Merge pull request #115 from uptane/fix/secondary-root-rotation #455
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Aktualizr CI | |
on: | |
push: | |
branches: [ master ] | |
pull_request: | |
branches: [ master ] | |
env: | |
CCACHE_DIR: ${{ github.workspace }}/.ccache | |
jobs: | |
coverage: | |
name: Coverage on Ubuntu Bionic | |
runs-on: ubuntu-latest | |
env: | |
DOCKER_TAG: docker.pkg.github.com/uptane/aktualizr/aktualizr-ci:bionic-master | |
DOCKERFILE: docker/Dockerfile.ubuntu.bionic | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
DARGS: >- | |
-eCCACHE_DIR | |
-eCODECOV_TOKEN | |
-eTEST_CMAKE_BUILD_TYPE=Valgrind | |
-eTEST_WITH_COVERAGE=1 | |
-eTEST_WITH_P11=1 | |
-eTEST_WITH_FAULT_INJECTION=1 | |
-eTEST_TESTSUITE_EXCLUDE=credentials | |
-eTEST_SOTA_PACKED_CREDENTIALS=dummy-credentials | |
steps: | |
- uses: actions/checkout@main | |
- run: | | |
git fetch --prune --unshallow | |
git submodule update --init --recursive --force | |
- name: Docker login | |
if: github.token | |
run: echo ${{ github.token }} | docker login docker.pkg.github.com -u uptane --password-stdin | |
- name: Docker build | |
run: | | |
docker pull "$DOCKER_TAG" || true | |
docker build --cache-from "$DOCKER_TAG" --pull -t "$DOCKER_TAG" -f "$DOCKERFILE" . | |
- uses: actions/[email protected] | |
with: | |
path: ${{ github.workspace }}/.ccache | |
key: ubuntu-bionic-${{ github.run_id }} | |
restore-keys: | | |
ubuntu-bionic-${{ github.run_id }} | |
ubuntu-bionic- | |
- name: Test | |
run: docker run -v "$PWD:$PWD" -w "$PWD" $DARGS -t "$DOCKER_TAG" ./scripts/test.sh | |
nop11: | |
name: Tests without p11 support on Ubuntu Bionic | |
runs-on: ubuntu-latest | |
env: | |
DOCKER_TAG: docker.pkg.github.com/uptane/aktualizr/aktualizr-ci:bionic-master | |
DOCKERFILE: docker/Dockerfile.ubuntu.bionic | |
DARGS: >- | |
-eCCACHE_DIR | |
-eTEST_CMAKE_BUILD_TYPE=Debug | |
-eTEST_WITH_P11=0 | |
-eTEST_WITH_TESTSUITE=0 | |
steps: | |
- uses: actions/checkout@main | |
- run: | | |
git fetch --prune --unshallow | |
git submodule update --init --recursive --force | |
- name: Docker login | |
if: github.token | |
run: echo ${{ github.token }} | docker login docker.pkg.github.com -u uptane --password-stdin | |
- name: Docker build | |
run: | | |
docker pull "$DOCKER_TAG" || true | |
docker build --cache-from "$DOCKER_TAG" --pull -t "$DOCKER_TAG" -f "$DOCKERFILE" . | |
- uses: actions/[email protected] | |
with: | |
path: ${{ github.workspace }}/.ccache | |
key: ubuntu-bionic-${{ github.run_id }} | |
restore-keys: | | |
ubuntu-bionic-${{ github.run_id }} | |
ubuntu-bionic- | |
- name: Test | |
run: docker run -v "$PWD:$PWD" -w "$PWD" $DARGS -t "$DOCKER_TAG" ./scripts/test.sh | |
static-checks: | |
name: Static checks on Ubuntu Focal | |
runs-on: ubuntu-latest | |
env: | |
DOCKER_TAG: docker.pkg.github.com/uptane/aktualizr/aktualizr-ci:ubuntu-focal-master | |
DOCKERFILE: docker/Dockerfile.ubuntu.focal | |
DARGS: >- | |
-eCCACHE_DIR | |
-eTEST_CC=clang | |
-eTEST_CMAKE_BUILD_TYPE=Valgrind | |
-eTEST_TESTSUITE_ONLY=crypto | |
-eTEST_WITH_STATICTESTS=1 | |
-eTEST_WITH_DOCS=1 | |
steps: | |
- uses: actions/checkout@main | |
- run: | | |
git fetch --prune --unshallow | |
git submodule update --init --recursive --force | |
- name: Docker login | |
if: github.token | |
run: echo ${{ github.token }} | docker login docker.pkg.github.com -u uptane --password-stdin | |
- name: Docker build | |
run: | | |
docker pull "$DOCKER_TAG" || true | |
docker build --cache-from "$DOCKER_TAG" --pull -t "$DOCKER_TAG" -f "$DOCKERFILE" . | |
- uses: actions/[email protected] | |
with: | |
path: ${{ github.workspace }}/.ccache | |
key: ubuntu-focal-${{ github.run_id }} | |
restore-keys: | | |
ubuntu-focal-${{ github.run_id }} | |
ubuntu-focal- | |
- name: Test | |
run: docker run -v "$PWD:$PWD" -w "$PWD" $DARGS -t "$DOCKER_TAG" ./scripts/test.sh | |
shellcheck: | |
name: Shellcheck | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@main | |
- name: Run ShellCheck | |
uses: ludeeus/action-shellcheck@master | |
with: | |
ignore_paths: third_party |