Build #88
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
workflow_dispatch: | |
schedule: | |
- cron: 0 0 * * 1 | |
jobs: | |
test: | |
name: Build and Test | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
go: | |
- '1.19' | |
- '1.20' | |
env: | |
SSH_HOST: ssh.example.com | |
SSH_PORT: 8022 | |
SSH_REALM: EXAMPLE.COM | |
SSH_USERNAME: test | |
SSH_PASSWORD: password | |
SSH_KEYTAB: ${{ github.workspace }}/testdata/test.keytab | |
KRB5_CONFIG: ${{ github.workspace }}/testdata/krb5.conf | |
KRB5_KTNAME: ${{ github.workspace }}/testdata/ssh.keytab | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ matrix.go }} | |
- name: golangci-lint (gokrb5) | |
uses: golangci/golangci-lint-action@v3 | |
if: github.event_name == 'pull_request' | |
with: | |
only-new-issues: true | |
- name: golangci-lint (apcera) | |
uses: golangci/golangci-lint-action@v3 | |
if: github.event_name == 'pull_request' | |
with: | |
only-new-issues: true | |
args: --build-tags apcera | |
- name: golangci-lint (SSPI) | |
uses: golangci/golangci-lint-action@v3 | |
if: github.event_name == 'pull_request' | |
with: | |
only-new-issues: true | |
env: | |
GOOS: windows | |
- name: Install Kerberos client | |
run: | | |
sudo DEBIAN_FRONTEND=noninteractive apt-get install -yq libkrb5-dev krb5-user | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Build KDC image | |
uses: docker/build-push-action@v5 | |
with: | |
context: "{{defaultContext}}:testdata" | |
load: true | |
tags: kdc | |
target: kdc | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
- name: Build SSH image | |
uses: docker/build-push-action@v5 | |
with: | |
context: "{{defaultContext}}:testdata" | |
load: true | |
tags: ssh | |
target: ssh | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
- name: Extract keytab | |
uses: docker/build-push-action@v5 | |
with: | |
context: "{{defaultContext}}:testdata" | |
outputs: type=local,dest=testdata | |
target: keytab | |
- name: Pull containers into Podman | |
run: | | |
podman pull docker-daemon:kdc:latest | |
podman pull docker-daemon:ssh:latest | |
- name: Create infrastructure | |
run: | | |
podman run -d \ | |
-v /etc/localtime:/etc/localtime:ro \ | |
-p 127.0.0.1:8088:8088 \ | |
-p 127.0.0.1:8088:8088/udp \ | |
-p 127.0.0.1:8464:8464 \ | |
-p 127.0.0.1:8464:8464/udp \ | |
--name kdc kdc | |
podman run -d \ | |
-v /etc/localtime:/etc/localtime:ro \ | |
-p 127.0.0.1:${SSH_PORT}:${SSH_PORT} \ | |
--name ssh --hostname $SSH_HOST ssh | |
# SSH container might still be running ssh-keygen before sshd is running | |
timeout 10 sh -c 'until nc -z $0 $1; do sleep 1; done' 127.0.0.1 $SSH_PORT | |
echo 127.0.0.1 $SSH_HOST | sudo tee -a /etc/hosts | |
echo $SSH_PASSWORD | KRB5_TRACE=/dev/stdout kinit ${SSH_USERNAME}@${SSH_REALM} | |
- name: Test (gokrb5) | |
run: go test -v -coverprofile=gokrb5.out ./... | |
- name: Test (apcera) | |
run: go test -v -coverprofile=apcera.out -tags apcera ./... | |
- name: Build (SSPI) | |
run: go build ./... | |
env: | |
GOARCH: amd64 | |
GOOS: windows | |
- name: Install coverage tools | |
run: | | |
go get github.com/wadey/gocovmerge | |
go get github.com/mattn/goveralls | |
env: | |
GO111MODULE: off | |
- name: Merge coverage reports | |
run: gocovmerge gokrb5.out apcera.out >cover.out | |
- name: Send coverage | |
run: goveralls -coverprofile=cover.out -service=github | |
env: | |
COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }} |