true" ]; then + MSG="Secrets for signing packages are not available. The packages created will NOT be signed." + echo "${MSG}" + echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" + echo "sign-pkgs=false" >> "$GITHUB_OUTPUT" + else + MSG="The packages created WILL be signed." + echo "${MSG}" + echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" + echo "sign-pkgs=true" >> "$GITHUB_OUTPUT" + fi + else + MSG="The sign-packages input is false. The packages created will NOT be signed." + echo "${MSG}" + echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" + echo "sign-pkgs=false" >> "$GITHUB_OUTPUT" + fi + + - uses: actions/checkout@v4 + - uses: actions/setup-python@v4 + with: + python-version: 3.11 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-prefix }} + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ inputs.salt-version }}" + + - name: Download Onedir Tarball as an Artifact + uses: actions/download-artifact@v3 + with: + name: salt-${{ inputs.salt-version }}-onedir-darwin-${{ matrix.arch }}.tar.xz + path: artifacts/ + + - name: Prepare Package Signing + if: ${{ steps.check-pkg-sign.outputs.sign-pkgs == 'true' }} + run: | + echo ${{ secrets.MAC_SIGN_DEV_APP_CERT_B64 }} | base64 --decode > app-cert.p12 + echo ${{ secrets.MAC_SIGN_DEV_INSTALL_CERT_B64 }} | base64 --decode > install-cert.p12 + # Create SaltSigning keychain. This will contain the certificates for signing + security create-keychain -p "${{ secrets.MAC_SIGN_DEV_PASSWORD }}" "${{ secrets.MAC_SIGN_DEV_KEYCHAIN }}" + # Append SaltSigning keychain to the search list + security list-keychains -d user -s "${{ secrets.MAC_SIGN_DEV_KEYCHAIN }}" "$(security list-keychains -d user | sed s/\"//g)" + # Unlock the keychain so we can import certs + security unlock-keychain -p "${{ secrets.MAC_SIGN_DEV_PASSWORD }}" "${{ secrets.MAC_SIGN_DEV_KEYCHAIN }}" + # Developer Application Certificate + security import "app-cert.p12" -t agg -k "${{ secrets.MAC_SIGN_DEV_KEYCHAIN }}" -P "${{ secrets.MAC_SIGN_DEV_PASSWORD }}" -A + rm app-cert.p12 + # Developer Installer Certificate + security import "install-cert.p12" -t agg -k "${{ secrets.MAC_SIGN_DEV_KEYCHAIN }}" -P "${{ secrets.MAC_SIGN_DEV_PASSWORD }}" -A + rm install-cert.p12 + security set-key-partition-list -S apple-tool:,apple: -k "${{ secrets.MAC_SIGN_DEV_PASSWORD }}" "${{ secrets.MAC_SIGN_DEV_KEYCHAIN }}" &> /dev/null + + - name: Build MacOS Package + env: + DEV_APP_CERT: "${{ secrets.MAC_SIGN_DEV_APP_CERT }}" + DEV_INSTALL_CERT: "${{ secrets.MAC_SIGN_DEV_INSTALL_CERT }}" + APPLE_ACCT: "${{ secrets.MAC_SIGN_APPLE_ACCT }}" + APPLE_TEAM_ID: "${{ secrets.MAC_SIGN_APPLE_TEAM_ID }}" + APP_SPEC_PWD: "${{ secrets.MAC_SIGN_APP_SPEC_PWD }}" + run: | + tools pkg build macos --relenv-version=${{ inputs.relenv-version }} --python-version=${{ inputs.python-version }} ${{ + inputs.source == 'onedir' && + format( + '--onedir salt-{0}-onedir-darwin-{1}.tar.xz --salt-version {0} {2}', + inputs.salt-version, + matrix.arch, + steps.check-pkg-sign.outputs.sign-pkgs == 'true' && '--sign' || '' + ) + || + format('--salt-version {0}', inputs.salt-version) + }} + + - name: Set Artifact Name + id: set-artifact-name + run: | + if [ "${{ inputs.source }}" != "src" ]; then + echo "artifact-name=salt-${{ inputs.salt-version }}-${{ matrix.arch }}-macos" >> "$GITHUB_OUTPUT" + else + echo "artifact-name=salt-${{ inputs.salt-version }}-${{ matrix.arch }}-macos-from-src" >> "$GITHUB_OUTPUT" + fi + + - name: Upload ${{ matrix.arch }} Package + uses: actions/upload-artifact@v3 + with: + name: ${{ steps.set-artifact-name.outputs.artifact-name }} + path: pkg/macos/salt-${{ inputs.salt-version }}-py3-*.pkg + retention-days: 7 + if-no-files-found: error diff --git a/.github/workflows/build-rpm-packages.yml b/.github/workflows/build-rpm-packages.yml new file mode 100644 index 00000000..1b210370 --- /dev/null +++ b/.github/workflows/build-rpm-packages.yml @@ -0,0 +1,114 @@ +--- +name: Build RPM Packages + +on: + workflow_call: + inputs: + salt-version: + type: string + required: true + description: The Salt version to set prior to building packages. + relenv-version: + type: string + required: true + description: The relenv version to set prior to building packages. + python-version: + required: true + type: string + description: The version of python to use with relenv + source: + required: true + type: string + description: The backend to build the packages with + cache-prefix: + required: true + type: string + description: Seed used to invalidate caches + +env: + COLUMNS: 190 + AWS_MAX_ATTEMPTS: "10" + AWS_RETRY_MODE: "adaptive" + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + build: + name: RPM + runs-on: + - self-hosted + - linux + - ${{ matrix.arch }} + strategy: + fail-fast: false + matrix: + arch: + - x86_64 + - aarch64 + source: + - ${{ inputs.source }} + + container: + image: ghcr.io/saltstack/salt-ci-containers/packaging:centosstream-9 + + steps: + - uses: actions/checkout@v4 + + - name: Download Onedir Tarball as an Artifact + uses: actions/download-artifact@v3 + with: + name: salt-${{ inputs.salt-version }}-onedir-linux-${{ matrix.arch }}.tar.xz + path: artifacts/ + + - name: Download Release Patch + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + uses: actions/download-artifact@v3 + with: + name: salt-${{ inputs.salt-version }}.patch + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-prefix }} + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ inputs.salt-version }}" + + - name: Configure Git + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools pkg configure-git + + - name: Apply release patch + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools pkg apply-release-patch salt-${{ inputs.salt-version }}.patch --delete + + - name: Build RPM + run: | + tools pkg build rpm --relenv-version=${{ inputs.relenv-version }} --python-version=${{ inputs.python-version }} ${{ + inputs.source == 'onedir' && + format('--onedir=salt-{0}-onedir-linux-{1}.tar.xz', inputs.salt-version, matrix.arch) + || + format('--arch={0}', matrix.arch) + }} + + - name: Set Artifact Name + id: set-artifact-name + run: | + if [ "${{ inputs.source }}" != "src" ]; then + echo "artifact-name=salt-${{ inputs.salt-version }}-${{ matrix.arch }}-rpm" >> "$GITHUB_OUTPUT" + else + echo "artifact-name=salt-${{ inputs.salt-version }}-${{ matrix.arch }}-rpm-from-src" >> "$GITHUB_OUTPUT" + fi + + - name: Upload RPMs + uses: actions/upload-artifact@v3 + with: + name: ${{ steps.set-artifact-name.outputs.artifact-name }} + path: ~/rpmbuild/RPMS/${{ matrix.arch }}/*.rpm + retention-days: 7 + if-no-files-found: error diff --git a/.github/workflows/build-salt-onedir-linux.yml b/.github/workflows/build-salt-onedir-linux.yml new file mode 100644 index 00000000..a7e197b7 --- /dev/null +++ b/.github/workflows/build-salt-onedir-linux.yml @@ -0,0 +1,90 @@ +--- +name: Build Salt Onedir + +on: + workflow_call: + inputs: + salt-version: + type: string + required: true + description: The Salt version to set prior to building packages. + github-hosted-runners: + type: boolean + required: true + self-hosted-runners: + type: boolean + required: true + cache-seed: + required: true + type: string + description: Seed used to invalidate caches + relenv-version: + required: true + type: string + description: The version of relenv to use + python-version: + required: true + type: string + description: The version of python to use with relenv + +env: + RELENV_DATA: "${{ github.workspace }}/.relenv" + COLUMNS: 190 + AWS_MAX_ATTEMPTS: "10" + AWS_RETRY_MODE: "adaptive" + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + + build-salt-linux: + name: Linux + if: ${{ inputs.self-hosted-runners }} + strategy: + fail-fast: false + matrix: + arch: + - x86_64 + - aarch64 + runs-on: + - self-hosted + - linux + - ${{ matrix.arch }} + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(python3 -c 'import random, sys; sys.stdout.write(str(random.randint(1, 15)))'); echo "Sleeping $t seconds"; sleep "$t" + + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-seed }}-build-salt-onedir-windows + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ inputs.salt-version }}" + + - name: Setup Relenv + uses: ./.github/actions/setup-relenv + id: setup-relenv + with: + platform: linux + arch: ${{ matrix.arch }} + version: ${{ inputs.relenv-version }} + cache-seed: ${{ inputs.cache-seed }} + python-version: ${{ inputs.python-version }} + + - name: Install Salt into Relenv Onedir + uses: ./.github/actions/build-onedir-salt + with: + platform: linux + arch: ${{ matrix.arch }} + salt-version: "${{ inputs.salt-version }}" + python-version: "${{ inputs.python-version }}" + cache-prefix: ${{ inputs.cache-seed }}|relenv|${{ steps.setup-relenv.outputs.version }} diff --git a/.github/workflows/build-salt-onedir-macos.yml b/.github/workflows/build-salt-onedir-macos.yml new file mode 100644 index 00000000..3697e51e --- /dev/null +++ b/.github/workflows/build-salt-onedir-macos.yml @@ -0,0 +1,93 @@ +--- +name: Build Salt Onedir + +on: + workflow_call: + inputs: + salt-version: + type: string + required: true + description: The Salt version to set prior to building packages. + github-hosted-runners: + type: boolean + required: true + self-hosted-runners: + type: boolean + required: true + cache-seed: + required: true + type: string + description: Seed used to invalidate caches + relenv-version: + required: true + type: string + description: The version of relenv to use + python-version: + required: true + type: string + description: The version of python to use with relenv + +env: + RELENV_DATA: "${{ github.workspace }}/.relenv" + COLUMNS: 190 + AWS_MAX_ATTEMPTS: "10" + AWS_RETRY_MODE: "adaptive" + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + + build-salt-macos: + name: macOS + if: ${{ inputs.github-hosted-runners }} + strategy: + fail-fast: false + max-parallel: 2 + matrix: + arch: + - x86_64 + - aarch64 + runs-on: + - ${{ matrix.arch == 'aarch64' && 'macos-13-xlarge' || 'macos-12' }} + + steps: + - name: "Throttle Builds" + shell: bash + run: | + t=$(python3 -c 'import random, sys; sys.stdout.write(str(random.randint(1, 15)))'); echo "Sleeping $t seconds"; sleep "$t" + + - uses: actions/checkout@v4 + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Relenv + id: setup-relenv + uses: ./.github/actions/setup-relenv + with: + platform: darwin + arch: ${{ matrix.arch == 'aarch64' && 'arm64' || matrix.arch }} + version: ${{ inputs.relenv-version }} + cache-seed: ${{ inputs.cache-seed }} + python-version: ${{ inputs.python-version }} + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-seed }}-build-salt-onedir-macos + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ inputs.salt-version }}" + + - name: Install Salt into Relenv Onedir + uses: ./.github/actions/build-onedir-salt + with: + platform: darwin + arch: ${{ matrix.arch }} + salt-version: "${{ inputs.salt-version }}" + python-version: "${{ inputs.python-version }}" + cache-prefix: ${{ inputs.cache-seed }}|relenv|${{ steps.setup-relenv.outputs.version }} diff --git a/.github/workflows/build-salt-onedir-windows.yml b/.github/workflows/build-salt-onedir-windows.yml new file mode 100644 index 00000000..aba0b424 --- /dev/null +++ b/.github/workflows/build-salt-onedir-windows.yml @@ -0,0 +1,93 @@ +--- +name: Build Salt Onedir + +on: + workflow_call: + inputs: + salt-version: + type: string + required: true + description: The Salt version to set prior to building packages. + github-hosted-runners: + type: boolean + required: true + self-hosted-runners: + type: boolean + required: true + cache-seed: + required: true + type: string + description: Seed used to invalidate caches + relenv-version: + required: true + type: string + description: The version of relenv to use + python-version: + required: true + type: string + description: The version of python to use with relenv + +env: + RELENV_DATA: "${{ github.workspace }}/.relenv" + COLUMNS: 190 + AWS_MAX_ATTEMPTS: "10" + AWS_RETRY_MODE: "adaptive" + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + + build-salt-windows: + name: Windows + if: ${{ inputs.github-hosted-runners }} + strategy: + fail-fast: false + max-parallel: 2 + matrix: + arch: + - x86 + - amd64 + runs-on: windows-latest + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(python3 -c 'import random, sys; sys.stdout.write(str(random.randint(1, 15)))'); echo "Sleeping $t seconds"; sleep "$t" + + - uses: actions/checkout@v4 + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Relenv + id: setup-relenv + uses: ./.github/actions/setup-relenv + with: + platform: windows + arch: ${{ matrix.arch }} + version: ${{ inputs.relenv-version }} + cache-seed: ${{ inputs.cache-seed }} + python-version: ${{ inputs.python-version }} + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-seed }}-build-salt-onedir-macos + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ inputs.salt-version }}" + + - name: Install Salt into Relenv Onedir + uses: ./.github/actions/build-onedir-salt + with: + platform: windows + arch: ${{ matrix.arch }} + salt-version: "${{ inputs.salt-version }}" + python-version: "${{ inputs.python-version }}" + cache-prefix: ${{ inputs.cache-seed }}|relenv|${{ steps.setup-relenv.outputs.version }} diff --git a/.github/workflows/build-windows-packages.yml b/.github/workflows/build-windows-packages.yml new file mode 100644 index 00000000..5e8e4663 --- /dev/null +++ b/.github/workflows/build-windows-packages.yml @@ -0,0 +1,164 @@ +--- +name: Build Windows Packages + +on: + workflow_call: + inputs: + salt-version: + type: string + required: true + description: The Salt version to set prior to building packages + relenv-version: + type: string + required: true + description: The relenv version to set prior to building packages. + python-version: + required: true + type: string + description: The version of python to use with relenv + sign-packages: + type: boolean + default: false + description: Sign Packages + environment: + type: string + description: The GitHub Environment where this workflow should run + default: ci + source: + required: true + type: string + description: The backend to build the packages with + cache-prefix: + required: true + type: string + description: Seed used to invalidate caches + +env: + COLUMNS: 190 + AWS_MAX_ATTEMPTS: "10" + AWS_RETRY_MODE: "adaptive" + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + + build-pkgs: + name: Windows + environment: ${{ inputs.environment }} + strategy: + fail-fast: false + max-parallel: 2 + matrix: + arch: + - x86 + - amd64 + source: + - ${{ inputs.source }} + + runs-on: + - windows-latest + env: + SM_HOST: "${{ secrets.WIN_SIGN_HOST_PROD }}" + SM_API_KEY: "${{ secrets.WIN_SIGN_API_KEY }}" + SM_CLIENT_CERT_FILE: "D:\\Certificate_pkcs12.p12" + SM_CLIENT_CERT_PASSWORD: "${{ secrets.WIN_SIGN_CERT_PASSWORD }}" + SM_CLIENT_CERT_FILE_B64: "${{ secrets.WIN_SIGN_CERT_FILE_B64 }}" + WIN_SIGN_CERT_SHA1_HASH: "${{ secrets.WIN_SIGN_CERT_SHA1_HASH }}" + + steps: + - name: Check Package Signing Enabled + shell: bash + id: check-pkg-sign + run: | + if [ "${{ inputs.sign-packages }}" == "true" ]; then + if [ "${{ (secrets.WIN_SIGN_API_KEY != '' && env.SM_HOST != '' && inputs.environment == 'staging') && 'true' || 'false' }}" != "true" ]; then + MSG="Secrets for signing packages are not available. The packages created will NOT be signed." + echo "${MSG}" + echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" + echo "sign-pkgs=false" >> "$GITHUB_OUTPUT" + else + MSG="The packages created WILL be signed." + echo "${MSG}" + echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" + echo "sign-pkgs=true" >> "$GITHUB_OUTPUT" + fi + else + MSG="The sign-packages input is false. The packages created will NOT be signed." + echo "${MSG}" + echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" + echo "sign-pkgs=false" >> "$GITHUB_OUTPUT" + fi + + - uses: actions/checkout@v4 + - uses: actions/setup-python@v4 + with: + python-version: 3.11 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-prefix }} + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ inputs.salt-version }}" + + - name: Download Onedir Tarball as an Artifact + uses: actions/download-artifact@v3 + with: + name: salt-${{ inputs.salt-version }}-onedir-windows-${{ matrix.arch }}.zip + path: artifacts/ + + - name: Code signing with Software Trust Manager + if: ${{ steps.check-pkg-sign.outputs.sign-pkgs == 'true' }} + uses: digicert/ssm-code-signing@v0.0.2 + + - name: Setup Certificate + if: ${{ steps.check-pkg-sign.outputs.sign-pkgs == 'true' }} + shell: bash + run: | + echo "${{ secrets.WIN_SIGN_CERT_FILE_B64 }}" | base64 --decode > /d/Certificate_pkcs12.p12 + + - name: Build Windows Packages + run: | + tools pkg build windows --relenv-version=${{ inputs.relenv-version }} --python-version=${{ inputs.python-version }} ${{ + inputs.source == 'onedir' && + format( + '--onedir salt-{0}-onedir-windows-{1}.zip --salt-version {0} --arch {1} {2}', + inputs.salt-version, + matrix.arch, + steps.check-pkg-sign.outputs.sign-pkgs == 'true' && '--sign' || '' + ) + || + format('--salt-version {0} --arch {1}', inputs.salt-version, matrix.arch) + }} + + - name: Set Artifact Name + id: set-artifact-name + shell: bash + run: | + if [ "${{ inputs.source }}" != "src" ]; then + echo "artifact-name-nsis=salt-${{ inputs.salt-version }}-${{ matrix.arch }}-NSIS" >> "$GITHUB_OUTPUT" + echo "artifact-name-msi=salt-${{ inputs.salt-version }}-${{ matrix.arch }}-MSI" >> "$GITHUB_OUTPUT" + else + echo "artifact-name-nsis=salt-${{ inputs.salt-version }}-${{ matrix.arch }}-NSIS-from-src" >> "$GITHUB_OUTPUT" + echo "artifact-name-msi=salt-${{ inputs.salt-version }}-${{ matrix.arch }}-MSI-from-src" >> "$GITHUB_OUTPUT" + fi + + - name: Upload ${{ matrix.arch }} NSIS Packages + uses: actions/upload-artifact@v3 + with: + name: ${{ steps.set-artifact-name.outputs.artifact-name-nsis }} + path: pkg/windows/build/Salt-*.exe + retention-days: 7 + if-no-files-found: error + + - name: Upload ${{ matrix.arch }} MSI Package + uses: actions/upload-artifact@v3 + with: + name: ${{ steps.set-artifact-name.outputs.artifact-name-msi }} + path: pkg/windows/build/Salt-*.msi + retention-days: 7 + if-no-files-found: error diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000..86002b2e --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,3128 @@ +# Do not edit these workflows directly as the changes made will be overwritten. +# Instead, edit the template '.github/workflows/templates/ci.yml.jinja' +--- +name: CI +run-name: "CI (${{ github.event_name == 'pull_request' && format('pr: #{0}', github.event.number) || format('{0}: {1}', startsWith(github.event.ref, 'refs/tags') && 'tag' || 'branch', github.ref_name) }})" + +on: + push: {} + pull_request: + types: + - labeled + - unlabeled + - opened + - reopened + - synchronize + +env: + COLUMNS: 190 + CACHE_SEED: SEED-2 # Bump the number to invalidate all caches + RELENV_DATA: "${{ github.workspace }}/.relenv" + +permissions: + contents: read # for dorny/paths-filter to fetch a list of changed files + pull-requests: read # for dorny/paths-filter to read pull requests + actions: read # for technote-space/workflow-conclusion-action to get the job statuses + +concurrency: + # Concurrency is defined in a way that concurrent builds against branches do + # not cancel previous builds. + # However, for every new build against the same pull request source branch, + # all older builds against that same branch get canceled. + group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.repository }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + + prepare-workflow: + name: Prepare Workflow Run + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + outputs: + jobs: ${{ steps.define-jobs.outputs.jobs }} + runners: ${{ steps.runner-types.outputs.runners }} + changed-files: ${{ steps.process-changed-files.outputs.changed-files }} + pull-labels: ${{ steps.get-pull-labels.outputs.labels }} + testrun: ${{ steps.define-testrun.outputs.testrun }} + salt-version: ${{ steps.setup-salt-version.outputs.salt-version }} + cache-seed: ${{ steps.set-cache-seed.outputs.cache-seed }} + latest-release: ${{ steps.get-salt-releases.outputs.latest-release }} + releases: ${{ steps.get-salt-releases.outputs.releases }} + release-changelog-target: ${{ steps.get-release-changelog-target.outputs.release-changelog-target }} + testing-releases: ${{ steps.get-testing-releases.outputs.testing-releases }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Full clone to also get the tags to get the right salt version + + - name: Get Changed Files + if: ${{ github.event_name == 'pull_request'}} + id: changed-files + uses: dorny/paths-filter@v2 + with: + token: ${{ github.token }} + list-files: json + filters: | + repo: + - added|modified: + - '**' + doc-requirements: + - added|modified: &doc_requirements + - requirements/static/ci/py3.*/docs.txt + lint-requirements: + - added|modified: &lint_requirements + - requirements/static/ci/py3.*/lint.txt + pkg_requirements: + - added|modified: &pkg_requirements + - requirements/static/pkg/py3.*/darwin.txt + - requirements/static/pkg/py3.*/linux.txt + - requirements/static/pkg/py3.*/freebsd.txt + - requirements/static/pkg/py3.*/windows.txt + test_requirements: + - added|modified: &test_requirements + - requirements/static/ci/py3.*/darwin.txt + - requirements/static/ci/py3.*/linux.txt + - requirements/static/ci/py3.*/freebsd.txt + - requirements/static/ci/py3.*/windows.txt + - requirements/static/ci/py3.*/darwin-crypto.txt + - requirements/static/ci/py3.*/linux-crypto.txt + - requirements/static/ci/py3.*/freebsd-crypto.txt + - requirements/static/ci/py3.*/windows-crypto.txt + deleted: + - deleted: + - '**' + docs: + - added|modified: + - doc/** + - *doc_requirements + workflows: + - added|modified: + - cicd/shared-gh-workflows-context.yml + - .github/actions/**/action.yml + - .github/workflows/*.yml + - .github/workflows/templates/*.yml.jinja2 + - tools/precommit/workflows.py + salt: + - added|modified: &salt_added_modified + - setup.py + - noxfile.py + - salt/**/*.py + - tasks/**/*.py + - tools/**/*.py + tests: + - added|modified: &tests_added_modified + - tests/**/*.py + lint: + - added|modified: + - .pylintrc + - *lint_requirements + golden_images: + - added|modified: + - cicd/golden-images.json + pkg_tests: + - added|modified: &pkg_tests_added_modified + - pkg/** + - *pkg_requirements + - *salt_added_modified + testrun: + - added|modified: + - *pkg_requirements + - *test_requirements + - *salt_added_modified + - *tests_added_modified + - *pkg_tests_added_modified + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ env.CACHE_SEED }} + + - name: Pretty Print The GH Actions Event + run: + tools ci print-gh-event + + - name: Set Cache Seed Output + id: set-cache-seed + run: | + tools ci define-cache-seed ${{ env.CACHE_SEED }} + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "" + validate-version: true + + - name: Get Pull Request Test Labels + id: get-pull-labels + if: ${{ github.event_name == 'pull_request'}} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools ci get-pr-test-labels --repository ${{ github.repository }} + + - name: Write Changed Files To A Local File + run: + echo '${{ toJSON(steps.changed-files.outputs) }}' > changed-files.json + + - name: Check Local Changed Files Contents + if: ${{ github.event_name == 'pull_request' }} + run: + cat changed-files.json + + - name: Process Changed Files + id: process-changed-files + run: | + tools ci process-changed-files ${{ github.event_name }} changed-files.json + + - name: Check Collected Changed Files + if: ${{ github.event_name == 'pull_request' }} + run: | + echo '${{ steps.process-changed-files.outputs.changed-files }}' | jq -C '.' + + - name: Define Runner Types + id: runner-types + run: | + tools ci runner-types ${{ github.event_name }} + + - name: Check Defined Runners + run: | + echo '${{ steps.runner-types.outputs.runners }}' | jq -C '.' + + - name: Define Jobs + id: define-jobs + run: | + tools ci define-jobs ${{ github.event_name }} changed-files.json + + - name: Check Defined Jobs + run: | + echo '${{ steps.define-jobs.outputs.jobs }}' | jq -C '.' + + - name: Get Salt Releases + id: get-salt-releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools ci get-releases + + - name: Get Latest Salt Releases for Testing + id: get-testing-releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools ci get-testing-releases ${{ join(fromJSON(steps.get-salt-releases.outputs.releases), ' ') }} --salt-version ${{ steps.setup-salt-version.outputs.salt-version }} + + - name: Check Salt Releases + run: | + echo '${{ steps.get-salt-releases.outputs.latest-release }}' | jq -C '.' + echo '${{ steps.get-salt-releases.outputs.releases }}' | jq -C '.' + echo '${{ steps.get-testing-releases.outputs.testing-releases }}' | jq -C '.' + + - name: Define Testrun + id: define-testrun + run: | + tools ci define-testrun ${{ github.event_name }} changed-files.json + + - name: Check Defined Test Run + run: | + echo '${{ steps.define-testrun.outputs.testrun }}' | jq -C '.' + + - name: Check Contents of generated testrun-changed-files.txt + if: ${{ fromJSON(steps.define-testrun.outputs.testrun)['type'] != 'full' }} + run: | + cat testrun-changed-files.txt || true + + - name: Upload testrun-changed-files.txt + if: ${{ fromJSON(steps.define-testrun.outputs.testrun)['type'] != 'full' }} + uses: actions/upload-artifact@v3 + with: + name: testrun-changed-files.txt + path: testrun-changed-files.txt + + - name: Get Release Changelog Target + id: get-release-changelog-target + run: | + tools ci get-release-changelog-target ${{ github.event_name }} + + + pre-commit: + name: Pre-Commit + if: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + uses: ./.github/workflows/pre-commit-action.yml + needs: + - prepare-workflow + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + changed-files: ${{ needs.prepare-workflow.outputs.changed-files }} + pre-commit-version: "3.0.4" + + lint: + name: Lint + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['lint'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + uses: ./.github/workflows/lint-action.yml + needs: + - prepare-workflow + with: + changed-files: ${{ needs.prepare-workflow.outputs.changed-files }} + + prepare-release: + name: "Prepare Release: ${{ needs.prepare-workflow.outputs.salt-version }}" + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['prepare-release'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "medium", "x86_64"]') || 'ubuntu-latest' }} + needs: + - prepare-workflow + steps: + - uses: actions/checkout@v4 + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}-changelog + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + - name: Update Debian changelog + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools changelog update-deb --draft + tools changelog update-deb + + - name: Update RPM changelog + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools changelog update-rpm --draft + tools changelog update-rpm + + - name: Create Release Notes Template + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + if [ "${{ needs.prepare-workflow.outputs.release-changelog-target }}" == "next-major-release" ]; then + tools changelog update-release-notes --next-release --template-only + else + tools changelog update-release-notes --template-only + fi + + - name: Update Release Notes + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + if [ "${{ needs.prepare-workflow.outputs.release-changelog-target }}" == "next-major-release" ]; then + tools changelog update-release-notes --draft --next-release + tools changelog update-release-notes --next-release + else + tools changelog update-release-notes --draft + tools changelog update-release-notes + fi + + - name: Generate MAN Pages + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + env: + LATEST_RELEASE: "${{ needs.prepare-workflow.outputs.salt-version }}" + SALT_ON_SALTSTACK: "1" + run: | + tools docs man + + - name: Update Changelog + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools changelog update-changelog-md --draft + tools changelog update-changelog-md + + - name: Show Changes Diff + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + git diff --color + + - name: Configure Git + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + git config --global user.name "Salt Project Packaging" + git config --global user.email saltproject-packaging@vmware.com + + - name: Setup Pre-Commit + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + uses: ./.github/actions/setup-pre-commit + with: + version: "3.0.4" + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Commit Changes + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + env: + SKIP: lint-salt,lint-tests + PRE_COMMIT_COLOR: always + run: | + # Run it twice so that pre-commit can fix anything that can be automatically fixed. + git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}" || \ + git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}" + + - name: Create release changes patch + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + git format-patch --keep-subject --binary --stdout HEAD^ > salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + + - name: Upload Changes Diff Artifact + uses: actions/upload-artifact@v3 + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + path: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + retention-days: 7 + if-no-files-found: error + + build-docs: + name: Documentation + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-docs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-source-tarball + uses: ./.github/workflows/build-docs.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + build-source-tarball: + name: Build Source Tarball + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-source-tarball'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - prepare-release + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "medium", "x86_64"]') || 'ubuntu-latest' }} + steps: + - uses: actions/checkout@v4 + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}-build + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + - name: Build Source Tarball + uses: ./.github/actions/build-source-tarball + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + build-deps-onedir-linux: + name: Build Dependencies Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-onedir'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + uses: ./.github/workflows/build-deps-onedir-linux.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-deps-onedir-windows: + name: Build Dependencies Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-onedir'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + uses: ./.github/workflows/build-deps-onedir-windows.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-deps-onedir-macos: + name: Build Dependencies Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-onedir'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + uses: ./.github/workflows/build-deps-onedir-macos.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-salt-onedir-linux: + name: Build Salt Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-salt-onedir'] }} + needs: + - prepare-workflow + - build-deps-onedir-linux + - build-source-tarball + uses: ./.github/workflows/build-salt-onedir-linux.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-salt-onedir-windows: + name: Build Salt Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-salt-onedir'] }} + needs: + - prepare-workflow + - build-deps-onedir-windows + - build-source-tarball + uses: ./.github/workflows/build-salt-onedir-windows.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-salt-onedir-macos: + name: Build Salt Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-salt-onedir'] }} + needs: + - prepare-workflow + - build-deps-onedir-macos + - build-source-tarball + uses: ./.github/workflows/build-salt-onedir-macos.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-rpm-pkgs-onedir: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-rpm-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "onedir" + + build-rpm-pkgs-src: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-rpm-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "src" + + build-deb-pkgs-onedir: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deb-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "onedir" + + build-deb-pkgs-src: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deb-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "src" + + build-windows-pkgs-onedir: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-windows-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "onedir" + + build-windows-pkgs-src: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-windows-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "src" + + build-macos-pkgs-onedir: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-macos-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "onedir" + + build-macos-pkgs-src: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-macos-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "src" + + windows-2016-ci-deps: + name: Windows 2016 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: windows-2016 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + windows-2019-ci-deps: + name: Windows 2019 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: windows-2019 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + windows-2022-ci-deps: + name: Windows 2022 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: windows-2022 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + macos-12-ci-deps: + name: macOS 12 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-deps-ci-action-macos.yml + with: + distro-slug: macos-12 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + macos-13-ci-deps: + name: macOS 13 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-deps-ci-action-macos.yml + with: + distro-slug: macos-13 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + macos-13-xlarge-ci-deps: + name: macOS 13 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-deps-ci-action-macos.yml + with: + distro-slug: macos-13-xlarge + nox-session: ci-test-onedir + platform: darwin + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-8-ci-deps: + name: Alma Linux 8 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-8-arm64-ci-deps: + name: Alma Linux 8 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-8-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-9-ci-deps: + name: Alma Linux 9 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-9-arm64-ci-deps: + name: Alma Linux 9 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-9-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2-ci-deps: + name: Amazon Linux 2 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2-arm64-ci-deps: + name: Amazon Linux 2 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2023-ci-deps: + name: Amazon Linux 2023 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2023 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2023-arm64-ci-deps: + name: Amazon Linux 2023 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2023-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + archlinux-lts-ci-deps: + name: Arch Linux LTS Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: archlinux-lts + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centos-7-ci-deps: + name: CentOS 7 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centos-7 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centos-7-arm64-ci-deps: + name: CentOS 7 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centos-7-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-8-ci-deps: + name: CentOS Stream 8 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-8-arm64-ci-deps: + name: CentOS Stream 8 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-8-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-9-ci-deps: + name: CentOS Stream 9 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-9-arm64-ci-deps: + name: CentOS Stream 9 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-9-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-10-ci-deps: + name: Debian 10 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-10 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-11-ci-deps: + name: Debian 11 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-11 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-11-arm64-ci-deps: + name: Debian 11 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-11-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-12-ci-deps: + name: Debian 12 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-12 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-12-arm64-ci-deps: + name: Debian 12 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-12-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-37-ci-deps: + name: Fedora 37 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-37 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-37-arm64-ci-deps: + name: Fedora 37 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-37-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-38-ci-deps: + name: Fedora 38 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-38 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-38-arm64-ci-deps: + name: Fedora 38 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-38-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + opensuse-15-ci-deps: + name: Opensuse 15 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: opensuse-15 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-3-ci-deps: + name: Photon OS 3 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-3 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-3-arm64-ci-deps: + name: Photon OS 3 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-3-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-4-ci-deps: + name: Photon OS 4 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-4 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-4-arm64-ci-deps: + name: Photon OS 4 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-4-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-5-ci-deps: + name: Photon OS 5 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-5 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-5-arm64-ci-deps: + name: Photon OS 5 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-5-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2004-ci-deps: + name: Ubuntu 20.04 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-20.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2004-arm64-ci-deps: + name: Ubuntu 20.04 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-20.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2204-ci-deps: + name: Ubuntu 22.04 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-22.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2204-arm64-ci-deps: + name: Ubuntu 22.04 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-22.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2-pkg-tests: + name: Amazon Linux 2 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - amazonlinux-2-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: amazonlinux-2 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + amazonlinux-2-arm64-pkg-tests: + name: Amazon Linux 2 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - amazonlinux-2-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: amazonlinux-2-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + amazonlinux-2023-pkg-tests: + name: Amazon Linux 2023 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - amazonlinux-2023-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: amazonlinux-2023 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + amazonlinux-2023-arm64-pkg-tests: + name: Amazon Linux 2023 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - amazonlinux-2023-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: amazonlinux-2023-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + centos-7-pkg-tests: + name: CentOS 7 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - centos-7-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: centos-7 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + centosstream-8-pkg-tests: + name: CentOS Stream 8 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - centosstream-8-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: centosstream-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + centosstream-9-pkg-tests: + name: CentOS Stream 9 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - centosstream-9-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: centosstream-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + centosstream-9-arm64-pkg-tests: + name: CentOS Stream 9 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - centosstream-9-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: centosstream-9-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-10-pkg-tests: + name: Debian 10 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-10-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-10 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-11-pkg-tests: + name: Debian 11 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-11-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-11 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-11-arm64-pkg-tests: + name: Debian 11 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-11-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-11-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-12-pkg-tests: + name: Debian 12 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-12-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-12 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-12-arm64-pkg-tests: + name: Debian 12 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-12-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-12-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + photonos-3-pkg-tests: + name: Photon OS 3 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-3-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-3 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + photonos-3-arm64-pkg-tests: + name: Photon OS 3 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-3-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-3-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + photonos-4-pkg-tests: + name: Photon OS 4 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-4-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-4 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + fips: true + + photonos-4-arm64-pkg-tests: + name: Photon OS 4 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-4-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-4-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + fips: true + + photonos-5-pkg-tests: + name: Photon OS 5 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-5-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-5 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + fips: true + + photonos-5-arm64-pkg-tests: + name: Photon OS 5 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-5-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-5-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + fips: true + + ubuntu-2004-pkg-tests: + name: Ubuntu 20.04 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - ubuntu-2004-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: ubuntu-20.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + ubuntu-2004-arm64-pkg-tests: + name: Ubuntu 20.04 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - ubuntu-2004-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: ubuntu-20.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + ubuntu-2204-pkg-tests: + name: Ubuntu 22.04 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - ubuntu-2204-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: ubuntu-22.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + ubuntu-2204-arm64-pkg-tests: + name: Ubuntu 22.04 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - ubuntu-2204-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: ubuntu-22.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + macos-12-pkg-tests: + name: macOS 12 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-macos-pkgs-onedir + - macos-12-ci-deps + uses: ./.github/workflows/test-packages-action-macos.yml + with: + distro-slug: macos-12 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: macos + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + macos-13-pkg-tests: + name: macOS 13 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-macos-pkgs-onedir + - macos-13-ci-deps + uses: ./.github/workflows/test-packages-action-macos.yml + with: + distro-slug: macos-13 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: macos + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + macos-13-xlarge-pkg-tests: + name: macOS 13 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-macos-pkgs-onedir + - macos-13-xlarge-ci-deps + uses: ./.github/workflows/test-packages-action-macos.yml + with: + distro-slug: macos-13-xlarge + nox-session: ci-test-onedir + platform: darwin + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: macos + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2016-nsis-pkg-tests: + name: Windows 2016 NSIS Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2016-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2016 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: NSIS + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2016-msi-pkg-tests: + name: Windows 2016 MSI Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2016-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2016 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: MSI + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2019-nsis-pkg-tests: + name: Windows 2019 NSIS Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2019-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2019 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: NSIS + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2019-msi-pkg-tests: + name: Windows 2019 MSI Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2019-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2019 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: MSI + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2022-nsis-pkg-tests: + name: Windows 2022 NSIS Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2022-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2022 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: NSIS + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2022-msi-pkg-tests: + name: Windows 2022 MSI Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2022-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2022 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: MSI + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2016: + name: Windows 2016 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - windows-2016-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: windows-2016 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 210 || 360 }} + + windows-2019: + name: Windows 2019 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - windows-2019-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: windows-2019 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 210 || 360 }} + + windows-2022: + name: Windows 2022 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - windows-2022-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: windows-2022 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 210 || 360 }} + + macos-12: + name: macOS 12 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - macos-12-ci-deps + uses: ./.github/workflows/test-action-macos.yml + with: + distro-slug: macos-12 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + macos-13: + name: macOS 13 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - macos-13-ci-deps + uses: ./.github/workflows/test-action-macos.yml + with: + distro-slug: macos-13 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + macos-13-xlarge: + name: macOS 13 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - macos-13-xlarge-ci-deps + uses: ./.github/workflows/test-action-macos.yml + with: + distro-slug: macos-13-xlarge + nox-session: ci-test-onedir + platform: darwin + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + almalinux-8: + name: Alma Linux 8 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - almalinux-8-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: almalinux-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + almalinux-9: + name: Alma Linux 9 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - almalinux-9-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: almalinux-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + amazonlinux-2: + name: Amazon Linux 2 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - amazonlinux-2-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: amazonlinux-2 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + amazonlinux-2-arm64: + name: Amazon Linux 2 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - amazonlinux-2-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: amazonlinux-2-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + amazonlinux-2023: + name: Amazon Linux 2023 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - amazonlinux-2023-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: amazonlinux-2023 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + amazonlinux-2023-arm64: + name: Amazon Linux 2023 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - amazonlinux-2023-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: amazonlinux-2023-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + archlinux-lts: + name: Arch Linux LTS Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - archlinux-lts-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: archlinux-lts + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + centos-7: + name: CentOS 7 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - centos-7-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: centos-7 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + centosstream-8: + name: CentOS Stream 8 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - centosstream-8-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: centosstream-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + centosstream-9: + name: CentOS Stream 9 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - centosstream-9-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: centosstream-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-10: + name: Debian 10 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-10-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-10 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-11: + name: Debian 11 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-11-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-11 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-11-arm64: + name: Debian 11 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-11-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-11-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-12: + name: Debian 12 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-12-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-12 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-12-arm64: + name: Debian 12 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-12-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-12-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + fedora-37: + name: Fedora 37 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - fedora-37-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: fedora-37 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + fedora-38: + name: Fedora 38 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - fedora-38-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: fedora-38 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + opensuse-15: + name: Opensuse 15 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - opensuse-15-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: opensuse-15 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + photonos-3: + name: Photon OS 3 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-3-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-3 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + photonos-3-arm64: + name: Photon OS 3 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-3-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-3-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + photonos-4: + name: Photon OS 4 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-4-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-4 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + fips: true + + photonos-4-arm64: + name: Photon OS 4 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-4-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-4-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + fips: true + + photonos-5: + name: Photon OS 5 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-5-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-5 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + fips: true + + photonos-5-arm64: + name: Photon OS 5 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-5-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-5-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + fips: true + + ubuntu-2004: + name: Ubuntu 20.04 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - ubuntu-2004-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: ubuntu-20.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + ubuntu-2004-arm64: + name: Ubuntu 20.04 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - ubuntu-2004-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: ubuntu-20.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + ubuntu-2204: + name: Ubuntu 22.04 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - ubuntu-2204-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: ubuntu-22.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + ubuntu-2204-arm64: + name: Ubuntu 22.04 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - ubuntu-2204-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: ubuntu-22.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }} + skip-junit-reports: ${{ github.event_name == 'pull_request' }} + workflow-slug: ci + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + combine-all-code-coverage: + name: Combine Code Coverage + if: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] == false }} + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + needs: + - prepare-workflow + - windows-2016-ci-deps + - windows-2019-ci-deps + - windows-2022-ci-deps + - macos-12-ci-deps + - macos-13-ci-deps + - macos-13-xlarge-ci-deps + - almalinux-8-ci-deps + - almalinux-8-arm64-ci-deps + - almalinux-9-ci-deps + - almalinux-9-arm64-ci-deps + - amazonlinux-2-ci-deps + - amazonlinux-2-arm64-ci-deps + - amazonlinux-2023-ci-deps + - amazonlinux-2023-arm64-ci-deps + - archlinux-lts-ci-deps + - centos-7-ci-deps + - centos-7-arm64-ci-deps + - centosstream-8-ci-deps + - centosstream-8-arm64-ci-deps + - centosstream-9-ci-deps + - centosstream-9-arm64-ci-deps + - debian-10-ci-deps + - debian-11-ci-deps + - debian-11-arm64-ci-deps + - debian-12-ci-deps + - debian-12-arm64-ci-deps + - fedora-37-ci-deps + - fedora-37-arm64-ci-deps + - fedora-38-ci-deps + - fedora-38-arm64-ci-deps + - opensuse-15-ci-deps + - photonos-3-ci-deps + - photonos-3-arm64-ci-deps + - photonos-4-ci-deps + - photonos-4-arm64-ci-deps + - photonos-5-ci-deps + - photonos-5-arm64-ci-deps + - ubuntu-2004-ci-deps + - ubuntu-2004-arm64-ci-deps + - ubuntu-2204-ci-deps + - ubuntu-2204-arm64-ci-deps + - windows-2016 + - windows-2019 + - windows-2022 + - macos-12 + - macos-13 + - macos-13-xlarge + - almalinux-8 + - almalinux-9 + - amazonlinux-2 + - amazonlinux-2-arm64 + - amazonlinux-2023 + - amazonlinux-2023-arm64 + - archlinux-lts + - centos-7 + - centosstream-8 + - centosstream-9 + - debian-10 + - debian-11 + - debian-11-arm64 + - debian-12 + - debian-12-arm64 + - fedora-37 + - fedora-38 + - opensuse-15 + - photonos-3 + - photonos-3-arm64 + - photonos-4 + - photonos-4-arm64 + - photonos-5 + - photonos-5-arm64 + - ubuntu-2004 + - ubuntu-2004-arm64 + - ubuntu-2204 + - ubuntu-2204-arm64 + steps: + - uses: actions/checkout@v4 + + - name: Set up Python 3.10 + if: ${{ github.event.repository.private == false }} + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + id: python-tools-scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}-coverage + + - name: Install Nox + run: | + python3 -m pip install 'nox==2022.8.7' + + + + - name: Get coverage reports + id: get-coverage-reports + uses: actions/download-artifact@v3 + with: + name: all-testrun-coverage-artifacts + path: artifacts/coverage/ + + - name: Display structure of downloaded files + run: tree -a artifacts/ + + - name: Install Codecov CLI + run: | + # We can't yet use tokenless uploads with the codecov CLI + # python3 -m pip install codecov-cli + # + curl https://keybase.io/codecovsecurity/pgp_keys.asc | gpg --no-default-keyring --import + curl -Os https://uploader.codecov.io/latest/linux/codecov + curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM + curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM.sig + gpg --verify codecov.SHA256SUM.sig codecov.SHA256SUM + shasum -a 256 -c codecov.SHA256SUM + chmod +x codecov + mv ./codecov /usr/local/bin/ + + - name: Create XML Coverage Reports + run: | + nox --force-color -e create-xml-coverage-reports + + - name: Upload Code Coverage To Codecov + run: | + tools ci upload-coverage --commit-sha=${{ github.event.pull_request.head.sha || github.sha }} artifacts/coverage/ + + - name: Combine Code Coverage + run: | + nox --force-color -e combine-coverage + + - name: Report Salt Code Coverage + run: | + nox --force-color -e coverage-report -- salt + + - name: Create Salt Code Coverage HTML Report + run: | + nox --force-color -e create-html-coverage-report -- salt + + - name: Create Salt Code Coverage HTML Report + run: | + nox --force-color -e create-html-coverage-report -- salt + + - name: Upload Salt Code Coverage HTML Report + uses: actions/upload-artifact@v3 + with: + name: code-coverage-salt-html-report + path: artifacts/coverage/html/salt + retention-days: 7 + if-no-files-found: error + + - name: Report Combined Code Coverage + run: | + nox --force-color -e coverage-report + + - name: Create Combined Code Coverage JSON Report + run: | + nox --force-color -e create-json-coverage-reports + + - name: Upload Combined Code Coverage JSON Report + uses: actions/upload-artifact@v3 + with: + name: code-coverage-full-json-report + path: artifacts/coverage/coverage.json + retention-days: 7 + if-no-files-found: error + + - name: Create Combined Code Coverage HTML Report + run: | + nox --force-color -e create-html-coverage-report + + - name: Upload Combined Code Coverage HTML Report + uses: actions/upload-artifact@v3 + with: + name: code-coverage-full-html-report + path: artifacts/coverage/html/full + retention-days: 7 + if-no-files-found: error + + set-pipeline-exit-status: + # This step is just so we can make github require this step, to pass checks + # on a pull request instead of requiring all + name: Set the ${{ github.workflow }} Pipeline Exit Status + if: always() + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + needs: + - prepare-workflow + - pre-commit + - lint + - build-docs + - build-deps-onedir-linux + - build-deps-onedir-windows + - build-deps-onedir-macos + - build-salt-onedir-linux + - build-salt-onedir-windows + - build-salt-onedir-macos + - build-rpm-pkgs-src + - build-deb-pkgs-src + - build-windows-pkgs-src + - build-macos-pkgs-src + - combine-all-code-coverage + - windows-2016-ci-deps + - windows-2019-ci-deps + - windows-2022-ci-deps + - macos-12-ci-deps + - macos-13-ci-deps + - macos-13-xlarge-ci-deps + - almalinux-8-ci-deps + - almalinux-8-arm64-ci-deps + - almalinux-9-ci-deps + - almalinux-9-arm64-ci-deps + - amazonlinux-2-ci-deps + - amazonlinux-2-arm64-ci-deps + - amazonlinux-2023-ci-deps + - amazonlinux-2023-arm64-ci-deps + - archlinux-lts-ci-deps + - centos-7-ci-deps + - centos-7-arm64-ci-deps + - centosstream-8-ci-deps + - centosstream-8-arm64-ci-deps + - centosstream-9-ci-deps + - centosstream-9-arm64-ci-deps + - debian-10-ci-deps + - debian-11-ci-deps + - debian-11-arm64-ci-deps + - debian-12-ci-deps + - debian-12-arm64-ci-deps + - fedora-37-ci-deps + - fedora-37-arm64-ci-deps + - fedora-38-ci-deps + - fedora-38-arm64-ci-deps + - opensuse-15-ci-deps + - photonos-3-ci-deps + - photonos-3-arm64-ci-deps + - photonos-4-ci-deps + - photonos-4-arm64-ci-deps + - photonos-5-ci-deps + - photonos-5-arm64-ci-deps + - ubuntu-2004-ci-deps + - ubuntu-2004-arm64-ci-deps + - ubuntu-2204-ci-deps + - ubuntu-2204-arm64-ci-deps + - windows-2016 + - windows-2019 + - windows-2022 + - macos-12 + - macos-13 + - macos-13-xlarge + - almalinux-8 + - almalinux-9 + - amazonlinux-2 + - amazonlinux-2-arm64 + - amazonlinux-2023 + - amazonlinux-2023-arm64 + - archlinux-lts + - centos-7 + - centosstream-8 + - centosstream-9 + - debian-10 + - debian-11 + - debian-11-arm64 + - debian-12 + - debian-12-arm64 + - fedora-37 + - fedora-38 + - opensuse-15 + - photonos-3 + - photonos-3-arm64 + - photonos-4 + - photonos-4-arm64 + - photonos-5 + - photonos-5-arm64 + - ubuntu-2004 + - ubuntu-2004-arm64 + - ubuntu-2204 + - ubuntu-2204-arm64 + - amazonlinux-2-pkg-tests + - amazonlinux-2-arm64-pkg-tests + - amazonlinux-2023-pkg-tests + - amazonlinux-2023-arm64-pkg-tests + - centos-7-pkg-tests + - centosstream-8-pkg-tests + - centosstream-9-pkg-tests + - centosstream-9-arm64-pkg-tests + - debian-10-pkg-tests + - debian-11-pkg-tests + - debian-11-arm64-pkg-tests + - debian-12-pkg-tests + - debian-12-arm64-pkg-tests + - photonos-3-pkg-tests + - photonos-3-arm64-pkg-tests + - photonos-4-pkg-tests + - photonos-4-arm64-pkg-tests + - photonos-5-pkg-tests + - photonos-5-arm64-pkg-tests + - ubuntu-2004-pkg-tests + - ubuntu-2004-arm64-pkg-tests + - ubuntu-2204-pkg-tests + - ubuntu-2204-arm64-pkg-tests + - macos-12-pkg-tests + - macos-13-pkg-tests + - macos-13-xlarge-pkg-tests + - windows-2016-nsis-pkg-tests + - windows-2016-msi-pkg-tests + - windows-2019-nsis-pkg-tests + - windows-2019-msi-pkg-tests + - windows-2022-nsis-pkg-tests + - windows-2022-msi-pkg-tests + steps: + - name: Get workflow information + id: get-workflow-info + uses: technote-space/workflow-conclusion-action@v3 + + - name: Set Pipeline Exit Status + shell: bash + run: | + if [ "${{ steps.get-workflow-info.outputs.conclusion }}" != "success" ]; then + exit 1 + else + exit 0 + fi + + - name: Done + if: always() + run: + echo "All worflows finished" diff --git a/.github/workflows/lint-action.yml b/.github/workflows/lint-action.yml new file mode 100644 index 00000000..347ddd29 --- /dev/null +++ b/.github/workflows/lint-action.yml @@ -0,0 +1,105 @@ +--- +name: Lint + +on: + workflow_call: + inputs: + changed-files: + required: true + type: string + description: JSON string containing information about changed files + + +env: + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + + +jobs: + Salt: + name: Lint Salt's Source Code + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "large", "x86_64"]') || 'ubuntu-latest' }} + if: ${{ contains(fromJSON('["push", "schedule", "workflow_dispatch"]'), github.event_name) || fromJSON(inputs.changed-files)['salt'] || fromJSON(inputs.changed-files)['lint'] }} + + container: + image: ghcr.io/saltstack/salt-ci-containers/python:3.8 + + steps: + - name: Install System Deps + run: | + apt-get update + apt-get install -y enchant-2 git gcc make zlib1g-dev libc-dev libffi-dev g++ libxml2 libxml2-dev libxslt-dev libcurl4-openssl-dev libssl-dev libgnutls28-dev + + - name: Add Git Safe Directory + run: | + git config --global --add safe.directory "$(pwd)" + + - uses: actions/checkout@v4 + + - name: Install Nox + run: | + python -m pip install --upgrade pip + pip install nox + + - name: Install Python Requirements + run: + nox --install-only --forcecolor -e lint-salt + + - name: Lint Changed Files + if: github.event_name == 'pull_request' && fromJSON(inputs.changed-files)['salt'] && ! fromJSON(inputs.changed-files)['lint'] + env: + SKIP_REQUIREMENTS_INSTALL: YES + run: | + nox --forcecolor -e lint-salt -- ${{ join(fromJSON(inputs.changed-files)['salt_files'], ' ') }} + + - name: Lint ALL Files + if: github.event_name != 'pull_request' || fromJSON(inputs.changed-files)['lint'] + env: + SKIP_REQUIREMENTS_INSTALL: YES + run: | + nox --forcecolor -e lint-salt + + + Tests: + name: Lint Salt's Test Suite + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "large", "x86_64"]') || 'ubuntu-latest' }} + if: ${{ contains(fromJSON('["push", "schedule", "workflow_dispatch"]'), github.event_name) || fromJSON(inputs.changed-files)['tests'] || fromJSON(inputs.changed-files)['lint'] }} + + container: + image: ghcr.io/saltstack/salt-ci-containers/python:3.8 + + steps: + - name: Install System Deps + run: | + echo "deb http://deb.debian.org/debian bookworm-backports main" >> /etc/apt/sources.list + apt-get update + apt-get install -y enchant-2 git gcc make zlib1g-dev libc-dev libffi-dev g++ libxml2 libxml2-dev libxslt-dev libcurl4-openssl-dev libssl-dev libgnutls28-dev + + - name: Add Git Safe Directory + run: | + git config --global --add safe.directory "$(pwd)" + + - uses: actions/checkout@v4 + + - name: Install Nox + run: | + python -m pip install --upgrade pip + pip install nox + + - name: Install Python Requirements + run: + nox --install-only --forcecolor -e lint-tests + + - name: Lint Changed Files + if: github.event_name == 'pull_request' && fromJSON(inputs.changed-files)['tests'] && ! fromJSON(inputs.changed-files)['lint'] + env: + SKIP_REQUIREMENTS_INSTALL: YES + run: | + nox --forcecolor -e lint-tests -- ${{ join(fromJSON(inputs.changed-files)['tests_files'], ' ') }} + + - name: Lint ALL Files + if: github.event_name != 'pull_request' || fromJSON(inputs.changed-files)['lint'] + env: + SKIP_REQUIREMENTS_INSTALL: YES + run: | + nox --forcecolor -e lint-tests diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml new file mode 100644 index 00000000..39c17c49 --- /dev/null +++ b/.github/workflows/nightly.yml @@ -0,0 +1,4073 @@ +# Do not edit these workflows directly as the changes made will be overwritten. +# Instead, edit the template '.github/workflows/templates/nightly.yml.jinja' +--- + +name: Nightly +run-name: "Nightly (branch: ${{ github.ref_name }})" + +on: + workflow_dispatch: + inputs: + skip-salt-test-suite: + type: boolean + default: false + description: Skip running the Salt test suite. + skip-salt-pkg-test-suite: + type: boolean + default: false + description: Skip running the Salt packages test suite. + schedule: + # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onschedule + - cron: '0 0 * * *' # Every day at 0AM + +env: + COLUMNS: 190 + CACHE_SEED: SEED-2 # Bump the number to invalidate all caches + RELENV_DATA: "${{ github.workspace }}/.relenv" + +permissions: + contents: read # for dorny/paths-filter to fetch a list of changed files + pull-requests: read # for dorny/paths-filter to read pull requests + actions: write # to trigger branch nightly builds + +concurrency: + group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.repository }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: false + +jobs: + + workflow-requirements: + name: Check Workflow Requirements + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + outputs: + requirements-met: ${{ steps.check-requirements.outputs.requirements-met }} + steps: + - name: Check Requirements + id: check-requirements + run: | + if [ "${{ vars.RUN_SCHEDULED_BUILDS }}" = "1" ]; then + MSG="Running workflow because RUN_SCHEDULED_BUILDS=1" + echo "${MSG}" + echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" + echo "requirements-met=true" >> "${GITHUB_OUTPUT}" + elif [ "${{ github.event.repository.fork }}" = "true" ]; then + MSG="Not running workflow because ${{ github.repository }} is a fork" + echo "${MSG}" + echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" + echo "requirements-met=false" >> "${GITHUB_OUTPUT}" + else + MSG="Running workflow because ${{ github.repository }} is not a fork" + echo "${MSG}" + echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" + echo "requirements-met=true" >> "${GITHUB_OUTPUT}" + fi + + trigger-branch-nightly-builds: + name: Trigger Branch Workflows + if: ${{ github.event_name == 'schedule' && fromJSON(needs.workflow-requirements.outputs.requirements-met) }} + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + needs: + - workflow-requirements + steps: + - name: Trigger 3006.x branch + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + gh workflow run nightly.yml --repo ${{ github.repository }} --ref 3006.x + + prepare-workflow: + name: Prepare Workflow Run + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + if: ${{ fromJSON(needs.workflow-requirements.outputs.requirements-met) }} + needs: + - workflow-requirements + outputs: + jobs: ${{ steps.define-jobs.outputs.jobs }} + runners: ${{ steps.runner-types.outputs.runners }} + changed-files: ${{ steps.process-changed-files.outputs.changed-files }} + pull-labels: ${{ steps.get-pull-labels.outputs.labels }} + testrun: ${{ steps.define-testrun.outputs.testrun }} + salt-version: ${{ steps.setup-salt-version.outputs.salt-version }} + cache-seed: ${{ steps.set-cache-seed.outputs.cache-seed }} + latest-release: ${{ steps.get-salt-releases.outputs.latest-release }} + releases: ${{ steps.get-salt-releases.outputs.releases }} + release-changelog-target: ${{ steps.get-release-changelog-target.outputs.release-changelog-target }} + testing-releases: ${{ steps.get-testing-releases.outputs.testing-releases }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Full clone to also get the tags to get the right salt version + + - name: Get Changed Files + if: ${{ github.event_name == 'pull_request'}} + id: changed-files + uses: dorny/paths-filter@v2 + with: + token: ${{ github.token }} + list-files: json + filters: | + repo: + - added|modified: + - '**' + doc-requirements: + - added|modified: &doc_requirements + - requirements/static/ci/py3.*/docs.txt + lint-requirements: + - added|modified: &lint_requirements + - requirements/static/ci/py3.*/lint.txt + pkg_requirements: + - added|modified: &pkg_requirements + - requirements/static/pkg/py3.*/darwin.txt + - requirements/static/pkg/py3.*/linux.txt + - requirements/static/pkg/py3.*/freebsd.txt + - requirements/static/pkg/py3.*/windows.txt + test_requirements: + - added|modified: &test_requirements + - requirements/static/ci/py3.*/darwin.txt + - requirements/static/ci/py3.*/linux.txt + - requirements/static/ci/py3.*/freebsd.txt + - requirements/static/ci/py3.*/windows.txt + - requirements/static/ci/py3.*/darwin-crypto.txt + - requirements/static/ci/py3.*/linux-crypto.txt + - requirements/static/ci/py3.*/freebsd-crypto.txt + - requirements/static/ci/py3.*/windows-crypto.txt + deleted: + - deleted: + - '**' + docs: + - added|modified: + - doc/** + - *doc_requirements + workflows: + - added|modified: + - cicd/shared-gh-workflows-context.yml + - .github/actions/**/action.yml + - .github/workflows/*.yml + - .github/workflows/templates/*.yml.jinja2 + - tools/precommit/workflows.py + salt: + - added|modified: &salt_added_modified + - setup.py + - noxfile.py + - salt/**/*.py + - tasks/**/*.py + - tools/**/*.py + tests: + - added|modified: &tests_added_modified + - tests/**/*.py + lint: + - added|modified: + - .pylintrc + - *lint_requirements + golden_images: + - added|modified: + - cicd/golden-images.json + pkg_tests: + - added|modified: &pkg_tests_added_modified + - pkg/** + - *pkg_requirements + - *salt_added_modified + testrun: + - added|modified: + - *pkg_requirements + - *test_requirements + - *salt_added_modified + - *tests_added_modified + - *pkg_tests_added_modified + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ env.CACHE_SEED }} + + - name: Pretty Print The GH Actions Event + run: + tools ci print-gh-event + + - name: Set Cache Seed Output + id: set-cache-seed + run: | + tools ci define-cache-seed ${{ env.CACHE_SEED }} + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "" + validate-version: true + + - name: Get Pull Request Test Labels + id: get-pull-labels + if: ${{ github.event_name == 'pull_request'}} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools ci get-pr-test-labels --repository ${{ github.repository }} + + - name: Write Changed Files To A Local File + run: + echo '${{ toJSON(steps.changed-files.outputs) }}' > changed-files.json + + - name: Check Local Changed Files Contents + if: ${{ github.event_name == 'pull_request' }} + run: + cat changed-files.json + + - name: Process Changed Files + id: process-changed-files + run: | + tools ci process-changed-files ${{ github.event_name }} changed-files.json + + - name: Check Collected Changed Files + if: ${{ github.event_name == 'pull_request' }} + run: | + echo '${{ steps.process-changed-files.outputs.changed-files }}' | jq -C '.' + + - name: Define Runner Types + id: runner-types + run: | + tools ci runner-types ${{ github.event_name }} + + - name: Check Defined Runners + run: | + echo '${{ steps.runner-types.outputs.runners }}' | jq -C '.' + + - name: Define Jobs + id: define-jobs + run: | + tools ci define-jobs${{ inputs.skip-salt-test-suite && ' --skip-tests' || '' }}${{ inputs.skip-salt-pkg-test-suite && ' --skip-pkg-tests' || '' }} ${{ github.event_name }} changed-files.json + + - name: Check Defined Jobs + run: | + echo '${{ steps.define-jobs.outputs.jobs }}' | jq -C '.' + + - name: Get Salt Releases + id: get-salt-releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools ci get-releases + + - name: Get Latest Salt Releases for Testing + id: get-testing-releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools ci get-testing-releases ${{ join(fromJSON(steps.get-salt-releases.outputs.releases), ' ') }} --salt-version ${{ steps.setup-salt-version.outputs.salt-version }} + + - name: Check Salt Releases + run: | + echo '${{ steps.get-salt-releases.outputs.latest-release }}' | jq -C '.' + echo '${{ steps.get-salt-releases.outputs.releases }}' | jq -C '.' + echo '${{ steps.get-testing-releases.outputs.testing-releases }}' | jq -C '.' + + - name: Define Testrun + id: define-testrun + run: | + tools ci define-testrun ${{ github.event_name }} changed-files.json + + - name: Check Defined Test Run + run: | + echo '${{ steps.define-testrun.outputs.testrun }}' | jq -C '.' + + - name: Check Contents of generated testrun-changed-files.txt + if: ${{ fromJSON(steps.define-testrun.outputs.testrun)['type'] != 'full' }} + run: | + cat testrun-changed-files.txt || true + + - name: Upload testrun-changed-files.txt + if: ${{ fromJSON(steps.define-testrun.outputs.testrun)['type'] != 'full' }} + uses: actions/upload-artifact@v3 + with: + name: testrun-changed-files.txt + path: testrun-changed-files.txt + + - name: Get Release Changelog Target + id: get-release-changelog-target + run: | + tools ci get-release-changelog-target ${{ github.event_name }} + + + pre-commit: + name: Pre-Commit + if: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + uses: ./.github/workflows/pre-commit-action.yml + needs: + - prepare-workflow + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + changed-files: ${{ needs.prepare-workflow.outputs.changed-files }} + pre-commit-version: "3.0.4" + + lint: + name: Lint + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['lint'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + uses: ./.github/workflows/lint-action.yml + needs: + - prepare-workflow + with: + changed-files: ${{ needs.prepare-workflow.outputs.changed-files }} + + prepare-release: + name: "Prepare Release: ${{ needs.prepare-workflow.outputs.salt-version }}" + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['prepare-release'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "medium", "x86_64"]') || 'ubuntu-latest' }} + needs: + - prepare-workflow + steps: + - uses: actions/checkout@v4 + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}-changelog + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + - name: Update Debian changelog + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools changelog update-deb --draft + tools changelog update-deb + + - name: Update RPM changelog + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools changelog update-rpm --draft + tools changelog update-rpm + + - name: Create Release Notes Template + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + if [ "${{ needs.prepare-workflow.outputs.release-changelog-target }}" == "next-major-release" ]; then + tools changelog update-release-notes --next-release --template-only + else + tools changelog update-release-notes --template-only + fi + + - name: Update Release Notes + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + if [ "${{ needs.prepare-workflow.outputs.release-changelog-target }}" == "next-major-release" ]; then + tools changelog update-release-notes --draft --next-release + tools changelog update-release-notes --next-release + else + tools changelog update-release-notes --draft + tools changelog update-release-notes + fi + + - name: Generate MAN Pages + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + env: + LATEST_RELEASE: "${{ needs.prepare-workflow.outputs.salt-version }}" + SALT_ON_SALTSTACK: "1" + run: | + tools docs man + + - name: Update Changelog + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools changelog update-changelog-md --draft + tools changelog update-changelog-md + + - name: Show Changes Diff + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + git diff --color + + - name: Configure Git + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + git config --global user.name "Salt Project Packaging" + git config --global user.email saltproject-packaging@vmware.com + + - name: Setup Pre-Commit + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + uses: ./.github/actions/setup-pre-commit + with: + version: "3.0.4" + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Commit Changes + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + env: + SKIP: lint-salt,lint-tests + PRE_COMMIT_COLOR: always + run: | + # Run it twice so that pre-commit can fix anything that can be automatically fixed. + git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}" || \ + git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}" + + - name: Create release changes patch + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + git format-patch --keep-subject --binary --stdout HEAD^ > salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + + - name: Upload Changes Diff Artifact + uses: actions/upload-artifact@v3 + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + path: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + retention-days: 7 + if-no-files-found: error + + build-docs: + name: Documentation + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-docs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-source-tarball + uses: ./.github/workflows/build-docs.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + build-source-tarball: + name: Build Source Tarball + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-source-tarball'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - prepare-release + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "medium", "x86_64"]') || 'ubuntu-latest' }} + steps: + - uses: actions/checkout@v4 + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}-build + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + - name: Build Source Tarball + uses: ./.github/actions/build-source-tarball + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + build-deps-onedir-linux: + name: Build Dependencies Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-onedir'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + uses: ./.github/workflows/build-deps-onedir-linux.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-deps-onedir-windows: + name: Build Dependencies Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-onedir'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + uses: ./.github/workflows/build-deps-onedir-windows.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-deps-onedir-macos: + name: Build Dependencies Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-onedir'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + uses: ./.github/workflows/build-deps-onedir-macos.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-salt-onedir-linux: + name: Build Salt Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-salt-onedir'] }} + needs: + - prepare-workflow + - build-deps-onedir-linux + - build-source-tarball + uses: ./.github/workflows/build-salt-onedir-linux.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-salt-onedir-windows: + name: Build Salt Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-salt-onedir'] }} + needs: + - prepare-workflow + - build-deps-onedir-windows + - build-source-tarball + uses: ./.github/workflows/build-salt-onedir-windows.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-salt-onedir-macos: + name: Build Salt Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-salt-onedir'] }} + needs: + - prepare-workflow + - build-deps-onedir-macos + - build-source-tarball + uses: ./.github/workflows/build-salt-onedir-macos.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-rpm-pkgs-onedir: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-rpm-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "onedir" + + build-rpm-pkgs-src: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-rpm-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "src" + + build-deb-pkgs-onedir: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deb-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "onedir" + + build-deb-pkgs-src: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deb-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "src" + + build-windows-pkgs-onedir: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-windows-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "onedir" + environment: nightly + sign-packages: false + secrets: inherit + + build-windows-pkgs-src: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-windows-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "src" + environment: nightly + sign-packages: false + secrets: inherit + + build-macos-pkgs-onedir: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-macos-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "onedir" + environment: nightly + sign-packages: true + secrets: inherit + + build-macos-pkgs-src: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-macos-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "src" + environment: nightly + sign-packages: true + secrets: inherit + + windows-2016-ci-deps: + name: Windows 2016 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: windows-2016 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + windows-2019-ci-deps: + name: Windows 2019 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: windows-2019 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + windows-2022-ci-deps: + name: Windows 2022 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: windows-2022 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + macos-12-ci-deps: + name: macOS 12 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-deps-ci-action-macos.yml + with: + distro-slug: macos-12 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + macos-13-ci-deps: + name: macOS 13 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-deps-ci-action-macos.yml + with: + distro-slug: macos-13 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + macos-13-xlarge-ci-deps: + name: macOS 13 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-deps-ci-action-macos.yml + with: + distro-slug: macos-13-xlarge + nox-session: ci-test-onedir + platform: darwin + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-8-ci-deps: + name: Alma Linux 8 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-8-arm64-ci-deps: + name: Alma Linux 8 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-8-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-9-ci-deps: + name: Alma Linux 9 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-9-arm64-ci-deps: + name: Alma Linux 9 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-9-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2-ci-deps: + name: Amazon Linux 2 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2-arm64-ci-deps: + name: Amazon Linux 2 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2023-ci-deps: + name: Amazon Linux 2023 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2023 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2023-arm64-ci-deps: + name: Amazon Linux 2023 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2023-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + archlinux-lts-ci-deps: + name: Arch Linux LTS Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: archlinux-lts + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centos-7-ci-deps: + name: CentOS 7 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centos-7 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centos-7-arm64-ci-deps: + name: CentOS 7 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centos-7-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-8-ci-deps: + name: CentOS Stream 8 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-8-arm64-ci-deps: + name: CentOS Stream 8 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-8-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-9-ci-deps: + name: CentOS Stream 9 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-9-arm64-ci-deps: + name: CentOS Stream 9 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-9-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-10-ci-deps: + name: Debian 10 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-10 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-11-ci-deps: + name: Debian 11 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-11 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-11-arm64-ci-deps: + name: Debian 11 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-11-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-12-ci-deps: + name: Debian 12 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-12 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-12-arm64-ci-deps: + name: Debian 12 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-12-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-37-ci-deps: + name: Fedora 37 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-37 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-37-arm64-ci-deps: + name: Fedora 37 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-37-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-38-ci-deps: + name: Fedora 38 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-38 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-38-arm64-ci-deps: + name: Fedora 38 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-38-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + opensuse-15-ci-deps: + name: Opensuse 15 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: opensuse-15 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-3-ci-deps: + name: Photon OS 3 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-3 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-3-arm64-ci-deps: + name: Photon OS 3 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-3-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-4-ci-deps: + name: Photon OS 4 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-4 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-4-arm64-ci-deps: + name: Photon OS 4 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-4-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-5-ci-deps: + name: Photon OS 5 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-5 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-5-arm64-ci-deps: + name: Photon OS 5 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-5-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2004-ci-deps: + name: Ubuntu 20.04 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-20.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2004-arm64-ci-deps: + name: Ubuntu 20.04 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-20.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2204-ci-deps: + name: Ubuntu 22.04 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-22.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2204-arm64-ci-deps: + name: Ubuntu 22.04 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-22.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2-pkg-tests: + name: Amazon Linux 2 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - amazonlinux-2-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: amazonlinux-2 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + amazonlinux-2-arm64-pkg-tests: + name: Amazon Linux 2 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - amazonlinux-2-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: amazonlinux-2-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + amazonlinux-2023-pkg-tests: + name: Amazon Linux 2023 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - amazonlinux-2023-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: amazonlinux-2023 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + amazonlinux-2023-arm64-pkg-tests: + name: Amazon Linux 2023 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - amazonlinux-2023-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: amazonlinux-2023-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + centos-7-pkg-tests: + name: CentOS 7 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - centos-7-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: centos-7 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + centosstream-8-pkg-tests: + name: CentOS Stream 8 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - centosstream-8-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: centosstream-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + centosstream-9-pkg-tests: + name: CentOS Stream 9 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - centosstream-9-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: centosstream-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + centosstream-9-arm64-pkg-tests: + name: CentOS Stream 9 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - centosstream-9-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: centosstream-9-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-10-pkg-tests: + name: Debian 10 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-10-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-10 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-11-pkg-tests: + name: Debian 11 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-11-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-11 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-11-arm64-pkg-tests: + name: Debian 11 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-11-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-11-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-12-pkg-tests: + name: Debian 12 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-12-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-12 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-12-arm64-pkg-tests: + name: Debian 12 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-12-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-12-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + photonos-3-pkg-tests: + name: Photon OS 3 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-3-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-3 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + photonos-3-arm64-pkg-tests: + name: Photon OS 3 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-3-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-3-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + photonos-4-pkg-tests: + name: Photon OS 4 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-4-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-4 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + fips: true + + photonos-4-arm64-pkg-tests: + name: Photon OS 4 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-4-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-4-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + fips: true + + photonos-5-pkg-tests: + name: Photon OS 5 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-5-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-5 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + fips: true + + photonos-5-arm64-pkg-tests: + name: Photon OS 5 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-5-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-5-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + fips: true + + ubuntu-2004-pkg-tests: + name: Ubuntu 20.04 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - ubuntu-2004-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: ubuntu-20.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + ubuntu-2004-arm64-pkg-tests: + name: Ubuntu 20.04 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - ubuntu-2004-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: ubuntu-20.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + ubuntu-2204-pkg-tests: + name: Ubuntu 22.04 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - ubuntu-2204-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: ubuntu-22.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + ubuntu-2204-arm64-pkg-tests: + name: Ubuntu 22.04 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - ubuntu-2204-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: ubuntu-22.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + macos-12-pkg-tests: + name: macOS 12 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-macos-pkgs-onedir + - macos-12-ci-deps + uses: ./.github/workflows/test-packages-action-macos.yml + with: + distro-slug: macos-12 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: macos + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + macos-13-pkg-tests: + name: macOS 13 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-macos-pkgs-onedir + - macos-13-ci-deps + uses: ./.github/workflows/test-packages-action-macos.yml + with: + distro-slug: macos-13 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: macos + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + macos-13-xlarge-pkg-tests: + name: macOS 13 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-macos-pkgs-onedir + - macos-13-xlarge-ci-deps + uses: ./.github/workflows/test-packages-action-macos.yml + with: + distro-slug: macos-13-xlarge + nox-session: ci-test-onedir + platform: darwin + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: macos + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2016-nsis-pkg-tests: + name: Windows 2016 NSIS Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2016-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2016 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: NSIS + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2016-msi-pkg-tests: + name: Windows 2016 MSI Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2016-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2016 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: MSI + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2019-nsis-pkg-tests: + name: Windows 2019 NSIS Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2019-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2019 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: NSIS + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2019-msi-pkg-tests: + name: Windows 2019 MSI Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2019-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2019 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: MSI + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2022-nsis-pkg-tests: + name: Windows 2022 NSIS Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2022-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2022 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: NSIS + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2022-msi-pkg-tests: + name: Windows 2022 MSI Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2022-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2022 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: MSI + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2016: + name: Windows 2016 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - windows-2016-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: windows-2016 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 210 || 360 }} + + windows-2019: + name: Windows 2019 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - windows-2019-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: windows-2019 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 210 || 360 }} + + windows-2022: + name: Windows 2022 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - windows-2022-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: windows-2022 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 210 || 360 }} + + macos-12: + name: macOS 12 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - macos-12-ci-deps + uses: ./.github/workflows/test-action-macos.yml + with: + distro-slug: macos-12 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + macos-13: + name: macOS 13 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - macos-13-ci-deps + uses: ./.github/workflows/test-action-macos.yml + with: + distro-slug: macos-13 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + macos-13-xlarge: + name: macOS 13 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - macos-13-xlarge-ci-deps + uses: ./.github/workflows/test-action-macos.yml + with: + distro-slug: macos-13-xlarge + nox-session: ci-test-onedir + platform: darwin + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + almalinux-8: + name: Alma Linux 8 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - almalinux-8-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: almalinux-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + almalinux-9: + name: Alma Linux 9 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - almalinux-9-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: almalinux-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + amazonlinux-2: + name: Amazon Linux 2 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - amazonlinux-2-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: amazonlinux-2 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + amazonlinux-2-arm64: + name: Amazon Linux 2 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - amazonlinux-2-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: amazonlinux-2-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + amazonlinux-2023: + name: Amazon Linux 2023 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - amazonlinux-2023-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: amazonlinux-2023 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + amazonlinux-2023-arm64: + name: Amazon Linux 2023 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - amazonlinux-2023-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: amazonlinux-2023-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + archlinux-lts: + name: Arch Linux LTS Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - archlinux-lts-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: archlinux-lts + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + centos-7: + name: CentOS 7 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - centos-7-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: centos-7 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + centosstream-8: + name: CentOS Stream 8 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - centosstream-8-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: centosstream-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + centosstream-9: + name: CentOS Stream 9 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - centosstream-9-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: centosstream-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-10: + name: Debian 10 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-10-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-10 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-11: + name: Debian 11 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-11-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-11 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-11-arm64: + name: Debian 11 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-11-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-11-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-12: + name: Debian 12 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-12-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-12 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-12-arm64: + name: Debian 12 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-12-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-12-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + fedora-37: + name: Fedora 37 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - fedora-37-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: fedora-37 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + fedora-38: + name: Fedora 38 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - fedora-38-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: fedora-38 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + opensuse-15: + name: Opensuse 15 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - opensuse-15-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: opensuse-15 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + photonos-3: + name: Photon OS 3 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-3-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-3 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + photonos-3-arm64: + name: Photon OS 3 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-3-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-3-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + photonos-4: + name: Photon OS 4 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-4-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-4 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + fips: true + + photonos-4-arm64: + name: Photon OS 4 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-4-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-4-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + fips: true + + photonos-5: + name: Photon OS 5 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-5-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-5 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + fips: true + + photonos-5-arm64: + name: Photon OS 5 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-5-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-5-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + fips: true + + ubuntu-2004: + name: Ubuntu 20.04 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - ubuntu-2004-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: ubuntu-20.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + ubuntu-2004-arm64: + name: Ubuntu 20.04 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - ubuntu-2004-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: ubuntu-20.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + ubuntu-2204: + name: Ubuntu 22.04 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - ubuntu-2204-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: ubuntu-22.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + ubuntu-2204-arm64: + name: Ubuntu 22.04 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - ubuntu-2204-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: ubuntu-22.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: nightly + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + combine-all-code-coverage: + name: Combine Code Coverage + if: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] == false }} + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + needs: + - prepare-workflow + - windows-2016-ci-deps + - windows-2019-ci-deps + - windows-2022-ci-deps + - macos-12-ci-deps + - macos-13-ci-deps + - macos-13-xlarge-ci-deps + - almalinux-8-ci-deps + - almalinux-8-arm64-ci-deps + - almalinux-9-ci-deps + - almalinux-9-arm64-ci-deps + - amazonlinux-2-ci-deps + - amazonlinux-2-arm64-ci-deps + - amazonlinux-2023-ci-deps + - amazonlinux-2023-arm64-ci-deps + - archlinux-lts-ci-deps + - centos-7-ci-deps + - centos-7-arm64-ci-deps + - centosstream-8-ci-deps + - centosstream-8-arm64-ci-deps + - centosstream-9-ci-deps + - centosstream-9-arm64-ci-deps + - debian-10-ci-deps + - debian-11-ci-deps + - debian-11-arm64-ci-deps + - debian-12-ci-deps + - debian-12-arm64-ci-deps + - fedora-37-ci-deps + - fedora-37-arm64-ci-deps + - fedora-38-ci-deps + - fedora-38-arm64-ci-deps + - opensuse-15-ci-deps + - photonos-3-ci-deps + - photonos-3-arm64-ci-deps + - photonos-4-ci-deps + - photonos-4-arm64-ci-deps + - photonos-5-ci-deps + - photonos-5-arm64-ci-deps + - ubuntu-2004-ci-deps + - ubuntu-2004-arm64-ci-deps + - ubuntu-2204-ci-deps + - ubuntu-2204-arm64-ci-deps + - windows-2016 + - windows-2019 + - windows-2022 + - macos-12 + - macos-13 + - macos-13-xlarge + - almalinux-8 + - almalinux-9 + - amazonlinux-2 + - amazonlinux-2-arm64 + - amazonlinux-2023 + - amazonlinux-2023-arm64 + - archlinux-lts + - centos-7 + - centosstream-8 + - centosstream-9 + - debian-10 + - debian-11 + - debian-11-arm64 + - debian-12 + - debian-12-arm64 + - fedora-37 + - fedora-38 + - opensuse-15 + - photonos-3 + - photonos-3-arm64 + - photonos-4 + - photonos-4-arm64 + - photonos-5 + - photonos-5-arm64 + - ubuntu-2004 + - ubuntu-2004-arm64 + - ubuntu-2204 + - ubuntu-2204-arm64 + steps: + - uses: actions/checkout@v4 + + - name: Set up Python 3.10 + if: ${{ github.event.repository.private == false }} + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + id: python-tools-scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}-coverage + + - name: Install Nox + run: | + python3 -m pip install 'nox==2022.8.7' + + + + - name: Get coverage reports + id: get-coverage-reports + uses: actions/download-artifact@v3 + with: + name: all-testrun-coverage-artifacts + path: artifacts/coverage/ + + - name: Display structure of downloaded files + run: tree -a artifacts/ + + - name: Install Codecov CLI + run: | + # We can't yet use tokenless uploads with the codecov CLI + # python3 -m pip install codecov-cli + # + curl https://keybase.io/codecovsecurity/pgp_keys.asc | gpg --no-default-keyring --import + curl -Os https://uploader.codecov.io/latest/linux/codecov + curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM + curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM.sig + gpg --verify codecov.SHA256SUM.sig codecov.SHA256SUM + shasum -a 256 -c codecov.SHA256SUM + chmod +x codecov + mv ./codecov /usr/local/bin/ + + - name: Create XML Coverage Reports + run: | + nox --force-color -e create-xml-coverage-reports + + - name: Upload Code Coverage To Codecov + run: | + tools ci upload-coverage --commit-sha=${{ github.event.pull_request.head.sha || github.sha }} artifacts/coverage/ + + - name: Combine Code Coverage + run: | + nox --force-color -e combine-coverage + + - name: Report Salt Code Coverage + run: | + nox --force-color -e coverage-report -- salt + + - name: Create Salt Code Coverage HTML Report + run: | + nox --force-color -e create-html-coverage-report -- salt + + - name: Create Salt Code Coverage HTML Report + run: | + nox --force-color -e create-html-coverage-report -- salt + + - name: Upload Salt Code Coverage HTML Report + uses: actions/upload-artifact@v3 + with: + name: code-coverage-salt-html-report + path: artifacts/coverage/html/salt + retention-days: 7 + if-no-files-found: error + + - name: Report Combined Code Coverage + run: | + nox --force-color -e coverage-report + + - name: Create Combined Code Coverage JSON Report + run: | + nox --force-color -e create-json-coverage-reports + + - name: Upload Combined Code Coverage JSON Report + uses: actions/upload-artifact@v3 + with: + name: code-coverage-full-json-report + path: artifacts/coverage/coverage.json + retention-days: 7 + if-no-files-found: error + + - name: Create Combined Code Coverage HTML Report + run: | + nox --force-color -e create-html-coverage-report + + - name: Upload Combined Code Coverage HTML Report + uses: actions/upload-artifact@v3 + with: + name: code-coverage-full-html-report + path: artifacts/coverage/html/full + retention-days: 7 + if-no-files-found: error + + build-src-repo: + name: Build Repository + environment: nightly + runs-on: + - self-hosted + - linux + - repo-nightly + needs: + - prepare-workflow + - build-source-tarball + strategy: + fail-fast: false + matrix: + pkg-type: + - src + + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download Source Tarball + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + run: | + tools pkg repo create src --key-id=64CBBC8173D76B3F --nightly-build-from=${{ github.ref_name }} \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Copy Files For Source Only Artifact Uploads + run: | + mkdir artifacts/src + find artifacts/pkgs/repo -type f -print -exec cp {} artifacts/src \; + + - name: Upload Standalone Repository As An Artifact + uses: actions/upload-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-nightly-src-repo + path: | + artifacts/src/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz + artifacts/src/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz.* + artifacts/src/*-GPG-* + retention-days: 7 + if-no-files-found: error + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-nightly-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: src-repo + + build-deb-repo: + name: Build Repository + environment: nightly + runs-on: + - self-hosted + - linux + - repo-nightly + needs: + - prepare-workflow + - build-deb-pkgs-onedir + strategy: + fail-fast: false + matrix: + include: + - pkg-type: deb + distro: debian + version: "10" + arch: x86_64 + - pkg-type: deb + distro: debian + version: "10" + arch: aarch64 + - pkg-type: deb + distro: debian + version: "11" + arch: x86_64 + - pkg-type: deb + distro: debian + version: "11" + arch: aarch64 + - pkg-type: deb + distro: debian + version: "12" + arch: x86_64 + - pkg-type: deb + distro: debian + version: "12" + arch: aarch64 + - pkg-type: deb + distro: ubuntu + version: "20.04" + arch: x86_64 + - pkg-type: deb + distro: ubuntu + version: "20.04" + arch: aarch64 + - pkg-type: deb + distro: ubuntu + version: "22.04" + arch: x86_64 + - pkg-type: deb + distro: ubuntu + version: "22.04" + arch: aarch64 + + steps: + - uses: actions/checkout@v4 + + - name: Download System Dependencies + run: | + sudo apt update + sudo apt install -y devscripts apt-utils + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download DEB Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-${{ matrix.arch }}-deb + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + run: | + tools pkg repo create deb --key-id=64CBBC8173D76B3F --distro-arch=${{ matrix.arch }} --nightly-build-from=${{ github.ref_name }} \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --distro=${{ matrix.distro }} --distro-version=${{ matrix.version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-nightly-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: ${{ matrix.distro }}-${{ matrix.version }}-${{ matrix.arch }}-repo + + build-rpm-repo: + name: Build Repository + environment: nightly + runs-on: + - self-hosted + - linux + - repo-nightly + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + strategy: + fail-fast: false + matrix: + include: + - pkg-type: rpm + distro: amazon + version: "2" + arch: x86_64 + - pkg-type: rpm + distro: amazon + version: "2" + arch: arm64 + - pkg-type: rpm + distro: amazon + version: "2" + arch: aarch64 + - pkg-type: rpm + distro: amazon + version: "2023" + arch: x86_64 + - pkg-type: rpm + distro: amazon + version: "2023" + arch: arm64 + - pkg-type: rpm + distro: amazon + version: "2023" + arch: aarch64 + - pkg-type: rpm + distro: redhat + version: "7" + arch: x86_64 + - pkg-type: rpm + distro: redhat + version: "7" + arch: arm64 + - pkg-type: rpm + distro: redhat + version: "7" + arch: aarch64 + - pkg-type: rpm + distro: redhat + version: "8" + arch: x86_64 + - pkg-type: rpm + distro: redhat + version: "8" + arch: arm64 + - pkg-type: rpm + distro: redhat + version: "8" + arch: aarch64 + - pkg-type: rpm + distro: redhat + version: "9" + arch: x86_64 + - pkg-type: rpm + distro: redhat + version: "9" + arch: arm64 + - pkg-type: rpm + distro: redhat + version: "9" + arch: aarch64 + - pkg-type: rpm + distro: fedora + version: "36" + arch: x86_64 + - pkg-type: rpm + distro: fedora + version: "36" + arch: arm64 + - pkg-type: rpm + distro: fedora + version: "36" + arch: aarch64 + - pkg-type: rpm + distro: fedora + version: "37" + arch: x86_64 + - pkg-type: rpm + distro: fedora + version: "37" + arch: arm64 + - pkg-type: rpm + distro: fedora + version: "37" + arch: aarch64 + - pkg-type: rpm + distro: fedora + version: "38" + arch: x86_64 + - pkg-type: rpm + distro: fedora + version: "38" + arch: arm64 + - pkg-type: rpm + distro: fedora + version: "38" + arch: aarch64 + - pkg-type: rpm + distro: photon + version: "3" + arch: x86_64 + - pkg-type: rpm + distro: photon + version: "3" + arch: arm64 + - pkg-type: rpm + distro: photon + version: "3" + arch: aarch64 + - pkg-type: rpm + distro: photon + version: "4" + arch: x86_64 + - pkg-type: rpm + distro: photon + version: "4" + arch: arm64 + - pkg-type: rpm + distro: photon + version: "4" + arch: aarch64 + - pkg-type: rpm + distro: photon + version: "5" + arch: x86_64 + - pkg-type: rpm + distro: photon + version: "5" + arch: arm64 + - pkg-type: rpm + distro: photon + version: "5" + arch: aarch64 + + steps: + - uses: actions/checkout@v4 + + - name: Download System Dependencies + run: | + sudo apt update + sudo apt install -y rpm + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download RPM Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-${{ matrix.arch == 'arm64' && 'aarch64' || matrix.arch }}-rpm + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + env: + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + run: | + tools pkg repo create rpm --key-id=64CBBC8173D76B3F --distro-arch=${{ matrix.arch }} --nightly-build-from=${{ github.ref_name }} \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --distro=${{ matrix.distro }} --distro-version=${{ matrix.version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-nightly-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: ${{ matrix.distro }}-${{ matrix.version }}-${{ matrix.arch }}-repo + + build-windows-repo: + name: Build Repository + environment: nightly + runs-on: + - self-hosted + - linux + - repo-nightly + needs: + - prepare-workflow + - build-windows-pkgs-onedir + strategy: + fail-fast: false + matrix: + pkg-type: + - windows + + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download Windows NSIS x86 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-x86-NSIS + path: artifacts/pkgs/incoming + + - name: Download Windows MSI x86 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-x86-MSI + path: artifacts/pkgs/incoming + + - name: Download Windows NSIS amd64 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-amd64-NSIS + path: artifacts/pkgs/incoming + + - name: Download Windows MSI amd64 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-amd64-MSI + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + run: | + tools pkg repo create windows --key-id=64CBBC8173D76B3F --nightly-build-from=${{ github.ref_name }} \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-nightly-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: windows-repo + + build-macos-repo: + name: Build Repository + environment: nightly + runs-on: + - self-hosted + - linux + - repo-nightly + needs: + - prepare-workflow + - build-macos-pkgs-onedir + strategy: + fail-fast: false + matrix: + pkg-type: + - macos + + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download macOS x86_64 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-x86_64-macos + path: artifacts/pkgs/incoming + + - name: Download macOS Arch64 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-aarch64-macos + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + run: | + tools pkg repo create macos --key-id=64CBBC8173D76B3F --nightly-build-from=${{ github.ref_name }} \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-nightly-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: macos-repo + + build-onedir-repo: + name: Build Repository + environment: nightly + runs-on: + - self-hosted + - linux + - repo-nightly + needs: + - prepare-workflow + - build-salt-onedir-linux + - build-salt-onedir-macos + - build-salt-onedir-windows + strategy: + fail-fast: false + matrix: + pkg-type: + - onedir + + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download Linux x86_64 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-linux-x86_64.tar.xz + path: artifacts/pkgs/incoming + + - name: Download Linux aarch64 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-linux-aarch64.tar.xz + path: artifacts/pkgs/incoming + + - name: Download macOS x86_64 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-darwin-x86_64.tar.xz + path: artifacts/pkgs/incoming + + - name: Download macOS arm64 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-darwin-aarch64.tar.xz + path: artifacts/pkgs/incoming + + - name: Download Windows amd64 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-windows-amd64.tar.xz + path: artifacts/pkgs/incoming + + - name: Download Windows amd64 Onedir Archive(zip) + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-windows-amd64.zip + path: artifacts/pkgs/incoming + + - name: Download Windows x86 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-windows-x86.tar.xz + path: artifacts/pkgs/incoming + + - name: Download Windows amd64 Onedir Archive(zip) + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-windows-x86.zip + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + run: | + tools pkg repo create onedir --key-id=64CBBC8173D76B3F --nightly-build-from=${{ github.ref_name }} \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-nightly-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: onedir-repo + + publish-repositories: + name: Publish Repositories + if: ${{ always() && ! failure() && ! cancelled() }} + runs-on: + - self-hosted + - linux + - repo-nightly + environment: nightly + needs: + - prepare-workflow + - build-src-repo + - build-deb-repo + - build-rpm-repo + - build-windows-repo + - build-macos-repo + - build-onedir-repo + - windows-2016-ci-deps + - windows-2019-ci-deps + - windows-2022-ci-deps + - macos-12-ci-deps + - macos-13-ci-deps + - macos-13-xlarge-ci-deps + - almalinux-8-ci-deps + - almalinux-8-arm64-ci-deps + - almalinux-9-ci-deps + - almalinux-9-arm64-ci-deps + - amazonlinux-2-ci-deps + - amazonlinux-2-arm64-ci-deps + - amazonlinux-2023-ci-deps + - amazonlinux-2023-arm64-ci-deps + - archlinux-lts-ci-deps + - centos-7-ci-deps + - centos-7-arm64-ci-deps + - centosstream-8-ci-deps + - centosstream-8-arm64-ci-deps + - centosstream-9-ci-deps + - centosstream-9-arm64-ci-deps + - debian-10-ci-deps + - debian-11-ci-deps + - debian-11-arm64-ci-deps + - debian-12-ci-deps + - debian-12-arm64-ci-deps + - fedora-37-ci-deps + - fedora-37-arm64-ci-deps + - fedora-38-ci-deps + - fedora-38-arm64-ci-deps + - opensuse-15-ci-deps + - photonos-3-ci-deps + - photonos-3-arm64-ci-deps + - photonos-4-ci-deps + - photonos-4-arm64-ci-deps + - photonos-5-ci-deps + - photonos-5-arm64-ci-deps + - ubuntu-2004-ci-deps + - ubuntu-2004-arm64-ci-deps + - ubuntu-2204-ci-deps + - ubuntu-2204-arm64-ci-deps + - windows-2016 + - windows-2019 + - windows-2022 + - macos-12 + - macos-13 + - macos-13-xlarge + - almalinux-8 + - almalinux-9 + - amazonlinux-2 + - amazonlinux-2-arm64 + - amazonlinux-2023 + - amazonlinux-2023-arm64 + - archlinux-lts + - centos-7 + - centosstream-8 + - centosstream-9 + - debian-10 + - debian-11 + - debian-11-arm64 + - debian-12 + - debian-12-arm64 + - fedora-37 + - fedora-38 + - opensuse-15 + - photonos-3 + - photonos-3-arm64 + - photonos-4 + - photonos-4-arm64 + - photonos-5 + - photonos-5-arm64 + - ubuntu-2004 + - ubuntu-2004-arm64 + - ubuntu-2204 + - ubuntu-2204-arm64 + + steps: + - uses: actions/checkout@v4 + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Download Repository Artifact + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-nightly-repo + path: repo/ + + - name: Decompress Repository Artifacts + run: | + find repo/ -type f -name '*.tar.gz' -print -exec tar xvf {} \; + find repo/ -type f -name '*.tar.gz' -print -exec rm -f {} \; + + - name: Show Repository + run: | + tree -a artifacts/pkgs/repo/ + + - name: Upload Repository Contents (nightly) + env: + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + run: | + tools pkg repo publish nightly --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} artifacts/pkgs/repo/ + + set-pipeline-exit-status: + # This step is just so we can make github require this step, to pass checks + # on a pull request instead of requiring all + name: Set the ${{ github.workflow }} Pipeline Exit Status + if: always() + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + environment: nightly + needs: + - workflow-requirements + - trigger-branch-nightly-builds + - prepare-workflow + - pre-commit + - lint + - build-docs + - build-deps-onedir-linux + - build-deps-onedir-windows + - build-deps-onedir-macos + - build-salt-onedir-linux + - build-salt-onedir-windows + - build-salt-onedir-macos + - build-rpm-pkgs-src + - build-deb-pkgs-src + - build-windows-pkgs-src + - build-macos-pkgs-src + - combine-all-code-coverage + - publish-repositories + - amazonlinux-2-pkg-tests + - amazonlinux-2-arm64-pkg-tests + - amazonlinux-2023-pkg-tests + - amazonlinux-2023-arm64-pkg-tests + - centos-7-pkg-tests + - centosstream-8-pkg-tests + - centosstream-9-pkg-tests + - centosstream-9-arm64-pkg-tests + - debian-10-pkg-tests + - debian-11-pkg-tests + - debian-11-arm64-pkg-tests + - debian-12-pkg-tests + - debian-12-arm64-pkg-tests + - photonos-3-pkg-tests + - photonos-3-arm64-pkg-tests + - photonos-4-pkg-tests + - photonos-4-arm64-pkg-tests + - photonos-5-pkg-tests + - photonos-5-arm64-pkg-tests + - ubuntu-2004-pkg-tests + - ubuntu-2004-arm64-pkg-tests + - ubuntu-2204-pkg-tests + - ubuntu-2204-arm64-pkg-tests + - macos-12-pkg-tests + - macos-13-pkg-tests + - macos-13-xlarge-pkg-tests + - windows-2016-nsis-pkg-tests + - windows-2016-msi-pkg-tests + - windows-2019-nsis-pkg-tests + - windows-2019-msi-pkg-tests + - windows-2022-nsis-pkg-tests + - windows-2022-msi-pkg-tests + steps: + - name: Get workflow information + id: get-workflow-info + uses: technote-space/workflow-conclusion-action@v3 + + - name: Notify Slack + id: slack + if: always() + uses: slackapi/slack-github-action@v1.24.0 + with: + payload: | + { + "attachments": [ + { + "fallback": "${{ github.workflow }} Workflow build result for the `${{ github.ref_name }}` branch(attempt: ${{ github.run_attempt }}): `${{ steps.get-workflow-info.outputs.conclusion }}`\n${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", + "color": "${{ steps.get-workflow-info.outputs.conclusion != 'success' && 'ff3d00' || '00e676' }}", + "fields": [ + { + "title": "Workflow", + "short": true, + "value": "${{ github.workflow }}", + "type": "mrkdwn" + }, + { + "title": "Workflow Run", + "short": true, + "value": "<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|${{ github.run_id }}>", + "type": "mrkdwn" + }, + { + "title": "Branch", + "short": true, + "value": "${{ github.ref_name }}", + "type": "mrkdwn" + }, + { + "title": "Commit", + "short": true, + "value": "<${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }}|${{ github.sha }}>", + "type": "mrkdwn" + }, + { + "title": "Attempt", + "short": true, + "value": "${{ github.run_attempt }}", + "type": "mrkdwn" + }, + { + "title": "Status", + "short": true, + "value": "${{ steps.get-workflow-info.outputs.conclusion }}", + "type": "mrkdwn" + } + ], + "author_name": "${{ github.event.sender.login }}", + "author_link": "${{ github.event.sender.html_url }}", + "author_icon": "${{ github.event.sender.avatar_url }}" + } + ] + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + + - name: Set Pipeline Exit Status + shell: bash + run: | + if [ "${{ steps.get-workflow-info.outputs.conclusion }}" != "success" ]; then + exit 1 + else + exit 0 + fi + + - name: Done + if: always() + run: + echo "All worflows finished" diff --git a/.github/workflows/pre-commit-action.yml b/.github/workflows/pre-commit-action.yml new file mode 100644 index 00000000..50b255b6 --- /dev/null +++ b/.github/workflows/pre-commit-action.yml @@ -0,0 +1,73 @@ +--- +name: Pre-Commit + +on: + workflow_call: + inputs: + changed-files: + required: true + type: string + description: JSON string containing information about changed files + pre-commit-version: + required: true + type: string + description: The pre-commit version to install + cache-seed: + required: true + type: string + description: Seed used to invalidate caches + +jobs: + Pre-Commit: + name: Run Pre-Commit Against Salt + + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + + container: + image: ghcr.io/saltstack/salt-ci-containers/python:3.10 + + env: + PRE_COMMIT_COLOR: always + + steps: + + - name: Install System Deps + run: | + apt-get update + apt-get install -y wget curl enchant-2 git gcc make zlib1g-dev libc-dev libffi-dev g++ libxml2 libxml2-dev libxslt-dev libcurl4-openssl-dev libssl-dev libgnutls28-dev rustc + + - name: Add Git Safe Directory + run: | + git config --global --add safe.directory "$(pwd)" + + - uses: actions/checkout@v4 + - uses: ./.github/actions/setup-actionlint + with: + cache-seed: ${{ inputs.cache-seed }} + - uses: ./.github/actions/setup-shellcheck + with: + cache-seed: ${{ inputs.cache-seed }} + - uses: ./.github/actions/setup-pre-commit + with: + version: ${{ inputs.pre-commit-version }} + cache-seed: ${{ inputs.cache-seed }} + + - name: Check ALL Files On Branch + if: github.event_name != 'pull_request' + env: + SKIP: lint-salt,lint-tests,remove-import-headers,pyupgrade + run: | + pre-commit run --show-diff-on-failure --color=always --all-files + + - name: Check Changed Files On PR + if: github.event_name == 'pull_request' && fromJSON(inputs.changed-files)['repo'] + env: + SKIP: lint-salt,lint-tests + GH_ACTIONS_ANNOTATE: "1" + run: | + pre-commit run --show-diff-on-failure --color=always --files ${{ join(fromJSON(inputs.changed-files)['repo_files'], ' ') }} + + - name: Check Docs On Deleted Files + if: github.event_name == 'pull_request' && fromJSON(inputs.changed-files)['deleted'] + run: | + pre-commit run --show-diff-on-failure --color=always check-docs --files ${{ join(fromJSON(inputs.changed-files)['deleted_files'], ' ') }} diff --git a/.github/workflows/release-tag.yml b/.github/workflows/release-tag.yml new file mode 100644 index 00000000..2908fd96 --- /dev/null +++ b/.github/workflows/release-tag.yml @@ -0,0 +1,83 @@ +--- +name: Generate Tag and Github Release + +on: + workflow_dispatch: + inputs: + saltVersion: + description: 'Salt Version' + required: true + saltRepo: + description: 'Salt Repo' + default: saltstack/salt + saltBranch: + description: 'Salt Branch' + default: freeze + reTag: + description: 'Re Tag (Deletes tag and release)' + default: false + + +env: + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + + +permissions: + contents: read + +jobs: + GenerateTagRelease: + permissions: + contents: write # for dev-drprasad/delete-tag-and-release to delete tags or releases + name: Generate Tag and Github Release + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + steps: + - uses: dev-drprasad/delete-tag-and-release@v0.2.0 + if: github.event.inputs.reTag == 'true' + with: + delete_release: true # default: false + tag_name: v${{ github.event.inputs.saltVersion }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - uses: actions/checkout@v4 + with: + repository: ${{ github.event.inputs.saltRepo }} + ref: ${{ github.event.inputs.saltBranch }} + - name: Bump version and push tag + id: tag_version + uses: mathieudutour/github-tag-action@v5.6 + with: + create_annotated_tag: True + github_token: ${{ secrets.GITHUB_TOKEN }} + custom_tag: ${{ github.event.inputs.saltVersion }} + + - name: Set up Python 3.8 + uses: actions/setup-python@v4 + with: + python-version: 3.8 + + - uses: actions/checkout@v4 + - name: Install pypa/build + run: | + python -m pip install build --user + - name: Build a binary wheel and a source tarball + run: | + git fetch --tags origin + git checkout v${{ github.event.inputs.saltVersion }} + chmod 700 conf/cloud.*.d + chmod 600 conf/cloud + chmod 600 conf/cloud.profiles + chmod 600 conf/cloud.providers + python3 setup.py --ssh-packaging sdist + python -m build --sdist --outdir dist/ . + - name: Create a GitHub release + uses: ncipollo/release-action@v1 + with: + tag: ${{ steps.tag_version.outputs.new_tag }} + name: Release ${{ steps.tag_version.outputs.new_tag }} + body: | + WARNING: The tarball generated by GitHub will not have the correct version information when using a version not ending in .0 . Please use the tarball generated by SaltStack instead. See issue #41847 for more information. + Official Salt packages can be found at https://repo.saltproject.io/ + artifacts: dist/salt*.tar.gz diff --git a/.github/workflows/release-update-winrepo.yml b/.github/workflows/release-update-winrepo.yml new file mode 100644 index 00000000..417d0e6c --- /dev/null +++ b/.github/workflows/release-update-winrepo.yml @@ -0,0 +1,71 @@ +--- +name: Update Winrepo + +on: + release: + types: [released] + workflow_dispatch: + inputs: + salt-version: + type: string + required: true + description: > + The Salt version to set prior to building packages and staging the release. + (DO NOT prefix the version with a v, ie, 3006.0 NOT v3006.0). + +permissions: + contents: read + +jobs: + update-winrepo: + name: Update Winrepo + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + steps: + + - name: Checkout Salt + uses: actions/checkout@v4 + with: + path: salt + + - name: Checkout WinRepo + uses: actions/checkout@v4 + with: + path: winrepo + repository: saltstack/salt-winrepo-ng + + - name: Set Up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Add Version to Minion Definition File + working-directory: salt + run: | + python .github/workflows/scripts/update_winrepo.py \ + --file ../winrepo/salt-minion.sls \ + --version ${{ inputs.salt-version || github.ref_name }} + + - name: Commit Changes + working-directory: winrepo + run: | + git status + git add . + git config user.name 'saltbot-open' + git config user.email 'saltbot-open@users.noreply.github.com' + git commit -m "Adding salt minion ${{ inputs.salt-version && format('v{0}', inputs.salt-version) || github.ref_name }}" + + - name: Create Pull Request + id: cpr + uses: peter-evans/create-pull-request@v5 + with: + path: winrepo + push-to-fork: saltbot-open/salt-winrepo-ng + token: ${{ secrets.SALTBOT_OPEN_SALT_WINREPO_NG }} + +# - name: Enable Pull Request Automerge +# if: steps.cpr.outputs.pull-request-operation == 'created' +# uses: peter-evans/enable-pull-request-automerge@v2 +# with: +# token: ${{ secrets.SALTBOT_OPEN_SALT_WINREPO_NG }} +# pull-request-number: ${{ steps.cpr.outputs.pull-request-number }} +# merge-method: squash diff --git a/.github/workflows/release-upload-virustotal.yml b/.github/workflows/release-upload-virustotal.yml new file mode 100644 index 00000000..da13d83c --- /dev/null +++ b/.github/workflows/release-upload-virustotal.yml @@ -0,0 +1,53 @@ +--- +name: Upload VirusTotal + +on: + release: + types: [released] + workflow_dispatch: + inputs: + salt-version: + type: string + required: true + description: > + The Salt version to get from staging to upload to VirusTotal. + (DO NOT prefix the version with a v, ie, 3006.0 NOT v3006.0). + +permissions: + contents: read + +env: + COLUMNS: 190 + AWS_MAX_ATTEMPTS: "10" + AWS_RETRY_MODE: "adaptive" + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + upload-virustotal: + name: Upload VirusTotal + environment: release + runs-on: + - self-hosted + - linux + - repo-release + steps: + + - name: Checkout Salt + uses: actions/checkout@v4 + + - name: Set Up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: virus-total + + - name: Upload to VirusTotal + env: + VIRUSTOTAL_API_KEY: ${{ secrets.VIRUSTOTAL_API_KEY }} + run: | + tools release upload-virustotal ${{ inputs.salt-version || github.ref_name }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..fd6cbda5 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,1192 @@ +# Do not edit these workflows directly as the changes made will be overwritten. +# Instead, edit the template '.github/workflows/templates/release.yml.jinja' +--- + +name: Release +run-name: "Release (branch: ${{ github.ref_name }}; version: ${{ inputs.salt-version }})" + +on: + workflow_dispatch: + inputs: + salt-version: + type: string + required: true + description: > + The Salt version to get from staging to publish the release. + (DO NOT prefix the version with a v, ie, 3006.0 NOT v3006.0). + skip-salt-pkg-download-test-suite: + type: boolean + default: false + description: Skip running the Salt packages download test suite. + +env: + COLUMNS: 190 + CACHE_SEED: SEED-2 # Bump the number to invalidate all caches + RELENV_DATA: "${{ github.workspace }}/.relenv" + +permissions: + contents: write # To be able to publish the release + +concurrency: + group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.repository }} + cancel-in-progress: false + +jobs: + + check-requirements: + name: Check Requirements + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + environment: release-check + steps: + - name: Check For Admin Permission + uses: actions-cool/check-user-permission@v2 + with: + require: admin + username: ${{ github.triggering_actor }} + + prepare-workflow: + name: Prepare Workflow Run + runs-on: + - self-hosted + - linux + - repo-release + environment: release + needs: + - check-requirements + outputs: + salt-version: ${{ steps.setup-salt-version.outputs.salt-version }} + cache-seed: ${{ steps.set-cache-seed.outputs.cache-seed }} + latest-release: ${{ steps.get-salt-releases.outputs.latest-release }} + releases: ${{ steps.get-salt-releases.outputs.releases }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Full clone to also get the tags to get the right salt version + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ env.CACHE_SEED }} + + - name: Pretty Print The GH Actions Event + run: + tools ci print-gh-event + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ inputs.salt-version }}" + validate-version: true + + - name: Check Existing Releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools pkg repo confirm-unreleased --repository ${{ github.repository }} ${{ steps.setup-salt-version.outputs.salt-version }} + if [ "${{ github.event.repository.private }}" = "true" ]; then + tools pkg repo confirm-unreleased --repository saltstack/salt ${{ steps.setup-salt-version.outputs.salt-version }} + fi + + - name: Check Release Staged + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools pkg repo confirm-staged --repository ${{ github.repository }} ${{ steps.setup-salt-version.outputs.salt-version }} + + - name: Get Salt Releases + id: get-salt-releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools ci get-releases + + - name: Check Salt Releases + run: | + echo '${{ steps.get-salt-releases.outputs.latest-release }}' | jq -C '.' + echo '${{ steps.get-salt-releases.outputs.releases }}' | jq -C '.' + + - name: Set Cache Seed Output + id: set-cache-seed + run: | + tools ci define-cache-seed ${{ env.CACHE_SEED }} + + download-onedir-artifact: + name: Download Staging Onedir Artifact + runs-on: + - self-hosted + - linux + - repo-release + environment: release + needs: + - prepare-workflow + strategy: + fail-fast: false + matrix: + include: + - platform: linux + arch: x86_64 + - platform: linux + arch: aarch64 + - platform: windows + arch: amd64 + - platform: windows + arch: x86 + - platform: darwin + arch: x86_64 + - platform: darwin + arch: aarch64 + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download Onedir Tarball Artifact + run: | + tools release download-onedir-artifact --platform=${{ matrix.platform }} --arch=${{ matrix.arch }} ${{ inputs.salt-version }} + + - name: Upload Onedir Tarball as an Artifact + uses: actions/upload-artifact@v3 + with: + name: salt-${{ inputs.salt-version }}-onedir-${{ matrix.platform }}-${{ matrix.arch }}.tar.xz + path: artifacts/salt-${{ inputs.salt-version }}-onedir-${{ matrix.platform }}-${{ matrix.arch }}.tar.xz* + retention-days: 7 + if-no-files-found: error + + windows-2016-ci-deps: + name: Windows 2016 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: windows-2016 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + windows-2019-ci-deps: + name: Windows 2019 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: windows-2019 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + windows-2022-ci-deps: + name: Windows 2022 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: windows-2022 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + macos-12-ci-deps: + name: macOS 12 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action-macos.yml + with: + distro-slug: macos-12 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + macos-13-ci-deps: + name: macOS 13 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action-macos.yml + with: + distro-slug: macos-13 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + macos-13-xlarge-ci-deps: + name: macOS 13 Arm64 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action-macos.yml + with: + distro-slug: macos-13-xlarge + nox-session: ci-test-onedir + platform: darwin + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-8-ci-deps: + name: Alma Linux 8 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-8-arm64-ci-deps: + name: Alma Linux 8 Arm64 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-8-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-9-ci-deps: + name: Alma Linux 9 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-9-arm64-ci-deps: + name: Alma Linux 9 Arm64 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-9-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2-ci-deps: + name: Amazon Linux 2 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2-arm64-ci-deps: + name: Amazon Linux 2 Arm64 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2023-ci-deps: + name: Amazon Linux 2023 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2023 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2023-arm64-ci-deps: + name: Amazon Linux 2023 Arm64 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2023-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + archlinux-lts-ci-deps: + name: Arch Linux LTS Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: archlinux-lts + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centos-7-ci-deps: + name: CentOS 7 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centos-7 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centos-7-arm64-ci-deps: + name: CentOS 7 Arm64 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centos-7-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-8-ci-deps: + name: CentOS Stream 8 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-8-arm64-ci-deps: + name: CentOS Stream 8 Arm64 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-8-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-9-ci-deps: + name: CentOS Stream 9 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-9-arm64-ci-deps: + name: CentOS Stream 9 Arm64 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-9-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-10-ci-deps: + name: Debian 10 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-10 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-11-ci-deps: + name: Debian 11 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-11 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-11-arm64-ci-deps: + name: Debian 11 Arm64 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-11-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-12-ci-deps: + name: Debian 12 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-12 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-12-arm64-ci-deps: + name: Debian 12 Arm64 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-12-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-37-ci-deps: + name: Fedora 37 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-37 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-37-arm64-ci-deps: + name: Fedora 37 Arm64 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-37-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-38-ci-deps: + name: Fedora 38 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-38 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-38-arm64-ci-deps: + name: Fedora 38 Arm64 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-38-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + opensuse-15-ci-deps: + name: Opensuse 15 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: opensuse-15 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-3-ci-deps: + name: Photon OS 3 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-3 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-3-arm64-ci-deps: + name: Photon OS 3 Arm64 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-3-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-4-ci-deps: + name: Photon OS 4 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-4 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-4-arm64-ci-deps: + name: Photon OS 4 Arm64 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-4-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-5-ci-deps: + name: Photon OS 5 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-5 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-5-arm64-ci-deps: + name: Photon OS 5 Arm64 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-5-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2004-ci-deps: + name: Ubuntu 20.04 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-20.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2004-arm64-ci-deps: + name: Ubuntu 20.04 Arm64 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-20.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2204-ci-deps: + name: Ubuntu 22.04 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-22.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2204-arm64-ci-deps: + name: Ubuntu 22.04 Arm64 Deps + needs: + - prepare-workflow + - download-onedir-artifact + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-22.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + backup: + name: Backup + runs-on: + - self-hosted + - linux + - repo-release + needs: + - prepare-workflow + environment: release + outputs: + backup-complete: ${{ steps.backup.outputs.backup-complete }} + + steps: + - name: Clone The Salt Repository + uses: actions/checkout@v4 + + - name: Setup Rclone + uses: AnimMouse/setup-rclone@v1 + with: + version: v1.61.1 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Backup Previous Releases + id: backup + run: | + tools pkg repo backup-previous-releases + + publish-repositories: + name: Publish Repositories + runs-on: + - self-hosted + - linux + - repo-release + needs: + - prepare-workflow + - backup + - download-onedir-artifact + environment: release + + steps: + - name: Clone The Salt Repository + uses: actions/checkout@v4 + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Publish Release Repository + env: + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + run: | + tools pkg repo publish release ${{ needs.prepare-workflow.outputs.salt-version }} + + pkg-download-tests: + name: Package Downloads + if: ${{ inputs.skip-salt-pkg-download-test-suite == false }} + needs: + - prepare-workflow + - publish-repositories + - almalinux-8-arm64-ci-deps + - almalinux-8-ci-deps + - almalinux-9-arm64-ci-deps + - almalinux-9-ci-deps + - amazonlinux-2-arm64-ci-deps + - amazonlinux-2-ci-deps + - amazonlinux-2023-arm64-ci-deps + - amazonlinux-2023-ci-deps + - centos-7-arm64-ci-deps + - centos-7-ci-deps + - centosstream-8-arm64-ci-deps + - centosstream-8-ci-deps + - centosstream-9-arm64-ci-deps + - centosstream-9-ci-deps + - debian-10-ci-deps + - debian-11-arm64-ci-deps + - debian-11-ci-deps + - debian-12-arm64-ci-deps + - debian-12-ci-deps + - fedora-37-arm64-ci-deps + - fedora-37-ci-deps + - fedora-38-arm64-ci-deps + - fedora-38-ci-deps + - macos-12-ci-deps + - macos-13-ci-deps + - macos-13-xlarge-ci-deps + - photonos-3-arm64-ci-deps + - photonos-3-ci-deps + - photonos-4-arm64-ci-deps + - photonos-4-ci-deps + - photonos-5-arm64-ci-deps + - photonos-5-ci-deps + - ubuntu-2004-arm64-ci-deps + - ubuntu-2004-ci-deps + - ubuntu-2204-arm64-ci-deps + - ubuntu-2204-ci-deps + - windows-2022-ci-deps + - download-onedir-artifact + uses: ./.github/workflows/test-package-downloads-action.yml + with: + nox-session: ci-test-onedir + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + environment: release + nox-version: 2022.8.7 + python-version: "3.10" + skip-code-coverage: true + latest-release: "${{ needs.prepare-workflow.outputs.latest-release }}" + secrets: inherit + + release: + name: Release v${{ needs.prepare-workflow.outputs.salt-version }} + if: ${{ always() && ! failure() && ! cancelled() }} + runs-on: + - self-hosted + - linux + - repo-release + needs: + - prepare-workflow + - backup + - publish-repositories + - pkg-download-tests + environment: release + steps: + - name: Clone The Salt Repository + uses: actions/checkout@v4 + with: + ssh-key: ${{ secrets.GHA_SSH_KEY }} + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + id: get-secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Prepare Release + id: prepare-release + run: | + tools pkg repo publish github --repository ${{ github.repository }} --key-id=64CBBC8173D76B3F ${{ needs.prepare-workflow.outputs.salt-version }} + + - name: Configure Git + shell: bash + run: | + git config --global --add safe.directory "$(pwd)" + git config --global user.name "Salt Project Packaging" + git config --global user.email saltproject-packaging@vmware.com + git config --global user.signingkey 64CBBC8173D76B3F + git config --global commit.gpgsign true + + - name: Apply The Release Patch + run: | + git am --committer-date-is-author-date release-artifacts/salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + rm release-artifacts/salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + + - name: Tag The v${{ needs.prepare-workflow.outputs.salt-version }} Release + run: | + git tag -m "Release v${{ needs.prepare-workflow.outputs.salt-version }}" -as v${{ needs.prepare-workflow.outputs.salt-version }} + + - name: Push Changes + uses: ad-m/github-push-action@b87afee92c6e70ea888be6203a3e9426fda49839 + with: + ssh: true + tags: true + atomic: true + branch: ${{ github.ref }} + + - name: Create Github Release + uses: ncipollo/release-action@v1.12.0 + with: + artifactErrorsFailBuild: true + artifacts: ${{ steps.prepare-release.outputs.release-artifacts }} + bodyFile: ${{ steps.prepare-release.outputs.release-messsage-file }} + draft: false + generateReleaseNotes: false + makeLatest: fromJSON(${{ steps.prepare-release.outputs.make-latest }}) + name: v${{ needs.prepare-workflow.outputs.salt-version }} + prerelease: ${{ contains(needs.prepare-workflow.outputs.salt-version, 'rc') }} + removeArtifacts: true + replacesArtifacts: true + tag: v${{ needs.prepare-workflow.outputs.salt-version }} + + - name: Upload PyPi Artifacts + uses: actions/upload-artifact@v3 + with: + name: pypi-artifacts + path: | + release-artifacts/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz + release-artifacts/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz.asc + retention-days: 7 + if-no-files-found: error + + publish-pypi: + name: Publish to PyPi + if: ${{ always() && ! failure() && ! cancelled() && github.event.repository.fork != true }} + needs: + - prepare-workflow + - release + environment: release + runs-on: + - self-hosted + - linux + - repo-release + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + id: get-secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + TWINE_PASSWORD=$(aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/publishing/publish-pypi \ + --query SecretString --output text | jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "$SECRETS_KEY_FILE" -d -) + echo "::add-mask::$TWINE_PASSWORD" + echo "twine-password=$TWINE_PASSWORD" >> "${GITHUB_OUTPUT}" + + - name: Download PyPi Artifacts + uses: actions/download-artifact@v3 + with: + name: pypi-artifacts + path: artifacts/release + + - name: Publish to PyPi + env: + TWINE_PASSWORD: "${{ steps.get-secrets.outputs.twine-password }}" + run: | + tools pkg pypi-upload artifacts/release/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz + + set-pipeline-exit-status: + # This step is just so we can make github require this step, to pass checks + # on a pull request instead of requiring all + name: Set the ${{ github.workflow }} Pipeline Exit Status + if: always() + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + needs: + - check-requirements + - prepare-workflow + - publish-repositories + - pkg-download-tests + - release + - publish-pypi + - windows-2016-ci-deps + - windows-2019-ci-deps + - windows-2022-ci-deps + - macos-12-ci-deps + - macos-13-ci-deps + - macos-13-xlarge-ci-deps + - almalinux-8-ci-deps + - almalinux-8-arm64-ci-deps + - almalinux-9-ci-deps + - almalinux-9-arm64-ci-deps + - amazonlinux-2-ci-deps + - amazonlinux-2-arm64-ci-deps + - amazonlinux-2023-ci-deps + - amazonlinux-2023-arm64-ci-deps + - archlinux-lts-ci-deps + - centos-7-ci-deps + - centos-7-arm64-ci-deps + - centosstream-8-ci-deps + - centosstream-8-arm64-ci-deps + - centosstream-9-ci-deps + - centosstream-9-arm64-ci-deps + - debian-10-ci-deps + - debian-11-ci-deps + - debian-11-arm64-ci-deps + - debian-12-ci-deps + - debian-12-arm64-ci-deps + - fedora-37-ci-deps + - fedora-37-arm64-ci-deps + - fedora-38-ci-deps + - fedora-38-arm64-ci-deps + - opensuse-15-ci-deps + - photonos-3-ci-deps + - photonos-3-arm64-ci-deps + - photonos-4-ci-deps + - photonos-4-arm64-ci-deps + - photonos-5-ci-deps + - photonos-5-arm64-ci-deps + - ubuntu-2004-ci-deps + - ubuntu-2004-arm64-ci-deps + - ubuntu-2204-ci-deps + - ubuntu-2204-arm64-ci-deps + steps: + - name: Get workflow information + id: get-workflow-info + uses: technote-space/workflow-conclusion-action@v3 + + - run: | + # shellcheck disable=SC2129 + if [ "${{ steps.get-workflow-info.outputs.conclusion }}" != "success" ]; then + echo 'To restore the release bucket run:' >> "${GITHUB_STEP_SUMMARY}" + echo '```' >> "${GITHUB_STEP_SUMMARY}" + echo 'tools pkg repo restore-previous-releases' >> "${GITHUB_STEP_SUMMARY}" + echo '```' >> "${GITHUB_STEP_SUMMARY}" + fi + + - name: Set Pipeline Exit Status + shell: bash + run: | + if [ "${{ steps.get-workflow-info.outputs.conclusion }}" != "success" ]; then + exit 1 + else + exit 0 + fi + + - name: Done + if: always() + run: + echo "All worflows finished" diff --git a/.github/workflows/scheduled.yml b/.github/workflows/scheduled.yml new file mode 100644 index 00000000..5d28eca9 --- /dev/null +++ b/.github/workflows/scheduled.yml @@ -0,0 +1,3164 @@ +# Do not edit these workflows directly as the changes made will be overwritten. +# Instead, edit the template '.github/workflows/templates/scheduled.yml.jinja' +--- + +name: Scheduled +run-name: "Scheduled (branch: ${{ github.ref_name }})" + +on: + schedule: + # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onschedule + - cron: '0 */8 * * *' # Run every 8 hours + +env: + COLUMNS: 190 + CACHE_SEED: SEED-2 # Bump the number to invalidate all caches + RELENV_DATA: "${{ github.workspace }}/.relenv" + +permissions: + contents: read # for dorny/paths-filter to fetch a list of changed files + pull-requests: read # for dorny/paths-filter to read pull requests + actions: write # to trigger branch scheduled builds + +concurrency: + group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: false + +jobs: + + workflow-requirements: + name: Check Workflow Requirements + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + outputs: + requirements-met: ${{ steps.check-requirements.outputs.requirements-met }} + steps: + - name: Check Requirements + id: check-requirements + run: | + if [ "${{ vars.RUN_SCHEDULED_BUILDS }}" = "1" ]; then + MSG="Running workflow because RUN_SCHEDULED_BUILDS=1" + echo "${MSG}" + echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" + echo "requirements-met=true" >> "${GITHUB_OUTPUT}" + elif [ "${{ github.event.repository.fork }}" = "true" ]; then + MSG="Not running workflow because ${{ github.repository }} is a fork" + echo "${MSG}" + echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" + echo "requirements-met=false" >> "${GITHUB_OUTPUT}" + else + MSG="Running workflow because ${{ github.repository }} is not a fork" + echo "${MSG}" + echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" + echo "requirements-met=true" >> "${GITHUB_OUTPUT}" + fi + + trigger-branch-scheduled-builds: + name: Trigger Branch Workflows + if: ${{ github.event_name == 'schedule' && fromJSON(needs.workflow-requirements.outputs.requirements-met) }} + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + needs: + - workflow-requirements + steps: + - name: Trigger 3006.x branch + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + gh workflow run scheduled.yml --repo ${{ github.repository }} --ref 3006.x + + prepare-workflow: + name: Prepare Workflow Run + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + if: ${{ fromJSON(needs.workflow-requirements.outputs.requirements-met) }} + needs: + - workflow-requirements + outputs: + jobs: ${{ steps.define-jobs.outputs.jobs }} + runners: ${{ steps.runner-types.outputs.runners }} + changed-files: ${{ steps.process-changed-files.outputs.changed-files }} + pull-labels: ${{ steps.get-pull-labels.outputs.labels }} + testrun: ${{ steps.define-testrun.outputs.testrun }} + salt-version: ${{ steps.setup-salt-version.outputs.salt-version }} + cache-seed: ${{ steps.set-cache-seed.outputs.cache-seed }} + latest-release: ${{ steps.get-salt-releases.outputs.latest-release }} + releases: ${{ steps.get-salt-releases.outputs.releases }} + release-changelog-target: ${{ steps.get-release-changelog-target.outputs.release-changelog-target }} + testing-releases: ${{ steps.get-testing-releases.outputs.testing-releases }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Full clone to also get the tags to get the right salt version + + - name: Get Changed Files + if: ${{ github.event_name == 'pull_request'}} + id: changed-files + uses: dorny/paths-filter@v2 + with: + token: ${{ github.token }} + list-files: json + filters: | + repo: + - added|modified: + - '**' + doc-requirements: + - added|modified: &doc_requirements + - requirements/static/ci/py3.*/docs.txt + lint-requirements: + - added|modified: &lint_requirements + - requirements/static/ci/py3.*/lint.txt + pkg_requirements: + - added|modified: &pkg_requirements + - requirements/static/pkg/py3.*/darwin.txt + - requirements/static/pkg/py3.*/linux.txt + - requirements/static/pkg/py3.*/freebsd.txt + - requirements/static/pkg/py3.*/windows.txt + test_requirements: + - added|modified: &test_requirements + - requirements/static/ci/py3.*/darwin.txt + - requirements/static/ci/py3.*/linux.txt + - requirements/static/ci/py3.*/freebsd.txt + - requirements/static/ci/py3.*/windows.txt + - requirements/static/ci/py3.*/darwin-crypto.txt + - requirements/static/ci/py3.*/linux-crypto.txt + - requirements/static/ci/py3.*/freebsd-crypto.txt + - requirements/static/ci/py3.*/windows-crypto.txt + deleted: + - deleted: + - '**' + docs: + - added|modified: + - doc/** + - *doc_requirements + workflows: + - added|modified: + - cicd/shared-gh-workflows-context.yml + - .github/actions/**/action.yml + - .github/workflows/*.yml + - .github/workflows/templates/*.yml.jinja2 + - tools/precommit/workflows.py + salt: + - added|modified: &salt_added_modified + - setup.py + - noxfile.py + - salt/**/*.py + - tasks/**/*.py + - tools/**/*.py + tests: + - added|modified: &tests_added_modified + - tests/**/*.py + lint: + - added|modified: + - .pylintrc + - *lint_requirements + golden_images: + - added|modified: + - cicd/golden-images.json + pkg_tests: + - added|modified: &pkg_tests_added_modified + - pkg/** + - *pkg_requirements + - *salt_added_modified + testrun: + - added|modified: + - *pkg_requirements + - *test_requirements + - *salt_added_modified + - *tests_added_modified + - *pkg_tests_added_modified + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ env.CACHE_SEED }} + + - name: Pretty Print The GH Actions Event + run: + tools ci print-gh-event + + - name: Set Cache Seed Output + id: set-cache-seed + run: | + tools ci define-cache-seed ${{ env.CACHE_SEED }} + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "" + validate-version: true + + - name: Get Pull Request Test Labels + id: get-pull-labels + if: ${{ github.event_name == 'pull_request'}} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools ci get-pr-test-labels --repository ${{ github.repository }} + + - name: Write Changed Files To A Local File + run: + echo '${{ toJSON(steps.changed-files.outputs) }}' > changed-files.json + + - name: Check Local Changed Files Contents + if: ${{ github.event_name == 'pull_request' }} + run: + cat changed-files.json + + - name: Process Changed Files + id: process-changed-files + run: | + tools ci process-changed-files ${{ github.event_name }} changed-files.json + + - name: Check Collected Changed Files + if: ${{ github.event_name == 'pull_request' }} + run: | + echo '${{ steps.process-changed-files.outputs.changed-files }}' | jq -C '.' + + - name: Define Runner Types + id: runner-types + run: | + tools ci runner-types ${{ github.event_name }} + + - name: Check Defined Runners + run: | + echo '${{ steps.runner-types.outputs.runners }}' | jq -C '.' + + - name: Define Jobs + id: define-jobs + run: | + tools ci define-jobs ${{ github.event_name }} changed-files.json + + - name: Check Defined Jobs + run: | + echo '${{ steps.define-jobs.outputs.jobs }}' | jq -C '.' + + - name: Get Salt Releases + id: get-salt-releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools ci get-releases + + - name: Get Latest Salt Releases for Testing + id: get-testing-releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools ci get-testing-releases ${{ join(fromJSON(steps.get-salt-releases.outputs.releases), ' ') }} --salt-version ${{ steps.setup-salt-version.outputs.salt-version }} + + - name: Check Salt Releases + run: | + echo '${{ steps.get-salt-releases.outputs.latest-release }}' | jq -C '.' + echo '${{ steps.get-salt-releases.outputs.releases }}' | jq -C '.' + echo '${{ steps.get-testing-releases.outputs.testing-releases }}' | jq -C '.' + + - name: Define Testrun + id: define-testrun + run: | + tools ci define-testrun ${{ github.event_name }} changed-files.json + + - name: Check Defined Test Run + run: | + echo '${{ steps.define-testrun.outputs.testrun }}' | jq -C '.' + + - name: Check Contents of generated testrun-changed-files.txt + if: ${{ fromJSON(steps.define-testrun.outputs.testrun)['type'] != 'full' }} + run: | + cat testrun-changed-files.txt || true + + - name: Upload testrun-changed-files.txt + if: ${{ fromJSON(steps.define-testrun.outputs.testrun)['type'] != 'full' }} + uses: actions/upload-artifact@v3 + with: + name: testrun-changed-files.txt + path: testrun-changed-files.txt + + - name: Get Release Changelog Target + id: get-release-changelog-target + run: | + tools ci get-release-changelog-target ${{ github.event_name }} + + + pre-commit: + name: Pre-Commit + if: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + uses: ./.github/workflows/pre-commit-action.yml + needs: + - prepare-workflow + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + changed-files: ${{ needs.prepare-workflow.outputs.changed-files }} + pre-commit-version: "3.0.4" + + lint: + name: Lint + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['lint'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + uses: ./.github/workflows/lint-action.yml + needs: + - prepare-workflow + with: + changed-files: ${{ needs.prepare-workflow.outputs.changed-files }} + + prepare-release: + name: "Prepare Release: ${{ needs.prepare-workflow.outputs.salt-version }}" + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['prepare-release'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "medium", "x86_64"]') || 'ubuntu-latest' }} + needs: + - prepare-workflow + steps: + - uses: actions/checkout@v4 + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}-changelog + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + - name: Update Debian changelog + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools changelog update-deb --draft + tools changelog update-deb + + - name: Update RPM changelog + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools changelog update-rpm --draft + tools changelog update-rpm + + - name: Create Release Notes Template + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + if [ "${{ needs.prepare-workflow.outputs.release-changelog-target }}" == "next-major-release" ]; then + tools changelog update-release-notes --next-release --template-only + else + tools changelog update-release-notes --template-only + fi + + - name: Update Release Notes + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + if [ "${{ needs.prepare-workflow.outputs.release-changelog-target }}" == "next-major-release" ]; then + tools changelog update-release-notes --draft --next-release + tools changelog update-release-notes --next-release + else + tools changelog update-release-notes --draft + tools changelog update-release-notes + fi + + - name: Generate MAN Pages + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + env: + LATEST_RELEASE: "${{ needs.prepare-workflow.outputs.salt-version }}" + SALT_ON_SALTSTACK: "1" + run: | + tools docs man + + - name: Update Changelog + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools changelog update-changelog-md --draft + tools changelog update-changelog-md + + - name: Show Changes Diff + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + git diff --color + + - name: Configure Git + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + git config --global user.name "Salt Project Packaging" + git config --global user.email saltproject-packaging@vmware.com + + - name: Setup Pre-Commit + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + uses: ./.github/actions/setup-pre-commit + with: + version: "3.0.4" + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Commit Changes + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + env: + SKIP: lint-salt,lint-tests + PRE_COMMIT_COLOR: always + run: | + # Run it twice so that pre-commit can fix anything that can be automatically fixed. + git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}" || \ + git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}" + + - name: Create release changes patch + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + git format-patch --keep-subject --binary --stdout HEAD^ > salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + + - name: Upload Changes Diff Artifact + uses: actions/upload-artifact@v3 + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + path: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + retention-days: 7 + if-no-files-found: error + + build-docs: + name: Documentation + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-docs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-source-tarball + uses: ./.github/workflows/build-docs.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + build-source-tarball: + name: Build Source Tarball + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-source-tarball'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - prepare-release + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "medium", "x86_64"]') || 'ubuntu-latest' }} + steps: + - uses: actions/checkout@v4 + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}-build + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + - name: Build Source Tarball + uses: ./.github/actions/build-source-tarball + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + build-deps-onedir-linux: + name: Build Dependencies Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-onedir'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + uses: ./.github/workflows/build-deps-onedir-linux.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-deps-onedir-windows: + name: Build Dependencies Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-onedir'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + uses: ./.github/workflows/build-deps-onedir-windows.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-deps-onedir-macos: + name: Build Dependencies Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-onedir'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + uses: ./.github/workflows/build-deps-onedir-macos.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-salt-onedir-linux: + name: Build Salt Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-salt-onedir'] }} + needs: + - prepare-workflow + - build-deps-onedir-linux + - build-source-tarball + uses: ./.github/workflows/build-salt-onedir-linux.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-salt-onedir-windows: + name: Build Salt Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-salt-onedir'] }} + needs: + - prepare-workflow + - build-deps-onedir-windows + - build-source-tarball + uses: ./.github/workflows/build-salt-onedir-windows.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-salt-onedir-macos: + name: Build Salt Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-salt-onedir'] }} + needs: + - prepare-workflow + - build-deps-onedir-macos + - build-source-tarball + uses: ./.github/workflows/build-salt-onedir-macos.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-rpm-pkgs-onedir: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-rpm-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "onedir" + + build-rpm-pkgs-src: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-rpm-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "src" + + build-deb-pkgs-onedir: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deb-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "onedir" + + build-deb-pkgs-src: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deb-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "src" + + build-windows-pkgs-onedir: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-windows-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "onedir" + + build-windows-pkgs-src: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-windows-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "src" + + build-macos-pkgs-onedir: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-macos-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "onedir" + + build-macos-pkgs-src: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-macos-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "src" + + windows-2016-ci-deps: + name: Windows 2016 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: windows-2016 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + windows-2019-ci-deps: + name: Windows 2019 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: windows-2019 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + windows-2022-ci-deps: + name: Windows 2022 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: windows-2022 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + macos-12-ci-deps: + name: macOS 12 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-deps-ci-action-macos.yml + with: + distro-slug: macos-12 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + macos-13-ci-deps: + name: macOS 13 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-deps-ci-action-macos.yml + with: + distro-slug: macos-13 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + macos-13-xlarge-ci-deps: + name: macOS 13 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-deps-ci-action-macos.yml + with: + distro-slug: macos-13-xlarge + nox-session: ci-test-onedir + platform: darwin + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-8-ci-deps: + name: Alma Linux 8 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-8-arm64-ci-deps: + name: Alma Linux 8 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-8-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-9-ci-deps: + name: Alma Linux 9 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-9-arm64-ci-deps: + name: Alma Linux 9 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-9-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2-ci-deps: + name: Amazon Linux 2 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2-arm64-ci-deps: + name: Amazon Linux 2 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2023-ci-deps: + name: Amazon Linux 2023 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2023 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2023-arm64-ci-deps: + name: Amazon Linux 2023 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2023-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + archlinux-lts-ci-deps: + name: Arch Linux LTS Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: archlinux-lts + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centos-7-ci-deps: + name: CentOS 7 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centos-7 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centos-7-arm64-ci-deps: + name: CentOS 7 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centos-7-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-8-ci-deps: + name: CentOS Stream 8 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-8-arm64-ci-deps: + name: CentOS Stream 8 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-8-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-9-ci-deps: + name: CentOS Stream 9 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-9-arm64-ci-deps: + name: CentOS Stream 9 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-9-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-10-ci-deps: + name: Debian 10 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-10 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-11-ci-deps: + name: Debian 11 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-11 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-11-arm64-ci-deps: + name: Debian 11 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-11-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-12-ci-deps: + name: Debian 12 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-12 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-12-arm64-ci-deps: + name: Debian 12 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-12-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-37-ci-deps: + name: Fedora 37 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-37 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-37-arm64-ci-deps: + name: Fedora 37 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-37-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-38-ci-deps: + name: Fedora 38 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-38 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-38-arm64-ci-deps: + name: Fedora 38 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-38-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + opensuse-15-ci-deps: + name: Opensuse 15 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: opensuse-15 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-3-ci-deps: + name: Photon OS 3 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-3 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-3-arm64-ci-deps: + name: Photon OS 3 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-3-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-4-ci-deps: + name: Photon OS 4 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-4 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-4-arm64-ci-deps: + name: Photon OS 4 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-4-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-5-ci-deps: + name: Photon OS 5 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-5 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-5-arm64-ci-deps: + name: Photon OS 5 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-5-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2004-ci-deps: + name: Ubuntu 20.04 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-20.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2004-arm64-ci-deps: + name: Ubuntu 20.04 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-20.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2204-ci-deps: + name: Ubuntu 22.04 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-22.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2204-arm64-ci-deps: + name: Ubuntu 22.04 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-22.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2-pkg-tests: + name: Amazon Linux 2 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - amazonlinux-2-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: amazonlinux-2 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + amazonlinux-2-arm64-pkg-tests: + name: Amazon Linux 2 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - amazonlinux-2-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: amazonlinux-2-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + amazonlinux-2023-pkg-tests: + name: Amazon Linux 2023 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - amazonlinux-2023-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: amazonlinux-2023 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + amazonlinux-2023-arm64-pkg-tests: + name: Amazon Linux 2023 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - amazonlinux-2023-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: amazonlinux-2023-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + centos-7-pkg-tests: + name: CentOS 7 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - centos-7-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: centos-7 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + centosstream-8-pkg-tests: + name: CentOS Stream 8 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - centosstream-8-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: centosstream-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + centosstream-9-pkg-tests: + name: CentOS Stream 9 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - centosstream-9-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: centosstream-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + centosstream-9-arm64-pkg-tests: + name: CentOS Stream 9 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - centosstream-9-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: centosstream-9-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-10-pkg-tests: + name: Debian 10 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-10-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-10 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-11-pkg-tests: + name: Debian 11 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-11-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-11 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-11-arm64-pkg-tests: + name: Debian 11 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-11-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-11-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-12-pkg-tests: + name: Debian 12 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-12-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-12 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-12-arm64-pkg-tests: + name: Debian 12 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-12-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-12-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + photonos-3-pkg-tests: + name: Photon OS 3 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-3-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-3 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + photonos-3-arm64-pkg-tests: + name: Photon OS 3 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-3-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-3-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + photonos-4-pkg-tests: + name: Photon OS 4 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-4-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-4 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + fips: true + + photonos-4-arm64-pkg-tests: + name: Photon OS 4 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-4-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-4-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + fips: true + + photonos-5-pkg-tests: + name: Photon OS 5 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-5-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-5 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + fips: true + + photonos-5-arm64-pkg-tests: + name: Photon OS 5 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-5-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-5-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + fips: true + + ubuntu-2004-pkg-tests: + name: Ubuntu 20.04 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - ubuntu-2004-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: ubuntu-20.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + ubuntu-2004-arm64-pkg-tests: + name: Ubuntu 20.04 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - ubuntu-2004-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: ubuntu-20.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + ubuntu-2204-pkg-tests: + name: Ubuntu 22.04 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - ubuntu-2204-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: ubuntu-22.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + ubuntu-2204-arm64-pkg-tests: + name: Ubuntu 22.04 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - ubuntu-2204-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: ubuntu-22.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + macos-12-pkg-tests: + name: macOS 12 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-macos-pkgs-onedir + - macos-12-ci-deps + uses: ./.github/workflows/test-packages-action-macos.yml + with: + distro-slug: macos-12 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: macos + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + macos-13-pkg-tests: + name: macOS 13 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-macos-pkgs-onedir + - macos-13-ci-deps + uses: ./.github/workflows/test-packages-action-macos.yml + with: + distro-slug: macos-13 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: macos + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + macos-13-xlarge-pkg-tests: + name: macOS 13 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-macos-pkgs-onedir + - macos-13-xlarge-ci-deps + uses: ./.github/workflows/test-packages-action-macos.yml + with: + distro-slug: macos-13-xlarge + nox-session: ci-test-onedir + platform: darwin + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: macos + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2016-nsis-pkg-tests: + name: Windows 2016 NSIS Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2016-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2016 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: NSIS + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2016-msi-pkg-tests: + name: Windows 2016 MSI Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2016-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2016 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: MSI + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2019-nsis-pkg-tests: + name: Windows 2019 NSIS Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2019-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2019 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: NSIS + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2019-msi-pkg-tests: + name: Windows 2019 MSI Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2019-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2019 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: MSI + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2022-nsis-pkg-tests: + name: Windows 2022 NSIS Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2022-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2022 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: NSIS + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2022-msi-pkg-tests: + name: Windows 2022 MSI Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2022-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2022 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: MSI + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2016: + name: Windows 2016 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - windows-2016-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: windows-2016 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 210 || 360 }} + + windows-2019: + name: Windows 2019 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - windows-2019-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: windows-2019 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 210 || 360 }} + + windows-2022: + name: Windows 2022 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - windows-2022-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: windows-2022 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 210 || 360 }} + + macos-12: + name: macOS 12 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - macos-12-ci-deps + uses: ./.github/workflows/test-action-macos.yml + with: + distro-slug: macos-12 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + macos-13: + name: macOS 13 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - macos-13-ci-deps + uses: ./.github/workflows/test-action-macos.yml + with: + distro-slug: macos-13 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + macos-13-xlarge: + name: macOS 13 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - macos-13-xlarge-ci-deps + uses: ./.github/workflows/test-action-macos.yml + with: + distro-slug: macos-13-xlarge + nox-session: ci-test-onedir + platform: darwin + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + almalinux-8: + name: Alma Linux 8 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - almalinux-8-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: almalinux-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + almalinux-9: + name: Alma Linux 9 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - almalinux-9-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: almalinux-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + amazonlinux-2: + name: Amazon Linux 2 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - amazonlinux-2-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: amazonlinux-2 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + amazonlinux-2-arm64: + name: Amazon Linux 2 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - amazonlinux-2-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: amazonlinux-2-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + amazonlinux-2023: + name: Amazon Linux 2023 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - amazonlinux-2023-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: amazonlinux-2023 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + amazonlinux-2023-arm64: + name: Amazon Linux 2023 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - amazonlinux-2023-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: amazonlinux-2023-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + archlinux-lts: + name: Arch Linux LTS Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - archlinux-lts-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: archlinux-lts + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + centos-7: + name: CentOS 7 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - centos-7-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: centos-7 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + centosstream-8: + name: CentOS Stream 8 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - centosstream-8-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: centosstream-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + centosstream-9: + name: CentOS Stream 9 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - centosstream-9-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: centosstream-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-10: + name: Debian 10 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-10-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-10 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-11: + name: Debian 11 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-11-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-11 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-11-arm64: + name: Debian 11 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-11-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-11-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-12: + name: Debian 12 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-12-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-12 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-12-arm64: + name: Debian 12 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-12-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-12-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + fedora-37: + name: Fedora 37 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - fedora-37-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: fedora-37 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + fedora-38: + name: Fedora 38 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - fedora-38-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: fedora-38 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + opensuse-15: + name: Opensuse 15 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - opensuse-15-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: opensuse-15 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + photonos-3: + name: Photon OS 3 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-3-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-3 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + photonos-3-arm64: + name: Photon OS 3 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-3-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-3-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + photonos-4: + name: Photon OS 4 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-4-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-4 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + fips: true + + photonos-4-arm64: + name: Photon OS 4 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-4-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-4-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + fips: true + + photonos-5: + name: Photon OS 5 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-5-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-5 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + fips: true + + photonos-5-arm64: + name: Photon OS 5 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-5-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-5-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + fips: true + + ubuntu-2004: + name: Ubuntu 20.04 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - ubuntu-2004-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: ubuntu-20.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + ubuntu-2004-arm64: + name: Ubuntu 20.04 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - ubuntu-2004-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: ubuntu-20.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + ubuntu-2204: + name: Ubuntu 22.04 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - ubuntu-2204-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: ubuntu-22.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + ubuntu-2204-arm64: + name: Ubuntu 22.04 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - ubuntu-2204-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: ubuntu-22.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: false + skip-junit-reports: false + workflow-slug: scheduled + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + combine-all-code-coverage: + name: Combine Code Coverage + if: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] == false }} + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + needs: + - prepare-workflow + - windows-2016-ci-deps + - windows-2019-ci-deps + - windows-2022-ci-deps + - macos-12-ci-deps + - macos-13-ci-deps + - macos-13-xlarge-ci-deps + - almalinux-8-ci-deps + - almalinux-8-arm64-ci-deps + - almalinux-9-ci-deps + - almalinux-9-arm64-ci-deps + - amazonlinux-2-ci-deps + - amazonlinux-2-arm64-ci-deps + - amazonlinux-2023-ci-deps + - amazonlinux-2023-arm64-ci-deps + - archlinux-lts-ci-deps + - centos-7-ci-deps + - centos-7-arm64-ci-deps + - centosstream-8-ci-deps + - centosstream-8-arm64-ci-deps + - centosstream-9-ci-deps + - centosstream-9-arm64-ci-deps + - debian-10-ci-deps + - debian-11-ci-deps + - debian-11-arm64-ci-deps + - debian-12-ci-deps + - debian-12-arm64-ci-deps + - fedora-37-ci-deps + - fedora-37-arm64-ci-deps + - fedora-38-ci-deps + - fedora-38-arm64-ci-deps + - opensuse-15-ci-deps + - photonos-3-ci-deps + - photonos-3-arm64-ci-deps + - photonos-4-ci-deps + - photonos-4-arm64-ci-deps + - photonos-5-ci-deps + - photonos-5-arm64-ci-deps + - ubuntu-2004-ci-deps + - ubuntu-2004-arm64-ci-deps + - ubuntu-2204-ci-deps + - ubuntu-2204-arm64-ci-deps + - windows-2016 + - windows-2019 + - windows-2022 + - macos-12 + - macos-13 + - macos-13-xlarge + - almalinux-8 + - almalinux-9 + - amazonlinux-2 + - amazonlinux-2-arm64 + - amazonlinux-2023 + - amazonlinux-2023-arm64 + - archlinux-lts + - centos-7 + - centosstream-8 + - centosstream-9 + - debian-10 + - debian-11 + - debian-11-arm64 + - debian-12 + - debian-12-arm64 + - fedora-37 + - fedora-38 + - opensuse-15 + - photonos-3 + - photonos-3-arm64 + - photonos-4 + - photonos-4-arm64 + - photonos-5 + - photonos-5-arm64 + - ubuntu-2004 + - ubuntu-2004-arm64 + - ubuntu-2204 + - ubuntu-2204-arm64 + steps: + - uses: actions/checkout@v4 + + - name: Set up Python 3.10 + if: ${{ github.event.repository.private == false }} + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + id: python-tools-scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}-coverage + + - name: Install Nox + run: | + python3 -m pip install 'nox==2022.8.7' + + + + - name: Get coverage reports + id: get-coverage-reports + uses: actions/download-artifact@v3 + with: + name: all-testrun-coverage-artifacts + path: artifacts/coverage/ + + - name: Display structure of downloaded files + run: tree -a artifacts/ + + - name: Install Codecov CLI + run: | + # We can't yet use tokenless uploads with the codecov CLI + # python3 -m pip install codecov-cli + # + curl https://keybase.io/codecovsecurity/pgp_keys.asc | gpg --no-default-keyring --import + curl -Os https://uploader.codecov.io/latest/linux/codecov + curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM + curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM.sig + gpg --verify codecov.SHA256SUM.sig codecov.SHA256SUM + shasum -a 256 -c codecov.SHA256SUM + chmod +x codecov + mv ./codecov /usr/local/bin/ + + - name: Create XML Coverage Reports + run: | + nox --force-color -e create-xml-coverage-reports + + - name: Upload Code Coverage To Codecov + run: | + tools ci upload-coverage --commit-sha=${{ github.event.pull_request.head.sha || github.sha }} artifacts/coverage/ + + - name: Combine Code Coverage + run: | + nox --force-color -e combine-coverage + + - name: Report Salt Code Coverage + run: | + nox --force-color -e coverage-report -- salt + + - name: Create Salt Code Coverage HTML Report + run: | + nox --force-color -e create-html-coverage-report -- salt + + - name: Create Salt Code Coverage HTML Report + run: | + nox --force-color -e create-html-coverage-report -- salt + + - name: Upload Salt Code Coverage HTML Report + uses: actions/upload-artifact@v3 + with: + name: code-coverage-salt-html-report + path: artifacts/coverage/html/salt + retention-days: 7 + if-no-files-found: error + + - name: Report Combined Code Coverage + run: | + nox --force-color -e coverage-report + + - name: Create Combined Code Coverage JSON Report + run: | + nox --force-color -e create-json-coverage-reports + + - name: Upload Combined Code Coverage JSON Report + uses: actions/upload-artifact@v3 + with: + name: code-coverage-full-json-report + path: artifacts/coverage/coverage.json + retention-days: 7 + if-no-files-found: error + + - name: Create Combined Code Coverage HTML Report + run: | + nox --force-color -e create-html-coverage-report + + - name: Upload Combined Code Coverage HTML Report + uses: actions/upload-artifact@v3 + with: + name: code-coverage-full-html-report + path: artifacts/coverage/html/full + retention-days: 7 + if-no-files-found: error + + set-pipeline-exit-status: + # This step is just so we can make github require this step, to pass checks + # on a pull request instead of requiring all + name: Set the ${{ github.workflow }} Pipeline Exit Status + if: always() + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + needs: + - workflow-requirements + - trigger-branch-scheduled-builds + - prepare-workflow + - pre-commit + - lint + - build-docs + - build-deps-onedir-linux + - build-deps-onedir-windows + - build-deps-onedir-macos + - build-salt-onedir-linux + - build-salt-onedir-windows + - build-salt-onedir-macos + - build-rpm-pkgs-src + - build-deb-pkgs-src + - build-windows-pkgs-src + - build-macos-pkgs-src + - combine-all-code-coverage + - windows-2016-ci-deps + - windows-2019-ci-deps + - windows-2022-ci-deps + - macos-12-ci-deps + - macos-13-ci-deps + - macos-13-xlarge-ci-deps + - almalinux-8-ci-deps + - almalinux-8-arm64-ci-deps + - almalinux-9-ci-deps + - almalinux-9-arm64-ci-deps + - amazonlinux-2-ci-deps + - amazonlinux-2-arm64-ci-deps + - amazonlinux-2023-ci-deps + - amazonlinux-2023-arm64-ci-deps + - archlinux-lts-ci-deps + - centos-7-ci-deps + - centos-7-arm64-ci-deps + - centosstream-8-ci-deps + - centosstream-8-arm64-ci-deps + - centosstream-9-ci-deps + - centosstream-9-arm64-ci-deps + - debian-10-ci-deps + - debian-11-ci-deps + - debian-11-arm64-ci-deps + - debian-12-ci-deps + - debian-12-arm64-ci-deps + - fedora-37-ci-deps + - fedora-37-arm64-ci-deps + - fedora-38-ci-deps + - fedora-38-arm64-ci-deps + - opensuse-15-ci-deps + - photonos-3-ci-deps + - photonos-3-arm64-ci-deps + - photonos-4-ci-deps + - photonos-4-arm64-ci-deps + - photonos-5-ci-deps + - photonos-5-arm64-ci-deps + - ubuntu-2004-ci-deps + - ubuntu-2004-arm64-ci-deps + - ubuntu-2204-ci-deps + - ubuntu-2204-arm64-ci-deps + - windows-2016 + - windows-2019 + - windows-2022 + - macos-12 + - macos-13 + - macos-13-xlarge + - almalinux-8 + - almalinux-9 + - amazonlinux-2 + - amazonlinux-2-arm64 + - amazonlinux-2023 + - amazonlinux-2023-arm64 + - archlinux-lts + - centos-7 + - centosstream-8 + - centosstream-9 + - debian-10 + - debian-11 + - debian-11-arm64 + - debian-12 + - debian-12-arm64 + - fedora-37 + - fedora-38 + - opensuse-15 + - photonos-3 + - photonos-3-arm64 + - photonos-4 + - photonos-4-arm64 + - photonos-5 + - photonos-5-arm64 + - ubuntu-2004 + - ubuntu-2004-arm64 + - ubuntu-2204 + - ubuntu-2204-arm64 + - amazonlinux-2-pkg-tests + - amazonlinux-2-arm64-pkg-tests + - amazonlinux-2023-pkg-tests + - amazonlinux-2023-arm64-pkg-tests + - centos-7-pkg-tests + - centosstream-8-pkg-tests + - centosstream-9-pkg-tests + - centosstream-9-arm64-pkg-tests + - debian-10-pkg-tests + - debian-11-pkg-tests + - debian-11-arm64-pkg-tests + - debian-12-pkg-tests + - debian-12-arm64-pkg-tests + - photonos-3-pkg-tests + - photonos-3-arm64-pkg-tests + - photonos-4-pkg-tests + - photonos-4-arm64-pkg-tests + - photonos-5-pkg-tests + - photonos-5-arm64-pkg-tests + - ubuntu-2004-pkg-tests + - ubuntu-2004-arm64-pkg-tests + - ubuntu-2204-pkg-tests + - ubuntu-2204-arm64-pkg-tests + - macos-12-pkg-tests + - macos-13-pkg-tests + - macos-13-xlarge-pkg-tests + - windows-2016-nsis-pkg-tests + - windows-2016-msi-pkg-tests + - windows-2019-nsis-pkg-tests + - windows-2019-msi-pkg-tests + - windows-2022-nsis-pkg-tests + - windows-2022-msi-pkg-tests + steps: + - name: Get workflow information + id: get-workflow-info + uses: technote-space/workflow-conclusion-action@v3 + + - name: Set Pipeline Exit Status + shell: bash + run: | + if [ "${{ steps.get-workflow-info.outputs.conclusion }}" != "success" ]; then + exit 1 + else + exit 0 + fi + + - name: Done + if: always() + run: + echo "All worflows finished" diff --git a/.github/workflows/scripts/label-and-assign.py b/.github/workflows/scripts/label-and-assign.py new file mode 100644 index 00000000..631ad44f --- /dev/null +++ b/.github/workflows/scripts/label-and-assign.py @@ -0,0 +1,112 @@ +import argparse +import datetime +import json +import operator +import os +import pathlib +import random +import sys + +import github +from github.GithubException import GithubException + +CACHE_FILENAME = pathlib.Path(".cache", "last-user-assigned") + + +def get_last_account_assigned(): + if not CACHE_FILENAME.exists(): + return + + try: + data = json.loads(CACHE_FILENAME.read_text()) + return data["username"] + except (ValueError, KeyError): + return + + +def get_team_members(options): + g = github.Github(os.environ["READ_ORG_TOKEN"]) + org = g.get_organization(options.org) + team = org.get_team_by_slug(options.team) + return sorted(list(team.get_members()), key=operator.attrgetter("login")) + + +def get_triage_next_account(options): + team_members = get_team_members(options) + last_account_assigned = get_last_account_assigned() + if last_account_assigned is None: + return random.choice(team_members) + + previous_account = None + for member in team_members: + if previous_account and previous_account.login == last_account_assigned: + return member + previous_account = member + else: + # The previously assigned account is not longer part of the team members + # or the team was switched + return random.choice(team_members) + + +def label_and_assign_issue(options): + g = github.Github(os.environ["GITHUB_TOKEN"]) + org = g.get_organization(options.org) + print(f"Loaded Organization: {org.login}", file=sys.stderr, flush=True) + repo = org.get_repo(options.repo) + print(f"Loaded Repository: {repo.full_name}", file=sys.stderr, flush=True) + issue = repo.get_issue(options.issue) + print(f"Loaded Issue: {issue}", file=sys.stderr, flush=True) + next_triage_account = get_triage_next_account(options) + print( + f"Next account up for triage: {next_triage_account.login}", + file=sys.stderr, + flush=True, + ) + print(f"Adding label {options.label} to {issue}", file=sys.stderr, flush=True) + issue.add_to_labels(options.label) + print( + f"Assigning {issue} to {next_triage_account.login}", file=sys.stderr, flush=True + ) + issue.add_to_assignees(next_triage_account) + CACHE_FILENAME.write_text( + json.dumps( + { + "username": next_triage_account.login, + "when": str(datetime.datetime.utcnow()), + } + ) + ) + print("Done!", file=sys.stderr, flush=True) + + +def main(): + parser = argparse.ArgumentParser() + parser.add_argument("--org", required=True, help="The Github Organization") + parser.add_argument("--team", required=True, help="The Organization Team Slug") + parser.add_argument("--repo", required=True, help="The Organization Repository") + parser.add_argument("--issue", required=True, type=int, help="The issue number") + parser.add_argument("--label", required=True, help="The issue label to assign") + + if not os.environ.get("GITHUB_TOKEN"): + parser.exit(status=1, message="GITHUB_TOKEN environment variable not set") + if not os.environ.get("READ_ORG_TOKEN"): + parser.exit(status=1, message="READ_ORG_TOKEN environment variable not set") + + options = parser.parse_args() + print( + f"Last assignment cache file path: {CACHE_FILENAME}", + file=sys.stderr, + flush=True, + ) + if CACHE_FILENAME.parent.is_dir() is False: + CACHE_FILENAME.parent.mkdir() + + try: + label_and_assign_issue(options) + parser.exit(0) + except GithubException as exc: + parser.exit(1, message=str(exc)) + + +if __name__ == "__main__": + main() diff --git a/.github/workflows/scripts/update_winrepo.py b/.github/workflows/scripts/update_winrepo.py new file mode 100644 index 00000000..c0f2d00f --- /dev/null +++ b/.github/workflows/scripts/update_winrepo.py @@ -0,0 +1,31 @@ +import argparse +import os + +# Where are we +print(os.getcwd()) + +arg_parser = argparse.ArgumentParser() +arg_parser.add_argument("-f", "--file", help="the winrepo file to edit") +arg_parser.add_argument("-v", "--version", help="The version to add") + +args = arg_parser.parse_args() +file = args.file +version = args.version + +if version.startswith("v"): + version = version[1:] + +with open(file) as f: + current_contents = f.readlines() + +new_contents = [] + +added = False +for line in current_contents: + new_contents.append(line) + if "load_yaml as versions_relenv" in line and not added: + new_contents.append(f"- {version}\n") + added = True + +with open(file, "w") as f: + f.writelines(new_contents) diff --git a/.github/workflows/staging.yml b/.github/workflows/staging.yml new file mode 100644 index 00000000..0e6d820a --- /dev/null +++ b/.github/workflows/staging.yml @@ -0,0 +1,4006 @@ +# Do not edit these workflows directly as the changes made will be overwritten. +# Instead, edit the template '.github/workflows/templates/staging.yml.jinja' +--- + +name: Stage Release +run-name: "Stage Release (branch: ${{ github.ref_name }}; version: ${{ inputs.salt-version }})" + +on: + workflow_dispatch: + inputs: + salt-version: + type: string + required: true + description: > + The Salt version to set prior to building packages and staging the release. + (DO NOT prefix the version with a v, ie, 3006.0 NOT v3006.0). + sign-windows-packages: + type: boolean + default: false + description: Sign Windows Packages + skip-test-pypi-publish: + type: boolean + default: false + description: Skip publishing the source package to Test PyPi(For example, CVE releases) + skip-salt-test-suite: + type: boolean + default: false + description: Skip running the Salt test suite. + skip-salt-pkg-test-suite: + type: boolean + default: false + description: Skip running the Salt packages test suite. + skip-salt-pkg-download-test-suite: + type: boolean + default: false + description: Skip running the Salt packages download test suite. + +env: + COLUMNS: 190 + CACHE_SEED: SEED-2 # Bump the number to invalidate all caches + RELENV_DATA: "${{ github.workspace }}/.relenv" + +permissions: + contents: read # for dorny/paths-filter to fetch a list of changed files + pull-requests: read # for dorny/paths-filter to read pull requests + actions: read # for technote-space/workflow-conclusion-action to get the job statuses + +concurrency: + group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.repository }} + cancel-in-progress: false + +jobs: + + check-requirements: + name: Check Requirements + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + environment: staging-check + steps: + - name: Check For Admin Permission + uses: actions-cool/check-user-permission@v2 + with: + require: admin + username: ${{ github.triggering_actor }} + + prepare-workflow: + name: Prepare Workflow Run + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + needs: + - check-requirements + outputs: + jobs: ${{ steps.define-jobs.outputs.jobs }} + runners: ${{ steps.runner-types.outputs.runners }} + changed-files: ${{ steps.process-changed-files.outputs.changed-files }} + pull-labels: ${{ steps.get-pull-labels.outputs.labels }} + testrun: ${{ steps.define-testrun.outputs.testrun }} + salt-version: ${{ steps.setup-salt-version.outputs.salt-version }} + cache-seed: ${{ steps.set-cache-seed.outputs.cache-seed }} + latest-release: ${{ steps.get-salt-releases.outputs.latest-release }} + releases: ${{ steps.get-salt-releases.outputs.releases }} + release-changelog-target: ${{ steps.get-release-changelog-target.outputs.release-changelog-target }} + testing-releases: ${{ steps.get-testing-releases.outputs.testing-releases }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Full clone to also get the tags to get the right salt version + + - name: Get Changed Files + if: ${{ github.event_name == 'pull_request'}} + id: changed-files + uses: dorny/paths-filter@v2 + with: + token: ${{ github.token }} + list-files: json + filters: | + repo: + - added|modified: + - '**' + doc-requirements: + - added|modified: &doc_requirements + - requirements/static/ci/py3.*/docs.txt + lint-requirements: + - added|modified: &lint_requirements + - requirements/static/ci/py3.*/lint.txt + pkg_requirements: + - added|modified: &pkg_requirements + - requirements/static/pkg/py3.*/darwin.txt + - requirements/static/pkg/py3.*/linux.txt + - requirements/static/pkg/py3.*/freebsd.txt + - requirements/static/pkg/py3.*/windows.txt + test_requirements: + - added|modified: &test_requirements + - requirements/static/ci/py3.*/darwin.txt + - requirements/static/ci/py3.*/linux.txt + - requirements/static/ci/py3.*/freebsd.txt + - requirements/static/ci/py3.*/windows.txt + - requirements/static/ci/py3.*/darwin-crypto.txt + - requirements/static/ci/py3.*/linux-crypto.txt + - requirements/static/ci/py3.*/freebsd-crypto.txt + - requirements/static/ci/py3.*/windows-crypto.txt + deleted: + - deleted: + - '**' + docs: + - added|modified: + - doc/** + - *doc_requirements + workflows: + - added|modified: + - cicd/shared-gh-workflows-context.yml + - .github/actions/**/action.yml + - .github/workflows/*.yml + - .github/workflows/templates/*.yml.jinja2 + - tools/precommit/workflows.py + salt: + - added|modified: &salt_added_modified + - setup.py + - noxfile.py + - salt/**/*.py + - tasks/**/*.py + - tools/**/*.py + tests: + - added|modified: &tests_added_modified + - tests/**/*.py + lint: + - added|modified: + - .pylintrc + - *lint_requirements + golden_images: + - added|modified: + - cicd/golden-images.json + pkg_tests: + - added|modified: &pkg_tests_added_modified + - pkg/** + - *pkg_requirements + - *salt_added_modified + testrun: + - added|modified: + - *pkg_requirements + - *test_requirements + - *salt_added_modified + - *tests_added_modified + - *pkg_tests_added_modified + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ env.CACHE_SEED }} + + - name: Pretty Print The GH Actions Event + run: + tools ci print-gh-event + + - name: Set Cache Seed Output + id: set-cache-seed + run: | + tools ci define-cache-seed ${{ env.CACHE_SEED }} + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ inputs.salt-version }}" + validate-version: true + + - name: Get Pull Request Test Labels + id: get-pull-labels + if: ${{ github.event_name == 'pull_request'}} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools ci get-pr-test-labels --repository ${{ github.repository }} + + - name: Check Existing Releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools pkg repo confirm-unreleased --repository ${{ github.repository }} ${{ steps.setup-salt-version.outputs.salt-version }} + if [ "${{ github.event.repository.private }}" = "true" ]; then + tools pkg repo confirm-unreleased --repository saltstack/salt ${{ steps.setup-salt-version.outputs.salt-version }} + fi + + - name: Write Changed Files To A Local File + run: + echo '${{ toJSON(steps.changed-files.outputs) }}' > changed-files.json + + - name: Check Local Changed Files Contents + if: ${{ github.event_name == 'pull_request' }} + run: + cat changed-files.json + + - name: Process Changed Files + id: process-changed-files + run: | + tools ci process-changed-files ${{ github.event_name }} changed-files.json + + - name: Check Collected Changed Files + if: ${{ github.event_name == 'pull_request' }} + run: | + echo '${{ steps.process-changed-files.outputs.changed-files }}' | jq -C '.' + + - name: Define Runner Types + id: runner-types + run: | + tools ci runner-types ${{ github.event_name }} + + - name: Check Defined Runners + run: | + echo '${{ steps.runner-types.outputs.runners }}' | jq -C '.' + + - name: Define Jobs + id: define-jobs + run: | + tools ci define-jobs${{ inputs.skip-salt-test-suite && ' --skip-tests' || '' }}${{ inputs.skip-salt-pkg-test-suite && ' --skip-pkg-tests' || '' }}${{ inputs.skip-salt-pkg-download-test-suite && ' --skip-pkg-download-tests' || '' }} ${{ github.event_name }} changed-files.json + + - name: Check Defined Jobs + run: | + echo '${{ steps.define-jobs.outputs.jobs }}' | jq -C '.' + + - name: Get Salt Releases + id: get-salt-releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools ci get-releases + + - name: Get Latest Salt Releases for Testing + id: get-testing-releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools ci get-testing-releases ${{ join(fromJSON(steps.get-salt-releases.outputs.releases), ' ') }} --salt-version ${{ steps.setup-salt-version.outputs.salt-version }} + + - name: Check Salt Releases + run: | + echo '${{ steps.get-salt-releases.outputs.latest-release }}' | jq -C '.' + echo '${{ steps.get-salt-releases.outputs.releases }}' | jq -C '.' + echo '${{ steps.get-testing-releases.outputs.testing-releases }}' | jq -C '.' + + - name: Define Testrun + id: define-testrun + run: | + tools ci define-testrun ${{ github.event_name }} changed-files.json + + - name: Check Defined Test Run + run: | + echo '${{ steps.define-testrun.outputs.testrun }}' | jq -C '.' + + - name: Check Contents of generated testrun-changed-files.txt + if: ${{ fromJSON(steps.define-testrun.outputs.testrun)['type'] != 'full' }} + run: | + cat testrun-changed-files.txt || true + + - name: Upload testrun-changed-files.txt + if: ${{ fromJSON(steps.define-testrun.outputs.testrun)['type'] != 'full' }} + uses: actions/upload-artifact@v3 + with: + name: testrun-changed-files.txt + path: testrun-changed-files.txt + + - name: Get Release Changelog Target + id: get-release-changelog-target + run: | + tools ci get-release-changelog-target ${{ github.event_name }} + + + pre-commit: + name: Pre-Commit + if: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + uses: ./.github/workflows/pre-commit-action.yml + needs: + - prepare-workflow + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + changed-files: ${{ needs.prepare-workflow.outputs.changed-files }} + pre-commit-version: "3.0.4" + + lint: + name: Lint + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['lint'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + uses: ./.github/workflows/lint-action.yml + needs: + - prepare-workflow + with: + changed-files: ${{ needs.prepare-workflow.outputs.changed-files }} + + prepare-release: + name: "Prepare Release: ${{ needs.prepare-workflow.outputs.salt-version }}" + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['prepare-release'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + runs-on: + - self-hosted + - linux + - medium + - x86_64 + needs: + - prepare-workflow + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}-changelog + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + release: true + + - name: Update Debian changelog + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools changelog update-deb --draft + tools changelog update-deb + + - name: Update RPM changelog + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools changelog update-rpm --draft + tools changelog update-rpm + + - name: Create Release Notes Template + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + if [ "${{ needs.prepare-workflow.outputs.release-changelog-target }}" == "next-major-release" ]; then + tools changelog update-release-notes --next-release --template-only + else + tools changelog update-release-notes --template-only + fi + + - name: Update Release Notes + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + if [ "${{ needs.prepare-workflow.outputs.release-changelog-target }}" == "next-major-release" ]; then + tools changelog update-release-notes --draft --release --next-release + tools changelog update-release-notes --release --next-release + else + tools changelog update-release-notes --draft --release + tools changelog update-release-notes --release + fi + + - name: Generate MAN Pages + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + env: + LATEST_RELEASE: "${{ needs.prepare-workflow.outputs.salt-version }}" + SALT_ON_SALTSTACK: "1" + run: | + tools docs man + + - name: Update Changelog + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools changelog update-changelog-md --draft + tools changelog update-changelog-md + + - name: Show Changes Diff + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + git diff --color + + - name: Configure Git + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + git config --global user.name "Salt Project Packaging" + git config --global user.email saltproject-packaging@vmware.com + + - name: Setup Pre-Commit + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + uses: ./.github/actions/setup-pre-commit + with: + version: "3.0.4" + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Commit Changes + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + env: + SKIP: lint-salt,lint-tests + PRE_COMMIT_COLOR: always + run: | + # Run it twice so that pre-commit can fix anything that can be automatically fixed. + git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}" || \ + git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}" + + - name: Create release changes patch + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + git format-patch --keep-subject --binary --stdout HEAD^ > salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + + - name: Upload Changes Diff Artifact + uses: actions/upload-artifact@v3 + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + path: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + retention-days: 7 + if-no-files-found: error + + build-docs: + name: Documentation + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-docs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-source-tarball + uses: ./.github/workflows/build-docs.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + build-source-tarball: + name: Build Source Tarball + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-source-tarball'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - prepare-release + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "medium", "x86_64"]') || 'ubuntu-latest' }} + steps: + - uses: actions/checkout@v4 + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}-build + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + - name: Build Source Tarball + uses: ./.github/actions/build-source-tarball + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + build-deps-onedir-linux: + name: Build Dependencies Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-onedir'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + uses: ./.github/workflows/build-deps-onedir-linux.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-deps-onedir-windows: + name: Build Dependencies Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-onedir'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + uses: ./.github/workflows/build-deps-onedir-windows.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-deps-onedir-macos: + name: Build Dependencies Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-onedir'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + uses: ./.github/workflows/build-deps-onedir-macos.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-salt-onedir-linux: + name: Build Salt Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-salt-onedir'] }} + needs: + - prepare-workflow + - build-deps-onedir-linux + - build-source-tarball + uses: ./.github/workflows/build-salt-onedir-linux.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-salt-onedir-windows: + name: Build Salt Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-salt-onedir'] }} + needs: + - prepare-workflow + - build-deps-onedir-windows + - build-source-tarball + uses: ./.github/workflows/build-salt-onedir-windows.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-salt-onedir-macos: + name: Build Salt Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-salt-onedir'] }} + needs: + - prepare-workflow + - build-deps-onedir-macos + - build-source-tarball + uses: ./.github/workflows/build-salt-onedir-macos.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "0.14.2" + python-version: "3.10.13" + + build-rpm-pkgs-onedir: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-rpm-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "onedir" + + build-rpm-pkgs-src: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-rpm-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "src" + + build-deb-pkgs-onedir: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deb-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "onedir" + + build-deb-pkgs-src: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deb-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "src" + + build-windows-pkgs-onedir: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-windows-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "onedir" + environment: staging + sign-packages: ${{ inputs.sign-windows-packages }} + secrets: inherit + + build-windows-pkgs-src: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-windows-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "src" + environment: staging + sign-packages: ${{ inputs.sign-windows-packages }} + secrets: inherit + + build-macos-pkgs-onedir: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-macos-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "onedir" + environment: staging + sign-packages: true + secrets: inherit + + build-macos-pkgs-src: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-macos-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "0.14.2" + python-version: "3.10.13" + source: "src" + environment: staging + sign-packages: true + secrets: inherit + + windows-2016-ci-deps: + name: Windows 2016 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: windows-2016 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + windows-2019-ci-deps: + name: Windows 2019 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: windows-2019 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + windows-2022-ci-deps: + name: Windows 2022 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-windows + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: windows-2022 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + macos-12-ci-deps: + name: macOS 12 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-deps-ci-action-macos.yml + with: + distro-slug: macos-12 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + macos-13-ci-deps: + name: macOS 13 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-deps-ci-action-macos.yml + with: + distro-slug: macos-13 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + macos-13-xlarge-ci-deps: + name: macOS 13 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-macos + uses: ./.github/workflows/build-deps-ci-action-macos.yml + with: + distro-slug: macos-13-xlarge + nox-session: ci-test-onedir + platform: darwin + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-8-ci-deps: + name: Alma Linux 8 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-8-arm64-ci-deps: + name: Alma Linux 8 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-8-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-9-ci-deps: + name: Alma Linux 9 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + almalinux-9-arm64-ci-deps: + name: Alma Linux 9 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: almalinux-9-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2-ci-deps: + name: Amazon Linux 2 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2-arm64-ci-deps: + name: Amazon Linux 2 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2023-ci-deps: + name: Amazon Linux 2023 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2023 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2023-arm64-ci-deps: + name: Amazon Linux 2023 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: amazonlinux-2023-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + archlinux-lts-ci-deps: + name: Arch Linux LTS Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: archlinux-lts + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centos-7-ci-deps: + name: CentOS 7 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centos-7 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centos-7-arm64-ci-deps: + name: CentOS 7 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centos-7-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-8-ci-deps: + name: CentOS Stream 8 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-8-arm64-ci-deps: + name: CentOS Stream 8 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-8-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-9-ci-deps: + name: CentOS Stream 9 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + centosstream-9-arm64-ci-deps: + name: CentOS Stream 9 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: centosstream-9-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-10-ci-deps: + name: Debian 10 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-10 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-11-ci-deps: + name: Debian 11 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-11 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-11-arm64-ci-deps: + name: Debian 11 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-11-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-12-ci-deps: + name: Debian 12 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-12 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + debian-12-arm64-ci-deps: + name: Debian 12 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: debian-12-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-37-ci-deps: + name: Fedora 37 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-37 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-37-arm64-ci-deps: + name: Fedora 37 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-37-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-38-ci-deps: + name: Fedora 38 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-38 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + fedora-38-arm64-ci-deps: + name: Fedora 38 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: fedora-38-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + opensuse-15-ci-deps: + name: Opensuse 15 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: opensuse-15 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-3-ci-deps: + name: Photon OS 3 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-3 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-3-arm64-ci-deps: + name: Photon OS 3 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-3-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-4-ci-deps: + name: Photon OS 4 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-4 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-4-arm64-ci-deps: + name: Photon OS 4 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-4-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-5-ci-deps: + name: Photon OS 5 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-5 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + photonos-5-arm64-ci-deps: + name: Photon OS 5 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: photonos-5-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2004-ci-deps: + name: Ubuntu 20.04 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-20.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2004-arm64-ci-deps: + name: Ubuntu 20.04 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-20.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2204-ci-deps: + name: Ubuntu 22.04 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-22.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + ubuntu-2204-arm64-ci-deps: + name: Ubuntu 22.04 Arm64 Deps + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-salt-onedir-linux + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: ubuntu-22.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + python-version: "3.10" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + + amazonlinux-2-pkg-tests: + name: Amazon Linux 2 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - amazonlinux-2-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: amazonlinux-2 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + amazonlinux-2-arm64-pkg-tests: + name: Amazon Linux 2 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - amazonlinux-2-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: amazonlinux-2-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + amazonlinux-2023-pkg-tests: + name: Amazon Linux 2023 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - amazonlinux-2023-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: amazonlinux-2023 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + amazonlinux-2023-arm64-pkg-tests: + name: Amazon Linux 2023 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - amazonlinux-2023-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: amazonlinux-2023-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + centos-7-pkg-tests: + name: CentOS 7 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - centos-7-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: centos-7 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + centosstream-8-pkg-tests: + name: CentOS Stream 8 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - centosstream-8-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: centosstream-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + centosstream-9-pkg-tests: + name: CentOS Stream 9 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - centosstream-9-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: centosstream-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + centosstream-9-arm64-pkg-tests: + name: CentOS Stream 9 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - centosstream-9-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: centosstream-9-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-10-pkg-tests: + name: Debian 10 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-10-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-10 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-11-pkg-tests: + name: Debian 11 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-11-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-11 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-11-arm64-pkg-tests: + name: Debian 11 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-11-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-11-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-12-pkg-tests: + name: Debian 12 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-12-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-12 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + debian-12-arm64-pkg-tests: + name: Debian 12 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - debian-12-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: debian-12-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + photonos-3-pkg-tests: + name: Photon OS 3 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-3-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-3 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + photonos-3-arm64-pkg-tests: + name: Photon OS 3 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-3-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-3-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + photonos-4-pkg-tests: + name: Photon OS 4 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-4-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-4 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + fips: true + + photonos-4-arm64-pkg-tests: + name: Photon OS 4 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-4-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-4-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + fips: true + + photonos-5-pkg-tests: + name: Photon OS 5 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-5-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-5 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + fips: true + + photonos-5-arm64-pkg-tests: + name: Photon OS 5 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + - photonos-5-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: photonos-5-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: rpm + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + fips: true + + ubuntu-2004-pkg-tests: + name: Ubuntu 20.04 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - ubuntu-2004-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: ubuntu-20.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + ubuntu-2004-arm64-pkg-tests: + name: Ubuntu 20.04 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - ubuntu-2004-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: ubuntu-20.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + ubuntu-2204-pkg-tests: + name: Ubuntu 22.04 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - ubuntu-2204-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: ubuntu-22.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + ubuntu-2204-arm64-pkg-tests: + name: Ubuntu 22.04 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-deb-pkgs-onedir + - ubuntu-2204-arm64-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: ubuntu-22.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: deb + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + macos-12-pkg-tests: + name: macOS 12 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-macos-pkgs-onedir + - macos-12-ci-deps + uses: ./.github/workflows/test-packages-action-macos.yml + with: + distro-slug: macos-12 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: macos + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + macos-13-pkg-tests: + name: macOS 13 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-macos-pkgs-onedir + - macos-13-ci-deps + uses: ./.github/workflows/test-packages-action-macos.yml + with: + distro-slug: macos-13 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: macos + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + macos-13-xlarge-pkg-tests: + name: macOS 13 Arm64 Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-macos-pkgs-onedir + - macos-13-xlarge-ci-deps + uses: ./.github/workflows/test-packages-action-macos.yml + with: + distro-slug: macos-13-xlarge + nox-session: ci-test-onedir + platform: darwin + arch: aarch64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: macos + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2016-nsis-pkg-tests: + name: Windows 2016 NSIS Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2016-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2016 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: NSIS + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2016-msi-pkg-tests: + name: Windows 2016 MSI Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2016-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2016 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: MSI + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2019-nsis-pkg-tests: + name: Windows 2019 NSIS Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2019-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2019 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: NSIS + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2019-msi-pkg-tests: + name: Windows 2019 MSI Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2019-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2019 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: MSI + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2022-nsis-pkg-tests: + name: Windows 2022 NSIS Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2022-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2022 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: NSIS + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2022-msi-pkg-tests: + name: Windows 2022 MSI Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - windows-2022-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: windows-2022 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: MSI + nox-version: 2022.8.7 + python-version: "3.10" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + windows-2016: + name: Windows 2016 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - windows-2016-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: windows-2016 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 210 || 360 }} + + windows-2019: + name: Windows 2019 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - windows-2019-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: windows-2019 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 210 || 360 }} + + windows-2022: + name: Windows 2022 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - windows-2022-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: windows-2022 + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 210 || 360 }} + + macos-12: + name: macOS 12 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - macos-12-ci-deps + uses: ./.github/workflows/test-action-macos.yml + with: + distro-slug: macos-12 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + macos-13: + name: macOS 13 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - macos-13-ci-deps + uses: ./.github/workflows/test-action-macos.yml + with: + distro-slug: macos-13 + nox-session: ci-test-onedir + platform: darwin + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + macos-13-xlarge: + name: macOS 13 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - macos-13-xlarge-ci-deps + uses: ./.github/workflows/test-action-macos.yml + with: + distro-slug: macos-13-xlarge + nox-session: ci-test-onedir + platform: darwin + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + almalinux-8: + name: Alma Linux 8 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - almalinux-8-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: almalinux-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + almalinux-9: + name: Alma Linux 9 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - almalinux-9-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: almalinux-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + amazonlinux-2: + name: Amazon Linux 2 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - amazonlinux-2-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: amazonlinux-2 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + amazonlinux-2-arm64: + name: Amazon Linux 2 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - amazonlinux-2-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: amazonlinux-2-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + amazonlinux-2023: + name: Amazon Linux 2023 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - amazonlinux-2023-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: amazonlinux-2023 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + amazonlinux-2023-arm64: + name: Amazon Linux 2023 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - amazonlinux-2023-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: amazonlinux-2023-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + archlinux-lts: + name: Arch Linux LTS Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - archlinux-lts-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: archlinux-lts + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + centos-7: + name: CentOS 7 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - centos-7-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: centos-7 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + centosstream-8: + name: CentOS Stream 8 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - centosstream-8-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: centosstream-8 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + centosstream-9: + name: CentOS Stream 9 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - centosstream-9-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: centosstream-9 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-10: + name: Debian 10 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-10-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-10 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-11: + name: Debian 11 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-11-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-11 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-11-arm64: + name: Debian 11 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-11-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-11-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-12: + name: Debian 12 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-12-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-12 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + debian-12-arm64: + name: Debian 12 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - debian-12-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: debian-12-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + fedora-37: + name: Fedora 37 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - fedora-37-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: fedora-37 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + fedora-38: + name: Fedora 38 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - fedora-38-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: fedora-38 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + opensuse-15: + name: Opensuse 15 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - opensuse-15-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: opensuse-15 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + photonos-3: + name: Photon OS 3 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-3-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-3 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + photonos-3-arm64: + name: Photon OS 3 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-3-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-3-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + photonos-4: + name: Photon OS 4 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-4-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-4 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + fips: true + + photonos-4-arm64: + name: Photon OS 4 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-4-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-4-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + fips: true + + photonos-5: + name: Photon OS 5 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-5-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-5 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + fips: true + + photonos-5-arm64: + name: Photon OS 5 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - photonos-5-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: photonos-5-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + fips: true + + ubuntu-2004: + name: Ubuntu 20.04 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - ubuntu-2004-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: ubuntu-20.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + ubuntu-2004-arm64: + name: Ubuntu 20.04 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - ubuntu-2004-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: ubuntu-20.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + ubuntu-2204: + name: Ubuntu 22.04 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - ubuntu-2204-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: ubuntu-22.04 + nox-session: ci-test-onedir + platform: linux + arch: x86_64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + ubuntu-2204-arm64: + name: Ubuntu 22.04 Arm64 Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - ubuntu-2204-arm64-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: ubuntu-22.04-arm64 + nox-session: ci-test-onedir + platform: linux + arch: aarch64 + nox-version: 2022.8.7 + gh-actions-python-version: "3.10" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + skip-code-coverage: true + skip-junit-reports: true + workflow-slug: staging + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && 180 || 360 }} + + build-src-repo: + name: Build Repository + environment: staging + runs-on: + - self-hosted + - linux + - repo-staging + needs: + - prepare-workflow + - build-source-tarball + strategy: + fail-fast: false + matrix: + pkg-type: + - src + + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download Source Tarball + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + run: | + tools pkg repo create src --key-id=64CBBC8173D76B3F \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Copy Files For Source Only Artifact Uploads + run: | + mkdir artifacts/src + find artifacts/pkgs/repo -type f -print -exec cp {} artifacts/src \; + + - name: Upload Standalone Repository As An Artifact + uses: actions/upload-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-staging-src-repo + path: | + artifacts/src/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz + artifacts/src/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz.* + artifacts/src/*-GPG-* + retention-days: 7 + if-no-files-found: error + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-staging-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: src-repo + + build-deb-repo: + name: Build Repository + environment: staging + runs-on: + - self-hosted + - linux + - repo-staging + needs: + - prepare-workflow + - build-deb-pkgs-onedir + strategy: + fail-fast: false + matrix: + include: + - pkg-type: deb + distro: debian + version: "10" + arch: x86_64 + - pkg-type: deb + distro: debian + version: "10" + arch: aarch64 + - pkg-type: deb + distro: debian + version: "11" + arch: x86_64 + - pkg-type: deb + distro: debian + version: "11" + arch: aarch64 + - pkg-type: deb + distro: debian + version: "12" + arch: x86_64 + - pkg-type: deb + distro: debian + version: "12" + arch: aarch64 + - pkg-type: deb + distro: ubuntu + version: "20.04" + arch: x86_64 + - pkg-type: deb + distro: ubuntu + version: "20.04" + arch: aarch64 + - pkg-type: deb + distro: ubuntu + version: "22.04" + arch: x86_64 + - pkg-type: deb + distro: ubuntu + version: "22.04" + arch: aarch64 + + steps: + - uses: actions/checkout@v4 + + - name: Download System Dependencies + run: | + sudo apt update + sudo apt install -y devscripts apt-utils + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download DEB Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-${{ matrix.arch }}-deb + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + run: | + tools pkg repo create deb --key-id=64CBBC8173D76B3F --distro-arch=${{ matrix.arch }} \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --distro=${{ matrix.distro }} --distro-version=${{ matrix.version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-staging-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: ${{ matrix.distro }}-${{ matrix.version }}-${{ matrix.arch }}-repo + + build-rpm-repo: + name: Build Repository + environment: staging + runs-on: + - self-hosted + - linux + - repo-staging + needs: + - prepare-workflow + - build-rpm-pkgs-onedir + strategy: + fail-fast: false + matrix: + include: + - pkg-type: rpm + distro: amazon + version: "2" + arch: x86_64 + - pkg-type: rpm + distro: amazon + version: "2" + arch: arm64 + - pkg-type: rpm + distro: amazon + version: "2" + arch: aarch64 + - pkg-type: rpm + distro: amazon + version: "2023" + arch: x86_64 + - pkg-type: rpm + distro: amazon + version: "2023" + arch: arm64 + - pkg-type: rpm + distro: amazon + version: "2023" + arch: aarch64 + - pkg-type: rpm + distro: redhat + version: "7" + arch: x86_64 + - pkg-type: rpm + distro: redhat + version: "7" + arch: arm64 + - pkg-type: rpm + distro: redhat + version: "7" + arch: aarch64 + - pkg-type: rpm + distro: redhat + version: "8" + arch: x86_64 + - pkg-type: rpm + distro: redhat + version: "8" + arch: arm64 + - pkg-type: rpm + distro: redhat + version: "8" + arch: aarch64 + - pkg-type: rpm + distro: redhat + version: "9" + arch: x86_64 + - pkg-type: rpm + distro: redhat + version: "9" + arch: arm64 + - pkg-type: rpm + distro: redhat + version: "9" + arch: aarch64 + - pkg-type: rpm + distro: fedora + version: "36" + arch: x86_64 + - pkg-type: rpm + distro: fedora + version: "36" + arch: arm64 + - pkg-type: rpm + distro: fedora + version: "36" + arch: aarch64 + - pkg-type: rpm + distro: fedora + version: "37" + arch: x86_64 + - pkg-type: rpm + distro: fedora + version: "37" + arch: arm64 + - pkg-type: rpm + distro: fedora + version: "37" + arch: aarch64 + - pkg-type: rpm + distro: fedora + version: "38" + arch: x86_64 + - pkg-type: rpm + distro: fedora + version: "38" + arch: arm64 + - pkg-type: rpm + distro: fedora + version: "38" + arch: aarch64 + - pkg-type: rpm + distro: photon + version: "3" + arch: x86_64 + - pkg-type: rpm + distro: photon + version: "3" + arch: arm64 + - pkg-type: rpm + distro: photon + version: "3" + arch: aarch64 + - pkg-type: rpm + distro: photon + version: "4" + arch: x86_64 + - pkg-type: rpm + distro: photon + version: "4" + arch: arm64 + - pkg-type: rpm + distro: photon + version: "4" + arch: aarch64 + - pkg-type: rpm + distro: photon + version: "5" + arch: x86_64 + - pkg-type: rpm + distro: photon + version: "5" + arch: arm64 + - pkg-type: rpm + distro: photon + version: "5" + arch: aarch64 + + steps: + - uses: actions/checkout@v4 + + - name: Download System Dependencies + run: | + sudo apt update + sudo apt install -y rpm + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download RPM Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-${{ matrix.arch == 'arm64' && 'aarch64' || matrix.arch }}-rpm + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + env: + SALT_REPO_USER: ${{ secrets.SALT_REPO_USER }} + SALT_REPO_PASS: ${{ secrets.SALT_REPO_PASS }} + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + run: | + tools pkg repo create rpm --key-id=64CBBC8173D76B3F --distro-arch=${{ matrix.arch }} \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --distro=${{ matrix.distro }} --distro-version=${{ matrix.version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-staging-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: ${{ matrix.distro }}-${{ matrix.version }}-${{ matrix.arch }}-repo + + build-windows-repo: + name: Build Repository + environment: staging + runs-on: + - self-hosted + - linux + - repo-staging + needs: + - prepare-workflow + - build-windows-pkgs-onedir + strategy: + fail-fast: false + matrix: + pkg-type: + - windows + + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download Windows NSIS x86 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-x86-NSIS + path: artifacts/pkgs/incoming + + - name: Download Windows MSI x86 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-x86-MSI + path: artifacts/pkgs/incoming + + - name: Download Windows NSIS amd64 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-amd64-NSIS + path: artifacts/pkgs/incoming + + - name: Download Windows MSI amd64 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-amd64-MSI + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + run: | + tools pkg repo create windows --key-id=64CBBC8173D76B3F \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-staging-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: windows-repo + + build-macos-repo: + name: Build Repository + environment: staging + runs-on: + - self-hosted + - linux + - repo-staging + needs: + - prepare-workflow + - build-macos-pkgs-onedir + strategy: + fail-fast: false + matrix: + pkg-type: + - macos + + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download macOS x86_64 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-x86_64-macos + path: artifacts/pkgs/incoming + + - name: Download macOS Arch64 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-aarch64-macos + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + run: | + tools pkg repo create macos --key-id=64CBBC8173D76B3F \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-staging-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: macos-repo + + build-onedir-repo: + name: Build Repository + environment: staging + runs-on: + - self-hosted + - linux + - repo-staging + needs: + - prepare-workflow + - build-salt-onedir-linux + - build-salt-onedir-macos + - build-salt-onedir-windows + strategy: + fail-fast: false + matrix: + pkg-type: + - onedir + + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download Linux x86_64 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-linux-x86_64.tar.xz + path: artifacts/pkgs/incoming + + - name: Download Linux aarch64 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-linux-aarch64.tar.xz + path: artifacts/pkgs/incoming + + - name: Download macOS x86_64 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-darwin-x86_64.tar.xz + path: artifacts/pkgs/incoming + + - name: Download macOS arm64 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-darwin-aarch64.tar.xz + path: artifacts/pkgs/incoming + + - name: Download Windows amd64 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-windows-amd64.tar.xz + path: artifacts/pkgs/incoming + + - name: Download Windows amd64 Onedir Archive(zip) + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-windows-amd64.zip + path: artifacts/pkgs/incoming + + - name: Download Windows x86 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-windows-x86.tar.xz + path: artifacts/pkgs/incoming + + - name: Download Windows amd64 Onedir Archive(zip) + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-windows-x86.zip + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + run: | + tools pkg repo create onedir --key-id=64CBBC8173D76B3F \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-staging-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: onedir-repo + + publish-repositories: + name: Publish Repositories + if: ${{ always() && ! failure() && ! cancelled() }} + runs-on: + - self-hosted + - linux + - repo-staging + environment: staging + needs: + - prepare-workflow + - build-src-repo + - build-deb-repo + - build-rpm-repo + - build-windows-repo + - build-macos-repo + - build-onedir-repo + + steps: + - uses: actions/checkout@v4 + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Download Repository Artifact + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-staging-repo + path: repo/ + + - name: Decompress Repository Artifacts + run: | + find repo/ -type f -name '*.tar.gz' -print -exec tar xvf {} \; + find repo/ -type f -name '*.tar.gz' -print -exec rm -f {} \; + + - name: Show Repository + run: | + tree -a artifacts/pkgs/repo/ + + - name: Upload Repository Contents (staging) + env: + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + run: | + tools pkg repo publish staging --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} artifacts/pkgs/repo/ + + upload-release-artifacts: + name: Upload Release Artifacts + needs: + - prepare-workflow + - build-docs + - build-src-repo + environment: staging + runs-on: + - self-hosted + - linux + - repo-staging + steps: + - uses: actions/checkout@v4 + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Download Release Patch + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + path: artifacts/release + + - name: Download Source Repository + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-staging-src-repo + path: artifacts/release + + - name: Download Release Documentation (HTML) + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-docs-html.tar.xz + path: artifacts/release + + - name: Download Release Documentation (ePub) + uses: actions/download-artifact@v3 + with: + name: Salt-${{ needs.prepare-workflow.outputs.salt-version }}.epub + path: artifacts/release + + - name: Show Release Artifacts + run: | + tree -a artifacts/release + + - name: Upload Release Artifacts + run: | + tools release upload-artifacts ${{ needs.prepare-workflow.outputs.salt-version }} artifacts/release + + - name: Upload PyPi Artifacts + uses: actions/upload-artifact@v3 + with: + name: pypi-artifacts + path: | + artifacts/release/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz + artifacts/release/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz.asc + retention-days: 7 + if-no-files-found: error + + pkg-download-tests: + name: Package Downloads + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg-download'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - publish-repositories + - almalinux-8-arm64-ci-deps + - almalinux-8-ci-deps + - almalinux-9-arm64-ci-deps + - almalinux-9-ci-deps + - amazonlinux-2-arm64-ci-deps + - amazonlinux-2-ci-deps + - amazonlinux-2023-arm64-ci-deps + - amazonlinux-2023-ci-deps + - centos-7-arm64-ci-deps + - centos-7-ci-deps + - centosstream-8-arm64-ci-deps + - centosstream-8-ci-deps + - centosstream-9-arm64-ci-deps + - centosstream-9-ci-deps + - debian-10-ci-deps + - debian-11-arm64-ci-deps + - debian-11-ci-deps + - debian-12-arm64-ci-deps + - debian-12-ci-deps + - fedora-37-arm64-ci-deps + - fedora-37-ci-deps + - fedora-38-arm64-ci-deps + - fedora-38-ci-deps + - macos-12-ci-deps + - macos-13-ci-deps + - macos-13-xlarge-ci-deps + - photonos-3-arm64-ci-deps + - photonos-3-ci-deps + - photonos-4-arm64-ci-deps + - photonos-4-ci-deps + - photonos-5-arm64-ci-deps + - photonos-5-ci-deps + - ubuntu-2004-arm64-ci-deps + - ubuntu-2004-ci-deps + - ubuntu-2204-arm64-ci-deps + - ubuntu-2204-ci-deps + - windows-2022-ci-deps + - build-salt-onedir-linux + - build-salt-onedir-macos + - build-salt-onedir-windows + uses: ./.github/workflows/test-package-downloads-action.yml + with: + nox-session: ci-test-onedir + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.13 + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + environment: staging + nox-version: 2022.8.7 + python-version: "3.10" + skip-code-coverage: true + latest-release: "${{ needs.prepare-workflow.outputs.latest-release }}" + secrets: inherit + + publish-pypi: + name: Publish to PyPi(test) + if: ${{ inputs.skip-test-pypi-publish != true && github.event.repository.fork != true }} + needs: + - prepare-workflow + - upload-release-artifacts + - windows-2016-ci-deps + - windows-2019-ci-deps + - windows-2022-ci-deps + - macos-12-ci-deps + - macos-13-ci-deps + - macos-13-xlarge-ci-deps + - almalinux-8-ci-deps + - almalinux-8-arm64-ci-deps + - almalinux-9-ci-deps + - almalinux-9-arm64-ci-deps + - amazonlinux-2-ci-deps + - amazonlinux-2-arm64-ci-deps + - amazonlinux-2023-ci-deps + - amazonlinux-2023-arm64-ci-deps + - archlinux-lts-ci-deps + - centos-7-ci-deps + - centos-7-arm64-ci-deps + - centosstream-8-ci-deps + - centosstream-8-arm64-ci-deps + - centosstream-9-ci-deps + - centosstream-9-arm64-ci-deps + - debian-10-ci-deps + - debian-11-ci-deps + - debian-11-arm64-ci-deps + - debian-12-ci-deps + - debian-12-arm64-ci-deps + - fedora-37-ci-deps + - fedora-37-arm64-ci-deps + - fedora-38-ci-deps + - fedora-38-arm64-ci-deps + - opensuse-15-ci-deps + - photonos-3-ci-deps + - photonos-3-arm64-ci-deps + - photonos-4-ci-deps + - photonos-4-arm64-ci-deps + - photonos-5-ci-deps + - photonos-5-arm64-ci-deps + - ubuntu-2004-ci-deps + - ubuntu-2004-arm64-ci-deps + - ubuntu-2204-ci-deps + - ubuntu-2204-arm64-ci-deps + - windows-2016 + - windows-2019 + - windows-2022 + - macos-12 + - macos-13 + - macos-13-xlarge + - almalinux-8 + - almalinux-9 + - amazonlinux-2 + - amazonlinux-2-arm64 + - amazonlinux-2023 + - amazonlinux-2023-arm64 + - archlinux-lts + - centos-7 + - centosstream-8 + - centosstream-9 + - debian-10 + - debian-11 + - debian-11-arm64 + - debian-12 + - debian-12-arm64 + - fedora-37 + - fedora-38 + - opensuse-15 + - photonos-3 + - photonos-3-arm64 + - photonos-4 + - photonos-4-arm64 + - photonos-5 + - photonos-5-arm64 + - ubuntu-2004 + - ubuntu-2004-arm64 + - ubuntu-2204 + - ubuntu-2204-arm64 + - amazonlinux-2-pkg-tests + - amazonlinux-2-arm64-pkg-tests + - amazonlinux-2023-pkg-tests + - amazonlinux-2023-arm64-pkg-tests + - centos-7-pkg-tests + - centosstream-8-pkg-tests + - centosstream-9-pkg-tests + - centosstream-9-arm64-pkg-tests + - debian-10-pkg-tests + - debian-11-pkg-tests + - debian-11-arm64-pkg-tests + - debian-12-pkg-tests + - debian-12-arm64-pkg-tests + - photonos-3-pkg-tests + - photonos-3-arm64-pkg-tests + - photonos-4-pkg-tests + - photonos-4-arm64-pkg-tests + - photonos-5-pkg-tests + - photonos-5-arm64-pkg-tests + - ubuntu-2004-pkg-tests + - ubuntu-2004-arm64-pkg-tests + - ubuntu-2204-pkg-tests + - ubuntu-2204-arm64-pkg-tests + - macos-12-pkg-tests + - macos-13-pkg-tests + - macos-13-xlarge-pkg-tests + - windows-2016-nsis-pkg-tests + - windows-2016-msi-pkg-tests + - windows-2019-nsis-pkg-tests + - windows-2019-msi-pkg-tests + - windows-2022-nsis-pkg-tests + - windows-2022-msi-pkg-tests + - pkg-download-tests + environment: staging + runs-on: + - self-hosted + - linux + - repo-staging + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + id: get-secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + TWINE_PASSWORD=$(aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/publishing/publish-test-pypi \ + --query SecretString --output text | jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "$SECRETS_KEY_FILE" -d -) + echo "::add-mask::$TWINE_PASSWORD" + echo "twine-password=$TWINE_PASSWORD" >> "${GITHUB_OUTPUT}" + + - name: Download PyPi Artifacts + uses: actions/download-artifact@v3 + with: + name: pypi-artifacts + path: artifacts/release + + - name: Publish to Test PyPi + env: + TWINE_PASSWORD: "${{ steps.get-secrets.outputs.twine-password }}" + run: | + tools pkg pypi-upload --test artifacts/release/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz + + set-pipeline-exit-status: + # This step is just so we can make github require this step, to pass checks + # on a pull request instead of requiring all + name: Set the ${{ github.workflow }} Pipeline Exit Status + if: always() + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + needs: + - check-requirements + - prepare-workflow + - pre-commit + - lint + - build-docs + - build-deps-onedir-linux + - build-deps-onedir-windows + - build-deps-onedir-macos + - build-salt-onedir-linux + - build-salt-onedir-windows + - build-salt-onedir-macos + - build-rpm-pkgs-src + - build-deb-pkgs-src + - build-windows-pkgs-src + - build-macos-pkgs-src + - publish-repositories + - upload-release-artifacts + - pkg-download-tests + - publish-pypi + steps: + - name: Get workflow information + id: get-workflow-info + uses: technote-space/workflow-conclusion-action@v3 + + - name: Set Pipeline Exit Status + shell: bash + run: | + if [ "${{ steps.get-workflow-info.outputs.conclusion }}" != "success" ]; then + exit 1 + else + exit 0 + fi + + - name: Done + if: always() + run: + echo "All worflows finished" diff --git a/.github/workflows/templates/README.md b/.github/workflows/templates/README.md new file mode 100644 index 00000000..3e5f5a87 --- /dev/null +++ b/.github/workflows/templates/README.md @@ -0,0 +1,20 @@ +# Workflow Templates + +The templates are used to generate the actual workflows that run on GitHub Actions. +They use [Jinja2](https://jinja.palletsprojects.com) as the template engine. + +## To Note + +Let's try to keep the Jinja usage to the bare minimum because, as time passes, +the complexity just piles up making it harder to read and interpret the templates. + +### Changes To Default Jinja Syntax + +By default Jinja uses `{% ... %}`, `{{ ... }}`, `{# ... #}`, etc to do it's magic. +In order not to clash with the GitHub Actions syntax, and to also avoid having to +add bunch of `{% raw %} ... {% endraw %}` blocks, we changed some things: + +* Instead of `{%` and `%}` use `<%` and `%>` +* Instead of `{{` and `}}` use `<{` and `}>` + +The rest of Jinja2 defaults apply. diff --git a/.github/workflows/templates/build-ci-deps.yml.jinja b/.github/workflows/templates/build-ci-deps.yml.jinja new file mode 100644 index 00000000..eb3622eb --- /dev/null +++ b/.github/workflows/templates/build-ci-deps.yml.jinja @@ -0,0 +1,86 @@ + + <%- for slug, display_name, arch in build_ci_deps_listing["windows"] %> + + <{ slug.replace(".", "") }>-ci-deps: + <%- do test_salt_needs.append(slug.replace(".", "") + "-ci-deps") %> + name: <{ display_name }> Deps + <%- if workflow_slug != 'release' %> + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + <%- endif %> + needs: + - prepare-workflow + <%- if workflow_slug != 'release' %> + - build-salt-onedir-windows + <%- else %> + - download-onedir-artifact + <%- endif %> + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: <{ slug }> + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: <{ nox_version }> + python-version: "<{ gh_actions_workflows_python_version }>" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|<{ python_version }> + + <%- endfor %> + + + <%- for slug, display_name, arch in build_ci_deps_listing["macos"] %> + + <{ slug.replace(".", "") }>-ci-deps: + <%- do test_salt_needs.append(slug.replace(".", "") + "-ci-deps") %> + name: <{ display_name }> Deps + <%- if workflow_slug != 'release' %> + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + <%- endif %> + needs: + - prepare-workflow + <%- if workflow_slug != 'release' %> + - build-salt-onedir-macos + <%- else %> + - download-onedir-artifact + <%- endif %> + uses: ./.github/workflows/build-deps-ci-action-macos.yml + with: + distro-slug: <{ slug }> + nox-session: ci-test-onedir + platform: darwin + arch: <{ arch }> + nox-version: <{ nox_version }> + python-version: "<{ gh_actions_workflows_python_version }>" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|<{ python_version }> + + <%- endfor %> + + + <%- for slug, display_name, arch in build_ci_deps_listing["linux"] %> + + <{ slug.replace(".", "") }>-ci-deps: + <%- do test_salt_needs.append(slug.replace(".", "") + "-ci-deps") %> + name: <{ display_name }> Deps + <%- if workflow_slug != 'release' %> + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-deps-ci'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + <%- endif %> + needs: + - prepare-workflow + <%- if workflow_slug != 'release' %> + - build-salt-onedir-linux + <%- else %> + - download-onedir-artifact + <%- endif %> + uses: ./.github/workflows/build-deps-ci-action.yml + with: + distro-slug: <{ slug }> + nox-session: ci-test-onedir + platform: linux + arch: <{ arch }> + nox-version: <{ nox_version }> + python-version: "<{ gh_actions_workflows_python_version }>" + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|<{ python_version }> + + <%- endfor %> diff --git a/.github/workflows/templates/build-deb-repo.yml.jinja b/.github/workflows/templates/build-deb-repo.yml.jinja new file mode 100644 index 00000000..8d9c0544 --- /dev/null +++ b/.github/workflows/templates/build-deb-repo.yml.jinja @@ -0,0 +1,96 @@ + + strategy: + fail-fast: false + matrix: + include: + <%- for distro, version, arch in ( + ("debian", "10", "x86_64"), + ("debian", "10", "aarch64"), + ("debian", "11", "x86_64"), + ("debian", "11", "aarch64"), + ("debian", "12", "x86_64"), + ("debian", "12", "aarch64"), + ("ubuntu", "20.04", "x86_64"), + ("ubuntu", "20.04", "aarch64"), + ("ubuntu", "22.04", "x86_64"), + ("ubuntu", "22.04", "aarch64"), + ) %> + - pkg-type: deb + distro: <{ distro }> + version: "<{ version }>" + arch: <{ arch }> + <%- endfor %> + + steps: + - uses: actions/checkout@v4 + + - name: Download System Dependencies + run: | + sudo apt update + sudo apt install -y devscripts apt-utils + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download DEB Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-${{ matrix.arch }}-deb + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + run: | + tools pkg repo create deb --key-id=<{ gpg_key_id }> --distro-arch=${{ matrix.arch }} <% if gh_environment == 'nightly' -%> --nightly-build-from=${{ github.ref_name }} <%- endif %> \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --distro=${{ matrix.distro }} --distro-version=${{ matrix.version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-<{ gh_environment }>-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: ${{ matrix.distro }}-${{ matrix.version }}-${{ matrix.arch }}-repo diff --git a/.github/workflows/templates/build-macos-repo.yml.jinja b/.github/workflows/templates/build-macos-repo.yml.jinja new file mode 100644 index 00000000..c8127d0a --- /dev/null +++ b/.github/workflows/templates/build-macos-repo.yml.jinja @@ -0,0 +1,80 @@ + + strategy: + fail-fast: false + matrix: + pkg-type: + - macos + + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download macOS x86_64 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-x86_64-macos + path: artifacts/pkgs/incoming + + - name: Download macOS Arch64 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-aarch64-macos + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + run: | + tools pkg repo create macos --key-id=<{ gpg_key_id }> <% if gh_environment == 'nightly' -%> --nightly-build-from=${{ github.ref_name }} <%- endif %> \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-<{ gh_environment }>-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: macos-repo diff --git a/.github/workflows/templates/build-onedir-repo.yml.jinja b/.github/workflows/templates/build-onedir-repo.yml.jinja new file mode 100644 index 00000000..8e51caa9 --- /dev/null +++ b/.github/workflows/templates/build-onedir-repo.yml.jinja @@ -0,0 +1,116 @@ + + strategy: + fail-fast: false + matrix: + pkg-type: + - onedir + + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download Linux x86_64 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-linux-x86_64.tar.xz + path: artifacts/pkgs/incoming + + - name: Download Linux aarch64 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-linux-aarch64.tar.xz + path: artifacts/pkgs/incoming + + - name: Download macOS x86_64 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-darwin-x86_64.tar.xz + path: artifacts/pkgs/incoming + + - name: Download macOS arm64 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-darwin-aarch64.tar.xz + path: artifacts/pkgs/incoming + + - name: Download Windows amd64 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-windows-amd64.tar.xz + path: artifacts/pkgs/incoming + + - name: Download Windows amd64 Onedir Archive(zip) + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-windows-amd64.zip + path: artifacts/pkgs/incoming + + - name: Download Windows x86 Onedir Archive + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-windows-x86.tar.xz + path: artifacts/pkgs/incoming + + - name: Download Windows amd64 Onedir Archive(zip) + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-onedir-windows-x86.zip + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + run: | + tools pkg repo create onedir --key-id=<{ gpg_key_id }> <% if gh_environment == 'nightly' -%> --nightly-build-from=${{ github.ref_name }} <%- endif %> \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-<{ gh_environment }>-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: onedir-repo diff --git a/.github/workflows/templates/build-packages.yml.jinja b/.github/workflows/templates/build-packages.yml.jinja new file mode 100644 index 00000000..b5086a75 --- /dev/null +++ b/.github/workflows/templates/build-packages.yml.jinja @@ -0,0 +1,38 @@ +<%- for platform, pkg_type, display_name, runner_type in ( + ("linux", "rpm", "RPM", "self-hosted"), + ("linux", "deb", "DEB", "self-hosted"), + ("windows", "windows", "Windows", "github-hosted"), + ("macos", "macos", "macOS", "github-hosted"), + ) %> + + <%- for backend in ("onedir", "src") %> + <%- set job_name = "build-{}-pkgs-{}".format(pkg_type, backend) %> + <%- if backend == "src" %> + <%- do conclusion_needs.append(job_name) %> + <%- endif %> + + <{ job_name }>: + name: Build Packages + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['build-pkgs'] && fromJSON(needs.prepare-workflow.outputs.runners)['<{ runner_type }>'] }} + needs: + - prepare-workflow + - build-salt-onedir-<{ platform }> + uses: ./.github/workflows/build-<{ pkg_type }>-packages.yml + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + relenv-version: "<{ relenv_version }>" + python-version: "<{ python_version }>" + source: "<{ backend }>" + <%- if pkg_type in ("macos", "windows") and gh_environment %> + environment: <{ gh_environment }> + <%- if pkg_type == "macos" %> + sign-packages: true + <%- else %> + sign-packages: <% if gh_environment == 'nightly' -%> false <%- else -%> ${{ inputs.sign-windows-packages }} <%- endif %> + <%- endif %> + secrets: inherit + <%- endif %> + + <%- endfor %> +<%- endfor %> diff --git a/.github/workflows/templates/build-repos.yml.jinja b/.github/workflows/templates/build-repos.yml.jinja new file mode 100644 index 00000000..58c413cf --- /dev/null +++ b/.github/workflows/templates/build-repos.yml.jinja @@ -0,0 +1,34 @@ +<%- for type, display_name in ( + ("src", "Source"), + ("deb", "DEB"), + ("rpm", "RPM"), + ("windows", "Windows"), + ("macos", "macOS"), + ("onedir", "Onedir"), + ) %> + + <%- set job_name = "build-{}-repo".format(type) %> + <%- do build_repo_needs.append(job_name) %> + + <{ job_name }>: + name: Build Repository + environment: <{ gh_environment }> + runs-on: + - self-hosted + - linux + - repo-<{ gh_environment }> + needs: + - prepare-workflow + <%- if type not in ("src", "onedir") %> + - build-<{ type }>-pkgs-onedir + <%- elif type == 'onedir' %> + - build-salt-onedir-linux + - build-salt-onedir-macos + - build-salt-onedir-windows + <%- elif type == 'src' %> + - build-source-tarball + <%- endif %> + + <%- include "build-{}-repo.yml.jinja".format(type) %> + +<%- endfor %> diff --git a/.github/workflows/templates/build-rpm-repo.yml.jinja b/.github/workflows/templates/build-rpm-repo.yml.jinja new file mode 100644 index 00000000..7e99a968 --- /dev/null +++ b/.github/workflows/templates/build-rpm-repo.yml.jinja @@ -0,0 +1,126 @@ + + strategy: + fail-fast: false + matrix: + include: + <%- for distro, version, arch in ( + ("amazon", "2", "x86_64"), + ("amazon", "2", "arm64"), + ("amazon", "2", "aarch64"), + ("amazon", "2023", "x86_64"), + ("amazon", "2023", "arm64"), + ("amazon", "2023", "aarch64"), + ("redhat", "7", "x86_64"), + ("redhat", "7", "arm64"), + ("redhat", "7", "aarch64"), + ("redhat", "8", "x86_64"), + ("redhat", "8", "arm64"), + ("redhat", "8", "aarch64"), + ("redhat", "9", "x86_64"), + ("redhat", "9", "arm64"), + ("redhat", "9", "aarch64"), + ("fedora", "36", "x86_64"), + ("fedora", "36", "arm64"), + ("fedora", "36", "aarch64"), + ("fedora", "37", "x86_64"), + ("fedora", "37", "arm64"), + ("fedora", "37", "aarch64"), + ("fedora", "38", "x86_64"), + ("fedora", "38", "arm64"), + ("fedora", "38", "aarch64"), + ("photon", "3", "x86_64"), + ("photon", "3", "arm64"), + ("photon", "3", "aarch64"), + ("photon", "4", "x86_64"), + ("photon", "4", "arm64"), + ("photon", "4", "aarch64"), + ("photon", "5", "x86_64"), + ("photon", "5", "arm64"), + ("photon", "5", "aarch64"), + ) %> + - pkg-type: rpm + distro: <{ distro }> + version: "<{ version }>" + arch: <{ arch }> + <%- endfor %> + + steps: + - uses: actions/checkout@v4 + + - name: Download System Dependencies + run: | + sudo apt update + sudo apt install -y rpm + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download RPM Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-${{ matrix.arch == 'arm64' && 'aarch64' || matrix.arch }}-rpm + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + env: + <%- if gh_environment == 'staging' %> + SALT_REPO_USER: ${{ secrets.SALT_REPO_USER }} + SALT_REPO_PASS: ${{ secrets.SALT_REPO_PASS }} + <%- endif %> + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + run: | + tools pkg repo create rpm --key-id=<{ gpg_key_id }> --distro-arch=${{ matrix.arch }} <% if gh_environment == 'nightly' -%> --nightly-build-from=${{ github.ref_name }} <%- endif %> \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --distro=${{ matrix.distro }} --distro-version=${{ matrix.version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-<{ gh_environment }>-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: ${{ matrix.distro }}-${{ matrix.version }}-${{ matrix.arch }}-repo diff --git a/.github/workflows/templates/build-src-repo.yml.jinja b/.github/workflows/templates/build-src-repo.yml.jinja new file mode 100644 index 00000000..437da330 --- /dev/null +++ b/.github/workflows/templates/build-src-repo.yml.jinja @@ -0,0 +1,90 @@ + + strategy: + fail-fast: false + matrix: + pkg-type: + - src + + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download Source Tarball + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + run: | + tools pkg repo create src --key-id=<{ gpg_key_id }> <% if gh_environment == 'nightly' -%> --nightly-build-from=${{ github.ref_name }} <%- endif %> \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Copy Files For Source Only Artifact Uploads + run: | + mkdir artifacts/src + find artifacts/pkgs/repo -type f -print -exec cp {} artifacts/src \; + + - name: Upload Standalone Repository As An Artifact + uses: actions/upload-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-<{ gh_environment }>-src-repo + path: | + artifacts/src/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz + artifacts/src/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz.* + artifacts/src/*-GPG-* + retention-days: 7 + if-no-files-found: error + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-<{ gh_environment }>-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: src-repo diff --git a/.github/workflows/templates/build-windows-repo.yml.jinja b/.github/workflows/templates/build-windows-repo.yml.jinja new file mode 100644 index 00000000..a86daf7f --- /dev/null +++ b/.github/workflows/templates/build-windows-repo.yml.jinja @@ -0,0 +1,92 @@ + + strategy: + fail-fast: false + matrix: + pkg-type: + - windows + + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download Windows NSIS x86 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-x86-NSIS + path: artifacts/pkgs/incoming + + - name: Download Windows MSI x86 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-x86-MSI + path: artifacts/pkgs/incoming + + - name: Download Windows NSIS amd64 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-amd64-NSIS + path: artifacts/pkgs/incoming + + - name: Download Windows MSI amd64 Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-amd64-MSI + path: artifacts/pkgs/incoming + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Create Repository Path + run: | + mkdir -p artifacts/pkgs/repo + + - name: Create Repository + run: | + tools pkg repo create windows --key-id=<{ gpg_key_id }> <% if gh_environment == 'nightly' -%> --nightly-build-from=${{ github.ref_name }} <%- endif %> \ + --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} \ + --incoming=artifacts/pkgs/incoming --repo-path=artifacts/pkgs/repo + + - name: Upload Repository As An Artifact + uses: ./.github/actions/upload-artifact + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-<{ gh_environment }>-repo + path: artifacts/pkgs/repo/* + retention-days: 7 + if-no-files-found: error + archive-name: windows-repo diff --git a/.github/workflows/templates/ci.yml.jinja b/.github/workflows/templates/ci.yml.jinja new file mode 100644 index 00000000..68deffc9 --- /dev/null +++ b/.github/workflows/templates/ci.yml.jinja @@ -0,0 +1,440 @@ +<%- extends 'layout.yml.jinja' %> +<%- set pre_commit_version = "3.0.4" %> + + +<%- block jobs %> + <{- super() }> + + <%- set job_name = "pre-commit" %> + <%- if includes.get(job_name, True) %> + <{ job_name }>: + <%- do conclusion_needs.append(job_name) %> + name: Pre-Commit + if: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + uses: ./.github/workflows/pre-commit-action.yml + needs: + - prepare-workflow + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + changed-files: ${{ needs.prepare-workflow.outputs.changed-files }} + pre-commit-version: "<{ pre_commit_version }>" + + <%- endif %> + + + <%- set job_name = "lint" %> + <%- if includes.get(job_name, True) %> + + lint: + <%- do conclusion_needs.append('lint') %> + name: Lint + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['<{ job_name }>'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + uses: ./.github/workflows/lint-action.yml + needs: + - prepare-workflow + with: + changed-files: ${{ needs.prepare-workflow.outputs.changed-files }} + + <%- endif %> + + + <%- set job_name = "prepare-release" %> + <%- if includes.get(job_name, True) %> + + <{ job_name }>: + name: "Prepare Release: ${{ needs.prepare-workflow.outputs.salt-version }}" + <%- if prepare_actual_release %> + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['<{ job_name }>'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + runs-on: + - self-hosted + - linux + - medium + - x86_64 + <%- else %> + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['<{ job_name }>'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "medium", "x86_64"]') || 'ubuntu-latest' }} + <%- endif %> + needs: + - prepare-workflow + steps: + - uses: actions/checkout@v4 + + <%- if not prepare_actual_release %> + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + <%- endif %> + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}-changelog + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + <%- if prepare_actual_release %> + release: true + <%- endif %> + + - name: Update Debian changelog + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools changelog update-deb --draft + tools changelog update-deb + + - name: Update RPM changelog + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools changelog update-rpm --draft + tools changelog update-rpm + + - name: Create Release Notes Template + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + if [ "${{ needs.prepare-workflow.outputs.release-changelog-target }}" == "next-major-release" ]; then + tools changelog update-release-notes --next-release --template-only + else + tools changelog update-release-notes --template-only + fi + + - name: Update Release Notes + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + if [ "${{ needs.prepare-workflow.outputs.release-changelog-target }}" == "next-major-release" ]; then + tools changelog update-release-notes --draft <%- if prepare_actual_release %> --release <%- endif %> --next-release + tools changelog update-release-notes <%- if prepare_actual_release %> --release <%- endif %> --next-release + else + tools changelog update-release-notes --draft <%- if prepare_actual_release %> --release <%- endif %> + tools changelog update-release-notes <%- if prepare_actual_release %> --release <%- endif %> + fi + + - name: Generate MAN Pages + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + env: + LATEST_RELEASE: "${{ needs.prepare-workflow.outputs.salt-version }}" + SALT_ON_SALTSTACK: "1" + run: | + tools docs man + + - name: Update Changelog + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + tools changelog update-changelog-md --draft + tools changelog update-changelog-md + + - name: Show Changes Diff + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + git diff --color + + - name: Configure Git + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + git config --global user.name "Salt Project Packaging" + git config --global user.email saltproject-packaging@vmware.com + + - name: Setup Pre-Commit + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + uses: ./.github/actions/setup-pre-commit + with: + version: "<{ pre_commit_version }>" + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Commit Changes + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + env: + SKIP: lint-salt,lint-tests + PRE_COMMIT_COLOR: always + run: | + # Run it twice so that pre-commit can fix anything that can be automatically fixed. + git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}" || \ + git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}" + + - name: Create release changes patch + shell: bash + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + run: | + git format-patch --keep-subject --binary --stdout HEAD^ > salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + + - name: Upload Changes Diff Artifact + uses: actions/upload-artifact@v3 + if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + path: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + retention-days: 7 + if-no-files-found: error + + <%- endif %> + + + <%- set job_name = "build-docs" %> + <%- if includes.get(job_name, True) %> + + <{ job_name }>: + <%- do conclusion_needs.append(job_name) %> + name: Documentation + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['<{ job_name }>'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-source-tarball + uses: ./.github/workflows/build-docs.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + <%- endif %> + + + <%- set job_name = "build-source-tarball" %> + <%- if includes.get(job_name, True) %> + + <{ job_name }>: + name: Build Source Tarball + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['<{ job_name }>'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - prepare-release + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "medium", "x86_64"]') || 'ubuntu-latest' }} + steps: + - uses: actions/checkout@v4 + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}-build + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + - name: Build Source Tarball + uses: ./.github/actions/build-source-tarball + with: + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + + <%- endif %> + + + <%- set job_name = "build-deps-onedir" %> + <%- if includes.get(job_name, True) %> + <%- for platform in ("linux", "windows", "macos") %> + <%- set platform_job_name = "{}-{}".format(job_name, platform) %> + + <{ platform_job_name }>: + <%- do conclusion_needs.append(platform_job_name) %> + name: Build Dependencies Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['<{ job_name }>'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + uses: ./.github/workflows/build-deps-onedir-<{ platform }>.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "<{ relenv_version }>" + python-version: "<{ python_version }>" + + <%- endfor %> + <%- endif %> + + + <%- set job_name = "build-salt-onedir" %> + <%- if includes.get(job_name, True) %> + <%- for platform in ("linux", "windows", "macos") %> + <%- set platform_job_name = "{}-{}".format(job_name, platform) %> + + <{ platform_job_name }>: + <%- do conclusion_needs.append(platform_job_name) %> + name: Build Salt Onedir + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['<{ job_name }>'] }} + needs: + - prepare-workflow + - build-deps-onedir-<{ platform }> + - build-source-tarball + uses: ./.github/workflows/build-salt-onedir-<{ platform }>.yml + with: + cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + self-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + github-hosted-runners: ${{ fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + relenv-version: "<{ relenv_version }>" + python-version: "<{ python_version }>" + + <%- endfor %> + <%- endif %> + + + <%- set job_name = "build-pkgs" %> + <%- if includes.get(job_name, True) %> + <%- include "build-packages.yml.jinja" %> + <%- endif %> + + <%- set pkg_tests_job_name = "pkg-tests" %> + <%- set salt_tests_job_name = "salt-tests" %> + <%- if includes.get(pkg_tests_job_name, True) or includes.get(salt_tests_job_name, True) %> + <%- include "build-ci-deps.yml.jinja" %> + <%- endif %> + + <%- if includes.get(pkg_tests_job_name, True) %> + <%- include "test-salt-pkg.yml.jinja" %> + <%- endif %> + + + <%- if includes.get(salt_tests_job_name, True) %> + <%- include "test-salt.yml.jinja" %> + <%- endif %> + + <%- if skip_test_coverage_check == "false" or "skip_code_coverage" in skip_test_coverage_check %> + + combine-all-code-coverage: + <%- do conclusion_needs.append("combine-all-code-coverage") %> + name: Combine Code Coverage + if: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] == false }} + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + needs: + - prepare-workflow + <%- for need in test_salt_needs.iter(consume=False) %> + - <{ need }> + <%- endfor %> + steps: + - uses: actions/checkout@v4 + + - name: Set up Python 3.10 + if: ${{ github.event.repository.private == false }} + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + id: python-tools-scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}-coverage + + - name: Install Nox + run: | + python3 -m pip install 'nox==<{ nox_version }>' + +{# We can't yet use tokenless uploads with the codecov CLI + + - name: Install Codecov CLI + run: | + python3 -m pip install codecov-cli + + - name: Tell Codecov To Process Reports + run: | + codecovcli --auto-load-params-from GithubActions --verbose --token ${{ secrets.CODECOV_TOKEN }} \ + send-notifications --git-service github --sha ${{ github.sha }} + +#} + + - name: Get coverage reports + id: get-coverage-reports + uses: actions/download-artifact@v3 + with: + name: all-testrun-coverage-artifacts + path: artifacts/coverage/ + + - name: Display structure of downloaded files + run: tree -a artifacts/ + + - name: Install Codecov CLI + run: | + # We can't yet use tokenless uploads with the codecov CLI + # python3 -m pip install codecov-cli + # + curl https://keybase.io/codecovsecurity/pgp_keys.asc | gpg --no-default-keyring --import + curl -Os https://uploader.codecov.io/latest/linux/codecov + curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM + curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM.sig + gpg --verify codecov.SHA256SUM.sig codecov.SHA256SUM + shasum -a 256 -c codecov.SHA256SUM + chmod +x codecov + mv ./codecov /usr/local/bin/ + + - name: Create XML Coverage Reports + run: | + nox --force-color -e create-xml-coverage-reports + + - name: Upload Code Coverage To Codecov + run: | + tools ci upload-coverage --commit-sha=${{ github.event.pull_request.head.sha || github.sha }} artifacts/coverage/ + + - name: Combine Code Coverage + run: | + nox --force-color -e combine-coverage + + - name: Report Salt Code Coverage + run: | + nox --force-color -e coverage-report -- salt + + - name: Create Salt Code Coverage HTML Report + run: | + nox --force-color -e create-html-coverage-report -- salt + + - name: Create Salt Code Coverage HTML Report + run: | + nox --force-color -e create-html-coverage-report -- salt + + - name: Upload Salt Code Coverage HTML Report + uses: actions/upload-artifact@v3 + with: + name: code-coverage-salt-html-report + path: artifacts/coverage/html/salt + retention-days: 7 + if-no-files-found: error + + - name: Report Combined Code Coverage + run: | + nox --force-color -e coverage-report + + - name: Create Combined Code Coverage JSON Report + run: | + nox --force-color -e create-json-coverage-reports + + - name: Upload Combined Code Coverage JSON Report + uses: actions/upload-artifact@v3 + with: + name: code-coverage-full-json-report + path: artifacts/coverage/coverage.json + retention-days: 7 + if-no-files-found: error + + - name: Create Combined Code Coverage HTML Report + run: | + nox --force-color -e create-html-coverage-report + + - name: Upload Combined Code Coverage HTML Report + uses: actions/upload-artifact@v3 + with: + name: code-coverage-full-html-report + path: artifacts/coverage/html/full + retention-days: 7 + if-no-files-found: error + <%- endif %> + +<%- endblock jobs %> diff --git a/.github/workflows/templates/layout.yml.jinja b/.github/workflows/templates/layout.yml.jinja new file mode 100644 index 00000000..65398626 --- /dev/null +++ b/.github/workflows/templates/layout.yml.jinja @@ -0,0 +1,386 @@ +# Do not edit these workflows directly as the changes made will be overwritten. +# Instead, edit the template '<{ template }>' +<%- set prepare_workflow_if_check = prepare_workflow_if_check|default(False) %> +<%- set prepare_workflow_skip_test_suite = prepare_workflow_skip_test_suite|default("") %> +<%- set prepare_workflow_skip_pkg_test_suite = prepare_workflow_skip_pkg_test_suite|default("") %> +<%- set prepare_workflow_skip_pkg_download_test_suite = prepare_workflow_skip_pkg_download_test_suite|default("") %> +<%- set prepare_workflow_salt_version_input = prepare_workflow_salt_version_input|default("") %> +<%- set skip_test_coverage_check = skip_test_coverage_check|default("${{ fromJSON(needs.prepare-workflow.outputs.testrun)['skip_code_coverage'] }}") %> +<%- set skip_junit_reports_check = skip_junit_reports_check|default("${{ github.event_name == 'pull_request' }}") %> +<%- set gpg_key_id = "64CBBC8173D76B3F" %> +<%- set prepare_actual_release = prepare_actual_release | default(False) %> +<%- set gh_actions_workflows_python_version = "3.10" %> +--- +<%- block name %> +name: <{ workflow_name }> +run-name: "<{ workflow_name }> (${{ github.event_name == 'pull_request' && format('pr: #{0}', github.event.number) || format('{0}: {1}', startsWith(github.event.ref, 'refs/tags') && 'tag' || 'branch', github.ref_name) }})" +<%- endblock name %> + +<%- block on %> + +on: + push: {} + pull_request: + types: + - labeled + - unlabeled + - opened + - reopened + - synchronize + +<%- endblock on %> + +<%- block env %> + +env: + COLUMNS: 190 + CACHE_SEED: SEED-2 # Bump the number to invalidate all caches + RELENV_DATA: "${{ github.workspace }}/.relenv" + +<%- endblock env %> + +<%- block permissions %> + +permissions: + contents: read # for dorny/paths-filter to fetch a list of changed files + pull-requests: read # for dorny/paths-filter to read pull requests +<%- if workflow_slug not in ("nightly", "scheduled") %> + actions: read # for technote-space/workflow-conclusion-action to get the job statuses +<%- endif %> + +<%- endblock permissions %> + +<%- block concurrency %> + +concurrency: + # Concurrency is defined in a way that concurrent builds against branches do + # not cancel previous builds. + # However, for every new build against the same pull request source branch, + # all older builds against that same branch get canceled. + group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.repository }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +<%- endblock concurrency %> + +<%- block jobs %> + +jobs: + + <%- block pre_jobs %> + <%- endblock pre_jobs %> + + <%- if includes.get("prepare-workflow", True) %> + <%- block prepare_workflow_job %> + <%- do conclusion_needs.append("prepare-workflow") %> + + prepare-workflow: + name: Prepare Workflow Run + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + <%- if prepare_workflow_if_check %> + if: <{ prepare_workflow_if_check }> + <%- endif %> + <%- if prepare_workflow_needs %> + needs: + <%- for need in prepare_workflow_needs.iter(consume=False) %> + - <{ need }> + <%- endfor %> + <%- endif %> + outputs: + jobs: ${{ steps.define-jobs.outputs.jobs }} + runners: ${{ steps.runner-types.outputs.runners }} + changed-files: ${{ steps.process-changed-files.outputs.changed-files }} + pull-labels: ${{ steps.get-pull-labels.outputs.labels }} + testrun: ${{ steps.define-testrun.outputs.testrun }} + salt-version: ${{ steps.setup-salt-version.outputs.salt-version }} + cache-seed: ${{ steps.set-cache-seed.outputs.cache-seed }} + latest-release: ${{ steps.get-salt-releases.outputs.latest-release }} + releases: ${{ steps.get-salt-releases.outputs.releases }} + release-changelog-target: ${{ steps.get-release-changelog-target.outputs.release-changelog-target }} + testing-releases: ${{ steps.get-testing-releases.outputs.testing-releases }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Full clone to also get the tags to get the right salt version + + - name: Get Changed Files + if: ${{ github.event_name == 'pull_request'}} + id: changed-files + uses: dorny/paths-filter@v2 + with: + token: ${{ github.token }} + list-files: json + filters: | + repo: + - added|modified: + - '**' + doc-requirements: + - added|modified: &doc_requirements + - requirements/static/ci/py3.*/docs.txt + lint-requirements: + - added|modified: &lint_requirements + - requirements/static/ci/py3.*/lint.txt + pkg_requirements: + - added|modified: &pkg_requirements + - requirements/static/pkg/py3.*/darwin.txt + - requirements/static/pkg/py3.*/linux.txt + - requirements/static/pkg/py3.*/freebsd.txt + - requirements/static/pkg/py3.*/windows.txt + test_requirements: + - added|modified: &test_requirements + - requirements/static/ci/py3.*/darwin.txt + - requirements/static/ci/py3.*/linux.txt + - requirements/static/ci/py3.*/freebsd.txt + - requirements/static/ci/py3.*/windows.txt + - requirements/static/ci/py3.*/darwin-crypto.txt + - requirements/static/ci/py3.*/linux-crypto.txt + - requirements/static/ci/py3.*/freebsd-crypto.txt + - requirements/static/ci/py3.*/windows-crypto.txt + deleted: + - deleted: + - '**' + docs: + - added|modified: + - doc/** + - *doc_requirements + workflows: + - added|modified: + - cicd/shared-gh-workflows-context.yml + - .github/actions/**/action.yml + - .github/workflows/*.yml + - .github/workflows/templates/*.yml.jinja2 + - tools/precommit/workflows.py + salt: + - added|modified: &salt_added_modified + - setup.py + - noxfile.py + - salt/**/*.py + - tasks/**/*.py + - tools/**/*.py + tests: + - added|modified: &tests_added_modified + - tests/**/*.py + lint: + - added|modified: + - .pylintrc + - *lint_requirements + golden_images: + - added|modified: + - cicd/golden-images.json + pkg_tests: + - added|modified: &pkg_tests_added_modified + - pkg/** + - *pkg_requirements + - *salt_added_modified + testrun: + - added|modified: + - *pkg_requirements + - *test_requirements + - *salt_added_modified + - *tests_added_modified + - *pkg_tests_added_modified + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ env.CACHE_SEED }} + + - name: Pretty Print The GH Actions Event + run: + tools ci print-gh-event + + - name: Set Cache Seed Output + id: set-cache-seed + run: | + tools ci define-cache-seed ${{ env.CACHE_SEED }} + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "<{ prepare_workflow_salt_version_input }>" + validate-version: true + + - name: Get Pull Request Test Labels + id: get-pull-labels + if: ${{ github.event_name == 'pull_request'}} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools ci get-pr-test-labels --repository ${{ github.repository }} + + <%- if prepare_actual_release %> + + - name: Check Existing Releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools pkg repo confirm-unreleased --repository ${{ github.repository }} ${{ steps.setup-salt-version.outputs.salt-version }} + if [ "${{ github.event.repository.private }}" = "true" ]; then + tools pkg repo confirm-unreleased --repository saltstack/salt ${{ steps.setup-salt-version.outputs.salt-version }} + fi + + + <%- endif %> + + - name: Write Changed Files To A Local File + run: + echo '${{ toJSON(steps.changed-files.outputs) }}' > changed-files.json + + - name: Check Local Changed Files Contents + if: ${{ github.event_name == 'pull_request' }} + run: + cat changed-files.json + + - name: Process Changed Files + id: process-changed-files + run: | + tools ci process-changed-files ${{ github.event_name }} changed-files.json + + - name: Check Collected Changed Files + if: ${{ github.event_name == 'pull_request' }} + run: | + echo '${{ steps.process-changed-files.outputs.changed-files }}' | jq -C '.' + + - name: Define Runner Types + id: runner-types + run: | + tools ci runner-types ${{ github.event_name }} + + - name: Check Defined Runners + run: | + echo '${{ steps.runner-types.outputs.runners }}' | jq -C '.' + + - name: Define Jobs + id: define-jobs + run: | + tools ci define-jobs<{ prepare_workflow_skip_test_suite }><{ + prepare_workflow_skip_pkg_test_suite }><{ prepare_workflow_skip_pkg_download_test_suite + }> ${{ github.event_name }} changed-files.json + + - name: Check Defined Jobs + run: | + echo '${{ steps.define-jobs.outputs.jobs }}' | jq -C '.' + + - name: Get Salt Releases + id: get-salt-releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools ci get-releases + + - name: Get Latest Salt Releases for Testing + id: get-testing-releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools ci get-testing-releases ${{ join(fromJSON(steps.get-salt-releases.outputs.releases), ' ') }} --salt-version ${{ steps.setup-salt-version.outputs.salt-version }} + + - name: Check Salt Releases + run: | + echo '${{ steps.get-salt-releases.outputs.latest-release }}' | jq -C '.' + echo '${{ steps.get-salt-releases.outputs.releases }}' | jq -C '.' + echo '${{ steps.get-testing-releases.outputs.testing-releases }}' | jq -C '.' + + - name: Define Testrun + id: define-testrun + run: | + tools ci define-testrun ${{ github.event_name }} changed-files.json + + - name: Check Defined Test Run + run: | + echo '${{ steps.define-testrun.outputs.testrun }}' | jq -C '.' + + - name: Check Contents of generated testrun-changed-files.txt + if: ${{ fromJSON(steps.define-testrun.outputs.testrun)['type'] != 'full' }} + run: | + cat testrun-changed-files.txt || true + + - name: Upload testrun-changed-files.txt + if: ${{ fromJSON(steps.define-testrun.outputs.testrun)['type'] != 'full' }} + uses: actions/upload-artifact@v3 + with: + name: testrun-changed-files.txt + path: testrun-changed-files.txt + + - name: Get Release Changelog Target + id: get-release-changelog-target + run: | + tools ci get-release-changelog-target ${{ github.event_name }} + +{# We can't yet use tokenless uploads with the codecov CLI + + - name: Install Codecov CLI + if: ${{ fromJSON(steps.define-testrun.outputs.testrun)['skip_code_coverage'] == false }} + run: | + python3 -m pip install codecov-cli + + - name: Save Commit Metadata In Codecov + if: ${{ fromJSON(steps.define-testrun.outputs.testrun)['skip_code_coverage'] == false }} + run: | + codecovcli --auto-load-params-from GithubActions --verbose --token ${{ secrets.CODECOV_TOKEN }} \ + create-commit --git-service github --sha ${{ github.sha }} + + - name: Create Codecov Coverage Report + if: ${{ fromJSON(steps.define-testrun.outputs.testrun)['skip_code_coverage'] == false }} + run: | + codecovcli --auto-load-params-from GithubActions --verbose --token ${{ secrets.CODECOV_TOKEN }} \ + create-report --git-service github --sha ${{ github.sha }} + +#} + + <%- endblock prepare_workflow_job %> + <%- endif %> + +<%- endblock jobs %> + + set-pipeline-exit-status: + # This step is just so we can make github require this step, to pass checks + # on a pull request instead of requiring all + name: Set the ${{ github.workflow }} Pipeline Exit Status + if: always() + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + <%- if workflow_slug == "nightly" %> + environment: <{ workflow_slug }> + <%- endif %> + needs: + <%- for need in prepare_workflow_needs.iter(consume=True) %> + - <{ need }> + <%- endfor %> + <%- for need in conclusion_needs.iter(consume=True) %> + - <{ need }> + <%- endfor %> + <%- for need in test_salt_needs.iter(consume=False) %> + - <{ need }> + <%- endfor %> + <%- for need in test_salt_pkg_needs.iter(consume=False) %> + - <{ need }> + <%- endfor %> + <%- for need in test_repo_needs.iter(consume=True) %> + - <{ need }> + <%- endfor %> + steps: + - name: Get workflow information + id: get-workflow-info + uses: technote-space/workflow-conclusion-action@v3 + + <%- block set_pipeline_exit_status_extra_steps %> + <%- endblock set_pipeline_exit_status_extra_steps %> + + - name: Set Pipeline Exit Status + shell: bash + run: | + if [ "${{ steps.get-workflow-info.outputs.conclusion }}" != "success" ]; then + exit 1 + else + exit 0 + fi + + - name: Done + if: always() + run: + echo "All worflows finished" diff --git a/.github/workflows/templates/nightly.yml.jinja b/.github/workflows/templates/nightly.yml.jinja new file mode 100644 index 00000000..e4350f44 --- /dev/null +++ b/.github/workflows/templates/nightly.yml.jinja @@ -0,0 +1,265 @@ +<%- set gh_environment = gh_environment|default("nightly") %> +<%- set skip_test_coverage_check = skip_test_coverage_check|default("false") %> +<%- set skip_junit_reports_check = skip_junit_reports_check|default("false") %> +<%- set prepare_workflow_skip_test_suite = "${{ inputs.skip-salt-test-suite && ' --skip-tests' || '' }}" %> +<%- set prepare_workflow_skip_pkg_test_suite = "${{ inputs.skip-salt-pkg-test-suite && ' --skip-pkg-tests' || '' }}" %> +<%- set prepare_workflow_if_check = prepare_workflow_if_check|default("${{ fromJSON(needs.workflow-requirements.outputs.requirements-met) }}") %> +<%- extends 'ci.yml.jinja' %> + +<%- block name %> + +name: <{ workflow_name }> +run-name: "<{ workflow_name }> (branch: ${{ github.ref_name }})" + +<%- endblock name %> + +<%- block on %> + +on: + workflow_dispatch: + inputs: + skip-salt-test-suite: + type: boolean + default: false + description: Skip running the Salt test suite. + skip-salt-pkg-test-suite: + type: boolean + default: false + description: Skip running the Salt packages test suite. + schedule: + # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onschedule + - cron: '0 0 * * *' # Every day at 0AM + +<%- endblock on %> + +<%- block concurrency %> + +concurrency: + group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.repository }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: false + +<%- endblock concurrency %> + +<%- block permissions %> +<{- super() }> +<%- if workflow_slug == "nightly" %> + actions: write # to trigger branch nightly builds +<%- endif %> +<%- endblock permissions %> + +<%- block pre_jobs %> + + <%- include "workflow-requirements-check.yml.jinja" %> + <%- include "trigger-branch-workflows.yml.jinja" %> + + {#- When we start using a slack app, we can update messages, not while using incoming webhooks + <%- if workflow_slug == "nightly" %> + + <%- do conclusion_needs.append('notify-slack') %> + notify-slack: + name: Notify Slack + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + environment: <{ gh_environment }> + needs: + <%- for need in prepare_workflow_needs.iter(consume=False) %> + - <{ need }> + <%- endfor %> + outputs: + update-ts: ${{ steps.slack.outputs.update-ts }} + steps: + - name: Notify Slack + id: slack + uses: slackapi/slack-github-action@v1.24.0 + with: + payload: | + { + "attachments": [ + { + "color": "ffca28", + "fields": [ + { + "title": "Workflow", + "short": true, + "value": "${{ github.workflow }}", + "type": "mrkdwn" + }, + { + "title": "Workflow Run", + "short": true, + "value": "<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|${{ github.run_id }}>", + "type": "mrkdwn" + }, + { + "title": "Branch", + "short": true, + "value": "${{ github.ref_name }}", + "type": "mrkdwn" + }, + { + "title": "Commit", + "short": true, + "value": "<${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }}|${{ github.sha }}>", + "type": "mrkdwn" + }, + { + "title": "Attempt", + "short": true, + "value": "${{ github.run_attempt }}", + "type": "mrkdwn" + }, + { + "title": "Status", + "short": true, + "value": "running", + "type": "mrkdwn" + } + ], + "author_name": "${{ github.event.sender.login }}", + "author_link": "${{ github.event.sender.html_url }}", + "author_icon": "${{ github.event.sender.avatar_url }}" + } + ] + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + + <%- endif %> + #} + +<%- endblock pre_jobs %> + +<%- block jobs %> + <{- super() }> + + <%- if includes.get("build-repos", True) %> + <%- include "build-repos.yml.jinja" %> + <%- endif %> + + publish-repositories: + <%- do conclusion_needs.append('publish-repositories') %> + name: Publish Repositories + if: ${{ always() && ! failure() && ! cancelled() }} + runs-on: + - self-hosted + - linux + - repo-<{ gh_environment }> + environment: <{ gh_environment }> + needs: + - prepare-workflow + <%- for need in build_repo_needs.iter(consume=True) %> + - <{ need }> + <%- endfor %> + <%- if workflow_slug == "nightly" %> + <%- for need in test_salt_needs.iter(consume=True) %> + - <{ need }> + <%- endfor %> + <%- endif %> + + steps: + - uses: actions/checkout@v4 + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Download Repository Artifact + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-<{ gh_environment }>-repo + path: repo/ + + - name: Decompress Repository Artifacts + run: | + find repo/ -type f -name '*.tar.gz' -print -exec tar xvf {} \; + find repo/ -type f -name '*.tar.gz' -print -exec rm -f {} \; + + - name: Show Repository + run: | + tree -a artifacts/pkgs/repo/ + + - name: Upload Repository Contents (<{ gh_environment }>) + env: + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + run: | + tools pkg repo publish <{ gh_environment }> --salt-version=${{ needs.prepare-workflow.outputs.salt-version }} artifacts/pkgs/repo/ + +<%- endblock jobs %> + +<%- block set_pipeline_exit_status_extra_steps %> + + <%- if workflow_slug == "nightly" %> + + - name: Notify Slack + id: slack + if: always() + uses: slackapi/slack-github-action@v1.24.0 + with: + {#- When we start using a slack app, we can update messages, not while using incoming webhooks + update-ts: ${{ needs.notify-slack.outputs.update-ts }} + #} + payload: | + { + "attachments": [ + { + "fallback": "${{ github.workflow }} Workflow build result for the `${{ github.ref_name }}` branch(attempt: ${{ github.run_attempt }}): `${{ steps.get-workflow-info.outputs.conclusion }}`\n${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}", + "color": "${{ steps.get-workflow-info.outputs.conclusion != 'success' && 'ff3d00' || '00e676' }}", + "fields": [ + { + "title": "Workflow", + "short": true, + "value": "${{ github.workflow }}", + "type": "mrkdwn" + }, + { + "title": "Workflow Run", + "short": true, + "value": "<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|${{ github.run_id }}>", + "type": "mrkdwn" + }, + { + "title": "Branch", + "short": true, + "value": "${{ github.ref_name }}", + "type": "mrkdwn" + }, + { + "title": "Commit", + "short": true, + "value": "<${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }}|${{ github.sha }}>", + "type": "mrkdwn" + }, + { + "title": "Attempt", + "short": true, + "value": "${{ github.run_attempt }}", + "type": "mrkdwn" + }, + { + "title": "Status", + "short": true, + "value": "${{ steps.get-workflow-info.outputs.conclusion }}", + "type": "mrkdwn" + } + ], + "author_name": "${{ github.event.sender.login }}", + "author_link": "${{ github.event.sender.html_url }}", + "author_icon": "${{ github.event.sender.avatar_url }}" + } + ] + } + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + + <%- endif %> + +<%- endblock set_pipeline_exit_status_extra_steps %> diff --git a/.github/workflows/templates/release.yml.jinja b/.github/workflows/templates/release.yml.jinja new file mode 100644 index 00000000..b020138b --- /dev/null +++ b/.github/workflows/templates/release.yml.jinja @@ -0,0 +1,495 @@ +<%- set prepare_workflow_salt_version_input = "${{ inputs.salt-version }}" %> +<%- set prepare_workflow_skip_pkg_download_test_suite = "${{ inputs.skip-salt-pkg-download-test-suite && ' --skip-pkg-download-tests' || '' }}" %> +<%- set gh_environment = "release" %> +<%- extends 'layout.yml.jinja' %> + + +<%- block name %> + +name: <{ workflow_name }> +run-name: "<{ workflow_name }> (branch: ${{ github.ref_name }}; version: ${{ inputs.salt-version }})" + +<%- endblock name %> + + +<%- block on %> + +on: + workflow_dispatch: + inputs: + salt-version: + type: string + required: true + description: > + The Salt version to get from staging to publish the release. + (DO NOT prefix the version with a v, ie, 3006.0 NOT v3006.0). + skip-salt-pkg-download-test-suite: + type: boolean + default: false + description: Skip running the Salt packages download test suite. + +<%- endblock on %> + +<%- block concurrency %> + +concurrency: + group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.repository }} + cancel-in-progress: false + +<%- endblock concurrency %> + +<%- block permissions %> + +permissions: + contents: write # To be able to publish the release + +<%- endblock permissions %> + +<%- block pre_jobs %> + + <%- set job_name = "check-requirements" %> + + <{ job_name }>: + <%- do prepare_workflow_needs.append(job_name) %> + name: Check Requirements + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + environment: <{ gh_environment }>-check + steps: + - name: Check For Admin Permission + uses: actions-cool/check-user-permission@v2 + with: + require: admin + username: ${{ github.triggering_actor }} + + +<%- endblock pre_jobs %> + +<%- if includes.get("prepare-workflow", True) %> +<%- block prepare_workflow_job %> +<%- do conclusion_needs.append("prepare-workflow") %> + + prepare-workflow: + name: Prepare Workflow Run + runs-on: + - self-hosted + - linux + - repo-<{ gh_environment }> + environment: <{ gh_environment }> + <%- if prepare_workflow_needs %> + needs: + <%- for need in prepare_workflow_needs.iter(consume=False) %> + - <{ need }> + <%- endfor %> + <%- endif %> + outputs: + salt-version: ${{ steps.setup-salt-version.outputs.salt-version }} + cache-seed: ${{ steps.set-cache-seed.outputs.cache-seed }} + latest-release: ${{ steps.get-salt-releases.outputs.latest-release }} + releases: ${{ steps.get-salt-releases.outputs.releases }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Full clone to also get the tags to get the right salt version + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ env.CACHE_SEED }} + + - name: Pretty Print The GH Actions Event + run: + tools ci print-gh-event + + - name: Setup Salt Version + id: setup-salt-version + uses: ./.github/actions/setup-salt-version + with: + salt-version: "<{ prepare_workflow_salt_version_input }>" + validate-version: true + + - name: Check Existing Releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools pkg repo confirm-unreleased --repository ${{ github.repository }} ${{ steps.setup-salt-version.outputs.salt-version }} + if [ "${{ github.event.repository.private }}" = "true" ]; then + tools pkg repo confirm-unreleased --repository saltstack/salt ${{ steps.setup-salt-version.outputs.salt-version }} + fi + + - name: Check Release Staged + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools pkg repo confirm-staged --repository ${{ github.repository }} ${{ steps.setup-salt-version.outputs.salt-version }} + + - name: Get Salt Releases + id: get-salt-releases + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + tools ci get-releases + + - name: Check Salt Releases + run: | + echo '${{ steps.get-salt-releases.outputs.latest-release }}' | jq -C '.' + echo '${{ steps.get-salt-releases.outputs.releases }}' | jq -C '.' + + - name: Set Cache Seed Output + id: set-cache-seed + run: | + tools ci define-cache-seed ${{ env.CACHE_SEED }} + + <%- endblock prepare_workflow_job %> + <%- endif %> + +<%- block jobs %> + <{- super() }> + + download-onedir-artifact: + name: Download Staging Onedir Artifact + runs-on: + - self-hosted + - linux + - repo-<{ gh_environment }> + environment: <{ gh_environment }> + needs: + - prepare-workflow + strategy: + fail-fast: false + matrix: + include: + - platform: linux + arch: x86_64 + - platform: linux + arch: aarch64 + - platform: windows + arch: amd64 + - platform: windows + arch: x86 + - platform: darwin + arch: x86_64 + - platform: darwin + arch: aarch64 + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Download Onedir Tarball Artifact + run: | + tools release download-onedir-artifact --platform=${{ matrix.platform }} --arch=${{ matrix.arch }} ${{ inputs.salt-version }} + + - name: Upload Onedir Tarball as an Artifact + uses: actions/upload-artifact@v3 + with: + name: salt-${{ inputs.salt-version }}-onedir-${{ matrix.platform }}-${{ matrix.arch }}.tar.xz + path: artifacts/salt-${{ inputs.salt-version }}-onedir-${{ matrix.platform }}-${{ matrix.arch }}.tar.xz* + retention-days: 7 + if-no-files-found: error + + <%- include "build-ci-deps.yml.jinja" %> + + backup: + name: Backup + runs-on: + - self-hosted + - linux + - repo-<{ gh_environment }> + needs: + - prepare-workflow + environment: <{ gh_environment }> + outputs: + backup-complete: ${{ steps.backup.outputs.backup-complete }} + + steps: + - name: Clone The Salt Repository + uses: actions/checkout@v4 + + - name: Setup Rclone + uses: AnimMouse/setup-rclone@v1 + with: + version: v1.61.1 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Backup Previous Releases + id: backup + run: | + tools pkg repo backup-previous-releases + + publish-repositories: + <%- do conclusion_needs.append('publish-repositories') %> + name: Publish Repositories + runs-on: + - self-hosted + - linux + - repo-<{ gh_environment }> + needs: + - prepare-workflow + - backup + - download-onedir-artifact + environment: <{ gh_environment }> + + steps: + - name: Clone The Salt Repository + uses: actions/checkout@v4 + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Publish Release Repository + env: + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + run: | + tools pkg repo publish <{ gh_environment }> ${{ needs.prepare-workflow.outputs.salt-version }} + + <%- if includes.get("test-pkg-downloads", True) %> + <%- include "test-salt-pkg-repo-downloads.yml.jinja" %> + <%- endif %> + + release: + <%- do conclusion_needs.append('release') %> + name: Release v${{ needs.prepare-workflow.outputs.salt-version }} + if: ${{ always() && ! failure() && ! cancelled() }} + runs-on: + - self-hosted + - linux + - repo-<{ gh_environment }> + needs: + - prepare-workflow + - backup + - publish-repositories + <%- for need in test_repo_needs.iter(consume=True) %> + - <{ need }> + <%- endfor %> + environment: <{ gh_environment }> + steps: + - name: Clone The Salt Repository + uses: actions/checkout@v4 + with: + ssh-key: ${{ secrets.GHA_SSH_KEY }} + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + id: get-secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text | jq .default_key -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -d - \ + | gpg --import - + sync + aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/signing/repo-signing-keys-sha256-2023 \ + --query SecretString --output text| jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "${SECRETS_KEY_FILE}" -o "${GNUPGHOME}/passphrase" -d - + sync + rm "$SECRETS_KEY_FILE" + echo "passphrase-file ${GNUPGHOME}/passphrase" >> "${GNUPGHOME}/gpg.conf" + + - name: Prepare Release + id: prepare-release + run: | + tools pkg repo publish github --repository ${{ github.repository }} --key-id=<{ gpg_key_id }> ${{ needs.prepare-workflow.outputs.salt-version }} + + - name: Configure Git + shell: bash + run: | + git config --global --add safe.directory "$(pwd)" + git config --global user.name "Salt Project Packaging" + git config --global user.email saltproject-packaging@vmware.com + git config --global user.signingkey <{ gpg_key_id }> + git config --global commit.gpgsign true + + - name: Apply The Release Patch + run: | + git am --committer-date-is-author-date release-artifacts/salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + rm release-artifacts/salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + + - name: Tag The v${{ needs.prepare-workflow.outputs.salt-version }} Release + run: | + git tag -m "Release v${{ needs.prepare-workflow.outputs.salt-version }}" -as v${{ needs.prepare-workflow.outputs.salt-version }} + + - name: Push Changes + uses: ad-m/github-push-action@b87afee92c6e70ea888be6203a3e9426fda49839 + with: + ssh: true + tags: true + atomic: true + branch: ${{ github.ref }} + + - name: Create Github Release + uses: ncipollo/release-action@v1.12.0 + with: + artifactErrorsFailBuild: true + artifacts: ${{ steps.prepare-release.outputs.release-artifacts }} + bodyFile: ${{ steps.prepare-release.outputs.release-messsage-file }} + draft: false + generateReleaseNotes: false + makeLatest: fromJSON(${{ steps.prepare-release.outputs.make-latest }}) + name: v${{ needs.prepare-workflow.outputs.salt-version }} + prerelease: ${{ contains(needs.prepare-workflow.outputs.salt-version, 'rc') }} + removeArtifacts: true + replacesArtifacts: true + tag: v${{ needs.prepare-workflow.outputs.salt-version }} + + - name: Upload PyPi Artifacts + uses: actions/upload-artifact@v3 + with: + name: pypi-artifacts + path: | + release-artifacts/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz + release-artifacts/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz.asc + retention-days: 7 + if-no-files-found: error + + {#- Disable automatic backup restore + restore: + <%- do conclusion_needs.append('restore') %> + name: Restore Release Bucket From Backup + if: ${{ always() && needs.backup.outputs.backup-complete == 'true' && (failure() || cancelled()) }} + runs-on: + - self-hosted + - linux + - repo-<{ gh_environment }> + needs: + - backup + - release + <%- for need in test_repo_needs.iter(consume=True) %> + - <{ need }> + <%- endfor %> + environment: <{ gh_environment }> + steps: + - name: Clone The Salt Repository + uses: actions/checkout@v4 + with: + ssh-key: ${{ secrets.GHA_SSH_KEY }} + + - name: Setup Rclone + uses: AnimMouse/setup-rclone@v1 + with: + version: v1.61.1 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Restore Release Bucket + run: | + tools pkg repo restore-previous-releases + #} + + publish-pypi: + <%- do conclusion_needs.append('publish-pypi') %> + name: Publish to PyPi + if: ${{ always() && ! failure() && ! cancelled() && github.event.repository.fork != true }} + needs: + - prepare-workflow + - release {#- Disable automatic backup restore + - restore #} + environment: <{ gh_environment }> + runs-on: + - self-hosted + - linux + - repo-<{ gh_environment }> + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + id: get-secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + TWINE_PASSWORD=$(aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/publishing/publish-pypi \ + --query SecretString --output text | jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "$SECRETS_KEY_FILE" -d -) + echo "::add-mask::$TWINE_PASSWORD" + echo "twine-password=$TWINE_PASSWORD" >> "${GITHUB_OUTPUT}" + + - name: Download PyPi Artifacts + uses: actions/download-artifact@v3 + with: + name: pypi-artifacts + path: artifacts/release + + - name: Publish to PyPi + env: + TWINE_PASSWORD: "${{ steps.get-secrets.outputs.twine-password }}" + run: | + tools pkg pypi-upload artifacts/release/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz + +<%- endblock jobs %> + +<%- block set_pipeline_exit_status_extra_steps %> + + - run: | + # shellcheck disable=SC2129 + if [ "${{ steps.get-workflow-info.outputs.conclusion }}" != "success" ]; then + echo 'To restore the release bucket run:' >> "${GITHUB_STEP_SUMMARY}" + echo '```' >> "${GITHUB_STEP_SUMMARY}" + echo 'tools pkg repo restore-previous-releases' >> "${GITHUB_STEP_SUMMARY}" + echo '```' >> "${GITHUB_STEP_SUMMARY}" + fi +<%- endblock set_pipeline_exit_status_extra_steps %> diff --git a/.github/workflows/templates/scheduled.yml.jinja b/.github/workflows/templates/scheduled.yml.jinja new file mode 100644 index 00000000..4c78a978 --- /dev/null +++ b/.github/workflows/templates/scheduled.yml.jinja @@ -0,0 +1,45 @@ +<%- set prepare_workflow_if_check = "${{ fromJSON(needs.workflow-requirements.outputs.requirements-met) }}" %> +<%- set skip_test_coverage_check = "false" %> +<%- set skip_junit_reports_check = "false" %> +<%- extends 'ci.yml.jinja' %> + + +<%- block name %> + +name: <{ workflow_name }> +run-name: "<{ workflow_name }> (branch: ${{ github.ref_name }})" + +<%- endblock name %> + + +<%- block on %> + +on: + schedule: + # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onschedule + - cron: '0 */8 * * *' # Run every 8 hours + +<%- endblock %> + +<%- block concurrency %> + +concurrency: + group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: false + +<%- endblock %> + + +<%- block permissions %> +<{- super() }> +<%- if workflow_slug == "scheduled" %> + actions: write # to trigger branch scheduled builds +<%- endif %> +<%- endblock permissions %> + +<%- block pre_jobs %> + + <%- include "workflow-requirements-check.yml.jinja" %> + <%- include "trigger-branch-workflows.yml.jinja" %> + +<%- endblock pre_jobs %> diff --git a/.github/workflows/templates/staging.yml.jinja b/.github/workflows/templates/staging.yml.jinja new file mode 100644 index 00000000..c84ade07 --- /dev/null +++ b/.github/workflows/templates/staging.yml.jinja @@ -0,0 +1,231 @@ +<%- set prepare_workflow_if_check = False %> +<%- set prepare_workflow_salt_version_input = "${{ inputs.salt-version }}" %> +<%- set prepare_workflow_skip_test_suite = "${{ inputs.skip-salt-test-suite && ' --skip-tests' || '' }}" %> +<%- set prepare_workflow_skip_pkg_test_suite = "${{ inputs.skip-salt-pkg-test-suite && ' --skip-pkg-tests' || '' }}" %> +<%- set prepare_workflow_skip_pkg_download_test_suite = "${{ inputs.skip-salt-pkg-download-test-suite && ' --skip-pkg-download-tests' || '' }}" %> +<%- set gh_environment = "staging" %> +<%- set prepare_actual_release = True %> +<%- set skip_test_coverage_check = "true" %> +<%- set skip_junit_reports_check = "true" %> +<%- extends 'nightly.yml.jinja' %> + +<%- block name %> + +name: <{ workflow_name }> +run-name: "<{ workflow_name }> (branch: ${{ github.ref_name }}; version: ${{ inputs.salt-version }})" + +<%- endblock name %> + +<%- block on %> + +on: + workflow_dispatch: + inputs: + salt-version: + type: string + required: true + description: > + The Salt version to set prior to building packages and staging the release. + (DO NOT prefix the version with a v, ie, 3006.0 NOT v3006.0). + sign-windows-packages: + type: boolean + default: false + description: Sign Windows Packages + skip-test-pypi-publish: + type: boolean + default: false + description: Skip publishing the source package to Test PyPi(For example, CVE releases) + skip-salt-test-suite: + type: boolean + default: false + description: Skip running the Salt test suite. + skip-salt-pkg-test-suite: + type: boolean + default: false + description: Skip running the Salt packages test suite. + skip-salt-pkg-download-test-suite: + type: boolean + default: false + description: Skip running the Salt packages download test suite. + +<%- endblock on %> + +<%- block concurrency %> + +concurrency: + group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.repository }} + cancel-in-progress: false + +<%- endblock concurrency %> + + +<%- block pre_jobs %> + + <%- set job_name = "check-requirements" %> + + <{ job_name }>: + <%- do prepare_workflow_needs.append(job_name) %> + name: Check Requirements + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + environment: <{ gh_environment }>-check + steps: + - name: Check For Admin Permission + uses: actions-cool/check-user-permission@v2 + with: + require: admin + username: ${{ github.triggering_actor }} + +<%- endblock pre_jobs %> + + +<%- block jobs %> + <{- super() }> + + upload-release-artifacts: + <%- do conclusion_needs.append('upload-release-artifacts') %> + name: Upload Release Artifacts + needs: + - prepare-workflow + - build-docs + - build-src-repo + environment: <{ gh_environment }> + runs-on: + - self-hosted + - linux + - repo-<{ gh_environment }> + steps: + - uses: actions/checkout@v4 + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Download Release Patch + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch + path: artifacts/release + + - name: Download Source Repository + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-<{ gh_environment }>-src-repo + path: artifacts/release + + - name: Download Release Documentation (HTML) + uses: actions/download-artifact@v3 + with: + name: salt-${{ needs.prepare-workflow.outputs.salt-version }}-docs-html.tar.xz + path: artifacts/release + + - name: Download Release Documentation (ePub) + uses: actions/download-artifact@v3 + with: + name: Salt-${{ needs.prepare-workflow.outputs.salt-version }}.epub + path: artifacts/release + + - name: Show Release Artifacts + run: | + tree -a artifacts/release + + {#- + + - name: Download Release Documentation (PDF) + uses: actions/download-artifact@v3 + with: + name: Salt-${{ needs.prepare-workflow.outputs.salt-version }}.pdf + path: artifacts/release + + #} + + - name: Upload Release Artifacts + run: | + tools release upload-artifacts ${{ needs.prepare-workflow.outputs.salt-version }} artifacts/release + + - name: Upload PyPi Artifacts + uses: actions/upload-artifact@v3 + with: + name: pypi-artifacts + path: | + artifacts/release/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz + artifacts/release/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz.asc + retention-days: 7 + if-no-files-found: error + + <%- if includes.get("test-pkg-downloads", True) %> + <%- include "test-salt-pkg-repo-downloads.yml.jinja" %> + <%- endif %> + + publish-pypi: + <%- do conclusion_needs.append('publish-pypi') %> + name: Publish to PyPi(test) + if: ${{ inputs.skip-test-pypi-publish != true && github.event.repository.fork != true }} + needs: + - prepare-workflow + - upload-release-artifacts + <%- for need in test_salt_needs.iter(consume=True) %> + - <{ need }> + <%- endfor %> + <%- for need in test_salt_pkg_needs.iter(consume=True) %> + - <{ need }> + <%- endfor %> + <%- for need in test_repo_needs.iter(consume=True) %> + - <{ need }> + <%- endfor %> + environment: <{ gh_environment }> + runs-on: + - self-hosted + - linux + - repo-<{ gh_environment }> + steps: + - uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} + + - name: Setup GnuPG + run: | + sudo install -d -m 0700 -o "$(id -u)" -g "$(id -g)" /run/gpg + GNUPGHOME="$(mktemp -d -p /run/gpg)" + echo "GNUPGHOME=${GNUPGHOME}" >> "$GITHUB_ENV" + cat < "${GNUPGHOME}/gpg.conf" + batch + no-tty + pinentry-mode loopback + EOF + + - name: Get Secrets + id: get-secrets + env: + SECRETS_KEY: ${{ secrets.SECRETS_KEY }} + run: | + SECRETS_KEY_FILE=$(mktemp /tmp/output.XXXXXXXXXX) + echo "$SECRETS_KEY" > "$SECRETS_KEY_FILE" + TWINE_PASSWORD=$(aws --region us-west-2 secretsmanager get-secret-value --secret-id /cmbu-saltstack/publishing/publish-test-pypi \ + --query SecretString --output text | jq .default_passphrase -r | base64 -d \ + | gpg --passphrase-file "$SECRETS_KEY_FILE" -d -) + echo "::add-mask::$TWINE_PASSWORD" + echo "twine-password=$TWINE_PASSWORD" >> "${GITHUB_OUTPUT}" + + - name: Download PyPi Artifacts + uses: actions/download-artifact@v3 + with: + name: pypi-artifacts + path: artifacts/release + + - name: Publish to Test PyPi + env: + TWINE_PASSWORD: "${{ steps.get-secrets.outputs.twine-password }}" + run: | + tools pkg pypi-upload --test artifacts/release/salt-${{ needs.prepare-workflow.outputs.salt-version }}.tar.gz + +<%- endblock jobs %> diff --git a/.github/workflows/templates/test-package-downloads-action.yml.jinja b/.github/workflows/templates/test-package-downloads-action.yml.jinja new file mode 100644 index 00000000..4f9502d7 --- /dev/null +++ b/.github/workflows/templates/test-package-downloads-action.yml.jinja @@ -0,0 +1,741 @@ +name: Test Download Packages + +on: + workflow_call: + inputs: + salt-version: + type: string + required: true + description: The Salt version of the packages to install and test + cache-prefix: + required: true + type: string + description: Seed used to invalidate caches + environment: + required: true + type: string + description: The environment to run tests against + latest-release: + required: true + type: string + description: The latest salt release + nox-version: + required: true + type: string + description: The nox version to install + python-version: + required: false + type: string + description: The python version to run tests with + default: "3.10" + package-name: + required: false + type: string + description: The onedir package name to use + default: salt + skip-code-coverage: + required: false + type: boolean + description: Skip code coverage + default: false + nox-session: + required: false + type: string + description: The nox session to run + default: ci-test-onedir + +env: + COLUMNS: 190 + AWS_MAX_ATTEMPTS: "10" + AWS_RETRY_MODE: "adaptive" + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + + linux: + name: Linux + runs-on: + - self-hosted + - linux + - bastion + environment: ${{ inputs.environment }} + timeout-minutes: 120 # 2 Hours - More than this and something is wrong + strategy: + fail-fast: false + matrix: + include: + <%- for slug, arch, pkg_type in test_salt_pkg_downloads_listing["linux"] %> + - distro-slug: <{ slug }> + arch: <{ arch }> + pkg-type: <{ pkg_type }> + <%- endfor %> + + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(shuf -i 1-30 -n 1); echo "Sleeping $t seconds"; sleep "$t" + + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Download Onedir Tarball as an Artifact + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-linux-${{ matrix.arch == 'arm64' && 'aarch64' || matrix.arch }}.tar.xz + path: artifacts/ + + - name: Decompress Onedir Tarball + shell: bash + run: | + python3 -c "import os; os.makedirs('artifacts', exist_ok=True)" + cd artifacts + tar xvf ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-linux-${{ matrix.arch == 'arm64' && 'aarch64' || matrix.arch }}.tar.xz + + - name: Download cached nox.${{ matrix.distro-slug }}.tar.* for session ${{ inputs.nox-session }} + uses: actions/cache@v3.3.1 + with: + path: nox.${{ matrix.distro-slug }}.tar.* + key: ${{ inputs.cache-prefix }}|testrun-deps|${{ matrix.arch == 'arm64' && 'aarch64' || matrix.arch }}|${{ matrix.distro-slug }}|${{ inputs.nox-session }}|${{ inputs.python-version }}|${{ + hashFiles('requirements/**/*.txt', 'cicd/golden-images.json', 'noxfile.py') + }} + # If we get a cache miss here it means the dependencies step failed to save the cache + fail-on-cache-miss: true + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-prefix }}-pkg-download-linux + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Start VM + id: spin-up-vm + run: | + tools --timestamps vm create --environment "${SPB_ENVIRONMENT}" --retries=2 ${{ matrix.distro-slug }} + + - name: List Free Space + run: | + tools --timestamps vm ssh ${{ matrix.distro-slug }} -- df -h || true + + - name: Upload Checkout To VM + run: | + tools --timestamps vm rsync ${{ matrix.distro-slug }} + + - name: Decompress .nox Directory + run: | + tools --timestamps vm decompress-dependencies ${{ matrix.distro-slug }} + + - name: Show System Info & Test Plan + env: + SALT_RELEASE: "${{ inputs.salt-version }}" + SALT_REPO_ARCH: ${{ matrix.arch }} + SALT_REPO_TYPE: ${{ inputs.environment }} + SALT_REPO_USER: ${{ secrets.SALT_REPO_USER }} + SALT_REPO_PASS: ${{ secrets.SALT_REPO_PASS }} + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + LATEST_SALT_RELEASE: "${{ inputs.latest-release }}" + DOWNLOAD_TEST_PACKAGE_TYPE: ${{ matrix.pkg-type }} + run: | + tools --timestamps --timeout-secs=1800 vm testplan --skip-requirements-install \ + -E SALT_RELEASE -E SALT_REPO_ARCH -E SALT_REPO_TYPE -E SALT_REPO_USER -E SALT_REPO_PASS \ + -E SALT_REPO_DOMAIN_RELEASE -E SALT_REPO_DOMAIN_STAGING -E LATEST_SALT_RELEASE -E DOWNLOAD_TEST_PACKAGE_TYPE \ + --nox-session=${{ inputs.nox-session }}-pkgs ${{ matrix.distro-slug }} -- download-pkgs + + - name: Run Package Download Tests + env: + SALT_RELEASE: "${{ inputs.salt-version }}" + SALT_REPO_ARCH: ${{ matrix.arch }} + SALT_REPO_TYPE: ${{ inputs.environment }} + SALT_REPO_USER: ${{ secrets.SALT_REPO_USER }} + SALT_REPO_PASS: ${{ secrets.SALT_REPO_PASS }} + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + LATEST_SALT_RELEASE: "${{ inputs.latest-release }}" + DOWNLOAD_TEST_PACKAGE_TYPE: ${{ matrix.pkg-type }} + run: | + tools --timestamps --no-output-timeout-secs=1800 --timeout-secs=14400 vm test --skip-requirements-install \ + -E SALT_RELEASE -E SALT_REPO_ARCH -E SALT_REPO_TYPE -E SALT_REPO_USER -E SALT_REPO_PASS \ + -E SALT_REPO_DOMAIN_RELEASE -E SALT_REPO_DOMAIN_STAGING -E LATEST_SALT_RELEASE -E DOWNLOAD_TEST_PACKAGE_TYPE \ + --nox-session=${{ inputs.nox-session }}-pkgs --rerun-failures ${{ matrix.distro-slug }} -- download-pkgs + + - name: Combine Coverage Reports + if: always() && inputs.skip-code-coverage == false && steps.spin-up-vm.outcome == 'success' && job.status != 'cancelled' + run: | + tools --timestamps vm combine-coverage ${{ matrix.distro-slug }} + + - name: Download Test Run Artifacts + id: download-artifacts-from-vm + if: always() && steps.spin-up-vm.outcome == 'success' + run: | + tools --timestamps vm download-artifacts ${{ matrix.distro-slug }} + # Delete the salt onedir, we won't need it anymore and it will prevent + # from it showing in the tree command below + rm -rf artifacts/salt* + tree -a artifacts + + - name: Destroy VM + if: always() + run: | + tools --timestamps vm destroy --no-wait ${{ matrix.distro-slug }} || true + + - name: Fix file ownership + run: | + sudo chown -R "$(id -un)" . + + - name: Install Codecov CLI + if: always() && inputs.skip-code-coverage == false && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled' + run: | + # We can't yet use tokenless uploads with the codecov CLI + # python3 -m pip install codecov-cli + # + curl https://keybase.io/codecovsecurity/pgp_keys.asc | gpg --no-default-keyring --import + curl -Os https://uploader.codecov.io/latest/linux/codecov + curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM + curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM.sig + gpg --verify codecov.SHA256SUM.sig codecov.SHA256SUM + shasum -a 256 -c codecov.SHA256SUM + chmod +x codecov + + - name: Upload Source Code Coverage To Codecov + if: always() && inputs.skip-code-coverage == false && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled' + run: | + if [ ! -s artifacts/coverage/salt.xml ]; then + echo "The artifacts/coverage/salt.xml file does not exist" + exit 1 + fi + # We can't yet use tokenless uploads with the codecov CLI + #codecovcli --auto-load-params-from GithubActions --verbose --token ${{ secrets.CODECOV_TOKEN }} \ + # do-upload --git-service github --sha ${{ github.sha }} \ + # --file artifacts/coverage/salt.xml \ + # --flag salt --flag ${{ matrix.distro-slug }} --flag pkg \ + # --name salt.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs + n=0 + until [ "$n" -ge 5 ] + do + if ./codecov --file artifacts/coverage/salt.xml \ + --sha ${{ github.event.pull_request.head.sha || github.sha }} ${{ github.event_name == 'pull_request' && format('--parent {0}', github.event.pull_request.base.sha) }} \ + --flags salt,${{ matrix.distro-slug }},pkg \ + --name salt.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs --nonZero; then + rc=$? + break + fi + rc=$? + n=$((n+1)) + sleep 15 + done + if [ "$rc" -ne 0 ]; then + echo "Failed to upload codecov stats" + exit 1 + fi + + - name: Upload Tests Code Coverage To Codecov + if: always() && inputs.skip-code-coverage == false && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled' + run: | + if [ ! -s artifacts/coverage/tests.xml ]; then + echo "The artifacts/coverage/tests.xml file does not exist" + exit 1 + fi + # We can't yet use tokenless uploads with the codecov CLI + #codecovcli --auto-load-params-from GithubActions --verbose --token ${{ secrets.CODECOV_TOKEN }} \ + # do-upload --git-service github --sha ${{ github.sha }} \ + # --file artifacts/coverage/tests.xml \ + # --flag tests --flag ${{ matrix.distro-slug }} --flag pkg \ + # --name tests.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs + n=0 + until [ "$n" -ge 5 ] + do + if ./codecov --file artifacts/coverage/tests.xml \ + --sha ${{ github.event.pull_request.head.sha || github.sha }} ${{ github.event_name == 'pull_request' && format('--parent {0}', github.event.pull_request.base.sha) }} \ + --flags tests,${{ matrix.distro-slug }},pkg \ + --name tests.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs --nonZero; then + rc=$? + break + fi + rc=$? + n=$((n+1)) + sleep 15 + done + if [ "$rc" -ne 0 ]; then + echo "Failed to upload codecov stats" + exit 1 + fi + + - name: Upload Test Run Artifacts + if: always() && steps.download-artifacts-from-vm.outcome == 'success' + uses: actions/upload-artifact@v3 + with: + name: pkg-testrun-artifacts-${{ matrix.distro-slug }}-${{ matrix.arch }} + path: | + artifacts + !artifacts/salt/* + !artifacts/salt-*.tar.* + + - name: Publish Test Report + uses: mikepenz/action-junit-report@v3 + # always run even if the previous steps fails + if: always() && job.status != 'cancelled' && steps.download-artifacts-from-vm.outcome == 'success' + with: + check_name: Overall Test Results(${{ matrix.distro-slug }} ${{ matrix.arch }}) + report_paths: 'artifacts/xml-unittests-output/*.xml' + annotate_only: true + + + macos: + name: MacOS + runs-on: ${{ matrix.distro-slug }} + environment: ${{ inputs.environment }} + timeout-minutes: 120 # 2 Hours - More than this and something is wrong + strategy: + fail-fast: false + matrix: + include: + <%- for slug, arch, pkg_type in test_salt_pkg_downloads_listing["macos"] %> + - distro-slug: <{ slug }> + arch: <{ arch }> + pkg-type: <{ pkg_type }> + <%- endfor %> + + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(python3 -c 'import random, sys; sys.stdout.write(str(random.randint(1, 15)))'); echo "Sleeping $t seconds"; sleep "$t" + + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Download Onedir Tarball as an Artifact + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-darwin-${{ matrix.arch == 'arm64' && 'aarch64' || matrix.arch }}.tar.xz + path: artifacts/ + + - name: Install System Dependencies + run: | + brew install tree + + - name: Decompress Onedir Tarball + shell: bash + run: | + python3 -c "import os; os.makedirs('artifacts', exist_ok=True)" + cd artifacts + tar xvf ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-darwin-${{ matrix.arch == 'arm64' && 'aarch64' || matrix.arch }}.tar.xz + + - name: Set up Python ${{ inputs.python-version }} + uses: actions/setup-python@v4 + with: + python-version: "${{ inputs.python-version }}" + update-environment: true + + - name: Install Nox + run: | + python3 -m pip install 'nox==${{ inputs.nox-version }}' + + - name: Download cached nox.${{ matrix.distro-slug }}.tar.* for session ${{ inputs.nox-session }} + uses: actions/cache@v3.3.1 + with: + path: nox.${{ matrix.distro-slug }}.tar.* + key: ${{ inputs.cache-prefix }}|testrun-deps|${{ matrix.arch == 'arm64' && 'aarch64' || matrix.arch }}|${{ matrix.distro-slug }}|${{ inputs.nox-session }}|${{ inputs.python-version }}|${{ + hashFiles('requirements/**/*.txt', 'cicd/golden-images.json', 'noxfile.py') + }} + # If we get a cache miss here it means the dependencies step failed to save the cache + fail-on-cache-miss: true + + - name: Decompress .nox Directory + run: | + nox --force-color -e decompress-dependencies -- ${{ matrix.distro-slug }} + + - name: Show System Info & Test Plan + env: + SALT_RELEASE: "${{ inputs.salt-version }}" + SKIP_REQUIREMENTS_INSTALL: "1" + PRINT_TEST_SELECTION: "1" + PRINT_TEST_PLAN_ONLY: "1" + PRINT_SYSTEM_INFO: "1" + GITHUB_ACTIONS_PIPELINE: "1" + SKIP_INITIAL_GH_ACTIONS_FAILURES: "1" + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + LATEST_SALT_RELEASE: "${{ inputs.latest-release }}" + DOWNLOAD_TEST_PACKAGE_TYPE: ${{ matrix.pkg-type }} + run: | + sudo -E nox --force-color -e ${{ inputs.nox-session }}-pkgs -- download-pkgs + + - name: Run Package Download Tests + env: + SKIP_REQUIREMENTS_INSTALL: "1" + PRINT_TEST_SELECTION: "0" + PRINT_TEST_PLAN_ONLY: "0" + PRINT_SYSTEM_INFO: "0" + RERUN_FAILURES: "1" + GITHUB_ACTIONS_PIPELINE: "1" + SKIP_INITIAL_GH_ACTIONS_FAILURES: "1" + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + COVERAGE_CONTEXT: ${{ matrix.distro-slug }} + SALT_RELEASE: "${{ inputs.salt-version }}" + SALT_REPO_ARCH: ${{ matrix.arch }} + LATEST_SALT_RELEASE: "${{ inputs.latest-release }}" + SALT_REPO_TYPE: ${{ inputs.environment }} + SALT_REPO_USER: ${{ secrets.SALT_REPO_USER }} + SALT_REPO_PASS: ${{ secrets.SALT_REPO_PASS }} + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + DOWNLOAD_TEST_PACKAGE_TYPE: ${{ matrix.pkg-type }} + run: | + sudo -E nox --force-color -e ${{ inputs.nox-session }}-pkgs -- download-pkgs + + - name: Fix file ownership + run: | + sudo chown -R "$(id -un)" . + + - name: Combine Coverage Reports + if: always() && inputs.skip-code-coverage == false && job.status != 'cancelled' + run: | + nox --force-color -e combine-coverage + + - name: Prepare Test Run Artifacts + id: download-artifacts-from-vm + if: always() && job.status != 'cancelled' + run: | + # Delete the salt onedir, we won't need it anymore and it will prevent + # from it showing in the tree command below + rm -rf artifacts/salt* + tree -a artifacts + + - name: Install Codecov CLI + if: always() && inputs.skip-code-coverage == false && job.status != 'cancelled' + run: | + # We can't yet use tokenless uploads with the codecov CLI + # python3 -m pip install codecov-cli + # + curl https://keybase.io/codecovsecurity/pgp_keys.asc | gpg --no-default-keyring --import + curl -Os https://uploader.codecov.io/latest/macos/codecov + curl -Os https://uploader.codecov.io/latest/macos/codecov.SHA256SUM + curl -Os https://uploader.codecov.io/latest/macos/codecov.SHA256SUM.sig + gpg --verify codecov.SHA256SUM.sig codecov.SHA256SUM + shasum -a 256 -c codecov.SHA256SUM + chmod +x codecov + + - name: Upload Source Code Coverage To Codecov + if: always() && inputs.skip-code-coverage == false && job.status != 'cancelled' + run: | + if [ ! -s artifacts/coverage/salt.xml ]; then + echo "The artifacts/coverage/salt.xml file does not exist" + exit 1 + fi + # We can't yet use tokenless uploads with the codecov CLI + #codecovcli --auto-load-params-from GithubActions --verbose --token ${{ secrets.CODECOV_TOKEN }} \ + # do-upload --git-service github --sha ${{ github.sha }} \ + # --file artifacts/coverage/salt.xml \ + # --flag salt --flag ${{ matrix.distro-slug }} --flag pkg \ + # --name salt.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs + n=0 + until [ "$n" -ge 5 ] + do + if ./codecov --file artifacts/coverage/salt.xml \ + --sha ${{ github.event.pull_request.head.sha || github.sha }} ${{ github.event_name == 'pull_request' && format('--parent {0}', github.event.pull_request.base.sha) }} \ + --flags salt,${{ matrix.distro-slug }},pkg \ + --name salt.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs --nonZero; then + rc=$? + break + fi + rc=$? + n=$((n+1)) + sleep 15 + done + if [ "$rc" -ne 0 ]; then + echo "Failed to upload codecov stats" + exit 1 + fi + + - name: Upload Tests Code Coverage To Codecov + if: always() && inputs.skip-code-coverage == false && job.status != 'cancelled' + run: | + if [ ! -s artifacts/coverage/tests.xml ]; then + echo "The artifacts/coverage/tests.xml file does not exist" + exit 1 + fi + # We can't yet use tokenless uploads with the codecov CLI + #codecovcli --auto-load-params-from GithubActions --verbose --token ${{ secrets.CODECOV_TOKEN }} \ + # do-upload --git-service github --sha ${{ github.sha }} \ + # --file artifacts/coverage/tests.xml \ + # --flag tests --flag ${{ matrix.distro-slug }} --flag pkg \ + # --name tests.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs + n=0 + until [ "$n" -ge 5 ] + do + if ./codecov --file artifacts/coverage/tests.xml \ + --sha ${{ github.event.pull_request.head.sha || github.sha }} ${{ github.event_name == 'pull_request' && format('--parent {0}', github.event.pull_request.base.sha) }} \ + --flags tests,${{ matrix.distro-slug }},pkg \ + --name tests.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs --nonZero; then + rc=$? + break + fi + rc=$? + n=$((n+1)) + sleep 15 + done + if [ "$rc" -ne 0 ]; then + echo "Failed to upload codecov stats" + exit 1 + fi + + - name: Upload Test Run Artifacts + if: always() + uses: actions/upload-artifact@v3 + with: + name: pkg-testrun-artifacts-${{ matrix.distro-slug }}-${{ matrix.arch }} + path: | + artifacts + !artifacts/salt/* + !artifacts/salt-*.tar.* + + - name: Publish Test Report + uses: mikepenz/action-junit-report@v3 + # always run even if the previous steps fails + if: always() && job.status != 'cancelled' + with: + check_name: Overall Test Results(${{ matrix.distro-slug }} ${{ matrix.arch }}) + report_paths: 'artifacts/xml-unittests-output/*.xml' + annotate_only: true + + + windows: + name: Windows + runs-on: + - self-hosted + - linux + - bastion + environment: ${{ inputs.environment }} + timeout-minutes: 120 # 2 Hours - More than this and something is wrong + strategy: + fail-fast: false + matrix: + include: + <%- for slug, arch, pkg_type in test_salt_pkg_downloads_listing["windows"] %> + - distro-slug: <{ slug }> + arch: <{ arch }> + pkg-type: <{ pkg_type }> + <%- endfor %> + + steps: + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Download Onedir Tarball as an Artifact + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-windows-${{ matrix.arch }}.tar.xz + path: artifacts/ + + - name: Decompress Onedir Tarball + shell: bash + run: | + python3 -c "import os; os.makedirs('artifacts', exist_ok=True)" + cd artifacts + tar xvf ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-windows-${{ matrix.arch }}.tar.xz + + - name: Download cached nox.${{ matrix.distro-slug }}.tar.* for session ${{ inputs.nox-session }} + uses: actions/cache@v3.3.1 + with: + path: nox.${{ matrix.distro-slug }}.tar.* + key: ${{ inputs.cache-prefix }}|testrun-deps|${{ matrix.arch }}|${{ matrix.distro-slug }}|${{ inputs.nox-session }}|${{ inputs.python-version }}|${{ + hashFiles('requirements/**/*.txt', 'cicd/golden-images.json', 'noxfile.py') + }} + # If we get a cache miss here it means the dependencies step failed to save the cache + fail-on-cache-miss: true + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-prefix }}-pkg-download-windows + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Start VM + id: spin-up-vm + run: | + tools --timestamps vm create --environment "${SPB_ENVIRONMENT}" --retries=2 ${{ matrix.distro-slug }} + + - name: List Free Space + run: | + tools --timestamps vm ssh ${{ matrix.distro-slug }} -- df -h || true + + - name: Upload Checkout To VM + run: | + tools --timestamps vm rsync ${{ matrix.distro-slug }} + + - name: Decompress .nox Directory + run: | + tools --timestamps vm decompress-dependencies ${{ matrix.distro-slug }} + + - name: Show System Info & Test Plan + env: + SALT_RELEASE: "${{ inputs.salt-version }}" + SALT_REPO_ARCH: ${{ matrix.arch }} + LATEST_SALT_RELEASE: "${{ inputs.latest-release }}" + SALT_REPO_TYPE: ${{ inputs.environment }} + SALT_REPO_USER: ${{ secrets.SALT_REPO_USER }} + SALT_REPO_PASS: ${{ secrets.SALT_REPO_PASS }} + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + DOWNLOAD_TEST_PACKAGE_TYPE: ${{ matrix.pkg-type }} + run: | + tools --timestamps --timeout-secs=1800 vm testplan --skip-requirements-install \ + -E SALT_RELEASE -E SALT_REPO_ARCH -E SALT_REPO_TYPE -E SALT_REPO_USER -E SALT_REPO_PASS \ + -E SALT_REPO_DOMAIN_RELEASE -E SALT_REPO_DOMAIN_STAGING -E LATEST_SALT_RELEASE -E DOWNLOAD_TEST_PACKAGE_TYPE \ + --nox-session=${{ inputs.nox-session }}-pkgs ${{ matrix.distro-slug }} -- download-pkgs + + - name: Run Package Download Tests + env: + SALT_RELEASE: "${{ inputs.salt-version }}" + SALT_REPO_ARCH: ${{ matrix.arch }} + LATEST_SALT_RELEASE: "${{ inputs.latest-release }}" + SALT_REPO_TYPE: ${{ inputs.environment }} + SALT_REPO_USER: ${{ secrets.SALT_REPO_USER }} + SALT_REPO_PASS: ${{ secrets.SALT_REPO_PASS }} + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + DOWNLOAD_TEST_PACKAGE_TYPE: ${{ matrix.pkg-type }} + run: | + tools --timestamps --no-output-timeout-secs=1800 --timeout-secs=14400 vm test --skip-requirements-install \ + -E SALT_RELEASE -E SALT_REPO_ARCH -E SALT_REPO_TYPE -E SALT_REPO_USER -E SALT_REPO_PASS \ + -E SALT_REPO_DOMAIN_RELEASE -E SALT_REPO_DOMAIN_STAGING -E LATEST_SALT_RELEASE -E DOWNLOAD_TEST_PACKAGE_TYPE \ + --nox-session=${{ inputs.nox-session }}-pkgs --rerun-failures ${{ matrix.distro-slug }} -- download-pkgs + + - name: Combine Coverage Reports + if: always() && inputs.skip-code-coverage == false && steps.spin-up-vm.outcome == 'success' && job.status != 'cancelled' + run: | + tools --timestamps vm combine-coverage ${{ matrix.distro-slug }} + + - name: Download Test Run Artifacts + id: download-artifacts-from-vm + if: always() && steps.spin-up-vm.outcome == 'success' + run: | + tools --timestamps vm download-artifacts ${{ matrix.distro-slug }} + # Delete the salt onedir, we won't need it anymore and it will prevent + # from it showing in the tree command below + rm -rf artifacts/salt* + tree -a artifacts + + - name: Destroy VM + if: always() + run: | + tools --timestamps vm destroy --no-wait ${{ matrix.distro-slug }} || true + + - name: Fix file ownership + run: | + sudo chown -R "$(id -un)" . + + - name: Install Codecov CLI + if: always() && inputs.skip-code-coverage == false && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled' + run: | + # We can't yet use tokenless uploads with the codecov CLI + # python3 -m pip install codecov-cli + # + curl https://keybase.io/codecovsecurity/pgp_keys.asc | gpg --no-default-keyring --import + curl -Os https://uploader.codecov.io/latest/linux/codecov + curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM + curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM.sig + gpg --verify codecov.SHA256SUM.sig codecov.SHA256SUM + shasum -a 256 -c codecov.SHA256SUM + chmod +x codecov + + - name: Upload Source Code Coverage To Codecov + if: always() && inputs.skip-code-coverage == false && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled' + run: | + if [ ! -s artifacts/coverage/salt.xml ]; then + echo "The artifacts/coverage/salt.xml file does not exist" + exit 1 + fi + # We can't yet use tokenless uploads with the codecov CLI + #codecovcli --auto-load-params-from GithubActions --verbose --token ${{ secrets.CODECOV_TOKEN }} \ + # do-upload --git-service github --sha ${{ github.sha }} \ + # --file artifacts/coverage/salt.xml \ + # --flag salt --flag ${{ matrix.distro-slug }} --flag pkg \ + # --name salt.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs + n=0 + until [ "$n" -ge 5 ] + do + if ./codecov --file artifacts/coverage/salt.xml \ + --sha ${{ github.event.pull_request.head.sha || github.sha }} ${{ github.event_name == 'pull_request' && format('--parent {0}', github.event.pull_request.base.sha) }} \ + --flags salt,${{ matrix.distro-slug }},pkg \ + --name salt.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs --nonZero; then + rc=$? + break + fi + rc=$? + n=$((n+1)) + sleep 15 + done + if [ "$rc" -ne 0 ]; then + echo "Failed to upload codecov stats" + exit 1 + fi + + - name: Upload Tests Code Coverage To Codecov + if: always() && inputs.skip-code-coverage == false && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled' + run: | + if [ ! -s artifacts/coverage/tests.xml ]; then + echo "The artifacts/coverage/tests.xml file does not exist" + exit 1 + fi + # We can't yet use tokenless uploads with the codecov CLI + #codecovcli --auto-load-params-from GithubActions --verbose --token ${{ secrets.CODECOV_TOKEN }} \ + # do-upload --git-service github --sha ${{ github.sha }} \ + # --file artifacts/coverage/tests.xml \ + # --flag tests --flag ${{ matrix.distro-slug }} --flag pkg \ + # --name tests.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs + n=0 + until [ "$n" -ge 5 ] + do + if ./codecov --file artifacts/coverage/tests.xml \ + --sha ${{ github.event.pull_request.head.sha || github.sha }} ${{ github.event_name == 'pull_request' && format('--parent {0}', github.event.pull_request.base.sha) }} \ + --flags tests,${{ matrix.distro-slug }},pkg \ + --name tests.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs --nonZero; then + rc=$? + break + fi + rc=$? + n=$((n+1)) + sleep 15 + done + if [ "$rc" -ne 0 ]; then + echo "Failed to upload codecov stats" + exit 1 + fi + + - name: Upload Test Run Artifacts + if: always() && steps.download-artifacts-from-vm.outcome == 'success' + uses: actions/upload-artifact@v3 + with: + name: pkg-testrun-artifacts-${{ matrix.distro-slug }}-${{ matrix.arch }} + path: | + artifacts + !artifacts/salt/* + !artifacts/salt-*.tar.* + + - name: Publish Test Report + uses: mikepenz/action-junit-report@v3 + # always run even if the previous steps fails + if: always() && job.status != 'cancelled' && steps.download-artifacts-from-vm.outcome == 'success' + with: + check_name: Overall Test Results(${{ matrix.distro-slug }} ${{ matrix.arch }} ${{ matrix.pkg-type }} ) + report_paths: 'artifacts/xml-unittests-output/*.xml' + annotate_only: true diff --git a/.github/workflows/templates/test-salt-pkg-repo-downloads.yml.jinja b/.github/workflows/templates/test-salt-pkg-repo-downloads.yml.jinja new file mode 100644 index 00000000..005c5272 --- /dev/null +++ b/.github/workflows/templates/test-salt-pkg-repo-downloads.yml.jinja @@ -0,0 +1,36 @@ + + <%- set job_name = "pkg-download-tests" %> + + <{ job_name }>: + <%- do test_repo_needs.append(job_name) %> + <%- do conclusion_needs.append(job_name) %> + name: Package Downloads + <%- if gh_environment == "staging" %> + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg-download'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + <%- else %> + if: ${{ inputs.skip-salt-pkg-download-test-suite == false }} + <%- endif %> + needs: + - prepare-workflow + - publish-repositories + <%- for slug in test_salt_pkg_downloads_needs_slugs %> + - <{ slug }> + <%- endfor %> + <%- if gh_environment == "release" %> + - download-onedir-artifact + <%- else %> + - build-salt-onedir-linux + - build-salt-onedir-macos + - build-salt-onedir-windows + <%- endif %> + uses: ./.github/workflows/test-package-downloads-action.yml + with: + nox-session: ci-test-onedir + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|<{ python_version }> + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + environment: <{ gh_environment }> + nox-version: <{ nox_version }> + python-version: "<{ gh_actions_workflows_python_version }>" + skip-code-coverage: true + latest-release: "${{ needs.prepare-workflow.outputs.latest-release }}" + secrets: inherit diff --git a/.github/workflows/templates/test-salt-pkg.yml.jinja b/.github/workflows/templates/test-salt-pkg.yml.jinja new file mode 100644 index 00000000..eb8b43d0 --- /dev/null +++ b/.github/workflows/templates/test-salt-pkg.yml.jinja @@ -0,0 +1,91 @@ + <%- for slug, display_name, arch, pkg_type, fips in test_salt_pkg_listing["linux"] %> + <%- set job_name = "{}-pkg-tests".format(slug.replace(".", "")) %> + + <{ job_name }>: + <%- do test_salt_pkg_needs.append(job_name) %> + name: <{ display_name }> Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-<{ pkg_type }>-pkgs-onedir + - <{ slug.replace(".", "") }>-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: <{ slug }> + nox-session: ci-test-onedir + platform: linux + arch: <{ arch }> + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: <{ pkg_type }> + nox-version: <{ nox_version }> + python-version: "<{ gh_actions_workflows_python_version }>" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|<{ python_version }> + skip-code-coverage: <{ skip_test_coverage_check }> + skip-junit-reports: <{ skip_junit_reports_check }> + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + <%- if fips == "fips" %> + fips: true + <%- endif %> + + <%- endfor %> + + + + <%- for slug, display_name, arch in test_salt_pkg_listing["macos"] %> + <%- set job_name = "{}-pkg-tests".format(slug.replace(".", "")) %> + + <{ job_name }>: + <%- do test_salt_pkg_needs.append(job_name) %> + name: <{ display_name }> Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - build-macos-pkgs-onedir + - <{ slug.replace(".", "") }>-ci-deps + uses: ./.github/workflows/test-packages-action-macos.yml + with: + distro-slug: <{ slug }> + nox-session: ci-test-onedir + platform: darwin + arch: <{ arch }> + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: macos + nox-version: <{ nox_version }> + python-version: "<{ gh_actions_workflows_python_version }>" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|<{ python_version }> + skip-code-coverage: <{ skip_test_coverage_check }> + skip-junit-reports: <{ skip_junit_reports_check }> + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + <%- endfor %> + + + <%- for slug, display_name, arch in test_salt_pkg_listing["windows"] %> + <%- for pkg_type in ("NSIS", "MSI") %> + <%- set job_name = "{}-{}-pkg-tests".format(slug.replace(".", ""), pkg_type.lower()) %> + + <{ job_name }>: + <%- do test_salt_pkg_needs.append(job_name) %> + name: <{ display_name }> <{ pkg_type }> Package Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test-pkg'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - build-windows-pkgs-onedir + - <{ slug.replace(".", "") }>-ci-deps + uses: ./.github/workflows/test-packages-action.yml + with: + distro-slug: <{ slug }> + nox-session: ci-test-onedir + platform: windows + arch: <{ arch }> + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + pkg-type: <{ pkg_type }> + nox-version: <{ nox_version }> + python-version: "<{ gh_actions_workflows_python_version }>" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|<{ python_version }> + skip-code-coverage: <{ skip_test_coverage_check }> + skip-junit-reports: <{ skip_junit_reports_check }> + testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} + + <%- endfor %> + <%- endfor %> diff --git a/.github/workflows/templates/test-salt.yml.jinja b/.github/workflows/templates/test-salt.yml.jinja new file mode 100644 index 00000000..259d1a78 --- /dev/null +++ b/.github/workflows/templates/test-salt.yml.jinja @@ -0,0 +1,92 @@ +{#- + Full test runs. Each chunk should never take more than 2 hours. We allow 3, and on windows we add 30 more minutes. + Partial test runs(no chunk parallelization), 6 Hours +#} +<%- set full_testrun_timeout_value = 180 %> +<%- set partial_testrun_timeout_value = 360 %> +<%- set windows_full_testrun_timeout_value = full_testrun_timeout_value + 30 %> + + <%- for slug, display_name, arch in test_salt_listing["windows"] %> + + <{ slug.replace(".", "") }>: + <%- do test_salt_needs.append(slug.replace(".", "")) %> + name: <{ display_name }> Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - <{ slug.replace(".", "") }>-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: <{ slug }> + nox-session: ci-test-onedir + platform: windows + arch: amd64 + nox-version: <{ nox_version }> + gh-actions-python-version: "<{ gh_actions_workflows_python_version }>" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|<{ python_version }> + skip-code-coverage: <{ skip_test_coverage_check }> + skip-junit-reports: <{ skip_junit_reports_check }> + workflow-slug: <{ workflow_slug }> + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && <{ windows_full_testrun_timeout_value }> || <{ partial_testrun_timeout_value }> }} + + <%- endfor %> + + + <%- for slug, display_name, arch in test_salt_listing["macos"] %> + + <{ slug.replace(".", "") }>: + <%- do test_salt_needs.append(slug.replace(".", "")) %> + name: <{ display_name }> Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['github-hosted'] }} + needs: + - prepare-workflow + - <{ slug.replace(".", "") }>-ci-deps + uses: ./.github/workflows/test-action-macos.yml + with: + distro-slug: <{ slug }> + nox-session: ci-test-onedir + platform: darwin + arch: <{ arch }> + nox-version: <{ nox_version }> + gh-actions-python-version: "<{ gh_actions_workflows_python_version }>" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|<{ python_version }> + skip-code-coverage: <{ skip_test_coverage_check }> + skip-junit-reports: <{ skip_junit_reports_check }> + workflow-slug: <{ workflow_slug }> + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && <{ full_testrun_timeout_value }> || <{ partial_testrun_timeout_value }> }} + + <%- endfor %> + + <%- for slug, display_name, arch, fips in test_salt_listing["linux"] %> + + <{ slug.replace(".", "") }>: + <%- do test_salt_needs.append(slug.replace(".", "")) %> + name: <{ display_name }> Test + if: ${{ fromJSON(needs.prepare-workflow.outputs.jobs)['test'] && fromJSON(needs.prepare-workflow.outputs.runners)['self-hosted'] }} + needs: + - prepare-workflow + - <{ slug.replace(".", "") }>-ci-deps + uses: ./.github/workflows/test-action.yml + with: + distro-slug: <{ slug }> + nox-session: ci-test-onedir + platform: linux + arch: <{ arch }> + nox-version: <{ nox_version }> + gh-actions-python-version: "<{ gh_actions_workflows_python_version }>" + testrun: ${{ needs.prepare-workflow.outputs.testrun }} + salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" + cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|<{ python_version }> + skip-code-coverage: <{ skip_test_coverage_check }> + skip-junit-reports: <{ skip_junit_reports_check }> + workflow-slug: <{ workflow_slug }> + timeout-minutes: ${{ fromJSON(needs.prepare-workflow.outputs.testrun)['type'] == 'full' && <{ full_testrun_timeout_value }> || <{ partial_testrun_timeout_value }> }} + <%- if fips == "fips" %> + fips: true + <%- endif %> + + <%- endfor %> diff --git a/.github/workflows/templates/trigger-branch-workflows.yml.jinja b/.github/workflows/templates/trigger-branch-workflows.yml.jinja new file mode 100644 index 00000000..24d0147b --- /dev/null +++ b/.github/workflows/templates/trigger-branch-workflows.yml.jinja @@ -0,0 +1,20 @@ + + + <%- set job_name = "trigger-branch-{}-builds".format(workflow_slug) %> + <%- set branches = ["3006.x"] %> + + <{ job_name }>: + <%- do conclusion_needs.append(job_name) %> + name: Trigger Branch Workflows + if: ${{ github.event_name == 'schedule' && fromJSON(needs.workflow-requirements.outputs.requirements-met) }} + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + needs: + - workflow-requirements + steps: + <%- for branch in branches %> + - name: Trigger <{ branch }> branch + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + gh workflow run <{ workflow_slug }>.yml --repo ${{ github.repository }} --ref <{ branch }> + <%- endfor %> diff --git a/.github/workflows/templates/workflow-requirements-check.yml.jinja b/.github/workflows/templates/workflow-requirements-check.yml.jinja new file mode 100644 index 00000000..a18c13c6 --- /dev/null +++ b/.github/workflows/templates/workflow-requirements-check.yml.jinja @@ -0,0 +1,29 @@ + + <%- set job_name = "workflow-requirements" %> + + <{ job_name }>: + <%- do prepare_workflow_needs.append(job_name) %> + name: Check Workflow Requirements + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + outputs: + requirements-met: ${{ steps.check-requirements.outputs.requirements-met }} + steps: + - name: Check Requirements + id: check-requirements + run: | + if [ "${{ vars.RUN_SCHEDULED_BUILDS }}" = "1" ]; then + MSG="Running workflow because RUN_SCHEDULED_BUILDS=1" + echo "${MSG}" + echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" + echo "requirements-met=true" >> "${GITHUB_OUTPUT}" + elif [ "${{ github.event.repository.fork }}" = "true" ]; then + MSG="Not running workflow because ${{ github.repository }} is a fork" + echo "${MSG}" + echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" + echo "requirements-met=false" >> "${GITHUB_OUTPUT}" + else + MSG="Running workflow because ${{ github.repository }} is not a fork" + echo "${MSG}" + echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" + echo "requirements-met=true" >> "${GITHUB_OUTPUT}" + fi diff --git a/.github/workflows/test-action-macos.yml b/.github/workflows/test-action-macos.yml new file mode 100644 index 00000000..8554e3f8 --- /dev/null +++ b/.github/workflows/test-action-macos.yml @@ -0,0 +1,442 @@ +--- +name: Test Artifact(macOS) + +on: + workflow_call: + inputs: + distro-slug: + required: true + type: string + description: The OS slug to run tests against + nox-session: + required: true + type: string + description: The nox session to run + testrun: + required: true + type: string + description: JSON string containing information about what and how to run the test suite + gh-actions-python-version: + required: false + type: string + description: The python version to run tests with + default: "3.11" + salt-version: + type: string + required: true + description: The Salt version to set prior to running tests. + cache-prefix: + required: true + type: string + description: Seed used to invalidate caches + platform: + required: true + type: string + description: The platform being tested + arch: + required: true + type: string + description: The platform arch being tested + nox-version: + required: true + type: string + description: The nox version to install + timeout-minutes: + required: true + type: number + description: Timeout, in minutes, for the test job + package-name: + required: false + type: string + description: The onedir package name to use + default: salt + skip-code-coverage: + required: false + type: boolean + description: Skip code coverage + default: false + skip-junit-reports: + required: false + type: boolean + description: Skip Publishing JUnit Reports + default: false + workflow-slug: + required: false + type: string + description: Which workflow is running. + default: ci + +env: + COLUMNS: 190 + PIP_INDEX_URL: "https://pypi-proxy.saltstack.net/root/local/+simple/" + PIP_EXTRA_INDEX_URL: "https://pypi.org/simple" + +jobs: + + generate-matrix: + name: Test Matrix + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + outputs: + matrix-include: ${{ steps.generate-matrix.outputs.matrix }} + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(shuf -i 1-30 -n 1); echo "Sleeping $t seconds"; sleep "$t" + + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-prefix }} + + - name: Generate Test Matrix + id: generate-matrix + run: | + tools ci matrix --workflow=${{ inputs.workflow-slug }} ${{ inputs.distro-slug }} + + test: + name: Test + runs-on: ${{ inputs.distro-slug }} + timeout-minutes: ${{ inputs.timeout-minutes }} + needs: + - generate-matrix + strategy: + fail-fast: false + matrix: + include: ${{ fromJSON(needs.generate-matrix.outputs.matrix-include) }} + env: + SALT_TRANSPORT: ${{ matrix.transport }} + + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(python3 -c 'import random, sys; sys.stdout.write(str(random.randint(1, 15)))'); echo "Sleeping $t seconds"; sleep "$t" + + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Setup Salt Version + run: | + echo "${{ inputs.salt-version }}" > salt/_version.txt + + - name: Download Onedir Tarball as an Artifact + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.tar.xz + path: artifacts/ + + - name: Decompress Onedir Tarball + shell: bash + run: | + python3 -c "import os; os.makedirs('artifacts', exist_ok=True)" + cd artifacts + tar xvf ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.tar.xz + + - name: Install System Dependencies + run: | + brew install tree + + - name: Download cached nox.${{ inputs.distro-slug }}.tar.* for session ${{ inputs.nox-session }} + uses: actions/cache@v3.3.1 + with: + path: nox.${{ inputs.distro-slug }}.tar.* + key: ${{ inputs.cache-prefix }}|testrun-deps|${{ inputs.arch }}|${{ inputs.distro-slug }}|${{ inputs.nox-session }}|${{ inputs.gh-actions-python-version }}|${{ + hashFiles('requirements/**/*.txt', 'cicd/golden-images.json', 'noxfile.py') + }} + # If we get a cache miss here it means the dependencies step failed to save the cache + fail-on-cache-miss: true + + - name: Set up Python ${{ inputs.gh-actions-python-version }} + uses: actions/setup-python@v4 + with: + python-version: "${{ inputs.gh-actions-python-version }}" + + - name: Install Nox + run: | + python3 -m pip install 'nox==${{ inputs.nox-version }}' + + - name: Decompress .nox Directory + run: | + nox --force-color -e decompress-dependencies -- ${{ inputs.distro-slug }} + + - name: Download testrun-changed-files.txt + if: ${{ fromJSON(inputs.testrun)['type'] != 'full' }} + uses: actions/download-artifact@v3 + with: + name: testrun-changed-files.txt + + - name: Show System Info & Test Plan + env: + SKIP_REQUIREMENTS_INSTALL: "1" + PRINT_TEST_SELECTION: "1" + PRINT_TEST_PLAN_ONLY: "1" + PRINT_SYSTEM_INFO: "1" + GITHUB_ACTIONS_PIPELINE: "1" + SKIP_INITIAL_GH_ACTIONS_FAILURES: "1" + SKIP_CODE_COVERAGE: "1" + run: | + sudo -E nox --force-color -e ${{ inputs.nox-session }} -- ${{ matrix.tests-chunk }} -- -k "mac or darwin" + + - name: Run Fast/Changed Tests + id: run-fast-changed-tests + if: ${{ fromJSON(inputs.testrun)['type'] != 'full' && fromJSON(inputs.testrun)['selected_tests']['fast'] == false }} + env: + SKIP_REQUIREMENTS_INSTALL: "1" + PRINT_TEST_SELECTION: "0" + PRINT_TEST_PLAN_ONLY: "0" + PRINT_SYSTEM_INFO: "0" + RERUN_FAILURES: "1" + GITHUB_ACTIONS_PIPELINE: "1" + SKIP_INITIAL_GH_ACTIONS_FAILURES: "1" + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + COVERAGE_CONTEXT: ${{ inputs.distro-slug }} + run: | + sudo -E nox --force-color -e ${{ inputs.nox-session }} -- ${{ matrix.tests-chunk }} -- \ + -k "mac or darwin" --suppress-no-test-exit-code \ + --from-filenames=testrun-changed-files.txt + + - name: Run Slow/Changed Tests + id: run-slow-changed-tests + if: ${{ fromJSON(inputs.testrun)['type'] != 'full' && fromJSON(inputs.testrun)['selected_tests']['slow'] == false }} + env: + SKIP_REQUIREMENTS_INSTALL: "1" + PRINT_TEST_SELECTION: "0" + PRINT_TEST_PLAN_ONLY: "0" + PRINT_SYSTEM_INFO: "0" + RERUN_FAILURES: "1" + GITHUB_ACTIONS_PIPELINE: "1" + SKIP_INITIAL_GH_ACTIONS_FAILURES: "1" + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + COVERAGE_CONTEXT: ${{ inputs.distro-slug }} + run: | + sudo -E nox --force-color -e ${{ inputs.nox-session }} -- ${{ matrix.tests-chunk }} -- \ + -k "mac or darwin" --suppress-no-test-exit-code --no-fast-tests --slow-tests \ + --from-filenames=testrun-changed-files.txt + + - name: Run Core/Changed Tests + id: run-core-changed-tests + if: ${{ fromJSON(inputs.testrun)['type'] != 'full' && fromJSON(inputs.testrun)['selected_tests']['core'] == false }} + env: + SKIP_REQUIREMENTS_INSTALL: "1" + PRINT_TEST_SELECTION: "0" + PRINT_TEST_PLAN_ONLY: "0" + PRINT_SYSTEM_INFO: "0" + RERUN_FAILURES: "1" + GITHUB_ACTIONS_PIPELINE: "1" + SKIP_INITIAL_GH_ACTIONS_FAILURES: "1" + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + COVERAGE_CONTEXT: ${{ inputs.distro-slug }} + run: | + sudo -E nox --force-color -e ${{ inputs.nox-session }} -- ${{ matrix.tests-chunk }} -- \ + -k "mac or darwin" --suppress-no-test-exit-code --no-fast-tests --core-tests \ + --from-filenames=testrun-changed-files.txt + + - name: Run Fast Tests + id: run-fast-tests + if: ${{ fromJSON(inputs.testrun)['type'] != 'full' && fromJSON(inputs.testrun)['selected_tests']['fast'] }} + env: + SKIP_REQUIREMENTS_INSTALL: "1" + PRINT_TEST_SELECTION: "0" + PRINT_TEST_PLAN_ONLY: "0" + PRINT_SYSTEM_INFO: "0" + RERUN_FAILURES: "1" + GITHUB_ACTIONS_PIPELINE: "1" + SKIP_INITIAL_GH_ACTIONS_FAILURES: "1" + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + COVERAGE_CONTEXT: ${{ inputs.distro-slug }} + run: | + sudo -E nox --force-color -e ${{ inputs.nox-session }} -- ${{ matrix.tests-chunk }} -- \ + -k "mac or darwin" --suppress-no-test-exit-code + + - name: Run Slow Tests + id: run-slow-tests + if: ${{ fromJSON(inputs.testrun)['type'] != 'full' && fromJSON(inputs.testrun)['selected_tests']['slow'] }} + env: + SKIP_REQUIREMENTS_INSTALL: "1" + PRINT_TEST_SELECTION: "0" + PRINT_TEST_PLAN_ONLY: "0" + PRINT_SYSTEM_INFO: "0" + RERUN_FAILURES: "1" + GITHUB_ACTIONS_PIPELINE: "1" + SKIP_INITIAL_GH_ACTIONS_FAILURES: "1" + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + COVERAGE_CONTEXT: ${{ inputs.distro-slug }} + run: | + sudo -E nox --force-color -e ${{ inputs.nox-session }} -- ${{ matrix.tests-chunk }} -- \ + -k "mac or darwin" --suppress-no-test-exit-code --no-fast-tests --slow-tests + + - name: Run Core Tests + id: run-core-tests + if: ${{ fromJSON(inputs.testrun)['type'] != 'full' && fromJSON(inputs.testrun)['selected_tests']['core'] }} + env: + SKIP_REQUIREMENTS_INSTALL: "1" + PRINT_TEST_SELECTION: "0" + PRINT_TEST_PLAN_ONLY: "0" + PRINT_SYSTEM_INFO: "0" + RERUN_FAILURES: "1" + GITHUB_ACTIONS_PIPELINE: "1" + SKIP_INITIAL_GH_ACTIONS_FAILURES: "1" + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + COVERAGE_CONTEXT: ${{ inputs.distro-slug }} + run: | + sudo -E nox --force-color -e ${{ inputs.nox-session }} -- ${{ matrix.tests-chunk }} -- \ + -k "mac or darwin" --suppress-no-test-exit-code --no-fast-tests --core-tests + + - name: Run Flaky Tests + id: run-flaky-tests + if: ${{ fromJSON(inputs.testrun)['selected_tests']['flaky'] }} + env: + SKIP_REQUIREMENTS_INSTALL: "1" + PRINT_TEST_SELECTION: "0" + PRINT_TEST_PLAN_ONLY: "0" + PRINT_SYSTEM_INFO: "0" + RERUN_FAILURES: "1" + GITHUB_ACTIONS_PIPELINE: "1" + SKIP_INITIAL_GH_ACTIONS_FAILURES: "1" + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + COVERAGE_CONTEXT: ${{ inputs.distro-slug }} + run: | + sudo -E nox --force-color -e ${{ inputs.nox-session }} -- ${{ matrix.tests-chunk }} -- \ + -k "mac or darwin" --suppress-no-test-exit-code --no-fast-tests --flaky-jail + + - name: Run Full Tests + id: run-full-tests + if: ${{ fromJSON(inputs.testrun)['type'] == 'full' }} + env: + SKIP_REQUIREMENTS_INSTALL: "1" + PRINT_TEST_SELECTION: "0" + PRINT_TEST_PLAN_ONLY: "0" + PRINT_SYSTEM_INFO: "0" + RERUN_FAILURES: "1" + GITHUB_ACTIONS_PIPELINE: "1" + SKIP_INITIAL_GH_ACTIONS_FAILURES: "1" + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + COVERAGE_CONTEXT: ${{ inputs.distro-slug }} + run: | + sudo -E nox --force-color -e ${{ inputs.nox-session }} -- ${{ matrix.tests-chunk }} -- \ + --slow-tests --core-tests -k "mac or darwin" + + - name: Fix file ownership + run: | + sudo chown -R "$(id -un)" . + + - name: Combine Coverage Reports + if: always() && inputs.skip-code-coverage == false + run: | + nox --force-color -e combine-coverage + + - name: Prepare Test Run Artifacts + id: download-artifacts-from-vm + if: always() + run: | + # Delete the salt onedir, we won't need it anymore and it will prevent + # from it showing in the tree command below + rm -rf artifacts/salt* + tree -a artifacts + if [ "${{ inputs.skip-code-coverage }}" != "true" ]; then + mv artifacts/coverage/.coverage artifacts/coverage/.coverage.${{ inputs.distro-slug }}.${{ inputs.nox-session }}.${{ matrix.transport }}.${{ matrix.tests-chunk }} + fi + + - name: Upload Code Coverage Test Run Artifacts + if: always() && inputs.skip-code-coverage == false && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled' + uses: actions/upload-artifact@v3 + with: + name: testrun-coverage-artifacts-${{ inputs.distro-slug }}-${{ inputs.nox-session }} + path: | + artifacts/coverage/ + + - name: Upload JUnit XML Test Run Artifacts + if: always() && steps.download-artifacts-from-vm.outcome == 'success' + uses: actions/upload-artifact@v3 + with: + name: testrun-junit-artifacts-${{ inputs.distro-slug }}-${{ inputs.nox-session }}-${{ matrix.transport }} + path: | + artifacts/xml-unittests-output/ + + - name: Upload Test Run Log Artifacts + if: always() && steps.download-artifacts-from-vm.outcome == 'success' + uses: actions/upload-artifact@v3 + with: + name: testrun-log-artifacts-${{ inputs.distro-slug }}-${{ inputs.nox-session }}-${{ matrix.transport }} + path: | + artifacts/logs + + - name: Publish Test Report + uses: mikepenz/action-junit-report@v3 + # always run even if the previous steps fails + if: always() && inputs.skip-junit-reports == false + with: + check_name: Test Results(${{ inputs.distro-slug }}, transport=${{ matrix.transport }}, tests-chunk=${{ matrix.tests-chunk }}) + report_paths: 'artifacts/xml-unittests-output/*.xml' + annotate_only: true + + + report: + name: Test Reports + if: always() && inputs.skip-code-coverage == false && needs.test.result != 'cancelled' && needs.test.result != 'skipped' + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + needs: + - test + + steps: + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Download Code Coverage Test Run Artifacts + uses: actions/download-artifact@v3 + if: ${{ inputs.skip-code-coverage == false }} + id: download-coverage-artifacts + with: + name: testrun-coverage-artifacts-${{ inputs.distro-slug }}-${{ inputs.nox-session }} + path: artifacts/coverage/ + + - name: Show Downloaded Test Run Artifacts + run: | + tree -a artifacts + + - name: Set up Python ${{ inputs.gh-actions-python-version }} + uses: actions/setup-python@v4 + with: + python-version: "${{ inputs.gh-actions-python-version }}" + + - name: Install Nox + run: | + python3 -m pip install 'nox==${{ inputs.nox-version }}' + + - name: Create XML Coverage Reports + if: always() && inputs.skip-code-coverage == false && steps.download-coverage-artifacts.outcome == 'success' && job.status != 'cancelled' + run: | + nox --force-color -e create-xml-coverage-reports + mv artifacts/coverage/salt.xml artifacts/coverage/salt..${{ inputs.distro-slug }}..${{ inputs.nox-session }}.xml + mv artifacts/coverage/tests.xml artifacts/coverage/tests..${{ inputs.distro-slug }}..${{ inputs.nox-session }}.xml + + - name: Report Salt Code Coverage + if: always() && inputs.skip-code-coverage == false && steps.download-coverage-artifacts.outcome == 'success' + continue-on-error: true + run: | + nox --force-color -e report-coverage -- salt + + - name: Report Combined Code Coverage + if: always() && inputs.skip-code-coverage == false && steps.download-coverage-artifacts.outcome == 'success' + continue-on-error: true + run: | + nox --force-color -e report-coverage + + - name: Rename Code Coverage DB + if: always() && inputs.skip-code-coverage == false && steps.download-coverage-artifacts.outcome == 'success' + continue-on-error: true + run: | + mv artifacts/coverage/.coverage artifacts/coverage/.coverage.${{ inputs.distro-slug }}.${{ inputs.nox-session }} + + - name: Upload Code Coverage DB + if: always() && inputs.skip-code-coverage == false && steps.download-coverage-artifacts.outcome == 'success' + uses: actions/upload-artifact@v3 + with: + name: all-testrun-coverage-artifacts + path: artifacts/coverage diff --git a/.github/workflows/test-action.yml b/.github/workflows/test-action.yml new file mode 100644 index 00000000..9b248606 --- /dev/null +++ b/.github/workflows/test-action.yml @@ -0,0 +1,396 @@ +--- +name: Test Artifact + +on: + workflow_call: + inputs: + distro-slug: + required: true + type: string + description: The OS slug to run tests against + nox-session: + required: true + type: string + description: The nox session to run + testrun: + required: true + type: string + description: JSON string containing information about what and how to run the test suite + salt-version: + type: string + required: true + description: The Salt version to set prior to running tests. + cache-prefix: + required: true + type: string + description: Seed used to invalidate caches + platform: + required: true + type: string + description: The platform being tested + arch: + required: true + type: string + description: The platform arch being tested + nox-version: + required: true + type: string + description: The nox version to install + timeout-minutes: + required: true + type: number + description: Timeout, in minutes, for the test job + gh-actions-python-version: + required: false + type: string + description: The python version to run tests with + default: "3.10" + fips: + required: false + type: boolean + default: false + description: Test run with FIPS enabled + package-name: + required: false + type: string + description: The onedir package name to use + default: salt + skip-code-coverage: + required: false + type: boolean + description: Skip code coverage + default: false + skip-junit-reports: + required: false + type: boolean + description: Skip Publishing JUnit Reports + default: false + workflow-slug: + required: false + type: string + description: Which workflow is running. + default: ci + +env: + COLUMNS: 190 + AWS_MAX_ATTEMPTS: "10" + AWS_RETRY_MODE: "adaptive" + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + + generate-matrix: + name: Test Matrix + runs-on: + - self-hosted + - linux + - x86_64 + outputs: + matrix-include: ${{ steps.generate-matrix.outputs.matrix }} + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(shuf -i 1-30 -n 1); echo "Sleeping $t seconds"; sleep "$t" + + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-prefix }} + + - name: Generate Test Matrix + id: generate-matrix + run: | + tools ci matrix --workflow=${{ inputs.workflow-slug }} ${{ fromJSON(inputs.testrun)['type'] == 'full' && '--full ' || '' }}${{ inputs.fips && '--fips ' || '' }}${{ inputs.distro-slug }} + + test: + name: Test + runs-on: + - self-hosted + - linux + - bastion + timeout-minutes: ${{ inputs.timeout-minutes }} + needs: + - generate-matrix + strategy: + fail-fast: false + matrix: + include: ${{ fromJSON(needs.generate-matrix.outputs.matrix-include) }} + env: + SALT_TRANSPORT: ${{ matrix.transport }} + TEST_GROUP: ${{ matrix.test-group || 1 }} + + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(python3 -c 'import random, sys; sys.stdout.write(str(random.randint(1, 15)))'); echo "Sleeping $t seconds"; sleep "$t" + + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Setup Salt Version + run: | + echo "${{ inputs.salt-version }}" > salt/_version.txt + + - name: Download Onedir Tarball as an Artifact + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.tar.xz + path: artifacts/ + + - name: Decompress Onedir Tarball + shell: bash + run: | + python3 -c "import os; os.makedirs('artifacts', exist_ok=True)" + cd artifacts + tar xvf ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.tar.xz + + - name: Download cached nox.${{ inputs.distro-slug }}.tar.* for session ${{ inputs.nox-session }} + uses: actions/cache@v3.3.1 + with: + path: nox.${{ inputs.distro-slug }}.tar.* + key: ${{ inputs.cache-prefix }}|testrun-deps|${{ inputs.arch }}|${{ inputs.distro-slug }}|${{ inputs.nox-session }}|${{ inputs.gh-actions-python-version }}|${{ + hashFiles('requirements/**/*.txt', 'cicd/golden-images.json', 'noxfile.py') + }} + # If we get a cache miss here it means the dependencies step failed to save the cache + fail-on-cache-miss: true + + - name: PyPi Proxy + run: | + sed -i '7s;^;--index-url=https://pypi-proxy.saltstack.net/root/local/+simple/ --extra-index-url=https://pypi.org/simple\n;' requirements/static/ci/*/*.txt + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-prefix }} + + - name: Download testrun-changed-files.txt + if: ${{ fromJSON(inputs.testrun)['type'] != 'full' }} + uses: actions/download-artifact@v3 + with: + name: testrun-changed-files.txt + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Start VM + id: spin-up-vm + env: + TESTS_CHUNK: ${{ matrix.tests-chunk }} + run: | + tools --timestamps vm create --environment "${SPB_ENVIRONMENT}" --retries=2 ${{ inputs.distro-slug }} + + - name: List Free Space + run: | + tools --timestamps vm ssh ${{ inputs.distro-slug }} -- df -h || true + + - name: Upload Checkout To VM + run: | + tools --timestamps vm rsync ${{ inputs.distro-slug }} + + - name: Decompress .nox Directory + run: | + tools --timestamps vm decompress-dependencies ${{ inputs.distro-slug }} + + - name: Show System Info & Test Plan + run: | + tools --timestamps --timeout-secs=1800 vm testplan --skip-requirements-install \ + --nox-session=${{ inputs.nox-session }} ${{ inputs.distro-slug }} \ + ${{ matrix.tests-chunk }} + + - name: Run Fast/Changed Tests + id: run-fast-changed-tests + if: ${{ fromJSON(inputs.testrun)['type'] != 'full' && fromJSON(inputs.testrun)['selected_tests']['fast'] == false }} + run: | + tools --timestamps --no-output-timeout-secs=1800 --timeout-secs=14400 vm test --skip-requirements-install \ + --nox-session=${{ inputs.nox-session }} --rerun-failures -E SALT_TRANSPORT ${{ matrix.fips && '--fips ' || '' }}${{ inputs.distro-slug }} \ + ${{ matrix.tests-chunk }} -- --suppress-no-test-exit-code \ + --from-filenames=testrun-changed-files.txt + + - name: Run Slow/Changed Tests + id: run-slow-changed-tests + if: ${{ fromJSON(inputs.testrun)['type'] != 'full' && fromJSON(inputs.testrun)['selected_tests']['slow'] == false }} + run: | + tools --timestamps --no-output-timeout-secs=1800 --timeout-secs=14400 vm test --skip-requirements-install \ + --nox-session=${{ inputs.nox-session }} --rerun-failures -E SALT_TRANSPORT ${{ matrix.fips && '--fips ' || '' }}${{ inputs.distro-slug }} \ + ${{ matrix.tests-chunk }} -- --no-fast-tests --slow-tests --suppress-no-test-exit-code \ + --from-filenames=testrun-changed-files.txt + + - name: Run Core/Changed Tests + id: run-core-changed-tests + if: ${{ fromJSON(inputs.testrun)['type'] != 'full' && fromJSON(inputs.testrun)['selected_tests']['core'] == false }} + run: | + tools --timestamps --no-output-timeout-secs=1800 --timeout-secs=14400 vm test --skip-requirements-install \ + --nox-session=${{ inputs.nox-session }} --rerun-failures -E SALT_TRANSPORT ${{ matrix.fips && '--fips ' || '' }}${{ inputs.distro-slug }} \ + ${{ matrix.tests-chunk }} -- --no-fast-tests --core-tests --suppress-no-test-exit-code \ + --from-filenames=testrun-changed-files.txt + + - name: Run Fast Tests + id: run-fast-tests + if: ${{ fromJSON(inputs.testrun)['type'] != 'full' && fromJSON(inputs.testrun)['selected_tests']['fast'] }} + run: | + tools --timestamps --no-output-timeout-secs=1800 --timeout-secs=14400 vm test --skip-requirements-install \ + --nox-session=${{ inputs.nox-session }} --rerun-failures -E SALT_TRANSPORT ${{ (inputs.skip-code-coverage && matrix.tests-chunk != 'unit') && '--skip-code-coverage' || '' }} \ + ${{ matrix.fips && '--fips ' || '' }}${{ inputs.distro-slug }} ${{ matrix.tests-chunk }} + + - name: Run Slow Tests + id: run-slow-tests + if: ${{ fromJSON(inputs.testrun)['type'] != 'full' && fromJSON(inputs.testrun)['selected_tests']['slow'] }} + run: | + tools --timestamps --no-output-timeout-secs=1800 --timeout-secs=14400 vm test --skip-requirements-install \ + --nox-session=${{ inputs.nox-session }} --rerun-failures -E SALT_TRANSPORT ${{ matrix.fips && '--fips ' || '' }}${{ inputs.distro-slug }} \ + ${{ matrix.tests-chunk }} -- --no-fast-tests --slow-tests + + - name: Run Core Tests + id: run-core-tests + if: ${{ fromJSON(inputs.testrun)['type'] != 'full' && fromJSON(inputs.testrun)['selected_tests']['core'] }} + run: | + tools --timestamps --no-output-timeout-secs=1800 --timeout-secs=14400 vm test --skip-requirements-install \ + --nox-session=${{ inputs.nox-session }} --rerun-failures -E SALT_TRANSPORT ${{ matrix.fips && '--fips ' || '' }}${{ inputs.distro-slug }} \ + ${{ matrix.tests-chunk }} -- --no-fast-tests --core-tests + + - name: Run Flaky Tests + id: run-flaky-tests + if: ${{ fromJSON(inputs.testrun)['selected_tests']['flaky'] }} + run: | + tools --timestamps --no-output-timeout-secs=1800 --timeout-secs=14400 vm test --skip-requirements-install \ + --nox-session=${{ inputs.nox-session }} --rerun-failures -E SALT_TRANSPORT ${{ matrix.fips && '--fips ' || '' }}${{ inputs.distro-slug }} \ + ${{ matrix.tests-chunk }} -- --no-fast-tests --flaky-jail + + - name: Run Full Tests + id: run-full-tests + if: ${{ fromJSON(inputs.testrun)['type'] == 'full' }} + run: | + tools --timestamps --no-output-timeout-secs=1800 --timeout-secs=14400 vm test --skip-requirements-install \ + --nox-session=${{ inputs.nox-session }} --rerun-failures -E SALT_TRANSPORT ${{ (inputs.skip-code-coverage && matrix.tests-chunk != 'unit') && '--skip-code-coverage' || '' }} \ + -E TEST_GROUP ${{ matrix.fips && '--fips ' || '' }}${{ inputs.distro-slug }} ${{ matrix.tests-chunk }} -- --slow-tests --core-tests \ + --test-group-count=${{ matrix.test-group-count || 1 }} --test-group=${{ matrix.test-group || 1 }} + + - name: Combine Coverage Reports + if: always() && inputs.skip-code-coverage == false && steps.spin-up-vm.outcome == 'success' + run: | + tools --timestamps vm combine-coverage ${{ inputs.distro-slug }} + + - name: Download Test Run Artifacts + id: download-artifacts-from-vm + if: always() && steps.spin-up-vm.outcome == 'success' + run: | + tools --timestamps vm download-artifacts ${{ inputs.distro-slug }} + # Delete the salt onedir, we won't need it anymore and it will prevent + # from it showing in the tree command below + rm -rf artifacts/salt* + tree -a artifacts + if [ "${{ inputs.skip-code-coverage }}" != "true" ]; then + mv artifacts/coverage/.coverage artifacts/coverage/.coverage.${{ inputs.distro-slug }}.${{ inputs.nox-session }}.${{ matrix.transport }}.${{ matrix.tests-chunk }}.grp${{ matrix.test-group || '1' }} + fi + + - name: Destroy VM + if: always() + run: | + tools --timestamps vm destroy --no-wait ${{ inputs.distro-slug }} || true + + - name: Upload Code Coverage Test Run Artifacts + if: always() && inputs.skip-code-coverage == false && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled' + uses: actions/upload-artifact@v3 + with: + name: testrun-coverage-artifacts-${{ inputs.distro-slug }}-${{ inputs.nox-session }} + path: | + artifacts/coverage/ + + - name: Upload JUnit XML Test Run Artifacts + if: always() && steps.download-artifacts-from-vm.outcome == 'success' + uses: actions/upload-artifact@v3 + with: + name: testrun-junit-artifacts-${{ inputs.distro-slug }}-${{ inputs.nox-session }}-${{ matrix.transport }} + path: | + artifacts/xml-unittests-output/ + + - name: Upload Test Run Log Artifacts + if: always() && steps.download-artifacts-from-vm.outcome == 'success' + uses: actions/upload-artifact@v3 + with: + name: testrun-log-artifacts-${{ inputs.distro-slug }}-${{ inputs.nox-session }}-${{ matrix.transport }} + path: | + artifacts/logs + + - name: Publish Test Report + uses: mikepenz/action-junit-report@v3 + # always run even if the previous steps fails + if: always() && inputs.skip-junit-reports == false && job.status != 'cancelled' + with: + check_name: Test Results(${{ inputs.distro-slug }}, transport=${{ matrix.transport }}, tests-chunk=${{ matrix.tests-chunk }}, group=${{ matrix.test-group || '1' }}) + report_paths: 'artifacts/xml-unittests-output/*.xml' + annotate_only: true + + + report: + name: Test Reports + if: always() && inputs.skip-code-coverage == false && needs.test.result != 'cancelled' && needs.test.result != 'skipped' + runs-on: + - self-hosted + - linux + - x86_64 + needs: + - test + + steps: + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Download Code Coverage Test Run Artifacts + uses: actions/download-artifact@v3 + if: ${{ inputs.skip-code-coverage == false }} + id: download-coverage-artifacts + with: + name: testrun-coverage-artifacts-${{ inputs.distro-slug }}-${{ inputs.nox-session }} + path: artifacts/coverage/ + + - name: Show Downloaded Test Run Artifacts + run: | + tree -a artifacts + + - name: Install Nox + run: | + python3 -m pip install 'nox==${{ inputs.nox-version }}' + + - name: Create XML Coverage Reports + if: always() && inputs.skip-code-coverage == false && steps.download-coverage-artifacts.outcome == 'success' && job.status != 'cancelled' + run: | + nox --force-color -e create-xml-coverage-reports + mv artifacts/coverage/salt.xml artifacts/coverage/salt..${{ inputs.distro-slug }}..${{ inputs.nox-session }}.xml + mv artifacts/coverage/tests.xml artifacts/coverage/tests..${{ inputs.distro-slug }}..${{ inputs.nox-session }}.xml + + - name: Report Salt Code Coverage + if: always() && inputs.skip-code-coverage == false && steps.download-coverage-artifacts.outcome == 'success' + continue-on-error: true + run: | + nox --force-color -e report-coverage -- salt + + - name: Report Combined Code Coverage + if: always() && inputs.skip-code-coverage == false && steps.download-coverage-artifacts.outcome == 'success' + continue-on-error: true + run: | + nox --force-color -e report-coverage + + - name: Rename Code Coverage DB + if: always() && inputs.skip-code-coverage == false && steps.download-coverage-artifacts.outcome == 'success' + continue-on-error: true + run: | + mv artifacts/coverage/.coverage artifacts/coverage/.coverage.${{ inputs.distro-slug }}.${{ inputs.nox-session }} + + - name: Upload Code Coverage DB + if: always() && inputs.skip-code-coverage == false && steps.download-coverage-artifacts.outcome == 'success' + uses: actions/upload-artifact@v3 + with: + name: all-testrun-coverage-artifacts + path: artifacts/coverage diff --git a/.github/workflows/test-package-downloads-action.yml b/.github/workflows/test-package-downloads-action.yml new file mode 100644 index 00000000..6bed0c6a --- /dev/null +++ b/.github/workflows/test-package-downloads-action.yml @@ -0,0 +1,888 @@ +name: Test Download Packages + +on: + workflow_call: + inputs: + salt-version: + type: string + required: true + description: The Salt version of the packages to install and test + cache-prefix: + required: true + type: string + description: Seed used to invalidate caches + environment: + required: true + type: string + description: The environment to run tests against + latest-release: + required: true + type: string + description: The latest salt release + nox-version: + required: true + type: string + description: The nox version to install + python-version: + required: false + type: string + description: The python version to run tests with + default: "3.10" + package-name: + required: false + type: string + description: The onedir package name to use + default: salt + skip-code-coverage: + required: false + type: boolean + description: Skip code coverage + default: false + nox-session: + required: false + type: string + description: The nox session to run + default: ci-test-onedir + +env: + COLUMNS: 190 + AWS_MAX_ATTEMPTS: "10" + AWS_RETRY_MODE: "adaptive" + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + + linux: + name: Linux + runs-on: + - self-hosted + - linux + - bastion + environment: ${{ inputs.environment }} + timeout-minutes: 120 # 2 Hours - More than this and something is wrong + strategy: + fail-fast: false + matrix: + include: + - distro-slug: almalinux-8 + arch: x86_64 + pkg-type: package + - distro-slug: almalinux-8-arm64 + arch: aarch64 + pkg-type: package + - distro-slug: almalinux-8-arm64 + arch: arm64 + pkg-type: package + - distro-slug: almalinux-9 + arch: x86_64 + pkg-type: package + - distro-slug: almalinux-9-arm64 + arch: aarch64 + pkg-type: package + - distro-slug: almalinux-9-arm64 + arch: arm64 + pkg-type: package + - distro-slug: amazonlinux-2 + arch: x86_64 + pkg-type: package + - distro-slug: amazonlinux-2-arm64 + arch: aarch64 + pkg-type: package + - distro-slug: amazonlinux-2-arm64 + arch: arm64 + pkg-type: package + - distro-slug: amazonlinux-2023 + arch: x86_64 + pkg-type: package + - distro-slug: amazonlinux-2023-arm64 + arch: aarch64 + pkg-type: package + - distro-slug: amazonlinux-2023-arm64 + arch: arm64 + pkg-type: package + - distro-slug: centos-7 + arch: x86_64 + pkg-type: package + - distro-slug: centos-7-arm64 + arch: aarch64 + pkg-type: package + - distro-slug: centos-7-arm64 + arch: arm64 + pkg-type: package + - distro-slug: centosstream-8 + arch: x86_64 + pkg-type: package + - distro-slug: centosstream-8-arm64 + arch: aarch64 + pkg-type: package + - distro-slug: centosstream-8-arm64 + arch: arm64 + pkg-type: package + - distro-slug: centosstream-9 + arch: x86_64 + pkg-type: package + - distro-slug: centosstream-9-arm64 + arch: aarch64 + pkg-type: package + - distro-slug: centosstream-9-arm64 + arch: arm64 + pkg-type: package + - distro-slug: debian-10 + arch: x86_64 + pkg-type: package + - distro-slug: debian-11 + arch: x86_64 + pkg-type: package + - distro-slug: debian-11-arm64 + arch: aarch64 + pkg-type: package + - distro-slug: debian-12 + arch: x86_64 + pkg-type: package + - distro-slug: debian-12-arm64 + arch: aarch64 + pkg-type: package + - distro-slug: fedora-37 + arch: x86_64 + pkg-type: package + - distro-slug: fedora-37-arm64 + arch: aarch64 + pkg-type: package + - distro-slug: fedora-37-arm64 + arch: arm64 + pkg-type: package + - distro-slug: fedora-38 + arch: x86_64 + pkg-type: package + - distro-slug: fedora-38-arm64 + arch: aarch64 + pkg-type: package + - distro-slug: fedora-38-arm64 + arch: arm64 + pkg-type: package + - distro-slug: photonos-3 + arch: x86_64 + pkg-type: package + - distro-slug: photonos-3-arm64 + arch: aarch64 + pkg-type: package + - distro-slug: photonos-3-arm64 + arch: arm64 + pkg-type: package + - distro-slug: photonos-4 + arch: x86_64 + pkg-type: package + - distro-slug: photonos-4-arm64 + arch: aarch64 + pkg-type: package + - distro-slug: photonos-4-arm64 + arch: arm64 + pkg-type: package + - distro-slug: photonos-5 + arch: x86_64 + pkg-type: package + - distro-slug: photonos-5-arm64 + arch: aarch64 + pkg-type: package + - distro-slug: photonos-5-arm64 + arch: arm64 + pkg-type: package + - distro-slug: ubuntu-20.04 + arch: x86_64 + pkg-type: package + - distro-slug: ubuntu-20.04-arm64 + arch: aarch64 + pkg-type: package + - distro-slug: ubuntu-22.04 + arch: x86_64 + pkg-type: package + - distro-slug: ubuntu-22.04-arm64 + arch: aarch64 + pkg-type: package + - distro-slug: ubuntu-22.04 + arch: x86_64 + pkg-type: onedir + - distro-slug: ubuntu-22.04-arm64 + arch: aarch64 + pkg-type: onedir + + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(shuf -i 1-30 -n 1); echo "Sleeping $t seconds"; sleep "$t" + + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Download Onedir Tarball as an Artifact + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-linux-${{ matrix.arch == 'arm64' && 'aarch64' || matrix.arch }}.tar.xz + path: artifacts/ + + - name: Decompress Onedir Tarball + shell: bash + run: | + python3 -c "import os; os.makedirs('artifacts', exist_ok=True)" + cd artifacts + tar xvf ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-linux-${{ matrix.arch == 'arm64' && 'aarch64' || matrix.arch }}.tar.xz + + - name: Download cached nox.${{ matrix.distro-slug }}.tar.* for session ${{ inputs.nox-session }} + uses: actions/cache@v3.3.1 + with: + path: nox.${{ matrix.distro-slug }}.tar.* + key: ${{ inputs.cache-prefix }}|testrun-deps|${{ matrix.arch == 'arm64' && 'aarch64' || matrix.arch }}|${{ matrix.distro-slug }}|${{ inputs.nox-session }}|${{ inputs.python-version }}|${{ + hashFiles('requirements/**/*.txt', 'cicd/golden-images.json', 'noxfile.py') + }} + # If we get a cache miss here it means the dependencies step failed to save the cache + fail-on-cache-miss: true + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-prefix }}-pkg-download-linux + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Start VM + id: spin-up-vm + run: | + tools --timestamps vm create --environment "${SPB_ENVIRONMENT}" --retries=2 ${{ matrix.distro-slug }} + + - name: List Free Space + run: | + tools --timestamps vm ssh ${{ matrix.distro-slug }} -- df -h || true + + - name: Upload Checkout To VM + run: | + tools --timestamps vm rsync ${{ matrix.distro-slug }} + + - name: Decompress .nox Directory + run: | + tools --timestamps vm decompress-dependencies ${{ matrix.distro-slug }} + + - name: Show System Info & Test Plan + env: + SALT_RELEASE: "${{ inputs.salt-version }}" + SALT_REPO_ARCH: ${{ matrix.arch }} + SALT_REPO_TYPE: ${{ inputs.environment }} + SALT_REPO_USER: ${{ secrets.SALT_REPO_USER }} + SALT_REPO_PASS: ${{ secrets.SALT_REPO_PASS }} + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + LATEST_SALT_RELEASE: "${{ inputs.latest-release }}" + DOWNLOAD_TEST_PACKAGE_TYPE: ${{ matrix.pkg-type }} + run: | + tools --timestamps --timeout-secs=1800 vm testplan --skip-requirements-install \ + -E SALT_RELEASE -E SALT_REPO_ARCH -E SALT_REPO_TYPE -E SALT_REPO_USER -E SALT_REPO_PASS \ + -E SALT_REPO_DOMAIN_RELEASE -E SALT_REPO_DOMAIN_STAGING -E LATEST_SALT_RELEASE -E DOWNLOAD_TEST_PACKAGE_TYPE \ + --nox-session=${{ inputs.nox-session }}-pkgs ${{ matrix.distro-slug }} -- download-pkgs + + - name: Run Package Download Tests + env: + SALT_RELEASE: "${{ inputs.salt-version }}" + SALT_REPO_ARCH: ${{ matrix.arch }} + SALT_REPO_TYPE: ${{ inputs.environment }} + SALT_REPO_USER: ${{ secrets.SALT_REPO_USER }} + SALT_REPO_PASS: ${{ secrets.SALT_REPO_PASS }} + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + LATEST_SALT_RELEASE: "${{ inputs.latest-release }}" + DOWNLOAD_TEST_PACKAGE_TYPE: ${{ matrix.pkg-type }} + run: | + tools --timestamps --no-output-timeout-secs=1800 --timeout-secs=14400 vm test --skip-requirements-install \ + -E SALT_RELEASE -E SALT_REPO_ARCH -E SALT_REPO_TYPE -E SALT_REPO_USER -E SALT_REPO_PASS \ + -E SALT_REPO_DOMAIN_RELEASE -E SALT_REPO_DOMAIN_STAGING -E LATEST_SALT_RELEASE -E DOWNLOAD_TEST_PACKAGE_TYPE \ + --nox-session=${{ inputs.nox-session }}-pkgs --rerun-failures ${{ matrix.distro-slug }} -- download-pkgs + + - name: Combine Coverage Reports + if: always() && inputs.skip-code-coverage == false && steps.spin-up-vm.outcome == 'success' && job.status != 'cancelled' + run: | + tools --timestamps vm combine-coverage ${{ matrix.distro-slug }} + + - name: Download Test Run Artifacts + id: download-artifacts-from-vm + if: always() && steps.spin-up-vm.outcome == 'success' + run: | + tools --timestamps vm download-artifacts ${{ matrix.distro-slug }} + # Delete the salt onedir, we won't need it anymore and it will prevent + # from it showing in the tree command below + rm -rf artifacts/salt* + tree -a artifacts + + - name: Destroy VM + if: always() + run: | + tools --timestamps vm destroy --no-wait ${{ matrix.distro-slug }} || true + + - name: Fix file ownership + run: | + sudo chown -R "$(id -un)" . + + - name: Install Codecov CLI + if: always() && inputs.skip-code-coverage == false && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled' + run: | + # We can't yet use tokenless uploads with the codecov CLI + # python3 -m pip install codecov-cli + # + curl https://keybase.io/codecovsecurity/pgp_keys.asc | gpg --no-default-keyring --import + curl -Os https://uploader.codecov.io/latest/linux/codecov + curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM + curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM.sig + gpg --verify codecov.SHA256SUM.sig codecov.SHA256SUM + shasum -a 256 -c codecov.SHA256SUM + chmod +x codecov + + - name: Upload Source Code Coverage To Codecov + if: always() && inputs.skip-code-coverage == false && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled' + run: | + if [ ! -s artifacts/coverage/salt.xml ]; then + echo "The artifacts/coverage/salt.xml file does not exist" + exit 1 + fi + # We can't yet use tokenless uploads with the codecov CLI + #codecovcli --auto-load-params-from GithubActions --verbose --token ${{ secrets.CODECOV_TOKEN }} \ + # do-upload --git-service github --sha ${{ github.sha }} \ + # --file artifacts/coverage/salt.xml \ + # --flag salt --flag ${{ matrix.distro-slug }} --flag pkg \ + # --name salt.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs + n=0 + until [ "$n" -ge 5 ] + do + if ./codecov --file artifacts/coverage/salt.xml \ + --sha ${{ github.event.pull_request.head.sha || github.sha }} ${{ github.event_name == 'pull_request' && format('--parent {0}', github.event.pull_request.base.sha) }} \ + --flags salt,${{ matrix.distro-slug }},pkg \ + --name salt.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs --nonZero; then + rc=$? + break + fi + rc=$? + n=$((n+1)) + sleep 15 + done + if [ "$rc" -ne 0 ]; then + echo "Failed to upload codecov stats" + exit 1 + fi + + - name: Upload Tests Code Coverage To Codecov + if: always() && inputs.skip-code-coverage == false && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled' + run: | + if [ ! -s artifacts/coverage/tests.xml ]; then + echo "The artifacts/coverage/tests.xml file does not exist" + exit 1 + fi + # We can't yet use tokenless uploads with the codecov CLI + #codecovcli --auto-load-params-from GithubActions --verbose --token ${{ secrets.CODECOV_TOKEN }} \ + # do-upload --git-service github --sha ${{ github.sha }} \ + # --file artifacts/coverage/tests.xml \ + # --flag tests --flag ${{ matrix.distro-slug }} --flag pkg \ + # --name tests.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs + n=0 + until [ "$n" -ge 5 ] + do + if ./codecov --file artifacts/coverage/tests.xml \ + --sha ${{ github.event.pull_request.head.sha || github.sha }} ${{ github.event_name == 'pull_request' && format('--parent {0}', github.event.pull_request.base.sha) }} \ + --flags tests,${{ matrix.distro-slug }},pkg \ + --name tests.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs --nonZero; then + rc=$? + break + fi + rc=$? + n=$((n+1)) + sleep 15 + done + if [ "$rc" -ne 0 ]; then + echo "Failed to upload codecov stats" + exit 1 + fi + + - name: Upload Test Run Artifacts + if: always() && steps.download-artifacts-from-vm.outcome == 'success' + uses: actions/upload-artifact@v3 + with: + name: pkg-testrun-artifacts-${{ matrix.distro-slug }}-${{ matrix.arch }} + path: | + artifacts + !artifacts/salt/* + !artifacts/salt-*.tar.* + + - name: Publish Test Report + uses: mikepenz/action-junit-report@v3 + # always run even if the previous steps fails + if: always() && job.status != 'cancelled' && steps.download-artifacts-from-vm.outcome == 'success' + with: + check_name: Overall Test Results(${{ matrix.distro-slug }} ${{ matrix.arch }}) + report_paths: 'artifacts/xml-unittests-output/*.xml' + annotate_only: true + + + macos: + name: MacOS + runs-on: ${{ matrix.distro-slug }} + environment: ${{ inputs.environment }} + timeout-minutes: 120 # 2 Hours - More than this and something is wrong + strategy: + fail-fast: false + matrix: + include: + - distro-slug: macos-12 + arch: x86_64 + pkg-type: package + - distro-slug: macos-13 + arch: x86_64 + pkg-type: package + - distro-slug: macos-13-xlarge + arch: arm64 + pkg-type: package + - distro-slug: macos-13-xlarge + arch: aarch64 + pkg-type: onedir + + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(python3 -c 'import random, sys; sys.stdout.write(str(random.randint(1, 15)))'); echo "Sleeping $t seconds"; sleep "$t" + + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Download Onedir Tarball as an Artifact + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-darwin-${{ matrix.arch == 'arm64' && 'aarch64' || matrix.arch }}.tar.xz + path: artifacts/ + + - name: Install System Dependencies + run: | + brew install tree + + - name: Decompress Onedir Tarball + shell: bash + run: | + python3 -c "import os; os.makedirs('artifacts', exist_ok=True)" + cd artifacts + tar xvf ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-darwin-${{ matrix.arch == 'arm64' && 'aarch64' || matrix.arch }}.tar.xz + + - name: Set up Python ${{ inputs.python-version }} + uses: actions/setup-python@v4 + with: + python-version: "${{ inputs.python-version }}" + update-environment: true + + - name: Install Nox + run: | + python3 -m pip install 'nox==${{ inputs.nox-version }}' + + - name: Download cached nox.${{ matrix.distro-slug }}.tar.* for session ${{ inputs.nox-session }} + uses: actions/cache@v3.3.1 + with: + path: nox.${{ matrix.distro-slug }}.tar.* + key: ${{ inputs.cache-prefix }}|testrun-deps|${{ matrix.arch == 'arm64' && 'aarch64' || matrix.arch }}|${{ matrix.distro-slug }}|${{ inputs.nox-session }}|${{ inputs.python-version }}|${{ + hashFiles('requirements/**/*.txt', 'cicd/golden-images.json', 'noxfile.py') + }} + # If we get a cache miss here it means the dependencies step failed to save the cache + fail-on-cache-miss: true + + - name: Decompress .nox Directory + run: | + nox --force-color -e decompress-dependencies -- ${{ matrix.distro-slug }} + + - name: Show System Info & Test Plan + env: + SALT_RELEASE: "${{ inputs.salt-version }}" + SKIP_REQUIREMENTS_INSTALL: "1" + PRINT_TEST_SELECTION: "1" + PRINT_TEST_PLAN_ONLY: "1" + PRINT_SYSTEM_INFO: "1" + GITHUB_ACTIONS_PIPELINE: "1" + SKIP_INITIAL_GH_ACTIONS_FAILURES: "1" + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + LATEST_SALT_RELEASE: "${{ inputs.latest-release }}" + DOWNLOAD_TEST_PACKAGE_TYPE: ${{ matrix.pkg-type }} + run: | + sudo -E nox --force-color -e ${{ inputs.nox-session }}-pkgs -- download-pkgs + + - name: Run Package Download Tests + env: + SKIP_REQUIREMENTS_INSTALL: "1" + PRINT_TEST_SELECTION: "0" + PRINT_TEST_PLAN_ONLY: "0" + PRINT_SYSTEM_INFO: "0" + RERUN_FAILURES: "1" + GITHUB_ACTIONS_PIPELINE: "1" + SKIP_INITIAL_GH_ACTIONS_FAILURES: "1" + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + COVERAGE_CONTEXT: ${{ matrix.distro-slug }} + SALT_RELEASE: "${{ inputs.salt-version }}" + SALT_REPO_ARCH: ${{ matrix.arch }} + LATEST_SALT_RELEASE: "${{ inputs.latest-release }}" + SALT_REPO_TYPE: ${{ inputs.environment }} + SALT_REPO_USER: ${{ secrets.SALT_REPO_USER }} + SALT_REPO_PASS: ${{ secrets.SALT_REPO_PASS }} + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + DOWNLOAD_TEST_PACKAGE_TYPE: ${{ matrix.pkg-type }} + run: | + sudo -E nox --force-color -e ${{ inputs.nox-session }}-pkgs -- download-pkgs + + - name: Fix file ownership + run: | + sudo chown -R "$(id -un)" . + + - name: Combine Coverage Reports + if: always() && inputs.skip-code-coverage == false && job.status != 'cancelled' + run: | + nox --force-color -e combine-coverage + + - name: Prepare Test Run Artifacts + id: download-artifacts-from-vm + if: always() && job.status != 'cancelled' + run: | + # Delete the salt onedir, we won't need it anymore and it will prevent + # from it showing in the tree command below + rm -rf artifacts/salt* + tree -a artifacts + + - name: Install Codecov CLI + if: always() && inputs.skip-code-coverage == false && job.status != 'cancelled' + run: | + # We can't yet use tokenless uploads with the codecov CLI + # python3 -m pip install codecov-cli + # + curl https://keybase.io/codecovsecurity/pgp_keys.asc | gpg --no-default-keyring --import + curl -Os https://uploader.codecov.io/latest/macos/codecov + curl -Os https://uploader.codecov.io/latest/macos/codecov.SHA256SUM + curl -Os https://uploader.codecov.io/latest/macos/codecov.SHA256SUM.sig + gpg --verify codecov.SHA256SUM.sig codecov.SHA256SUM + shasum -a 256 -c codecov.SHA256SUM + chmod +x codecov + + - name: Upload Source Code Coverage To Codecov + if: always() && inputs.skip-code-coverage == false && job.status != 'cancelled' + run: | + if [ ! -s artifacts/coverage/salt.xml ]; then + echo "The artifacts/coverage/salt.xml file does not exist" + exit 1 + fi + # We can't yet use tokenless uploads with the codecov CLI + #codecovcli --auto-load-params-from GithubActions --verbose --token ${{ secrets.CODECOV_TOKEN }} \ + # do-upload --git-service github --sha ${{ github.sha }} \ + # --file artifacts/coverage/salt.xml \ + # --flag salt --flag ${{ matrix.distro-slug }} --flag pkg \ + # --name salt.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs + n=0 + until [ "$n" -ge 5 ] + do + if ./codecov --file artifacts/coverage/salt.xml \ + --sha ${{ github.event.pull_request.head.sha || github.sha }} ${{ github.event_name == 'pull_request' && format('--parent {0}', github.event.pull_request.base.sha) }} \ + --flags salt,${{ matrix.distro-slug }},pkg \ + --name salt.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs --nonZero; then + rc=$? + break + fi + rc=$? + n=$((n+1)) + sleep 15 + done + if [ "$rc" -ne 0 ]; then + echo "Failed to upload codecov stats" + exit 1 + fi + + - name: Upload Tests Code Coverage To Codecov + if: always() && inputs.skip-code-coverage == false && job.status != 'cancelled' + run: | + if [ ! -s artifacts/coverage/tests.xml ]; then + echo "The artifacts/coverage/tests.xml file does not exist" + exit 1 + fi + # We can't yet use tokenless uploads with the codecov CLI + #codecovcli --auto-load-params-from GithubActions --verbose --token ${{ secrets.CODECOV_TOKEN }} \ + # do-upload --git-service github --sha ${{ github.sha }} \ + # --file artifacts/coverage/tests.xml \ + # --flag tests --flag ${{ matrix.distro-slug }} --flag pkg \ + # --name tests.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs + n=0 + until [ "$n" -ge 5 ] + do + if ./codecov --file artifacts/coverage/tests.xml \ + --sha ${{ github.event.pull_request.head.sha || github.sha }} ${{ github.event_name == 'pull_request' && format('--parent {0}', github.event.pull_request.base.sha) }} \ + --flags tests,${{ matrix.distro-slug }},pkg \ + --name tests.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs --nonZero; then + rc=$? + break + fi + rc=$? + n=$((n+1)) + sleep 15 + done + if [ "$rc" -ne 0 ]; then + echo "Failed to upload codecov stats" + exit 1 + fi + + - name: Upload Test Run Artifacts + if: always() + uses: actions/upload-artifact@v3 + with: + name: pkg-testrun-artifacts-${{ matrix.distro-slug }}-${{ matrix.arch }} + path: | + artifacts + !artifacts/salt/* + !artifacts/salt-*.tar.* + + - name: Publish Test Report + uses: mikepenz/action-junit-report@v3 + # always run even if the previous steps fails + if: always() && job.status != 'cancelled' + with: + check_name: Overall Test Results(${{ matrix.distro-slug }} ${{ matrix.arch }}) + report_paths: 'artifacts/xml-unittests-output/*.xml' + annotate_only: true + + + windows: + name: Windows + runs-on: + - self-hosted + - linux + - bastion + environment: ${{ inputs.environment }} + timeout-minutes: 120 # 2 Hours - More than this and something is wrong + strategy: + fail-fast: false + matrix: + include: + - distro-slug: windows-2022 + arch: amd64 + pkg-type: nsis + - distro-slug: windows-2022 + arch: amd64 + pkg-type: msi + - distro-slug: windows-2022 + arch: amd64 + pkg-type: onedir + + steps: + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Download Onedir Tarball as an Artifact + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-windows-${{ matrix.arch }}.tar.xz + path: artifacts/ + + - name: Decompress Onedir Tarball + shell: bash + run: | + python3 -c "import os; os.makedirs('artifacts', exist_ok=True)" + cd artifacts + tar xvf ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-windows-${{ matrix.arch }}.tar.xz + + - name: Download cached nox.${{ matrix.distro-slug }}.tar.* for session ${{ inputs.nox-session }} + uses: actions/cache@v3.3.1 + with: + path: nox.${{ matrix.distro-slug }}.tar.* + key: ${{ inputs.cache-prefix }}|testrun-deps|${{ matrix.arch }}|${{ matrix.distro-slug }}|${{ inputs.nox-session }}|${{ inputs.python-version }}|${{ + hashFiles('requirements/**/*.txt', 'cicd/golden-images.json', 'noxfile.py') + }} + # If we get a cache miss here it means the dependencies step failed to save the cache + fail-on-cache-miss: true + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-prefix }}-pkg-download-windows + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Start VM + id: spin-up-vm + run: | + tools --timestamps vm create --environment "${SPB_ENVIRONMENT}" --retries=2 ${{ matrix.distro-slug }} + + - name: List Free Space + run: | + tools --timestamps vm ssh ${{ matrix.distro-slug }} -- df -h || true + + - name: Upload Checkout To VM + run: | + tools --timestamps vm rsync ${{ matrix.distro-slug }} + + - name: Decompress .nox Directory + run: | + tools --timestamps vm decompress-dependencies ${{ matrix.distro-slug }} + + - name: Show System Info & Test Plan + env: + SALT_RELEASE: "${{ inputs.salt-version }}" + SALT_REPO_ARCH: ${{ matrix.arch }} + LATEST_SALT_RELEASE: "${{ inputs.latest-release }}" + SALT_REPO_TYPE: ${{ inputs.environment }} + SALT_REPO_USER: ${{ secrets.SALT_REPO_USER }} + SALT_REPO_PASS: ${{ secrets.SALT_REPO_PASS }} + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + DOWNLOAD_TEST_PACKAGE_TYPE: ${{ matrix.pkg-type }} + run: | + tools --timestamps --timeout-secs=1800 vm testplan --skip-requirements-install \ + -E SALT_RELEASE -E SALT_REPO_ARCH -E SALT_REPO_TYPE -E SALT_REPO_USER -E SALT_REPO_PASS \ + -E SALT_REPO_DOMAIN_RELEASE -E SALT_REPO_DOMAIN_STAGING -E LATEST_SALT_RELEASE -E DOWNLOAD_TEST_PACKAGE_TYPE \ + --nox-session=${{ inputs.nox-session }}-pkgs ${{ matrix.distro-slug }} -- download-pkgs + + - name: Run Package Download Tests + env: + SALT_RELEASE: "${{ inputs.salt-version }}" + SALT_REPO_ARCH: ${{ matrix.arch }} + LATEST_SALT_RELEASE: "${{ inputs.latest-release }}" + SALT_REPO_TYPE: ${{ inputs.environment }} + SALT_REPO_USER: ${{ secrets.SALT_REPO_USER }} + SALT_REPO_PASS: ${{ secrets.SALT_REPO_PASS }} + SALT_REPO_DOMAIN_RELEASE: ${{ vars.SALT_REPO_DOMAIN_RELEASE || 'repo.saltproject.io' }} + SALT_REPO_DOMAIN_STAGING: ${{ vars.SALT_REPO_DOMAIN_STAGING || 'staging.repo.saltproject.io' }} + SKIP_CODE_COVERAGE: "${{ inputs.skip-code-coverage && '1' || '0' }}" + DOWNLOAD_TEST_PACKAGE_TYPE: ${{ matrix.pkg-type }} + run: | + tools --timestamps --no-output-timeout-secs=1800 --timeout-secs=14400 vm test --skip-requirements-install \ + -E SALT_RELEASE -E SALT_REPO_ARCH -E SALT_REPO_TYPE -E SALT_REPO_USER -E SALT_REPO_PASS \ + -E SALT_REPO_DOMAIN_RELEASE -E SALT_REPO_DOMAIN_STAGING -E LATEST_SALT_RELEASE -E DOWNLOAD_TEST_PACKAGE_TYPE \ + --nox-session=${{ inputs.nox-session }}-pkgs --rerun-failures ${{ matrix.distro-slug }} -- download-pkgs + + - name: Combine Coverage Reports + if: always() && inputs.skip-code-coverage == false && steps.spin-up-vm.outcome == 'success' && job.status != 'cancelled' + run: | + tools --timestamps vm combine-coverage ${{ matrix.distro-slug }} + + - name: Download Test Run Artifacts + id: download-artifacts-from-vm + if: always() && steps.spin-up-vm.outcome == 'success' + run: | + tools --timestamps vm download-artifacts ${{ matrix.distro-slug }} + # Delete the salt onedir, we won't need it anymore and it will prevent + # from it showing in the tree command below + rm -rf artifacts/salt* + tree -a artifacts + + - name: Destroy VM + if: always() + run: | + tools --timestamps vm destroy --no-wait ${{ matrix.distro-slug }} || true + + - name: Fix file ownership + run: | + sudo chown -R "$(id -un)" . + + - name: Install Codecov CLI + if: always() && inputs.skip-code-coverage == false && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled' + run: | + # We can't yet use tokenless uploads with the codecov CLI + # python3 -m pip install codecov-cli + # + curl https://keybase.io/codecovsecurity/pgp_keys.asc | gpg --no-default-keyring --import + curl -Os https://uploader.codecov.io/latest/linux/codecov + curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM + curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM.sig + gpg --verify codecov.SHA256SUM.sig codecov.SHA256SUM + shasum -a 256 -c codecov.SHA256SUM + chmod +x codecov + + - name: Upload Source Code Coverage To Codecov + if: always() && inputs.skip-code-coverage == false && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled' + run: | + if [ ! -s artifacts/coverage/salt.xml ]; then + echo "The artifacts/coverage/salt.xml file does not exist" + exit 1 + fi + # We can't yet use tokenless uploads with the codecov CLI + #codecovcli --auto-load-params-from GithubActions --verbose --token ${{ secrets.CODECOV_TOKEN }} \ + # do-upload --git-service github --sha ${{ github.sha }} \ + # --file artifacts/coverage/salt.xml \ + # --flag salt --flag ${{ matrix.distro-slug }} --flag pkg \ + # --name salt.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs + n=0 + until [ "$n" -ge 5 ] + do + if ./codecov --file artifacts/coverage/salt.xml \ + --sha ${{ github.event.pull_request.head.sha || github.sha }} ${{ github.event_name == 'pull_request' && format('--parent {0}', github.event.pull_request.base.sha) }} \ + --flags salt,${{ matrix.distro-slug }},pkg \ + --name salt.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs --nonZero; then + rc=$? + break + fi + rc=$? + n=$((n+1)) + sleep 15 + done + if [ "$rc" -ne 0 ]; then + echo "Failed to upload codecov stats" + exit 1 + fi + + - name: Upload Tests Code Coverage To Codecov + if: always() && inputs.skip-code-coverage == false && steps.download-artifacts-from-vm.outcome == 'success' && job.status != 'cancelled' + run: | + if [ ! -s artifacts/coverage/tests.xml ]; then + echo "The artifacts/coverage/tests.xml file does not exist" + exit 1 + fi + # We can't yet use tokenless uploads with the codecov CLI + #codecovcli --auto-load-params-from GithubActions --verbose --token ${{ secrets.CODECOV_TOKEN }} \ + # do-upload --git-service github --sha ${{ github.sha }} \ + # --file artifacts/coverage/tests.xml \ + # --flag tests --flag ${{ matrix.distro-slug }} --flag pkg \ + # --name tests.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs + n=0 + until [ "$n" -ge 5 ] + do + if ./codecov --file artifacts/coverage/tests.xml \ + --sha ${{ github.event.pull_request.head.sha || github.sha }} ${{ github.event_name == 'pull_request' && format('--parent {0}', github.event.pull_request.base.sha) }} \ + --flags tests,${{ matrix.distro-slug }},pkg \ + --name tests.${{ matrix.distro-slug }}.${{ inputs.nox-session }}.download-pkgs --nonZero; then + rc=$? + break + fi + rc=$? + n=$((n+1)) + sleep 15 + done + if [ "$rc" -ne 0 ]; then + echo "Failed to upload codecov stats" + exit 1 + fi + + - name: Upload Test Run Artifacts + if: always() && steps.download-artifacts-from-vm.outcome == 'success' + uses: actions/upload-artifact@v3 + with: + name: pkg-testrun-artifacts-${{ matrix.distro-slug }}-${{ matrix.arch }} + path: | + artifacts + !artifacts/salt/* + !artifacts/salt-*.tar.* + + - name: Publish Test Report + uses: mikepenz/action-junit-report@v3 + # always run even if the previous steps fails + if: always() && job.status != 'cancelled' && steps.download-artifacts-from-vm.outcome == 'success' + with: + check_name: Overall Test Results(${{ matrix.distro-slug }} ${{ matrix.arch }} ${{ matrix.pkg-type }} ) + report_paths: 'artifacts/xml-unittests-output/*.xml' + annotate_only: true diff --git a/.github/workflows/test-packages-action-macos.yml b/.github/workflows/test-packages-action-macos.yml new file mode 100644 index 00000000..4dac7599 --- /dev/null +++ b/.github/workflows/test-packages-action-macos.yml @@ -0,0 +1,265 @@ +name: Test Artifact + +on: + workflow_call: + inputs: + distro-slug: + required: true + type: string + description: The OS slug to run tests against + platform: + required: true + type: string + description: The platform being tested + arch: + required: true + type: string + description: The platform arch being tested + pkg-type: + required: true + type: string + description: The platform arch being tested + salt-version: + type: string + required: true + description: The Salt version of the packages to install and test + cache-prefix: + required: true + type: string + description: Seed used to invalidate caches + testing-releases: + required: true + type: string + description: A JSON list of releases to test upgrades against + nox-version: + required: true + type: string + description: The nox version to install + python-version: + required: false + type: string + description: The python version to run tests with + default: "3.10" + package-name: + required: false + type: string + description: The onedir package name to use + default: salt + nox-session: + required: false + type: string + description: The nox session to run + default: ci-test-onedir + skip-code-coverage: + required: false + type: boolean + description: Skip code coverage + default: false + skip-junit-reports: + required: false + type: boolean + description: Skip Publishing JUnit Reports + default: false + +env: + COLUMNS: 190 + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + + generate-matrix: + name: Generate Matrix + runs-on: + - self-hosted + - linux + - x86_64 + outputs: + pkg-matrix-include: ${{ steps.generate-pkg-matrix.outputs.matrix }} + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(python3 -c 'import random, sys; sys.stdout.write(str(random.randint(1, 15)))'); echo "Sleeping $t seconds"; sleep "$t" + + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-prefix }} + + - name: Generate Package Test Matrix + id: generate-pkg-matrix + run: | + tools ci pkg-matrix ${{ inputs.distro-slug }} ${{ inputs.pkg-type }} --testing-releases ${{ join(fromJSON(inputs.testing-releases), ' ') }} + + + test: + name: Test + runs-on: ${{ inputs.distro-slug }} + timeout-minutes: 120 # 2 Hours - More than this and something is wrong + needs: + - generate-matrix + strategy: + fail-fast: false + matrix: + include: ${{ fromJSON(needs.generate-matrix.outputs.pkg-matrix-include) }} + + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(python3 -c 'import random, sys; sys.stdout.write(str(random.randint(1, 15)))'); echo "Sleeping $t seconds"; sleep "$t" + + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Download Packages + uses: actions/download-artifact@v3 + with: + name: salt-${{ inputs.salt-version }}-${{ inputs.arch }}-${{ inputs.pkg-type }} + path: artifacts/pkg/ + + - name: Install System Dependencies + run: | + brew install tree + + - name: List Packages + run: | + tree artifacts/pkg/ + + - name: Download Onedir Tarball as an Artifact + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.tar.xz + path: artifacts/ + + - name: Decompress Onedir Tarball + shell: bash + run: | + python3 -c "import os; os.makedirs('artifacts', exist_ok=True)" + cd artifacts + tar xvf ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.tar.xz + + - name: Set up Python ${{ inputs.python-version }} + uses: actions/setup-python@v4 + with: + python-version: "${{ inputs.python-version }}" + + - name: Install Nox + run: | + python3 -m pip install 'nox==${{ inputs.nox-version }}' + + - name: Download cached nox.${{ inputs.distro-slug }}.tar.* for session ${{ inputs.nox-session }} + uses: actions/cache@v3.3.1 + with: + path: nox.${{ inputs.distro-slug }}.tar.* + key: ${{ inputs.cache-prefix }}|testrun-deps|${{ inputs.arch }}|${{ inputs.distro-slug }}|${{ inputs.nox-session }}|${{ inputs.python-version }}|${{ + hashFiles('requirements/**/*.txt', 'cicd/golden-images.json', 'noxfile.py') + }} + # If we get a cache miss here it means the dependencies step failed to save the cache + fail-on-cache-miss: true + + - name: Decompress .nox Directory + run: | + nox --force-color -e decompress-dependencies -- ${{ inputs.distro-slug }} + + - name: Show System Info & Test Plan + env: + SKIP_REQUIREMENTS_INSTALL: "1" + PRINT_TEST_SELECTION: "1" + PRINT_TEST_PLAN_ONLY: "1" + PRINT_SYSTEM_INFO: "1" + GITHUB_ACTIONS_PIPELINE: "1" + SKIP_INITIAL_GH_ACTIONS_FAILURES: "1" + run: | + sudo -E nox --force-color -e ${{ inputs.nox-session }}-pkgs -- ${{ matrix.tests-chunk }} \ + ${{ matrix.version && format('--prev-version {0}', matrix.version) || ''}} + + - name: Run Package Tests + env: + SKIP_REQUIREMENTS_INSTALL: "1" + PRINT_TEST_SELECTION: "0" + PRINT_TEST_PLAN_ONLY: "0" + PRINT_SYSTEM_INFO: "0" + RERUN_FAILURES: "1" + GITHUB_ACTIONS_PIPELINE: "1" + SKIP_INITIAL_GH_ACTIONS_FAILURES: "1" + COVERAGE_CONTEXT: ${{ inputs.distro-slug }} + run: | + sudo -E nox --force-color -e ${{ inputs.nox-session }}-pkgs -- ${{ matrix.tests-chunk }} \ + ${{ matrix.version && format('--prev-version {0}', matrix.version) || ''}} + + - name: Fix file ownership + run: | + sudo chown -R "$(id -un)" . + + - name: Prepare Test Run Artifacts + id: download-artifacts-from-vm + if: always() + run: | + # Delete the salt onedir, we won't need it anymore and it will prevent + # from it showing in the tree command below + rm -rf artifacts/salt* + tree -a artifacts + + - name: Upload Test Run Artifacts + if: always() + uses: actions/upload-artifact@v3 + with: + name: pkg-testrun-artifacts-${{ inputs.distro-slug }}-${{ matrix.tests-chunk }} + path: | + artifacts + !artifacts/pkg/* + !artifacts/salt/* + !artifacts/salt-*.tar.* + + report: + name: Report + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + if: always() && (inputs.skip-code-coverage == false || inputs.skip-junit-reports == false) && needs.test.result != 'cancelled' && needs.test.result != 'skipped' + needs: + - test + - generate-matrix + strategy: + fail-fast: false + matrix: + include: ${{ fromJSON(needs.generate-matrix.outputs.pkg-matrix-include) }} + + steps: + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Download Test Run Artifacts + id: download-test-run-artifacts + uses: actions/download-artifact@v3 + with: + name: pkg-testrun-artifacts-${{ inputs.distro-slug }}-${{ matrix.tests-chunk }} + path: artifacts + + - name: Show Test Run Artifacts + if: always() && steps.download-test-run-artifacts.outcome == 'success' + run: | + tree -a artifacts + + - name: Set up Python ${{ inputs.python-version }} + uses: actions/setup-python@v4 + with: + python-version: "${{ inputs.python-version }}" + + - name: Install Nox + run: | + python3 -m pip install 'nox==${{ inputs.nox-version }}' + + - name: Publish Test Report + uses: mikepenz/action-junit-report@v3 + # always run even if the previous steps fails + if: always() && inputs.skip-junit-reports == false && steps.download-test-run-artifacts.outcome == 'success' + with: + check_name: Overall Test Results(${{ inputs.distro-slug }} ${{ matrix.tests-chunk }}) + report_paths: 'artifacts/xml-unittests-output/*.xml' + annotate_only: true diff --git a/.github/workflows/test-packages-action.yml b/.github/workflows/test-packages-action.yml new file mode 100644 index 00000000..fb77b855 --- /dev/null +++ b/.github/workflows/test-packages-action.yml @@ -0,0 +1,275 @@ +name: Test Artifact + +on: + workflow_call: + inputs: + distro-slug: + required: true + type: string + description: The OS slug to run tests against + platform: + required: true + type: string + description: The platform being tested + arch: + required: true + type: string + description: The platform arch being tested + pkg-type: + required: true + type: string + description: The platform arch being tested + salt-version: + type: string + required: true + description: The Salt version of the packages to install and test + cache-prefix: + required: true + type: string + description: Seed used to invalidate caches + testing-releases: + required: true + type: string + description: A JSON list of releases to test upgrades against + nox-version: + required: true + type: string + description: The nox version to install + python-version: + required: false + type: string + description: The python version to run tests with + default: "3.10" + fips: + required: false + type: boolean + default: false + description: Test run with FIPS enabled + package-name: + required: false + type: string + description: The onedir package name to use + default: salt + nox-session: + required: false + type: string + description: The nox session to run + default: ci-test-onedir + skip-code-coverage: + required: false + type: boolean + description: Skip code coverage + default: false + skip-junit-reports: + required: false + type: boolean + description: Skip Publishing JUnit Reports + default: false + +env: + COLUMNS: 190 + AWS_MAX_ATTEMPTS: "10" + AWS_RETRY_MODE: "adaptive" + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + +jobs: + + generate-matrix: + name: Generate Matrix + runs-on: + - self-hosted + - linux + - x86_64 + outputs: + pkg-matrix-include: ${{ steps.generate-pkg-matrix.outputs.matrix }} + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(shuf -i 1-30 -n 1); echo "Sleeping $t seconds"; sleep "$t" + + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-prefix }} + + - name: Generate Package Test Matrix + id: generate-pkg-matrix + run: | + tools ci pkg-matrix ${{ inputs.fips && '--fips ' || '' }}${{ inputs.distro-slug }} \ + ${{ inputs.pkg-type }} --testing-releases ${{ join(fromJSON(inputs.testing-releases), ' ') }} + + + test: + name: Test + runs-on: + - self-hosted + - linux + - bastion + timeout-minutes: 120 # 2 Hours - More than this and something is wrong + needs: + - generate-matrix + strategy: + fail-fast: false + matrix: + include: ${{ fromJSON(needs.generate-matrix.outputs.pkg-matrix-include) }} + + steps: + + - name: "Throttle Builds" + shell: bash + run: | + t=$(python3 -c 'import random, sys; sys.stdout.write(str(random.randint(1, 15)))'); echo "Sleeping $t seconds"; sleep "$t" + + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Download Packages + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.package-name }}-${{ inputs.salt-version }}-${{ inputs.arch }}-${{ inputs.pkg-type }} + path: artifacts/pkg/ + + - name: Download Onedir Tarball as an Artifact + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.tar.xz + path: artifacts/ + + - name: Decompress Onedir Tarball + shell: bash + run: | + python3 -c "import os; os.makedirs('artifacts', exist_ok=True)" + cd artifacts + tar xvf ${{ inputs.package-name }}-${{ inputs.salt-version }}-onedir-${{ inputs.platform }}-${{ inputs.arch }}.tar.xz + + - name: List Packages + run: | + tree artifacts/pkg/ + + - name: Download cached nox.${{ inputs.distro-slug }}.tar.* for session ${{ inputs.nox-session }} + uses: actions/cache@v3.3.1 + with: + path: nox.${{ inputs.distro-slug }}.tar.* + key: ${{ inputs.cache-prefix }}|testrun-deps|${{ inputs.arch }}|${{ inputs.distro-slug }}|${{ inputs.nox-session }}|${{ inputs.python-version }}|${{ + hashFiles('requirements/**/*.txt', 'cicd/golden-images.json', 'noxfile.py') + }} + # If we get a cache miss here it means the dependencies step failed to save the cache + fail-on-cache-miss: true + + - name: Setup Python Tools Scripts + uses: ./.github/actions/setup-python-tools-scripts + with: + cache-prefix: ${{ inputs.cache-prefix }} + + - name: Get Salt Project GitHub Actions Bot Environment + run: | + TOKEN=$(curl -sS -f -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 30") + SPB_ENVIRONMENT=$(curl -sS -f -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/tags/instance/spb:environment) + echo "SPB_ENVIRONMENT=$SPB_ENVIRONMENT" >> "$GITHUB_ENV" + + - name: Start VM + id: spin-up-vm + run: | + tools --timestamps vm create --environment "${SPB_ENVIRONMENT}" --retries=2 ${{ inputs.distro-slug }} + + - name: List Free Space + run: | + tools --timestamps vm ssh ${{ inputs.distro-slug }} -- df -h || true + + - name: Upload Checkout To VM + run: | + tools --timestamps vm rsync ${{ inputs.distro-slug }} + + - name: Decompress .nox Directory + run: | + tools --timestamps vm decompress-dependencies ${{ inputs.distro-slug }} + + - name: Downgrade importlib-metadata + if: ${{ contains(fromJSON('["amazonlinux-2", "centos-7", "debian-10"]'), inputs.distro-slug) && contains(fromJSON('["upgrade-classic", "downgrade-classic"]'), matrix.tests-chunk) }} + run: | + # This step can go away once we stop testing classic packages upgrade/downgrades to/from 3005.x + tools --timestamps vm ssh ${{ inputs.distro-slug }} -- "sudo python3 -m pip install -U 'importlib-metadata<=4.13.0' 'virtualenv<=20.21.1'" + + - name: Show System Info & Test Plan + run: | + tools --timestamps --timeout-secs=1800 vm testplan --skip-requirements-install \ + --nox-session=${{ inputs.nox-session }}-pkgs ${{ inputs.distro-slug }} -- ${{ matrix.tests-chunk }} \ + ${{ matrix.version && format('--prev-version {0}', matrix.version) || ''}} + + - name: Run Package Tests + run: | + tools --timestamps --no-output-timeout-secs=1800 --timeout-secs=14400 vm test --skip-requirements-install ${{ matrix.fips && '--fips ' || '' }}\ + --nox-session=${{ inputs.nox-session }}-pkgs --rerun-failures ${{ inputs.distro-slug }} -- ${{ matrix.tests-chunk }} \ + ${{ matrix.version && format('--prev-version {0}', matrix.version) || ''}} + + - name: Download Test Run Artifacts + id: download-artifacts-from-vm + if: always() && steps.spin-up-vm.outcome == 'success' + run: | + tools --timestamps vm download-artifacts ${{ inputs.distro-slug }} + # Delete the salt onedir, we won't need it anymore and it will prevent + # from it showing in the tree command below + rm -rf artifacts/salt* + tree -a artifacts + + - name: Destroy VM + if: always() + run: | + tools --timestamps vm destroy --no-wait ${{ inputs.distro-slug }} || true + + - name: Upload Test Run Artifacts + if: always() && steps.download-artifacts-from-vm.outcome == 'success' + uses: actions/upload-artifact@v3 + with: + name: pkg-testrun-artifacts-${{ inputs.distro-slug }}-${{ matrix.tests-chunk }} + path: | + artifacts + !artifacts/pkg/* + !artifacts/salt/* + !artifacts/salt-*.tar.* + + report: + name: Report + runs-on: + - self-hosted + - linux + - x86_64 + if: always() && (inputs.skip-code-coverage == false || inputs.skip-junit-reports == false) && needs.test.result != 'cancelled' && needs.test.result != 'skipped' + needs: + - test + - generate-matrix + strategy: + fail-fast: false + matrix: + include: ${{ fromJSON(needs.generate-matrix.outputs.pkg-matrix-include) }} + + steps: + - name: Checkout Source Code + uses: actions/checkout@v4 + + - name: Download Test Run Artifacts + id: download-test-run-artifacts + uses: actions/download-artifact@v3 + with: + name: pkg-testrun-artifacts-${{ inputs.distro-slug }}-${{ matrix.tests-chunk }} + path: artifacts + + - name: Show Test Run Artifacts + if: always() && steps.download-test-run-artifacts.outcome == 'success' + run: | + tree -a artifacts + + - name: Publish Test Report + uses: mikepenz/action-junit-report@v3 + # always run even if the previous steps fails + if: always() && inputs.skip-junit-reports == false && steps.download-test-run-artifacts.outcome == 'success' + with: + check_name: Overall Test Results(${{ inputs.distro-slug }} ${{ matrix.tests-chunk }}) + report_paths: 'artifacts/xml-unittests-output/*.xml' + annotate_only: true diff --git a/.github/workflows/triage.yml b/.github/workflows/triage.yml new file mode 100644 index 00000000..2971429a --- /dev/null +++ b/.github/workflows/triage.yml @@ -0,0 +1,63 @@ +--- +name: New Issues Triage Assignment +concurrency: 1 +on: + issues: + types: [opened] + + +env: + PIP_INDEX_URL: https://pypi-proxy.saltstack.net/root/local/+simple/ + PIP_EXTRA_INDEX_URL: https://pypi.org/simple + + +permissions: + contents: read + +jobs: + label-and-assign: + permissions: + actions: read # for dawidd6/action-download-artifact to query and download artifacts + contents: read # for actions/checkout to fetch code + issues: write + pull-requests: read # for dawidd6/action-download-artifact to query commit hash + name: Triage New Issue + runs-on: ${{ github.event.repository.private && fromJSON('["self-hosted", "linux", "x86_64"]') || 'ubuntu-latest' }} + steps: + + - uses: actions/checkout@v4 + + - name: Set up Python + uses: actions/setup-python@v4 + with: + python-version: 3.8 + + - name: Install Dependencies + run: | + pip install pygithub + + - name: Download last assignment cache + continue-on-error: true + uses: dawidd6/action-download-artifact@v2 + with: + workflow: triage.yml + name: last-assignment + path: .cache + + - name: Label And Assign + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + READ_ORG_TOKEN: ${{ secrets.READ_ORG_TEAM_MEMBERS_ISSUE_TRIAGE }} + run: | + python .github/workflows/scripts/label-and-assign.py \ + --org ${{ github.repository_owner }} \ + --repo ${{ github.event.repository.name }} \ + --team team-triage \ + --label needs-triage \ + --issue ${{ github.event.issue.number }} + + - name: Upload last assignment cache + uses: actions/upload-artifact@v3 + with: + name: last-assignment + path: .cache diff --git a/docs/_themes/saltstack2/static/images/github.png b/docs/_themes/saltstack2/static/images/github.png new file mode 100644 index 00000000..c2bba844 Binary files /dev/null and b/docs/_themes/saltstack2/static/images/github.png differ diff --git a/docs/ref/modules/all/salt.modules.github.rst b/docs/ref/modules/all/salt.modules.github.rst new file mode 100644 index 00000000..04d44068 --- /dev/null +++ b/docs/ref/modules/all/salt.modules.github.rst @@ -0,0 +1,5 @@ +salt.modules.github +=================== + +.. automodule:: salt.modules.github + :members: diff --git a/docs/ref/states/all/salt.states.github.rst b/docs/ref/states/all/salt.states.github.rst new file mode 100644 index 00000000..76ce26f6 --- /dev/null +++ b/docs/ref/states/all/salt.states.github.rst @@ -0,0 +1,5 @@ +salt.states.github +================== + +.. automodule:: salt.states.github + :members: diff --git a/src/saltext/github/modules/__init__.py b/src/saltext/github/modules/__init__.py new file mode 100644 index 00000000..95433ead --- /dev/null +++ b/src/saltext/github/modules/__init__.py @@ -0,0 +1,3 @@ +""" +Execution Module Directory +""" diff --git a/src/saltext/github/modules/github.py b/src/saltext/github/modules/github.py new file mode 100644 index 00000000..bc45f9ca --- /dev/null +++ b/src/saltext/github/modules/github.py @@ -0,0 +1,1907 @@ +""" +Module for interacting with the GitHub v3 API. + +.. versionadded:: 2016.3.0 + +:depends: PyGithub python module + +Configuration +------------- + +Configure this module by specifying the name of a configuration +profile in the minion config, minion pillar, or master config. The module +will use the 'github' key by default, if defined. + +For example: + +.. code-block:: yaml + + github: + token: abc1234 + org_name: my_organization + + # optional: some functions require a repo_name, which + # can be set in the config file, or passed in at the CLI. + repo_name: my_repo + + # optional: it can be dangerous to change the privacy of a repository + # in an automated way. set this to True to allow privacy modifications + allow_repo_privacy_changes: False +""" + + +import logging + +import salt.utils.http +from salt.exceptions import CommandExecutionError + +HAS_LIBS = False +try: + # pylint: disable=no-name-in-module + import github + import github.NamedUser + import github.PaginatedList + from github.GithubException import UnknownObjectException + + # pylint: enable=no-name-in-module + HAS_LIBS = True +except ImportError: + pass + +log = logging.getLogger(__name__) + +__virtualname__ = "github" + + +def __virtual__(): + """ + Only load this module if PyGithub is installed on this minion. + """ + if HAS_LIBS: + return __virtualname__ + return ( + False, + "The github execution module cannot be loaded: " + "PyGithub library is not installed.", + ) + + +def _get_config_value(profile, config_name): + """ + Helper function that returns a profile's configuration value based on + the supplied configuration name. + + profile + The profile name that contains configuration information. + + config_name + The configuration item's name to use to return configuration values. + """ + config = __salt__["config.option"](profile) + if not config: + raise CommandExecutionError( + "Authentication information could not be found for the " + "'{}' profile.".format(profile) + ) + + config_value = config.get(config_name) + if config_value is None: + raise CommandExecutionError( + "The '{}' parameter was not found in the '{}' profile.".format( + config_name, profile + ) + ) + + return config_value + + +def _get_client(profile): + """ + Return the GitHub client, cached into __context__ for performance + """ + token = _get_config_value(profile, "token") + key = "github.{}:{}".format(token, _get_config_value(profile, "org_name")) + + if key not in __context__: + __context__[key] = github.Github(token, per_page=100) + return __context__[key] + + +def _get_members(organization, params=None): + return github.PaginatedList.PaginatedList( + github.NamedUser.NamedUser, + organization._requester, + organization.url + "/members", + params, + ) + + +def _get_repos(profile, params=None, ignore_cache=False): + # Use cache when no params are given + org_name = _get_config_value(profile, "org_name") + key = "github.{}:repos".format(org_name) + + if key not in __context__ or ignore_cache or params is not None: + org_name = _get_config_value(profile, "org_name") + client = _get_client(profile) + organization = client.get_organization(org_name) + + result = github.PaginatedList.PaginatedList( + github.Repository.Repository, + organization._requester, + organization.url + "/repos", + params, + ) + + # Only cache results if no params were given (full scan) + if params is not None: + return result + + next_result = [] + + for repo in result: + next_result.append(repo) + + # Cache a copy of each repo for single lookups + repo_key = "github.{}:{}:repo_info".format(org_name, repo.name.lower()) + __context__[repo_key] = _repo_to_dict(repo) + + __context__[key] = next_result + + return __context__[key] + + +def list_users(profile="github", ignore_cache=False): + """ + List all users within the organization. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + ignore_cache + Bypasses the use of cached users. + + .. versionadded:: 2016.11.0 + + CLI Example: + + .. code-block:: bash + + salt myminion github.list_users + salt myminion github.list_users profile='my-github-profile' + """ + org_name = _get_config_value(profile, "org_name") + key = "github.{}:users".format(org_name) + if key not in __context__ or ignore_cache: + client = _get_client(profile) + organization = client.get_organization(org_name) + __context__[key] = [member.login for member in _get_members(organization, None)] + return __context__[key] + + +def get_user(name, profile="github", user_details=False): + """ + Get a GitHub user by name. + + name + The user for which to obtain information. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + user_details + Prints user information details. Defaults to ``False``. If the user is + already in the organization and user_details is set to False, the + get_user function returns ``True``. If the user is not already present + in the organization, user details will be printed by default. + + CLI Example: + + .. code-block:: bash + + salt myminion github.get_user github-handle + salt myminion github.get_user github-handle user_details=true + + """ + + if not user_details and name in list_users(profile): + # User is in the org, no need for additional Data + return True + + response = {} + client = _get_client(profile) + organization = client.get_organization(_get_config_value(profile, "org_name")) + + try: + user = client.get_user(name) + except UnknownObjectException: + log.exception("Resource not found") + return False + + response["company"] = user.company + response["created_at"] = user.created_at + response["email"] = user.email + response["html_url"] = user.html_url + response["id"] = user.id + response["login"] = user.login + response["name"] = user.name + response["type"] = user.type + response["url"] = user.url + + try: + headers, data = organization._requester.requestJsonAndCheck( + "GET", organization.url + "/memberships/" + user._identity + ) + except UnknownObjectException: + response["membership_state"] = "nonexistent" + response["in_org"] = False + return response + + response["in_org"] = organization.has_in_members(user) + response["membership_state"] = data.get("state") + + return response + + +def add_user(name, profile="github"): + """ + Add a GitHub user. + + name + The user for which to obtain information. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.add_user github-handle + """ + + client = _get_client(profile) + organization = client.get_organization(_get_config_value(profile, "org_name")) + + try: + github_named_user = client.get_user(name) + except UnknownObjectException: + log.exception("Resource not found") + return False + + headers, data = organization._requester.requestJsonAndCheck( + "PUT", organization.url + "/memberships/" + github_named_user._identity + ) + + return data.get("state") == "pending" + + +def remove_user(name, profile="github"): + """ + Remove a Github user by name. + + name + The user for which to obtain information. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.remove_user github-handle + """ + + client = _get_client(profile) + organization = client.get_organization(_get_config_value(profile, "org_name")) + + try: + git_user = client.get_user(name) + except UnknownObjectException: + log.exception("Resource not found") + return False + + if organization.has_in_members(git_user): + organization.remove_from_members(git_user) + + return not organization.has_in_members(git_user) + + +def get_issue(issue_number, repo_name=None, profile="github", output="min"): + """ + Return information about a single issue in a named repository. + + .. versionadded:: 2016.11.0 + + issue_number + The number of the issue to retrieve. + + repo_name + The name of the repository from which to get the issue. This argument is + required, either passed via the CLI, or defined in the configured + profile. A ``repo_name`` passed as a CLI argument will override the + repo_name defined in the configured profile, if provided. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + output + The amount of data returned by each issue. Defaults to ``min``. Change + to ``full`` to see all issue output. + + CLI Example: + + .. code-block:: bash + + salt myminion github.get_issue 514 + salt myminion github.get_issue 514 repo_name=salt + """ + org_name = _get_config_value(profile, "org_name") + if repo_name is None: + repo_name = _get_config_value(profile, "repo_name") + + action = "/".join(["repos", org_name, repo_name]) + command = "issues/" + str(issue_number) + + ret = {} + issue_data = _query(profile, action=action, command=command) + + issue_id = issue_data.get("id") + if output == "full": + ret[issue_id] = issue_data + else: + ret[issue_id] = _format_issue(issue_data) + + return ret + + +def get_issue_comments( + issue_number, repo_name=None, profile="github", since=None, output="min" +): + """ + Return information about the comments for a given issue in a named repository. + + .. versionadded:: 2016.11.0 + + issue_number + The number of the issue for which to retrieve comments. + + repo_name + The name of the repository to which the issue belongs. This argument is + required, either passed via the CLI, or defined in the configured + profile. A ``repo_name`` passed as a CLI argument will override the + repo_name defined in the configured profile, if provided. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + since + Only comments updated at or after this time are returned. This is a + timestamp in ISO 8601 format: ``YYYY-MM-DDTHH:MM:SSZ``. + + output + The amount of data returned by each issue. Defaults to ``min``. Change + to ``full`` to see all issue output. + + CLI Example: + + .. code-block:: bash + + salt myminion github.get_issue_comments 514 + salt myminion github.get_issue 514 repo_name=salt + """ + org_name = _get_config_value(profile, "org_name") + if repo_name is None: + repo_name = _get_config_value(profile, "repo_name") + + action = "/".join(["repos", org_name, repo_name]) + command = "/".join(["issues", str(issue_number), "comments"]) + + args = {} + if since: + args["since"] = since + + comments = _query(profile, action=action, command=command, args=args) + + ret = {} + for comment in comments: + comment_id = comment.get("id") + if output == "full": + ret[comment_id] = comment + else: + ret[comment_id] = { + "id": comment.get("id"), + "created_at": comment.get("created_at"), + "updated_at": comment.get("updated_at"), + "user_login": comment.get("user").get("login"), + } + return ret + + +def get_issues( + repo_name=None, + profile="github", + milestone=None, + state="open", + assignee=None, + creator=None, + mentioned=None, + labels=None, + sort="created", + direction="desc", + since=None, + output="min", + per_page=None, +): + """ + Returns information for all issues in a given repository, based on the search options. + + .. versionadded:: 2016.11.0 + + repo_name + The name of the repository for which to list issues. This argument is + required, either passed via the CLI, or defined in the configured + profile. A ``repo_name`` passed as a CLI argument will override the + repo_name defined in the configured profile, if provided. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + milestone + The number of a GitHub milestone, or a string of either ``*`` or + ``none``. + + If a number is passed, it should refer to a milestone by its number + field. Use the ``github.get_milestone`` function to obtain a milestone's + number. + + If the string ``*`` is passed, issues with any milestone are + accepted. If the string ``none`` is passed, issues without milestones + are returned. + + state + Indicates the state of the issues to return. Can be either ``open``, + ``closed``, or ``all``. Default is ``open``. + + assignee + Can be the name of a user. Pass in ``none`` (as a string) for issues + with no assigned user or ``*`` for issues assigned to any user. + + creator + The user that created the issue. + + mentioned + A user that's mentioned in the issue. + + labels + A string of comma separated label names. For example, ``bug,ui,@high``. + + sort + What to sort results by. Can be either ``created``, ``updated``, or + ``comments``. Default is ``created``. + + direction + The direction of the sort. Can be either ``asc`` or ``desc``. Default + is ``desc``. + + since + Only issues updated at or after this time are returned. This is a + timestamp in ISO 8601 format: ``YYYY-MM-DDTHH:MM:SSZ``. + + output + The amount of data returned by each issue. Defaults to ``min``. Change + to ``full`` to see all issue output. + + per_page + GitHub paginates data in their API calls. Use this value to increase or + decrease the number of issues gathered from GitHub, per page. If not set, + GitHub defaults are used. Maximum is 100. + + CLI Example: + + .. code-block:: bash + + salt myminion github.get_issues my-github-repo + """ + org_name = _get_config_value(profile, "org_name") + if repo_name is None: + repo_name = _get_config_value(profile, "repo_name") + + action = "/".join(["repos", org_name, repo_name]) + args = {} + + # Build API arguments, as necessary. + if milestone: + args["milestone"] = milestone + if assignee: + args["assignee"] = assignee + if creator: + args["creator"] = creator + if mentioned: + args["mentioned"] = mentioned + if labels: + args["labels"] = labels + if since: + args["since"] = since + if per_page: + args["per_page"] = per_page + + # Only pass the following API args if they're not the defaults listed. + if state and state != "open": + args["state"] = state + if sort and sort != "created": + args["sort"] = sort + if direction and direction != "desc": + args["direction"] = direction + + ret = {} + issues = _query(profile, action=action, command="issues", args=args) + + for issue in issues: + # Pull requests are included in the issue list from GitHub + # Let's not include those in the return. + if issue.get("pull_request"): + continue + issue_id = issue.get("id") + if output == "full": + ret[issue_id] = issue + else: + ret[issue_id] = _format_issue(issue) + + return ret + + +def get_milestones( + repo_name=None, + profile="github", + state="open", + sort="due_on", + direction="asc", + output="min", + per_page=None, +): + """ + Return information about milestones for a given repository. + + .. versionadded:: 2016.11.0 + + repo_name + The name of the repository for which to list issues. This argument is + required, either passed via the CLI, or defined in the configured + profile. A ``repo_name`` passed as a CLI argument will override the + repo_name defined in the configured profile, if provided. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + state + The state of the milestone. Either ``open``, ``closed``, or ``all``. + Default is ``open``. + + sort + What to sort results by. Either ``due_on`` or ``completeness``. Default + is ``due_on``. + + direction + The direction of the sort. Either ``asc`` or ``desc``. Default is ``asc``. + + output + The amount of data returned by each issue. Defaults to ``min``. Change + to ``full`` to see all issue output. + + per_page + GitHub paginates data in their API calls. Use this value to increase or + decrease the number of issues gathered from GitHub, per page. If not set, + GitHub defaults are used. + + CLI Example: + + .. code-block:: bash + + salt myminion github.get_milestones + + """ + org_name = _get_config_value(profile, "org_name") + if repo_name is None: + repo_name = _get_config_value(profile, "repo_name") + + action = "/".join(["repos", org_name, repo_name]) + args = {} + + if per_page: + args["per_page"] = per_page + + # Only pass the following API args if they're not the defaults listed. + if state and state != "open": + args["state"] = state + if sort and sort != "due_on": + args["sort"] = sort + if direction and direction != "asc": + args["direction"] = direction + + ret = {} + milestones = _query(profile, action=action, command="milestones", args=args) + + for milestone in milestones: + milestone_id = milestone.get("id") + if output == "full": + ret[milestone_id] = milestone + else: + milestone.pop("creator") + milestone.pop("html_url") + milestone.pop("labels_url") + ret[milestone_id] = milestone + + return ret + + +def get_milestone( + number=None, name=None, repo_name=None, profile="github", output="min" +): + """ + Return information about a single milestone in a named repository. + + .. versionadded:: 2016.11.0 + + number + The number of the milestone to retrieve. If provided, this option + will be favored over ``name``. + + name + The name of the milestone to retrieve. + + repo_name + The name of the repository for which to list issues. This argument is + required, either passed via the CLI, or defined in the configured + profile. A ``repo_name`` passed as a CLI argument will override the + repo_name defined in the configured profile, if provided. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + output + The amount of data returned by each issue. Defaults to ``min``. Change + to ``full`` to see all issue output. + + CLI Example: + + .. code-block:: bash + + salt myminion github.get_milestone 72 + salt myminion github.get_milestone name=my_milestone + + """ + ret = {} + + if not any([number, name]): + raise CommandExecutionError( + "Either a milestone 'name' or 'number' must be provided." + ) + + org_name = _get_config_value(profile, "org_name") + if repo_name is None: + repo_name = _get_config_value(profile, "repo_name") + + action = "/".join(["repos", org_name, repo_name]) + if number: + command = "milestones/" + str(number) + milestone_data = _query(profile, action=action, command=command) + milestone_id = milestone_data.get("id") + if output == "full": + ret[milestone_id] = milestone_data + else: + milestone_data.pop("creator") + milestone_data.pop("html_url") + milestone_data.pop("labels_url") + ret[milestone_id] = milestone_data + return ret + + else: + milestones = get_milestones(repo_name=repo_name, profile=profile, output=output) + for key, val in milestones.items(): + if val.get("title") == name: + ret[key] = val + return ret + + return ret + + +def _repo_to_dict(repo): + ret = {} + ret["id"] = repo.id + ret["name"] = repo.name + ret["full_name"] = repo.full_name + ret["owner"] = repo.owner.login + ret["private"] = repo.private + ret["html_url"] = repo.html_url + ret["description"] = repo.description + ret["fork"] = repo.fork + ret["homepage"] = repo.homepage + ret["size"] = repo.size + ret["stargazers_count"] = repo.stargazers_count + ret["watchers_count"] = repo.watchers_count + ret["language"] = repo.language + ret["open_issues_count"] = repo.open_issues_count + ret["forks"] = repo.forks + ret["open_issues"] = repo.open_issues + ret["watchers"] = repo.watchers + ret["default_branch"] = repo.default_branch + ret["has_issues"] = repo.has_issues + ret["has_wiki"] = repo.has_wiki + ret["has_downloads"] = repo.has_downloads + return ret + + +def get_repo_info(repo_name, profile="github", ignore_cache=False): + """ + Return information for a given repo. + + .. versionadded:: 2016.11.0 + + repo_name + The name of the repository. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.get_repo_info salt + salt myminion github.get_repo_info salt profile='my-github-profile' + """ + + org_name = _get_config_value(profile, "org_name") + key = "github.{}:{}:repo_info".format( + _get_config_value(profile, "org_name"), repo_name.lower() + ) + + if key not in __context__ or ignore_cache: + client = _get_client(profile) + try: + repo = client.get_repo("/".join([org_name, repo_name])) + if not repo: + return {} + + # client.get_repo can return a github.Repository.Repository object, + # even if the repo is invalid. We need to catch the exception when + # we try to perform actions on the repo object, rather than above + # the if statement. + ret = _repo_to_dict(repo) + + __context__[key] = ret + except github.UnknownObjectException: + raise CommandExecutionError( + "The '{}' repository under the '{}' organization could not " + "be found.".format(repo_name, org_name) + ) + return __context__[key] + + +def get_repo_teams(repo_name, profile="github"): + """ + Return teams belonging to a repository. + + .. versionadded:: 2017.7.0 + + repo_name + The name of the repository from which to retrieve teams. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.get_repo_teams salt + salt myminion github.get_repo_teams salt profile='my-github-profile' + """ + ret = [] + org_name = _get_config_value(profile, "org_name") + client = _get_client(profile) + + try: + repo = client.get_repo("/".join([org_name, repo_name])) + except github.UnknownObjectException: + raise CommandExecutionError( + "The '{}' repository under the '{}' organization could not " + "be found.".format(repo_name, org_name) + ) + try: + teams = repo.get_teams() + for team in teams: + ret.append( + {"id": team.id, "name": team.name, "permission": team.permission} + ) + except github.UnknownObjectException: + raise CommandExecutionError( + "Unable to retrieve teams for repository '{}' under the '{}' " + "organization.".format(repo_name, org_name) + ) + return ret + + +def list_repos(profile="github"): + """ + List all repositories within the organization. Includes public and private + repositories within the organization Dependent upon the access rights of + the profile token. + + .. versionadded:: 2016.11.0 + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.list_repos + salt myminion github.list_repos profile='my-github-profile' + """ + return [repo.name for repo in _get_repos(profile)] + + +def list_private_repos(profile="github"): + """ + List private repositories within the organization. Dependent upon the access + rights of the profile token. + + .. versionadded:: 2016.11.0 + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.list_private_repos + salt myminion github.list_private_repos profile='my-github-profile' + """ + repos = [] + for repo in _get_repos(profile): + if repo.private is True: + repos.append(repo.name) + return repos + + +def list_public_repos(profile="github"): + """ + List public repositories within the organization. + + .. versionadded:: 2016.11.0 + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.list_public_repos + salt myminion github.list_public_repos profile='my-github-profile' + """ + repos = [] + for repo in _get_repos(profile): + if repo.private is False: + repos.append(repo.name) + return repos + + +def add_repo( + name, + description=None, + homepage=None, + private=None, + has_issues=None, + has_wiki=None, + has_downloads=None, + auto_init=None, + gitignore_template=None, + license_template=None, + profile="github", +): + """ + Create a new github repository. + + name + The name of the team to be created. + + description + The description of the repository. + + homepage + The URL with more information about the repository. + + private + The visiblity of the repository. Note that private repositories require + a paid GitHub account. + + has_issues + Whether to enable issues for this repository. + + has_wiki + Whether to enable the wiki for this repository. + + has_downloads + Whether to enable downloads for this repository. + + auto_init + Whether to create an initial commit with an empty README. + + gitignore_template + The desired language or platform for a .gitignore, e.g "Haskell". + + license_template + The desired LICENSE template to apply, e.g "mit" or "mozilla". + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.add_repo 'repo_name' + + .. versionadded:: 2016.11.0 + """ + try: + client = _get_client(profile) + organization = client.get_organization(_get_config_value(profile, "org_name")) + given_params = { + "description": description, + "homepage": homepage, + "private": private, + "has_issues": has_issues, + "has_wiki": has_wiki, + "has_downloads": has_downloads, + "auto_init": auto_init, + "gitignore_template": gitignore_template, + "license_template": license_template, + } + parameters = {"name": name} + for param_name, param_value in given_params.items(): + if param_value is not None: + parameters[param_name] = param_value + + organization._requester.requestJsonAndCheck( + "POST", organization.url + "/repos", input=parameters + ) + return True + except github.GithubException: + log.exception("Error creating a repo") + return False + + +def edit_repo( + name, + description=None, + homepage=None, + private=None, + has_issues=None, + has_wiki=None, + has_downloads=None, + profile="github", +): + """ + Updates an existing Github repository. + + name + The name of the team to be created. + + description + The description of the repository. + + homepage + The URL with more information about the repository. + + private + The visiblity of the repository. Note that private repositories require + a paid GitHub account. + + has_issues + Whether to enable issues for this repository. + + has_wiki + Whether to enable the wiki for this repository. + + has_downloads + Whether to enable downloads for this repository. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.add_repo 'repo_name' + + .. versionadded:: 2016.11.0 + """ + + try: + allow_private_change = _get_config_value(profile, "allow_repo_privacy_changes") + except CommandExecutionError: + allow_private_change = False + + if private is not None and not allow_private_change: + raise CommandExecutionError( + "The private field is set to be changed for " + "repo {} but allow_repo_privacy_changes " + "disallows this.".format(name) + ) + + try: + client = _get_client(profile) + organization = client.get_organization(_get_config_value(profile, "org_name")) + repo = organization.get_repo(name) + + given_params = { + "description": description, + "homepage": homepage, + "private": private, + "has_issues": has_issues, + "has_wiki": has_wiki, + "has_downloads": has_downloads, + } + parameters = {"name": name} + for param_name, param_value in given_params.items(): + if param_value is not None: + parameters[param_name] = param_value + + organization._requester.requestJsonAndCheck("PATCH", repo.url, input=parameters) + get_repo_info(name, profile=profile, ignore_cache=True) # Refresh cache + return True + except github.GithubException: + log.exception("Error editing a repo") + return False + + +def remove_repo(name, profile="github"): + """ + Remove a Github repository. + + name + The name of the repository to be removed. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.remove_repo 'my-repo' + + .. versionadded:: 2016.11.0 + """ + repo_info = get_repo_info(name, profile=profile) + if not repo_info: + log.error("Repo %s to be removed does not exist.", name) + return False + try: + client = _get_client(profile) + organization = client.get_organization(_get_config_value(profile, "org_name")) + repo = organization.get_repo(name) + repo.delete() + _get_repos(profile=profile, ignore_cache=True) # refresh cache + return True + except github.GithubException: + log.exception("Error deleting a repo") + return False + + +def get_team(name, profile="github"): + """ + Returns the team details if a team with the given name exists, or None + otherwise. + + name + The team name for which to obtain information. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.get_team 'team_name' + """ + return list_teams(profile).get(name) + + +def add_team( + name, + description=None, + repo_names=None, + privacy=None, + permission=None, + profile="github", +): + """ + Create a new Github team within an organization. + + name + The name of the team to be created. + + description + The description of the team. + + repo_names + The names of repositories to add the team to. + + privacy + The level of privacy for the team, can be 'secret' or 'closed'. + + permission + The default permission for new repositories added to the team, can be + 'pull', 'push' or 'admin'. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.add_team 'team_name' + + .. versionadded:: 2016.11.0 + """ + try: + client = _get_client(profile) + organization = client.get_organization(_get_config_value(profile, "org_name")) + parameters = {} + parameters["name"] = name + + if description is not None: + parameters["description"] = description + if repo_names is not None: + parameters["repo_names"] = repo_names + if permission is not None: + parameters["permission"] = permission + if privacy is not None: + parameters["privacy"] = privacy + + organization._requester.requestJsonAndCheck( + "POST", organization.url + "/teams", input=parameters + ) + list_teams(ignore_cache=True) # Refresh cache + return True + except github.GithubException: + log.exception("Error creating a team") + return False + + +def edit_team(name, description=None, privacy=None, permission=None, profile="github"): + """ + Updates an existing Github team. + + name + The name of the team to be edited. + + description + The description of the team. + + privacy + The level of privacy for the team, can be 'secret' or 'closed'. + + permission + The default permission for new repositories added to the team, can be + 'pull', 'push' or 'admin'. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.edit_team 'team_name' description='Team description' + + .. versionadded:: 2016.11.0 + """ + team = get_team(name, profile=profile) + if not team: + log.error("Team %s does not exist", name) + return False + try: + client = _get_client(profile) + organization = client.get_organization(_get_config_value(profile, "org_name")) + team = organization.get_team(team["id"]) + + parameters = {} + if name is not None: + parameters["name"] = name + if description is not None: + parameters["description"] = description + if privacy is not None: + parameters["privacy"] = privacy + if permission is not None: + parameters["permission"] = permission + + team._requester.requestJsonAndCheck("PATCH", team.url, input=parameters) + return True + except UnknownObjectException: + log.exception("Resource not found") + return False + + +def remove_team(name, profile="github"): + """ + Remove a github team. + + name + The name of the team to be removed. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.remove_team 'team_name' + + .. versionadded:: 2016.11.0 + """ + team_info = get_team(name, profile=profile) + if not team_info: + log.error("Team %s to be removed does not exist.", name) + return False + try: + client = _get_client(profile) + organization = client.get_organization(_get_config_value(profile, "org_name")) + team = organization.get_team(team_info["id"]) + team.delete() + return list_teams(ignore_cache=True, profile=profile).get(name) is None + except github.GithubException: + log.exception("Error deleting a team") + return False + + +def list_team_repos(team_name, profile="github", ignore_cache=False): + """ + Gets the repo details for a given team as a dict from repo_name to repo details. + Note that repo names are always in lower case. + + team_name + The name of the team from which to list repos. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + ignore_cache + Bypasses the use of cached team repos. + + CLI Example: + + .. code-block:: bash + + salt myminion github.list_team_repos 'team_name' + + .. versionadded:: 2016.11.0 + """ + cached_team = get_team(team_name, profile=profile) + if not cached_team: + log.error("Team %s does not exist.", team_name) + return False + + # Return from cache if available + if cached_team.get("repos") and not ignore_cache: + return cached_team.get("repos") + + try: + client = _get_client(profile) + organization = client.get_organization(_get_config_value(profile, "org_name")) + team = organization.get_team(cached_team["id"]) + except UnknownObjectException: + log.exception("Resource not found: %s", cached_team["id"]) + try: + repos = {} + for repo in team.get_repos(): + permission = "pull" + if repo.permissions.admin: + permission = "admin" + elif repo.permissions.push: + permission = "push" + + repos[repo.name.lower()] = {"permission": permission} + cached_team["repos"] = repos + return repos + except UnknownObjectException: + log.exception("Resource not found: %s", cached_team["id"]) + return [] + + +def add_team_repo(repo_name, team_name, profile="github", permission=None): + """ + Adds a repository to a team with team_name. + + repo_name + The name of the repository to add. + + team_name + The name of the team of which to add the repository. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + permission + The permission for team members within the repository, can be 'pull', + 'push' or 'admin'. If not specified, the default permission specified on + the team will be used. + + .. versionadded:: 2017.7.0 + + CLI Example: + + .. code-block:: bash + + salt myminion github.add_team_repo 'my_repo' 'team_name' + + .. versionadded:: 2016.11.0 + """ + team = get_team(team_name, profile=profile) + if not team: + log.error("Team %s does not exist", team_name) + return False + try: + client = _get_client(profile) + organization = client.get_organization(_get_config_value(profile, "org_name")) + team = organization.get_team(team["id"]) + repo = organization.get_repo(repo_name) + except UnknownObjectException: + log.exception("Resource not found: %s", team["id"]) + return False + params = None + if permission is not None: + params = {"permission": permission} + + headers, data = team._requester.requestJsonAndCheck( + "PUT", team.url + "/repos/" + repo._identity, input=params + ) + # Try to refresh cache + list_team_repos(team_name, profile=profile, ignore_cache=True) + return True + + +def remove_team_repo(repo_name, team_name, profile="github"): + """ + Removes a repository from a team with team_name. + + repo_name + The name of the repository to remove. + + team_name + The name of the team of which to remove the repository. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.remove_team_repo 'my_repo' 'team_name' + + .. versionadded:: 2016.11.0 + """ + team = get_team(team_name, profile=profile) + if not team: + log.error("Team %s does not exist", team_name) + return False + try: + client = _get_client(profile) + organization = client.get_organization(_get_config_value(profile, "org_name")) + team = organization.get_team(team["id"]) + repo = organization.get_repo(repo_name) + except UnknownObjectException: + log.exception("Resource not found: %s", team["id"]) + return False + team.remove_from_repos(repo) + return repo_name not in list_team_repos( + team_name, profile=profile, ignore_cache=True + ) + + +def list_team_members(team_name, profile="github", ignore_cache=False): + """ + Gets the names of team members in lower case. + + team_name + The name of the team from which to list members. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + ignore_cache + Bypasses the use of cached team members. + + CLI Example: + + .. code-block:: bash + + salt myminion github.list_team_members 'team_name' + + .. versionadded:: 2016.11.0 + """ + cached_team = get_team(team_name, profile=profile) + if not cached_team: + log.error("Team %s does not exist.", team_name) + return False + # Return from cache if available + if cached_team.get("members") and not ignore_cache: + return cached_team.get("members") + + try: + client = _get_client(profile) + organization = client.get_organization(_get_config_value(profile, "org_name")) + team = organization.get_team(cached_team["id"]) + except UnknownObjectException: + log.exception("Resource not found: %s", cached_team["id"]) + try: + cached_team["members"] = [member.login.lower() for member in team.get_members()] + return cached_team["members"] + except UnknownObjectException: + log.exception("Resource not found: %s", cached_team["id"]) + return [] + + +def list_members_without_mfa(profile="github", ignore_cache=False): + """ + List all members (in lower case) without MFA turned on. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + ignore_cache + Bypasses the use of cached team repos. + + CLI Example: + + .. code-block:: bash + + salt myminion github.list_members_without_mfa + + .. versionadded:: 2016.11.0 + """ + key = "github.{}:non_mfa_users".format(_get_config_value(profile, "org_name")) + + if key not in __context__ or ignore_cache: + client = _get_client(profile) + organization = client.get_organization(_get_config_value(profile, "org_name")) + + filter_key = "filter" + # Silly hack to see if we're past PyGithub 1.26.0, where the name of + # the filter kwarg changed + if hasattr(github.Team.Team, "membership"): + filter_key = "filter_" + + __context__[key] = [ + m.login.lower() + for m in _get_members(organization, {filter_key: "2fa_disabled"}) + ] + return __context__[key] + + +def is_team_member(name, team_name, profile="github"): + """ + Returns True if the github user is in the team with team_name, or False + otherwise. + + name + The name of the user whose membership to check. + + team_name + The name of the team to check membership in. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.is_team_member 'user_name' 'team_name' + + .. versionadded:: 2016.11.0 + """ + return name.lower() in list_team_members(team_name, profile=profile) + + +def add_team_member(name, team_name, profile="github"): + """ + Adds a team member to a team with team_name. + + name + The name of the team member to add. + + team_name + The name of the team of which to add the user. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.add_team_member 'user_name' 'team_name' + + .. versionadded:: 2016.11.0 + """ + team = get_team(team_name, profile=profile) + if not team: + log.error("Team %s does not exist", team_name) + return False + try: + client = _get_client(profile) + organization = client.get_organization(_get_config_value(profile, "org_name")) + team = organization.get_team(team["id"]) + member = client.get_user(name) + except UnknownObjectException: + log.exception("Resource not found: %s", team["id"]) + return False + + try: + # Can't use team.add_membership due to this bug that hasn't made it into + # a PyGithub release yet https://github.com/PyGithub/PyGithub/issues/363 + headers, data = team._requester.requestJsonAndCheck( + "PUT", + team.url + "/memberships/" + member._identity, + input={"role": "member"}, + parameters={"role": "member"}, + ) + except github.GithubException: + log.exception("Error in adding a member to a team") + return False + return True + + +def remove_team_member(name, team_name, profile="github"): + """ + Removes a team member from a team with team_name. + + name + The name of the team member to remove. + + team_name + The name of the team from which to remove the user. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + CLI Example: + + .. code-block:: bash + + salt myminion github.remove_team_member 'user_name' 'team_name' + + .. versionadded:: 2016.11.0 + """ + team = get_team(team_name, profile=profile) + if not team: + log.error("Team %s does not exist", team_name) + return False + try: + client = _get_client(profile) + organization = client.get_organization(_get_config_value(profile, "org_name")) + team = organization.get_team(team["id"]) + member = client.get_user(name) + + except UnknownObjectException: + log.exception("Resource not found: %s", team["id"]) + return False + + if not hasattr(team, "remove_from_members"): + return ( + False, + "PyGithub 1.26.0 or greater is required for team " + "management, please upgrade.", + ) + + team.remove_from_members(member) + return not team.has_in_members(member) + + +def list_teams(profile="github", ignore_cache=False): + """ + Lists all teams with the organization. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + ignore_cache + Bypasses the use of cached teams. + + CLI Example: + + .. code-block:: bash + + salt myminion github.list_teams + + .. versionadded:: 2016.11.0 + """ + key = "github.{}:teams".format(_get_config_value(profile, "org_name")) + + if key not in __context__ or ignore_cache: + client = _get_client(profile) + organization = client.get_organization(_get_config_value(profile, "org_name")) + teams_data = organization.get_teams() + teams = {} + for team in teams_data: + # Note that _rawData is used to access some properties here as they + # are not exposed in older versions of PyGithub. It's VERY important + # to use team._rawData instead of team.raw_data, as the latter forces + # an API call to retrieve team details again. + teams[team.name] = { + "id": team.id, + "slug": team.slug, + "description": team._rawData["description"], + "permission": team.permission, + "privacy": team._rawData["privacy"], + } + __context__[key] = teams + + return __context__[key] + + +def get_prs( + repo_name=None, + profile="github", + state="open", + head=None, + base=None, + sort="created", + direction="desc", + output="min", + per_page=None, +): + """ + Returns information for all pull requests in a given repository, based on + the search options provided. + + .. versionadded:: 2017.7.0 + + repo_name + The name of the repository for which to list pull requests. This + argument is required, either passed via the CLI, or defined in the + configured profile. A ``repo_name`` passed as a CLI argument will + override the ``repo_name`` defined in the configured profile, if + provided. + + profile + The name of the profile configuration to use. Defaults to ``github``. + + state + Indicates the state of the pull requests to return. Can be either + ``open``, ``closed``, or ``all``. Default is ``open``. + + head + Filter pull requests by head user and branch name in the format of + ``user:ref-name``. Example: ``'github:new-script-format'``. Default + is ``None``. + + base + Filter pulls by base branch name. Example: ``gh-pages``. Default is + ``None``. + + sort + What to sort results by. Can be either ``created``, ``updated``, + ``popularity`` (comment count), or ``long-running`` (age, filtering + by pull requests updated within the last month). Default is ``created``. + + direction + The direction of the sort. Can be either ``asc`` or ``desc``. Default + is ``desc``. + + output + The amount of data returned by each pull request. Defaults to ``min``. + Change to ``full`` to see all pull request output. + + per_page + GitHub paginates data in their API calls. Use this value to increase or + decrease the number of pull requests gathered from GitHub, per page. If + not set, GitHub defaults are used. Maximum is 100. + + CLI Example: + + .. code-block:: bash + + salt myminion github.get_prs + salt myminion github.get_prs base=2016.11 + """ + org_name = _get_config_value(profile, "org_name") + if repo_name is None: + repo_name = _get_config_value(profile, "repo_name") + + action = "/".join(["repos", org_name, repo_name]) + args = {} + + # Build API arguments, as necessary. + if head: + args["head"] = head + if base: + args["base"] = base + if per_page: + args["per_page"] = per_page + + # Only pass the following API args if they're not the defaults listed. + if state and state != "open": + args["state"] = state + if sort and sort != "created": + args["sort"] = sort + if direction and direction != "desc": + args["direction"] = direction + + ret = {} + prs = _query(profile, action=action, command="pulls", args=args) + + for pr_ in prs: + pr_id = pr_.get("id") + if output == "full": + ret[pr_id] = pr_ + else: + ret[pr_id] = _format_pr(pr_) + + return ret + + +def _format_pr(pr_): + """ + Helper function to format API return information into a more manageable + and useful dictionary for pull request information. + + pr_ + The pull request to format. + """ + ret = { + "id": pr_.get("id"), + "pr_number": pr_.get("number"), + "state": pr_.get("state"), + "title": pr_.get("title"), + "user": pr_.get("user").get("login"), + "html_url": pr_.get("html_url"), + "base_branch": pr_.get("base").get("ref"), + } + + return ret + + +def _format_issue(issue): + """ + Helper function to format API return information into a more manageable + and useful dictionary for issue information. + + issue + The issue to format. + """ + ret = { + "id": issue.get("id"), + "issue_number": issue.get("number"), + "state": issue.get("state"), + "title": issue.get("title"), + "user": issue.get("user").get("login"), + "html_url": issue.get("html_url"), + } + + assignee = issue.get("assignee") + if assignee: + assignee = assignee.get("login") + + labels = issue.get("labels") + label_names = [] + for label in labels: + label_names.append(label.get("name")) + + milestone = issue.get("milestone") + if milestone: + milestone = milestone.get("title") + + ret["assignee"] = assignee + ret["labels"] = label_names + ret["milestone"] = milestone + + return ret + + +def _query( + profile, + action=None, + command=None, + args=None, + method="GET", + header_dict=None, + data=None, + url="https://api.github.com/", + per_page=None, +): + """ + Make a web call to the GitHub API and deal with paginated results. + """ + if not isinstance(args, dict): + args = {} + + if action: + url += action + + if command: + url += "/{}".format(command) + + log.debug("GitHub URL: %s", url) + + if "access_token" not in args.keys(): + args["access_token"] = _get_config_value(profile, "token") + if per_page and "per_page" not in args.keys(): + args["per_page"] = per_page + + if header_dict is None: + header_dict = {} + + if method != "POST": + header_dict["Accept"] = "application/json" + + decode = True + if method == "DELETE": + decode = False + + # GitHub paginates all queries when returning many items. + # Gather all data using multiple queries and handle pagination. + complete_result = [] + next_page = True + page_number = "" + while next_page is True: + if page_number: + args["page"] = page_number + result = salt.utils.http.query( + url, + method, + params=args, + data=data, + header_dict=header_dict, + decode=decode, + decode_type="json", + headers=True, + status=True, + text=True, + hide_fields=["access_token"], + opts=__opts__, + ) + log.debug("GitHub Response Status Code: %s", result["status"]) + + if result["status"] == 200: + if isinstance(result["dict"], dict): + # If only querying for one item, such as a single issue + # The GitHub API returns a single dictionary, instead of + # A list of dictionaries. In that case, we can return. + return result["dict"] + + complete_result = complete_result + result["dict"] + else: + raise CommandExecutionError( + "GitHub Response Error: {}".format(result.get("error")) + ) + + try: + link_info = result.get("headers").get("Link").split(",")[0] + except AttributeError: + # Only one page of data was returned; exit the loop. + next_page = False + continue + + if "next" in link_info: + # Get the 'next' page number from the Link header. + page_number = link_info.split(">")[0].split("&page=")[1] + else: + # Last page already processed; break the loop. + next_page = False + + return complete_result diff --git a/src/saltext/github/states/__init__.py b/src/saltext/github/states/__init__.py new file mode 100644 index 00000000..a3d87d27 --- /dev/null +++ b/src/saltext/github/states/__init__.py @@ -0,0 +1,3 @@ +""" +States Directory +""" diff --git a/src/saltext/github/states/github.py b/src/saltext/github/states/github.py new file mode 100644 index 00000000..f93e6e87 --- /dev/null +++ b/src/saltext/github/states/github.py @@ -0,0 +1,808 @@ +""" +Github User State Module + +.. versionadded:: 2016.3.0 + +This state is used to ensure presence of users in the Organization. + +.. code-block:: yaml + + ensure user test is present in github: + github.present: + - name: 'Example TestUser1' + - email: example@domain.com + - username: 'gitexample' +""" + +import datetime +import logging +import time + +from salt.exceptions import CommandExecutionError + +log = logging.getLogger(__name__) + + +def __virtual__(): + """ + Only load if the github module is available in __salt__ + """ + if "github.list_users" in __salt__: + return "github" + return (False, "github module could not be loaded") + + +def present(name, profile="github", **kwargs): + """ + Ensure a user is present + + .. code-block:: yaml + + ensure user test is present in github: + github.present: + - name: 'gitexample' + + The following parameters are required: + + name + This is the github handle of the user in the organization + """ + + ret = {"name": name, "changes": {}, "result": None, "comment": ""} + + target = __salt__["github.get_user"](name, profile=profile, **kwargs) + + # If the user has a valid github handle and is not in the org already + if not target: + ret["result"] = False + ret["comment"] = "Couldnt find user {}".format(name) + elif isinstance(target, bool) and target: + ret["comment"] = "User {} is already in the org ".format(name) + ret["result"] = True + elif ( + not target.get("in_org", False) and target.get("membership_state") != "pending" + ): + if __opts__["test"]: + ret["comment"] = "User {} will be added to the org".format(name) + return ret + + # add the user + result = __salt__["github.add_user"](name, profile=profile, **kwargs) + + if result: + ret["changes"].setdefault("old", None) + ret["changes"].setdefault( + "new", "User {} exists in the org now".format(name) + ) + ret["result"] = True + else: + ret["result"] = False + ret["comment"] = "Failed to add user {} to the org".format(name) + else: + ret["comment"] = "User {} has already been invited.".format(name) + ret["result"] = True + + return ret + + +def absent(name, profile="github", **kwargs): + """ + Ensure a github user is absent + + .. code-block:: yaml + + ensure user test is absent in github: + github.absent: + - name: 'Example TestUser1' + - email: example@domain.com + - username: 'gitexample' + + The following parameters are required: + + name + Github handle of the user in organization + + """ + email = kwargs.get("email") + full_name = kwargs.get("fullname") + + ret = { + "name": name, + "changes": {}, + "result": None, + "comment": "User {} is absent.".format(name), + } + + target = __salt__["github.get_user"](name, profile=profile, **kwargs) + + if target: + if isinstance(target, bool) or target.get("in_org", False): + if __opts__["test"]: + ret["comment"] = "User {} will be deleted".format(name) + ret["result"] = None + return ret + + result = __salt__["github.remove_user"](name, profile=profile, **kwargs) + + if result: + ret["comment"] = "Deleted user {}".format(name) + ret["changes"].setdefault("old", "User {} exists".format(name)) + ret["changes"].setdefault("new", "User {} deleted".format(name)) + ret["result"] = True + else: + ret["comment"] = "Failed to delete {}".format(name) + ret["result"] = False + else: + ret["comment"] = "User {} has already been deleted!".format(name) + ret["result"] = True + else: + ret["comment"] = "User {} does not exist".format(name) + ret["result"] = True + return ret + + return ret + + +def team_present( + name, + description=None, + repo_names=None, + privacy="secret", + permission="pull", + members=None, + enforce_mfa=False, + no_mfa_grace_seconds=0, + profile="github", + **kwargs +): + """ + Ensure a team is present + + name + This is the name of the team in the organization. + + description + The description of the team. + + repo_names + The names of repositories to add the team to. + + privacy + The level of privacy for the team, can be 'secret' or 'closed'. Defaults + to secret. + + permission + The default permission for new repositories added to the team, can be + 'pull', 'push' or 'admin'. Defaults to pull. + + members + The members belonging to the team, specified as a dict of member name to + optional configuration. Options include 'enforce_mfa_from' and 'mfa_exempt'. + + enforce_mfa + Whether to enforce MFA requirements on members of the team. If True then + all members without `mfa_exempt: True` configured will be removed from + the team. Note that `no_mfa_grace_seconds` may be set to allow members + a grace period. + + no_mfa_grace_seconds + The number of seconds of grace time that a member will have to enable MFA + before being removed from the team. The grace period will begin from + `enforce_mfa_from` on the member configuration, which defaults to + 1970/01/01. + + Example: + + .. code-block:: yaml + + Ensure team test is present in github: + github.team_present: + - name: 'test' + - members: + user1: {} + user2: {} + + Ensure team test_mfa is present in github: + github.team_present: + - name: 'test_mfa' + - members: + user1: + enforce_mfa_from: 2016/06/15 + - enforce_mfa: True + + .. versionadded:: 2016.11.0 + """ + ret = {"name": name, "changes": {}, "result": True, "comment": ""} + + target = __salt__["github.get_team"](name, profile=profile, **kwargs) + test_comments = [] + + if target: # Team already exists + parameters = {} + if description is not None and target["description"] != description: + parameters["description"] = description + if permission is not None and target["permission"] != permission: + parameters["permission"] = permission + if privacy is not None and target["privacy"] != privacy: + parameters["privacy"] = privacy + + if len(parameters) > 0: + if __opts__["test"]: + test_comments.append( + "Team properties are set to be edited: {}".format(parameters) + ) + ret["result"] = None + else: + result = __salt__["github.edit_team"]( + name, profile=profile, **parameters + ) + if result: + ret["changes"]["team"] = { + "old": "Team properties were {}".format(target), + "new": "Team properties (that changed) are {}".format( + parameters + ), + } + else: + ret["result"] = False + ret["comment"] = "Failed to update team properties." + return ret + + manage_repos = repo_names is not None + current_repos = set( + __salt__["github.list_team_repos"](name, profile=profile).keys() + ) + repo_names = set(repo_names or []) + + repos_to_add = repo_names - current_repos + repos_to_remove = current_repos - repo_names if repo_names else [] + + if repos_to_add: + if __opts__["test"]: + test_comments.append( + "Team {} will have the following repos added: {}.".format( + name, list(repos_to_add) + ) + ) + ret["result"] = None + else: + for repo_name in repos_to_add: + result = __salt__["github.add_team_repo"]( + repo_name, name, profile=profile, **kwargs + ) + if result: + ret["changes"][repo_name] = { + "old": "Repo {} is not in team {}".format(repo_name, name), + "new": "Repo {} is in team {}".format(repo_name, name), + } + else: + ret["result"] = False + ret["comment"] = "Failed to add repo {} to team {}.".format( + repo_name, name + ) + return ret + + if repos_to_remove: + if __opts__["test"]: + test_comments.append( + "Team {} will have the following repos removed: {}.".format( + name, list(repos_to_remove) + ) + ) + ret["result"] = None + else: + for repo_name in repos_to_remove: + result = __salt__["github.remove_team_repo"]( + repo_name, name, profile=profile, **kwargs + ) + if result: + ret["changes"][repo_name] = { + "old": "Repo {} is in team {}".format(repo_name, name), + "new": "Repo {} is not in team {}".format(repo_name, name), + } + else: + ret["result"] = False + ret[ + "comment" + ] = "Failed to remove repo {} from team {}.".format( + repo_name, name + ) + return ret + + else: # Team does not exist - it will be created. + if __opts__["test"]: + ret["comment"] = "Team {} is set to be created.".format(name) + ret["result"] = None + return ret + + result = __salt__["github.add_team"]( + name, + description=description, + repo_names=repo_names, + permission=permission, + privacy=privacy, + profile=profile, + **kwargs + ) + if result: + ret["changes"]["team"] = {} + ret["changes"]["team"]["old"] = None + ret["changes"]["team"]["new"] = "Team {} has been created".format(name) + else: + ret["result"] = False + ret["comment"] = "Failed to create team {}.".format(name) + return ret + + manage_members = members is not None + + mfa_deadline = datetime.datetime.utcnow() - datetime.timedelta( + seconds=no_mfa_grace_seconds + ) + members_no_mfa = __salt__["github.list_members_without_mfa"](profile=profile) + + members_lower = {} + for member_name, info in members or {}.items(): + members_lower[member_name.lower()] = info + + member_change = False + current_members = __salt__["github.list_team_members"](name, profile=profile) + + for member, member_info in members or {}.items(): + log.info("Checking member %s in team %s", member, name) + + if member.lower() not in current_members: + if enforce_mfa and _member_violates_mfa( + member, member_info, mfa_deadline, members_no_mfa + ): + if __opts__["test"]: + test_comments.append( + "User {} will not be added to the " + "team because they do not have MFA." + "".format(member) + ) + else: # Add to team + member_change = True + if __opts__["test"]: + test_comments.append( + "User {} set to be added to the team.".format(member) + ) + ret["result"] = None + else: + result = __salt__["github.add_team_member"]( + member, name, profile=profile, **kwargs + ) + if result: + ret["changes"][member] = {} + ret["changes"][member][ + "old" + ] = "User {} is not in team {}".format(member, name) + ret["changes"][member]["new"] = "User {} is in team {}".format( + member, name + ) + else: + ret["result"] = False + ret["comment"] = "Failed to add user {} to team {}.".format( + member, name + ) + return ret + + for member in current_members: + mfa_violation = False + if member in members_lower: + mfa_violation = _member_violates_mfa( + member, members_lower[member], mfa_deadline, members_no_mfa + ) + if ( + manage_members + and member not in members_lower + or (enforce_mfa and mfa_violation) + ): + # Remove from team + member_change = True + if __opts__["test"]: + if mfa_violation: + test_comments.append( + "User {} set to be removed from the " + "team because they do not have MFA.".format(member) + ) + else: + test_comments.append( + "User {} set to be removed from the team.".format(member) + ) + ret["result"] = None + else: + result = __salt__["github.remove_team_member"]( + member, name, profile=profile, **kwargs + ) + if result: + extra_changes = " due to MFA violation" if mfa_violation else "" + ret["changes"][member] = { + "old": "User {} is in team {}".format(member, name), + "new": "User {} is not in team {}{}".format( + member, name, extra_changes + ), + } + else: + ret["result"] = False + ret["comment"] = "Failed to remove user {} from team {}.".format( + member, name + ) + return ret + + if member_change: # Refresh team cache + __salt__["github.list_team_members"]( + name, profile=profile, ignore_cache=False, **kwargs + ) + + if len(test_comments) > 0: + ret["comment"] = "\n".join(test_comments) + return ret + + +def _member_violates_mfa(member, member_info, mfa_deadline, members_without_mfa): + if member_info.get("mfa_exempt", False): + return False + enforce_mfa_from = datetime.datetime.strptime( + member_info.get("enforce_mfa_from", "1970/01/01"), "%Y/%m/%d" + ) + return member.lower() in members_without_mfa and (mfa_deadline > enforce_mfa_from) + + +def team_absent(name, profile="github", **kwargs): + """ + Ensure a team is absent. + + Example: + + .. code-block:: yaml + + ensure team test is present in github: + github.team_absent: + - name: 'test' + + + The following parameters are required: + + name + This is the name of the team in the organization. + + .. versionadded:: 2016.11.0 + """ + ret = {"name": name, "changes": {}, "result": None, "comment": ""} + + target = __salt__["github.get_team"](name, profile=profile, **kwargs) + + if not target: + ret["comment"] = "Team {} does not exist".format(name) + ret["result"] = True + return ret + else: + if __opts__["test"]: + ret["comment"] = "Team {} will be deleted".format(name) + ret["result"] = None + return ret + + result = __salt__["github.remove_team"](name, profile=profile, **kwargs) + + if result: + ret["comment"] = "Deleted team {}".format(name) + ret["changes"].setdefault("old", "Team {} exists".format(name)) + ret["changes"].setdefault("new", "Team {} deleted".format(name)) + ret["result"] = True + else: + ret["comment"] = "Failed to delete {}".format(name) + ret["result"] = False + return ret + + +def repo_present( + name, + description=None, + homepage=None, + private=None, + has_issues=None, + has_wiki=None, + has_downloads=None, + auto_init=False, + gitignore_template=None, + license_template=None, + teams=None, + profile="github", + **kwargs +): + """ + Ensure a repository is present + + name + This is the name of the repository. + + description + The description of the repository. + + homepage + The URL with more information about the repository. + + private + The visiblity of the repository. Note that private repositories require + a paid GitHub account. + + has_issues + Whether to enable issues for this repository. + + has_wiki + Whether to enable the wiki for this repository. + + has_downloads + Whether to enable downloads for this repository. + + auto_init + Whether to create an initial commit with an empty README. + + gitignore_template + The desired language or platform for a .gitignore, e.g "Haskell". + + license_template + The desired LICENSE template to apply, e.g "mit" or "mozilla". + + teams + The teams for which this repo should belong to, specified as a dict of + team name to permission ('pull', 'push' or 'admin'). + + .. versionadded:: 2017.7.0 + + Example: + + .. code-block:: yaml + + Ensure repo my-repo is present in github: + github.repo_present: + - name: 'my-repo' + - description: 'My very important repository' + + .. versionadded:: 2016.11.0 + """ + ret = {"name": name, "changes": {}, "result": True, "comment": ""} + + # This is an optimization to cache all repos in the organization up front. + # The first use of this state will collect all of the repos and save a bunch + # of API calls for future use. + __salt__["github.list_repos"](profile=profile) + + try: + target = __salt__["github.get_repo_info"](name, profile=profile, **kwargs) + except CommandExecutionError: + target = None + + given_params = { + "description": description, + "homepage": homepage, + "private": private, + "has_issues": has_issues, + "has_wiki": has_wiki, + "has_downloads": has_downloads, + "auto_init": auto_init, + "gitignore_template": gitignore_template, + "license_template": license_template, + } + + # Keep track of current_teams if we've fetched them after creating a new repo + current_teams = None + + if target: # Repo already exists + # Some params are only valid on repo creation + ignore_params = ["auto_init", "gitignore_template", "license_template"] + parameters = {} + old_parameters = {} + for param_name, param_value in given_params.items(): + if ( + param_value is not None + and param_name not in ignore_params + and target[param_name] is not param_value + and target[param_name] != param_value + ): + parameters[param_name] = param_value + old_parameters[param_name] = target[param_name] + + if len(parameters) > 0: + repo_change = { + "old": "Repo properties were {}".format(old_parameters), + "new": "Repo properties (that changed) are {}".format(parameters), + } + if __opts__["test"]: + ret["changes"]["repo"] = repo_change + ret["result"] = None + else: + result = __salt__["github.edit_repo"]( + name, profile=profile, **parameters + ) + if result: + ret["changes"]["repo"] = repo_change + else: + ret["result"] = False + ret["comment"] = "Failed to update repo properties." + return ret + + else: # Repo does not exist - it will be created. + repo_change = {"old": None, "new": "Repo {} has been created".format(name)} + if __opts__["test"]: + ret["changes"]["repo"] = repo_change + ret["result"] = None + else: + add_params = dict(given_params) + add_params.update(kwargs) + result = __salt__["github.add_repo"](name, **add_params) + + if not result: + ret["result"] = False + ret["comment"] = "Failed to create repo {}.".format(name) + return ret + + # Turns out that trying to fetch teams for a new repo can 404 immediately + # after repo creation, so this waits until we can fetch teams successfully + # before continuing. + for attempt in range(3): + time.sleep(1) + try: + current_teams = __salt__["github.get_repo_teams"]( + name, profile=profile, **kwargs + ) + break + except CommandExecutionError as e: + log.info("Attempt %s to fetch new repo %s failed", attempt, name) + + if current_teams is None: + ret["result"] = False + ret["comment"] = "Failed to verify repo {} after creation.".format(name) + return ret + + ret["changes"]["repo"] = repo_change + + if teams is not None: + if __opts__["test"] and not target: + # Assume no teams if we're in test mode and the repo doesn't exist + current_teams = [] + elif current_teams is None: + current_teams = __salt__["github.get_repo_teams"](name, profile=profile) + current_team_names = {t["name"] for t in current_teams} + + # First remove any teams that aren't present + for team_name in current_team_names: + if team_name not in teams: + team_change = { + "old": "Repo {} is in team {}".format(name, team_name), + "new": "Repo {} is not in team {}".format(name, team_name), + } + + if __opts__["test"]: + ret["changes"][team_name] = team_change + ret["result"] = None + else: + result = __salt__["github.remove_team_repo"]( + name, team_name, profile=profile + ) + if result: + ret["changes"][team_name] = team_change + else: + ret["result"] = False + ret[ + "comment" + ] = "Failed to remove repo {} from team {}.".format( + name, team_name + ) + return ret + + # Next add or modify any necessary teams + for team_name, permission in teams.items(): + if team_name not in current_team_names: # Need to add repo to team + team_change = { + "old": "Repo {} is not in team {}".format(name, team_name), + "new": "Repo {} is in team {}".format(name, team_name), + } + if __opts__["test"]: + ret["changes"][team_name] = team_change + ret["result"] = None + else: + result = __salt__["github.add_team_repo"]( + name, team_name, profile=profile, permission=permission + ) + if result: + ret["changes"][team_name] = team_change + else: + ret["result"] = False + ret[ + "comment" + ] = "Failed to remove repo {} from team {}.".format( + name, team_name + ) + return ret + else: + current_permission = ( + __salt__["github.list_team_repos"](team_name, profile=profile) + .get(name.lower(), {}) + .get("permission") + ) + if not current_permission: + ret["result"] = False + ret["comment"] = ( + "Failed to determine current permission for team " + "{} in repo {}".format(team_name, name) + ) + return ret + elif current_permission != permission: + team_change = { + "old": "Repo {} in team {} has permission {}".format( + name, team_name, current_permission + ), + "new": "Repo {} in team {} has permission {}".format( + name, team_name, permission + ), + } + if __opts__["test"]: + ret["changes"][team_name] = team_change + ret["result"] = None + else: + result = __salt__["github.add_team_repo"]( + name, team_name, profile=profile, permission=permission + ) + if result: + ret["changes"][team_name] = team_change + else: + ret["result"] = False + ret["comment"] = ( + "Failed to set permission on repo {} from " + "team {} to {}.".format(name, team_name, permission) + ) + return ret + return ret + + +def repo_absent(name, profile="github", **kwargs): + """ + Ensure a repo is absent. + + Example: + + .. code-block:: yaml + + ensure repo test is absent in github: + github.repo_absent: + - name: 'test' + + The following parameters are required: + + name + This is the name of the repository in the organization. + + .. versionadded:: 2016.11.0 + """ + ret = {"name": name, "changes": {}, "result": None, "comment": ""} + + try: + target = __salt__["github.get_repo_info"](name, profile=profile, **kwargs) + except CommandExecutionError: + target = None + + if not target: + ret["comment"] = "Repo {} does not exist".format(name) + ret["result"] = True + return ret + else: + if __opts__["test"]: + ret["comment"] = "Repo {} will be deleted".format(name) + ret["result"] = None + return ret + + result = __salt__["github.remove_repo"](name, profile=profile, **kwargs) + + if result: + ret["comment"] = "Deleted repo {}".format(name) + ret["changes"].setdefault("old", "Repo {} exists".format(name)) + ret["changes"].setdefault("new", "Repo {} deleted".format(name)) + ret["result"] = True + else: + ret["comment"] = ( + "Failed to delete repo {}. Ensure the delete_repo " + "scope is enabled if using OAuth.".format(name) + ) + ret["result"] = False + return ret diff --git a/src/saltext/github/utils/__init__.py b/src/saltext/github/utils/__init__.py new file mode 100644 index 00000000..7bc61049 --- /dev/null +++ b/src/saltext/github/utils/__init__.py @@ -0,0 +1,8 @@ +""" +Some of the utils used by salt + +PLEASE DO NOT ADD ANY NEW FUNCTIONS TO THIS FILE. + +New functions should be organized in other files under salt/utils/. Please +consult the dev team if you are unsure where a new function should go. +""" diff --git a/src/saltext/github/utils/github.py b/src/saltext/github/utils/github.py new file mode 100644 index 00000000..1d6824f2 --- /dev/null +++ b/src/saltext/github/utils/github.py @@ -0,0 +1,65 @@ +""" +Connection library for GitHub +""" + + +import logging + +import salt.utils.http +import salt.utils.json + +log = logging.getLogger(__name__) + + +def get_user_pubkeys(users): + """ + Retrieve a set of public keys from GitHub for the specified list of users. + Expects input in list format. Optionally, a value in the list may be a dict + whose value is a list of key IDs to be returned. If this is not done, then + all keys will be returned. + + Some example data structures that coupld be passed in would look like: + + .. code_block:: yaml + + ['user1', 'user2', 'user3'] + + [ + 'user1': [ + '12345', + '67890', + ], + 'user2', + 'user3', + ] + """ + if not isinstance(users, list): + return {"Error": "A list of users is expected"} + + ret = {} + for user in users: + key_ids = [] + if isinstance(user, dict): + tmp_user = next(iter(user.keys())) + key_ids = user[tmp_user] + user = tmp_user + + url = "https://api.github.com/users/{}/keys".format(user) + result = salt.utils.http.query( + url, + "GET", + decode=False, + text=True, + ) + + keys = salt.utils.json.loads(result["text"]) + + ret[user] = {} + for key in keys: + if key_ids: + if str(key["id"]) in key_ids: + ret[user][key["id"]] = key["key"] + else: + ret[user][key["id"]] = key["key"] + + return ret diff --git a/tests/pytests/functional/conftest.py b/tests/pytests/functional/conftest.py new file mode 100644 index 00000000..2fb2246b --- /dev/null +++ b/tests/pytests/functional/conftest.py @@ -0,0 +1,140 @@ +import logging +import shutil + +import pytest +from saltfactories.utils.functional import Loaders + +log = logging.getLogger(__name__) + + +@pytest.fixture(scope="package") +def minion_id(): + return "func-tests-minion-opts" + + +@pytest.fixture(scope="module") +def state_tree(tmp_path_factory): + state_tree_path = tmp_path_factory.mktemp("state-tree-base") + try: + yield state_tree_path + finally: + shutil.rmtree(str(state_tree_path), ignore_errors=True) + + +@pytest.fixture(scope="module") +def state_tree_prod(tmp_path_factory): + state_tree_path = tmp_path_factory.mktemp("state-tree-prod") + try: + yield state_tree_path + finally: + shutil.rmtree(str(state_tree_path), ignore_errors=True) + + +@pytest.fixture(scope="module") +def minion_config_defaults(): + """ + Functional test modules can provide this fixture to tweak the default configuration dictionary + passed to the minion factory + """ + return {} + + +@pytest.fixture(scope="module") +def minion_config_overrides(): + """ + Functional test modules can provide this fixture to tweak the configuration + overrides dictionary passed to the minion factory + """ + return {} + + +@pytest.fixture(scope="module") +def minion_opts( + salt_factories, + minion_id, + state_tree, + state_tree_prod, + minion_config_defaults, + minion_config_overrides, +): + minion_config_overrides.update( + { + "file_client": "local", + "file_roots": { + "base": [ + str(state_tree), + ], + "prod": [ + str(state_tree_prod), + ], + }, + } + ) + factory = salt_factories.salt_minion_daemon( + minion_id, + defaults=minion_config_defaults or None, + overrides=minion_config_overrides, + ) + return factory.config.copy() + + +@pytest.fixture(scope="module") +def master_config_defaults(): + """ + Functional test modules can provide this fixture to tweak the default configuration dictionary + passed to the master factory + """ + return {} + + +@pytest.fixture(scope="module") +def master_config_overrides(): + """ + Functional test modules can provide this fixture to tweak the configuration + overrides dictionary passed to the master factory + """ + return {} + + +@pytest.fixture(scope="module") +def master_opts( + salt_factories, + state_tree, + state_tree_prod, + master_config_defaults, + master_config_overrides, +): + master_config_overrides.update( + { + "file_client": "local", + "file_roots": { + "base": [ + str(state_tree), + ], + "prod": [ + str(state_tree_prod), + ], + }, + } + ) + factory = salt_factories.salt_master_daemon( + "func-tests-master-opts", + defaults=master_config_defaults or None, + overrides=master_config_overrides, + ) + return factory.config.copy() + + +@pytest.fixture(scope="module") +def loaders(minion_opts): + return Loaders(minion_opts, loaded_base_name=f"{__name__}.loaded") + + +@pytest.fixture(autouse=True) +def reset_loaders_state(loaders): + try: + # Run the tests + yield + finally: + # Reset the loaders state + loaders.reset_state() diff --git a/tests/pytests/integration/conftest.py b/tests/pytests/integration/conftest.py new file mode 100644 index 00000000..de99d98b --- /dev/null +++ b/tests/pytests/integration/conftest.py @@ -0,0 +1,109 @@ +""" + tests.pytests.integration.conftest + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + PyTest fixtures +""" + +import logging + +import pytest + +log = logging.getLogger(__name__) + + +@pytest.fixture(scope="package") +def salt_master(salt_master_factory): + """ + A running salt-master fixture + """ + with salt_master_factory.started(): + yield salt_master_factory + + +@pytest.fixture(scope="package") +def salt_minion(salt_master, salt_minion_factory): + """ + A running salt-minion fixture + """ + assert salt_master.is_running() + with salt_minion_factory.started(): + # Sync All + salt_call_cli = salt_minion_factory.salt_call_cli() + ret = salt_call_cli.run("saltutil.sync_all", _timeout=120) + assert ret.returncode == 0, ret + yield salt_minion_factory + + +@pytest.fixture(scope="module") +def salt_sub_minion(salt_master, salt_sub_minion_factory): + """ + A second running salt-minion fixture + """ + assert salt_master.is_running() + with salt_sub_minion_factory.started(): + # Sync All + salt_call_cli = salt_sub_minion_factory.salt_call_cli() + ret = salt_call_cli.run("saltutil.sync_all", _timeout=120) + assert ret.returncode == 0, ret + yield salt_sub_minion_factory + + +@pytest.fixture(scope="package") +def salt_cli(salt_master): + """ + The ``salt`` CLI as a fixture against the running master + """ + assert salt_master.is_running() + return salt_master.salt_cli(timeout=30) + + +@pytest.fixture(scope="package") +def salt_call_cli(salt_minion): + """ + The ``salt-call`` CLI as a fixture against the running minion + """ + assert salt_minion.is_running() + return salt_minion.salt_call_cli(timeout=30) + + +@pytest.fixture(scope="package") +def salt_cp_cli(salt_master): + """ + The ``salt-cp`` CLI as a fixture against the running master + """ + assert salt_master.is_running() + return salt_master.salt_cp_cli(timeout=30) + + +@pytest.fixture(scope="package") +def salt_key_cli(salt_master): + """ + The ``salt-key`` CLI as a fixture against the running master + """ + assert salt_master.is_running() + return salt_master.salt_key_cli(timeout=30) + + +@pytest.fixture(scope="package") +def salt_run_cli(salt_master): + """ + The ``salt-run`` CLI as a fixture against the running master + """ + assert salt_master.is_running() + return salt_master.salt_run_cli(timeout=30) + + +@pytest.fixture(scope="module") +def salt_ssh_cli(salt_master, salt_ssh_roster_file, sshd_config_dir): + """ + The ``salt-ssh`` CLI as a fixture against the running master + """ + assert salt_master.is_running() + return salt_master.salt_ssh_cli( + timeout=180, + roster_file=salt_ssh_roster_file, + target_host="localhost", + client_key=str(sshd_config_dir / "client_key"), + base_script_args=["--ignore-host-keys"], + ) diff --git a/tests/pytests/unit/conftest.py b/tests/pytests/unit/conftest.py new file mode 100644 index 00000000..e19db6cf --- /dev/null +++ b/tests/pytests/unit/conftest.py @@ -0,0 +1,77 @@ +import asyncio +import os + +import pytest + +import salt.config +import salt.transport.tcp +from tests.support.mock import MagicMock, patch + + +@pytest.fixture +def minion_opts(tmp_path): + """ + Default minion configuration with relative temporary paths to not require root permissions. + """ + root_dir = tmp_path / "minion" + opts = salt.config.DEFAULT_MINION_OPTS.copy() + opts["__role"] = "minion" + opts["root_dir"] = str(root_dir) + opts["master_uri"] = "tcp://{ip}:{port}".format( + ip="127.0.0.1", port=opts["master_port"] + ) + for name in ("cachedir", "pki_dir", "sock_dir", "conf_dir"): + dirpath = root_dir / name + dirpath.mkdir(parents=True) + opts[name] = str(dirpath) + opts["log_file"] = "logs/minion.log" + opts["conf_file"] = os.path.join(opts["conf_dir"], "minion") + return opts + + +@pytest.fixture +def master_opts(tmp_path): + """ + Default master configuration with relative temporary paths to not require root permissions. + """ + root_dir = tmp_path / "master" + opts = salt.config.master_config(None) + opts["__role"] = "master" + opts["root_dir"] = str(root_dir) + for name in ("cachedir", "pki_dir", "sock_dir", "conf_dir"): + dirpath = root_dir / name + dirpath.mkdir(parents=True) + opts[name] = str(dirpath) + opts["log_file"] = "logs/master.log" + opts["conf_file"] = os.path.join(opts["conf_dir"], "master") + return opts + + +@pytest.fixture +def syndic_opts(tmp_path): + """ + Default master configuration with relative temporary paths to not require root permissions. + """ + root_dir = tmp_path / "syndic" + opts = salt.config.DEFAULT_MINION_OPTS.copy() + opts["syndic_master"] = "127.0.0.1" + opts["__role"] = "minion" + opts["root_dir"] = str(root_dir) + for name in ("cachedir", "pki_dir", "sock_dir", "conf_dir"): + dirpath = root_dir / name + dirpath.mkdir(parents=True) + opts[name] = str(dirpath) + opts["log_file"] = "logs/syndic.log" + opts["conf_file"] = os.path.join(opts["conf_dir"], "syndic") + return opts + + +@pytest.fixture +def mocked_tcp_pub_client(): + transport = MagicMock(spec=salt.transport.tcp.TCPPubClient) + transport.connect = MagicMock() + future = asyncio.Future() + transport.connect.return_value = future + future.set_result(True) + with patch("salt.transport.tcp.TCPPubClient", transport): + yield