Build #223
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# SPDX-FileCopyrightText: © Vegard IT GmbH (https://vegardit.com) and contributors | |
# SPDX-FileContributor: Sebastian Thomschke, Vegard IT GmbH | |
# SPDX-License-Identifier: Apache-2.0 | |
# | |
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions | |
name: Build | |
on: | |
schedule: | |
- cron: '0 15 1 * *' | |
push: | |
branches-ignore: # build all branches except: | |
- 'dependabot/**' # prevent GHA triggered twice (once for commit to the branch and once for opening/syncing the PR) | |
tags-ignore: # don't build tags | |
- '**' | |
paths-ignore: | |
- '**/*.md' | |
- '.editorconfig' | |
- '.git*' | |
- '.github/*.yml' | |
- '.semaphore/**/*' | |
pull_request: | |
paths-ignore: | |
- '**/*.md' | |
- '.editorconfig' | |
- '.git*' | |
- '.github/*.yml' | |
- '.semaphore/**/*' | |
workflow_dispatch: | |
# https://github.blog/changelog/2020-07-06-github-actions-manual-triggers-with-workflow_dispatch/ | |
inputs: | |
debug-with-ssh: | |
description: "Start an SSH session for debugging purposes at the end of the build:" | |
default: never | |
type: choice | |
options: [ always, on_failure, on_failure_or_cancelled, never ] | |
debug-with-ssh-only-for-actor: | |
description: "Limit access to the SSH session to the GitHub user that triggered the job." | |
default: true | |
type: boolean | |
debug-with-ssh-only-jobs-matching: | |
description: "Only start an SSH session for jobs matching this regex pattern:" | |
default: ".*" | |
type: string | |
defaults: | |
run: | |
shell: bash | |
jobs: | |
########################################################### | |
test: | |
########################################################### | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
matrix: | |
os: # https://github.com/actions/runner-images#available-images | |
- ubuntu-latest | |
- ubuntu-24.04 | |
- ubuntu-22.04 | |
- ubuntu-20.04 | |
- windows-latest | |
steps: | |
- name: "Show: GitHub context" | |
env: | |
GITHUB_CONTEXT: ${{ toJSON(github) }} | |
run: echo $GITHUB_CONTEXT | |
- name: "Show: environment variables" | |
run: env | sort | |
- name: Git Checkout | |
uses: actions/checkout@v4 # https://github.com/actions/checkout | |
- name: Run shellcheck | |
run: bash tests/run-shellcheck.sh | |
- name: Install bashcov | |
if: ${{ runner.os == 'Linux' && !env.ACT }} | |
run: | | |
ruby --version | |
echo "gem $(gem --version)" | |
if [[ "${{ matrix.os}}" == "ubuntu-20.04" ]]; then | |
# workaround for bashcov error: | |
# The last version of bashcov (>= 0) to support your Ruby & RubyGems was 1.8.2. | |
# Try installing it with `gem install bashcov -v 1.8.2`" | |
sudo gem install bashcov -v 1.8.2 | |
else | |
sudo gem install bashcov | |
fi | |
sudo gem install simplecov-console | |
- name: Run tests | |
timeout-minutes: 5 | |
run: | | |
set -eu | |
if [[ "${{ runner.os }}" == "Linux" && "${{ env.ACT }}" != "true" ]]; then | |
bashcov --skip-uncovered tests/run-tests.sh | |
else | |
bash tests/run-tests.sh | |
fi | |
- name: "Test fast-apt-mirror.sh Action" | |
uses: ./ | |
with: | |
repo-name: ${{ github.repository }} | |
repo-branch: ${{ github.ref_name }} | |
################################################## | |
# Setup SSH debug session | |
################################################## | |
- name: "SSH session for debugging: check" | |
id: DEBUG_SSH_SESSSION_CHECK | |
if: always() | |
run: | | |
set -eu | |
job_filter_pattern="${{ inputs.debug-with-ssh-only-jobs-matching }}" | |
echo "job_filter: $job_filter_pattern" | |
job_info=$(echo "$GITHUB_JOB ${{ toJSON(matrix) }}" | tr -d '\n') | |
echo "job_info: $job_info" | |
when="${{ inputs.debug-with-ssh }}" | |
if [[ $when == "always" ]] || [[ "$job_info" =~ .*$job_filter_pattern.* ]] && case "${{ job.status }}" in | |
success) [[ $when == "always" ]] ;; | |
cancelled) [[ $when == "on_failure_or_cancelled" ]] ;; | |
failure) [[ $when == "on_failure"* ]] ;; | |
esac; then | |
echo "start_ssh_session=true" | tee -a "$GITHUB_OUTPUT" | |
fi | |
- name: "SSH session for debugging: start" | |
uses: mxschmitt/action-tmate@v3 # https://github.com/mxschmitt/action-tmate | |
if: always() && steps.DEBUG_SSH_SESSSION_CHECK.outputs.start_ssh_session | |
with: | |
limit-access-to-actor: ${{ inputs.debug-with-ssh-only-for-actor }} | |
########################################################### | |
test-containers: | |
########################################################### | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
image: | |
- debian:unstable-slim | |
- debian:testing-slim | |
- debian:stable-slim | |
- debian:bookworm-slim | |
- debian:bullseye-slim | |
- debian:buster-slim | |
- "bitnami/minideb:latest" | |
- "bitnami/minideb:bookworm" | |
- "bitnami/minideb:bullseye" | |
- "bitnami/minideb:buster" | |
- "kalilinux/kali-last-release:latest" | |
- ubuntu:devel | |
- ubuntu:latest | |
- ubuntu:24.04 | |
- ubuntu:22.04 | |
- ubuntu:20.04 | |
- ubuntu:18.04 | |
- ubuntu:16.04 | |
steps: | |
- name: Git checkout | |
uses: actions/checkout@v4 # https://github.com/actions/checkout | |
- name: Run tests in [${{ matrix.image }}] | |
timeout-minutes: 5 | |
run: bash tests/run-tests-in-docker.sh ${{ matrix.image }} | |
########################################################### | |
dependabot-pr-auto-merge: | |
########################################################### | |
needs: [ test, test-containers ] | |
if: ${{ github.event_name == 'pull_request' && github.actor == 'dependabot[bot]' }} | |
runs-on: ubuntu-latest | |
concurrency: dependabot-pr-auto-merge | |
permissions: | |
contents: write | |
pull-requests: write | |
steps: | |
- name: Dependabot metadata | |
id: metadata | |
uses: dependabot/fetch-metadata@v2 # https://github.com/dependabot/fetch-metadata/ | |
with: | |
github-token: "${{ secrets.GITHUB_TOKEN }}" | |
- name: Enable auto-merge for Dependabot PRs | |
if: | | |
${{ | |
( | |
steps.dependabot-metadata.outputs.package-ecosystem == 'github-actions' && | |
steps.metadata.outputs.update-type == 'version-update:semver-major' | |
) || ( | |
steps.dependabot-metadata.outputs.package-ecosystem == 'maven' && | |
steps.metadata.outputs.update-type == 'version-update:semver-minor' | |
) | |
}} | |
run: | | |
gh pr merge --auto --rebase "$PR_URL" | |
env: | |
PR_URL: ${{github.event.pull_request.html_url}} | |
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} |