set explicit uid and gid when creating certs #14
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test | |
| on: | |
| workflow_dispatch: | |
| # Use a manual approval process before PR's are given access to | |
| # the secrets which are required to run the integration tests. | |
| # The PR code should be manually approved to see if it can be trusted. | |
| # When in doubt, do not approve the test run. | |
| # Reference: https://dev.to/petrsvihlik/using-environment-protection-rules-to-secure-secrets-when-building-external-forks-with-pullrequesttarget-hci | |
| pull_request_target: | |
| branches: [ main ] | |
| merge_group: | |
| push: | |
| branches: [ chore-update-thin-edge.io ] | |
| jobs: | |
| approve: | |
| name: Approve | |
| environment: | |
| # For security reasons, all pull requests need to be approved first before granting access to secrets | |
| # So the environment should be set to have a reviewer/s inspect it before approving it | |
| name: ${{ github.event_name == 'pull_request_target' && 'Test Pull Request' || 'Test Auto' }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Wait for approval | |
| run: echo "Approved" | |
| test: | |
| name: Test ${{ matrix.job.target }} | |
| runs-on: ubuntu-latest | |
| needs: approve | |
| environment: | |
| name: Test Auto | |
| env: | |
| COMPOSE_PROJECT_NAME: ci_${{ matrix.job.target }}_${{github.run_id}}_${{github.run_attempt || '1'}} | |
| DEVICE_ID: ci_${{ matrix.job.target }}_${{github.run_id}}_${{github.run_attempt || '1'}} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| job: | |
| - { target: tedge-container-bundle } | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || '' }} | |
| - uses: taiki-e/install-action@just | |
| - uses: reubenmiller/setup-go-c8y-cli@main | |
| - name: install c8y-tedge extension | |
| run: c8y extension install thin-edge/c8y-tedge | |
| - name: create .env file | |
| run: | | |
| touch .env | |
| just init "$DEVICE_ID" | |
| echo "DEVICE_ID=$DEVICE_ID" >> .env | |
| echo 'C8Y_BASEURL="${{ secrets.C8Y_BASEURL }}"' >> .env | |
| C8Y_DOMAIN=$(echo "${{ secrets.C8Y_BASEURL }}" | sed 's|.*://||g') | |
| echo 'C8Y_USER="${{ secrets.C8Y_USER }}"' >> .env | |
| echo 'C8Y_PASSWORD="${{ secrets.C8Y_PASSWORD }}"' >> .env | |
| # env variables required by the container | |
| echo "TEDGE_C8Y_URL=$C8Y_DOMAIN" >> .env | |
| cat .env | |
| - name: Upload certificate | |
| run: | | |
| just upload | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| cache: 'pip' | |
| cache-dependency-path: | | |
| tests/requirements.txt | |
| - name: Install dependencies | |
| run: | | |
| just venv | |
| - name: Start demo | |
| run: | | |
| just start -d | |
| timeout 10 docker compose logs -f -n 100 ||: | |
| - name: Run tests | |
| run: just test | |
| - name: Upload test results | |
| uses: actions/upload-artifact@v4 | |
| if: always() | |
| with: | |
| name: reports | |
| path: output | |
| - name: Stop demo | |
| if: always() | |
| run: just stop -v | |
| - name: Cleanup Devices | |
| if: always() | |
| run: | | |
| just cleanup "$DEVICE_ID" | |
| - name: Send report to commit | |
| uses: joonvena/robotframework-reporter-action@v2.5 | |
| with: | |
| gh_access_token: ${{ secrets.GITHUB_TOKEN }} | |
| report_path: 'output' | |
| show_passed_tests: 'true' |