name: Integration tests for the release process on: push: paths: - Makefile - Dockerfile - Dockerfile.rootless - docker/** - .forgejo/workflows/build-release.yml - .forgejo/workflows/build-release-integration.yml branches-ignore: - renovate/** pull_request: paths: - Makefile - Dockerfile - Dockerfile.rootless - docker/** - .forgejo/workflows/build-release.yml - .forgejo/workflows/build-release-integration.yml jobs: release-simulation: if: vars.ROLE == 'forgejo-coding' runs-on: self-hosted steps: - uses: actions/checkout@v4 - id: forgejo uses: https://data.forgejo.org/actions/setup-forgejo@v2.0.4 with: user: root password: admin1234 image-version: 1.21 lxc-ip-prefix: 10.0.9 - name: publish the forgejo release shell: bash run: | set -x cat > /etc/docker/daemon.json <<EOF { "insecure-registries" : ["${{ steps.forgejo.outputs.host-port }}"] } EOF systemctl restart docker apt-get install -qq -y xz-utils dir=$(mktemp -d) trap "rm -fr $dir" EXIT url=http://root:admin1234@${{ steps.forgejo.outputs.host-port }} export FORGEJO_RUNNER_LOGS="${{ steps.forgejo.outputs.runner-logs }}" function sanity_check() { local url=$1 version=$2 # # Minimal sanity checks. Since the binary # is a script shell it does not test the sanity of the cross # build, only the sanity of the naming of the binaries. # for arch in amd64 arm64 arm-6 ; do local binary=forgejo-$version-linux-$arch for suffix in '' '.xz' ; do curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix > $binary$suffix if test "$suffix" = .xz ; then unxz --keep $binary$suffix fi chmod +x $binary ./$binary --version | grep $version curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix.sha256 > $binary$suffix.sha256 shasum -a 256 --check $binary$suffix.sha256 rm $binary$suffix done done local sources=forgejo-src-$version.tar.gz curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources > $sources curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources.sha256 > $sources.sha256 shasum -a 256 --check $sources.sha256 docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version-rootless } # # Create a new project with a fake forgejo and the release workflow only # cp -a .forgejo/testdata/build-release/* $dir mkdir -p $dir/.forgejo/workflows cp .forgejo/workflows/build-release.yml $dir/.forgejo/workflows cp $dir/Dockerfile $dir/Dockerfile.rootless forgejo-test-helper.sh push $dir $url root forgejo forgejo-curl.sh api_json -X PUT --data-raw '{"data":"${{ steps.forgejo.outputs.token }}"}' $url/api/v1/repos/root/forgejo/actions/secrets/TOKEN forgejo-curl.sh api_json -X PUT --data-raw '{"data":"root"}' $url/api/v1/repos/root/forgejo/actions/secrets/DOER forgejo-curl.sh api_json -X PUT --data-raw '{"data":"true"}' $url/api/v1/repos/root/forgejo/actions/secrets/VERBOSE # # Push a tag to trigger the release workflow and wait for it to complete # version=1.2.3 sha=$(forgejo-test-helper.sh branch_tip $url root/forgejo main) forgejo-curl.sh api_json --data-raw '{"tag_name": "v'$version'", "target": "'$sha'"}' $url/api/v1/repos/root/forgejo/tags LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha sanity_check $url $version # # Push a commit to a branch that triggers the build of a test release # version=1.2-test ( git clone $url/root/forgejo /tmp/forgejo cd /tmp/forgejo date > DATE git config user.email root@example.com git config user.name username git add . git commit -m 'update' git push $url/root/forgejo main:forgejo ) sha=$(forgejo-test-helper.sh branch_tip $url root/forgejo forgejo) LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha sanity_check $url $version - name: full logs if: always() run: | sed -e 's/^/[RUNNER LOGS] /' ${{ steps.forgejo.outputs.runner-logs }} docker logs forgejo | sed -e 's/^/[FORGEJO LOGS]/' sleep 5 # hack to avoid mixing outputs in Forgejo v1.21