.forgejo/workflows/build-release-integration.yml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135

name: Integration tests for the release process

on:
  push:
    paths:
      - Makefile
      - Dockerfile
      - Dockerfile.rootless
      - docker/**
      - .forgejo/workflows/build-release.yml
      - .forgejo/workflows/build-release-integration.yml
    branches-ignore:
      - renovate/**
  pull_request:
    paths:
      - Makefile
      - Dockerfile
      - Dockerfile.rootless
      - docker/**
      - .forgejo/workflows/build-release.yml
      - .forgejo/workflows/build-release-integration.yml

jobs:
  release-simulation:
    if: ${{ !startsWith(vars.ROLE, 'forgejo-') }}
    runs-on: self-hosted
    steps:
      - uses: actions/checkout@v4

      - id: forgejo
        uses: https://code.forgejo.org/actions/setup-forgejo@v1
        with:
          user: root
          password: admin1234
          image-version: 1.21
          lxc-ip-prefix: 10.0.9

      - name: publish the forgejo release
        shell: bash
        run: |
          set -x

          cat > /etc/docker/daemon.json <<EOF
            {
              "insecure-registries" : ["${{ steps.forgejo.outputs.host-port }}"]
            }
          EOF
          systemctl restart docker

          apt-get install -qq -y xz-utils

          dir=$(mktemp -d)
          trap "rm -fr $dir" EXIT

          url=http://root:admin1234@${{ steps.forgejo.outputs.host-port }}
          export FORGEJO_RUNNER_LOGS="${{ steps.forgejo.outputs.runner-logs }}"

          function sanity_check() {
            local url=$1 version=$2
            #
            # Minimal sanity checks. Since the binary
            # is a script shell it does not test the sanity of the cross
            # build, only the sanity of the naming of the binaries.
            #
            for arch in amd64 arm64 arm-6 ; do
              local binary=forgejo-$version-linux-$arch
              for suffix in '' '.xz' ; do
                curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix > $binary$suffix
                if test "$suffix" = .xz ; then
                  unxz --keep $binary$suffix
                fi
                chmod +x $binary
                ./$binary --version | grep $version
                curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix.sha256 > $binary$suffix.sha256
                shasum -a 256 --check $binary$suffix.sha256
                rm $binary$suffix
              done
            done

            local sources=forgejo-src-$version.tar.gz
            curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources > $sources
            curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources.sha256 > $sources.sha256
            shasum -a 256 --check $sources.sha256

            docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version
            docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version-rootless
          }

          #
          # Create a new project with a fake forgejo and the release workflow only
          #
          cp -a .forgejo/testdata/build-release/* $dir
          mkdir -p $dir/.forgejo/workflows
          cp .forgejo/workflows/build-release.yml $dir/.forgejo/workflows
          cp $dir/Dockerfile $dir/Dockerfile.rootless

          forgejo-test-helper.sh push $dir $url root forgejo

          forgejo-curl.sh api_json -X PUT --data-raw '{"data":"${{ steps.forgejo.outputs.token }}"}' $url/api/v1/repos/root/forgejo/actions/secrets/TOKEN
          forgejo-curl.sh api_json -X PUT --data-raw '{"data":"root"}' $url/api/v1/repos/root/forgejo/actions/secrets/DOER
          forgejo-curl.sh api_json -X PUT --data-raw '{"data":"true"}' $url/api/v1/repos/root/forgejo/actions/secrets/VERBOSE

          #
          # Push a tag to trigger the release workflow and wait for it to complete
          #
          version=1.2.3
          sha=$(forgejo-test-helper.sh branch_tip $url root/forgejo main)
          forgejo-curl.sh api_json --data-raw '{"tag_name": "v'$version'", "target": "'$sha'"}' $url/api/v1/repos/root/forgejo/tags
          LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha
          sanity_check $url $version

          #
          # Push a commit to a branch that triggers the build of a test release
          #
          version=1.2-test
          (
            git clone $url/root/forgejo /tmp/forgejo
            cd /tmp/forgejo
            date > DATE
            git config user.email root@example.com
            git config user.name username
            git add .
            git commit -m 'update'
            git push $url/root/forgejo main:forgejo
          )
          sha=$(forgejo-test-helper.sh branch_tip $url root/forgejo forgejo)
          LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha
          sanity_check $url $version

      - name: full logs
        if: always()
        run: |
          sed -e 's/^/[RUNNER LOGS] /' ${{ steps.forgejo.outputs.runner-logs }}
          docker logs forgejo | sed -e 's/^/[FORGEJO LOGS]/'
          sleep 5 # hack to avoid mixing outputs in Forgejo v1.21