Skip to content

Commit

Permalink
CI Overhaul
Browse files Browse the repository at this point in the history
  • Loading branch information
sheurich committed Feb 29, 2024
1 parent 6fb4280 commit 8de4178
Show file tree
Hide file tree
Showing 13 changed files with 245 additions and 237 deletions.
27 changes: 0 additions & 27 deletions .ci/publish_linux.sh

This file was deleted.

28 changes: 0 additions & 28 deletions .ci/publish_windows.ps1

This file was deleted.

5 changes: 2 additions & 3 deletions .dockerignore
Original file line number Diff line number Diff line change
@@ -1,3 +1,2 @@
.git
pebble.exe
pebble
/pebble
/pebble.exe
65 changes: 29 additions & 36 deletions .github/workflows/checks.yml
Original file line number Diff line number Diff line change
@@ -1,53 +1,46 @@
name: Checks

name: Go Checks
# Run on push to main and any pull request.
on:
push:
branches:
- main
pull_request:

permissions:
checks: write # Allow write access to checks to allow annotation of code in the PR.
contents: read
pull-requests: read

env:
GO_VERSION: stable
GOLANGCI_LINT_VERSION: v1.56.2
jobs:

checks:
name: Check Process
go-lint-checks:
runs-on: ubuntu-latest
env:
GO_VERSION: oldstable
GOLANGCI_LINT_VERSION: v1.56.2
CGO_ENABLED: 0

steps:

- name: Check out code
uses: actions/checkout@v4
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
fetch-depth: 0

- name: Set up Go
uses: actions/setup-go@v5
go-version: ${{ env.GO_VERSION }}
- name: Run GolangCI-Lint
uses: golangci/golangci-lint-action@v4
with:
# skip cache because of flaky behaviors
skip-build-cache: true
skip-pkg-cache: true
version: ${{ env.GOLANGCI_LINT_VERSION }}
go-mod-checks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}

- name: Check and get dependencies
- name: Check if go.mod is tidy
run: |
go mod tidy
git diff --exit-code go.mod
git diff --exit-code go.sum
- name: vendoring
run: go mod vendor

- name: vendoring diff
run: git diff --exit-code vendor/

# https://golangci-lint.run/usage/install#other-ci
- name: Install golangci-lint ${{ env.GOLANGCI_LINT_VERSION }}
git diff --exit-code go.mod go.sum ||
(echo "::error::go.mod and go.sum need to be tidy" && exit 1)
- name: Check if vendor directory is up to date
run: |
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin ${GOLANGCI_LINT_VERSION}
golangci-lint run
go mod vendor
git diff --exit-code vendor ||
(echo "::error::vendor directory needs to be updated" && exit 1)
30 changes: 14 additions & 16 deletions .github/workflows/go-cross.yml
Original file line number Diff line number Diff line change
@@ -1,38 +1,36 @@
name: Go Matrix
name: Go Build Matrix
on:
push:
branches:
- main
pull_request:

permissions:
contents: read
pull-requests: read

jobs:

cross:
name: Build
name: Build on ${{ matrix.os }} with Go ${{ matrix.go-version }}
runs-on: ${{ matrix.os }}
env:
CGO_ENABLED: 0

strategy:
matrix:
go-version: [ oldstable, stable ]
os: [ubuntu-latest, macos-latest, windows-latest]

app:
- pebble
- pebble-challtestsrv
go-version:
- oldstable
- stable
os:
- ubuntu-latest
- macos-latest
- windows-latest
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}

- name: Build pebble
run: go build -v -ldflags "-s -w" -trimpath -o pebble ./cmd/pebble

- name: Build pebble-challtestsrv
run: go build -v -ldflags "-s -w" -trimpath -o pebble-challtestsrv ./cmd/pebble-challtestsrv
- name: Build ${{ matrix.app }}
run: go build -v ./cmd/${{ matrix.app}}
104 changes: 104 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,104 @@
name: Build Release
# Run on release tags only.
on:
push:
tags:
- v*
permissions:
contents: read
packages: write # Allow docker/build-push-action to publish to GitHub Container Registry
pull-requests: read
env:
DOCKER_PLATFORMS: linux/amd64, linux/arm64, windows/amd64
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
app:
- pebble
- pebble-challtestsrv
go-arch:
- amd64
- arm64
go-os:
- darwin
- linux
- windows
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
check-latest: true
go-version-file: go.mod
- name: Build ${{ matrix.app }} for ${{ matrix.go-os }}/${{ matrix.go-arch }}
env:
CGO_ENABLED: 0
GOARCH: ${{ matrix.go-arch }}
GOOS: ${{ matrix.go-os }}
LDFLAGS: -s -w
run: |
go build \
-ldflags="${LDFLAGS}" \
-o /tmp/dist/${{ matrix.go-os }}/${{ matrix.go-arch }}/ \
-trimpath \
-v \
./cmd/${{ matrix.app }}
- name: Display ${{ matrix.app }} artifacts
run: ls -lR /tmp/dist
- name: Store ${{ matrix.app }} artifacts
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.app }}-${{ matrix.go-os }}-${{ matrix.go-arch }}
path: /tmp/dist
docker:
needs:
- build
runs-on: ubuntu-latest
strategy:
matrix:
app:
- pebble
- pebble-challtestsrv
steps:
- name: Download ${{ matrix.app }} artifacts
uses: actions/download-artifact@v4
with:
merge-multiple: true
path: ./dist
pattern: ${{ matrix.app }}-*-*
- name: Display ${{ matrix.app }} artifacts
run: ls -lR ./dist
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}/${{ matrix.app }}
# generate Docker tags based on the following events/attributes
tags: |
type=semver,pattern={{major}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{version}}
type=sha
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push ${{ github.repository }}/${{ matrix.app }} for ${{ env.DOCKER_PLATFORMS }}
uses: docker/build-push-action@v5
with:
build-args: APP=${{ matrix.app }}
build-contexts: dist-files=./dist
cache-from: type=gha
cache-to: type=gha,mode=max
file: Dockerfile.release
labels: ${{ steps.meta.outputs.labels }}
platforms: ${{ env.DOCKER_PLATFORMS }}
push: true
tags: ${{ steps.meta.outputs.tags }}
48 changes: 12 additions & 36 deletions .github/workflows/tests.yml
Original file line number Diff line number Diff line change
@@ -1,70 +1,46 @@
name: Tests

on:
push:
branches:
- main
pull_request:

permissions:
contents: read
pull-requests: read

jobs:

test-linux:
name: Test on Linux
name: Run tests on Linux
runs-on: ubuntu-latest
env:
GO_VERSION: oldstable
steps:

- name: Setup /etc/hosts
run: |
echo "127.0.0.1 example.letsencrypt.org" | sudo tee -a /etc/hosts
echo "127.0.0.1 elpmaxe.letsencrypt.org" | sudo tee -a /etc/hosts
# https://github.com/marketplace/actions/checkout
- name: Check out code
uses: actions/checkout@v4
with:
fetch-depth: 0

# https://github.com/marketplace/actions/setup-go-environment
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}

- name: apt install
go-version-file: go.mod
- name: Install packages
run: sudo apt-get install snapd python3-acme python3-josepy

- name: snap install
- name: Setup snap
run: sudo snap install core && sudo snap refresh core

- name: snap install certbot
- name: Install certbot
run: sudo snap install --classic certbot && sudo ln -s /snap/bin/certbot /usr/bin/certbot

- name: go install tools
run: go install golang.org/x/tools/cmd/cover@latest

- name: go install goveralls
run: go install github.com/mattn/goveralls@latest

- name: go install pebble
run: go install -v -race ./...

- name: launch pebble
run: GORACE="halt_on_error=1" PEBBLE_WFE_NONCEREJECT=0 pebble &

# Run project unit tests (with the race detector enabled and atomic coverage profile collection)
- name: unittests
run: go test -v -race -covermode=atomic -coverprofile=coverage.out ./...

# # Upload collected coverage profile to goveralls
# - name: goveralls
# run: goveralls -coverprofile=coverage.out -service=github

# Perform a test issuance with chisel2.py
- name: chisel
run: REQUESTS_CA_BUNDLE=./test/certs/pebble.minica.pem python ./test/chisel2.py example.letsencrypt.org elpmaxe.letsencrypt.org
# Run project unit tests (with the race detector enabled and atomic coverage profile collection)
- name: unittests
run: go test -v -race -covermode=atomic -coverprofile=profile.cov ./...
# Upload collected coverage profile to goveralls
- uses: shogo82148/actions-goveralls@v1
with:
path-to-profile: profile.cov
Loading

0 comments on commit 8de4178

Please sign in to comment.