build(deps): bump github.com/onsi/ginkgo/v2 from 2.20.1 to 2.20.2 #6001
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci | |
on: | |
pull_request: {} | |
push: | |
tags: | |
- "*" | |
branches: | |
- main | |
env: | |
CARGO_TERM_COLOR: always | |
GO_VERSION: '1.22' | |
ACTION_MSRV_TOOLCHAIN: 1.66.1 | |
# Latest available toolchain which does not break clippy and the unit tests | |
ACTION_MSRV_NIGHTLY_TOOLCHAIN: nightly-2024-05-19 | |
NIX_VERSION: '2.21.0' | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cargo/registry | |
~/.cargo/git | |
target | |
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} | |
- run: .github/install-deps | |
- name: Select Toolchain | |
uses: actions-rs/toolchain@v1 | |
with: | |
toolchain: ${{ env['ACTION_MSRV_TOOLCHAIN'] }} | |
default: true | |
override: true | |
components: rustfmt | |
- run: cargo build && git diff --exit-code | |
dependencies: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- run: make verify-dependencies | |
go-lint: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- uses: actions/checkout@v4 | |
- uses: golangci/golangci-lint-action@v6 | |
with: | |
version: v1.59.1 | |
only-new-issues: true | |
get-script: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: sigstore/cosign-installer@v3 | |
- run: scripts/get | |
release-static: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
env: | |
COSIGN_EXPERIMENTAL: 1 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cargo/registry | |
~/.cargo/git | |
target | |
key: ${{ runner.os }}-cargo-release-static-${{ hashFiles('**/Cargo.lock') }} | |
- run: .github/install-deps | |
- name: Select Toolchain | |
uses: actions-rs/toolchain@v1 | |
with: | |
# Ubuntu 22.04 glibc static is not compatible with rustc 1.58.1 (see | |
# ACTION_MSRV_TOOLCHAIN). Means we now just use the latest one, since | |
# the static builds are made for the community. | |
toolchain: ${{ env['ACTION_MSRV_TOOLCHAIN'] }} | |
default: true | |
override: true | |
components: rustfmt | |
- run: make release-static | |
- run: | | |
mkdir ${{ github.sha }} | |
mv target/x86_64-unknown-linux-gnu/release/conmonrs ${{ github.sha }} | |
- run: ./${{ github.sha }}/conmonrs -v | |
- uses: sigstore/cosign-installer@v3 | |
if: github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags') | |
- name: Sign binary | |
if: github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags') | |
run: | | |
cd ${{ github.sha }} | |
cosign sign-blob -y conmonrs \ | |
--output-signature conmonrs.sig \ | |
--output-certificate conmonrs.cert | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: conmonrs | |
path: ${{ github.sha }}/* | |
- uses: google-github-actions/auth@v2 | |
if: github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags') | |
with: | |
credentials_json: ${{ secrets.GCS_CRIO_SA }} | |
- uses: google-github-actions/upload-cloud-storage@v2 | |
if: github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags') | |
with: | |
path: ${{ github.sha }} | |
destination: cri-o/conmon-rs | |
create-marker: | |
runs-on: ubuntu-latest | |
if: github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags') | |
needs: | |
- release-static | |
- build-static | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- run: .github/create-marker | |
- uses: google-github-actions/auth@v2 | |
with: | |
credentials_json: ${{ secrets.GCS_CRIO_SA }} | |
- uses: google-github-actions/upload-cloud-storage@v2 | |
with: | |
path: . | |
glob: latest-*.txt | |
destination: cri-o/conmon-rs | |
build-static: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
env: | |
COSIGN_EXPERIMENTAL: 1 | |
strategy: | |
fail-fast: false | |
matrix: | |
arch: [amd64, arm64, ppc64le, s390x] | |
name: build-static-${{ matrix.arch }} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: cachix/install-nix-action@V27 | |
with: | |
install_url: https://releases.nixos.org/nix/nix-${{ env.NIX_VERSION }}/install | |
- uses: cachix/cachix-action@v15 | |
with: | |
name: conmon-rs | |
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}' | |
pushFilter: "(conmon-rs|cargo-vendor)" | |
- run: nix-build nix/default-${{ matrix.arch }}.nix | |
- run: file result/bin/conmonrs | grep static | grep stripped | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: build-static-${{ matrix.arch }} | |
path: | | |
result/bin/conmonrs | |
- run: | | |
mkdir ${{ github.sha }} | |
cp result/bin/conmonrs ${{ github.sha }}/conmonrs.${{ matrix.arch }} | |
- uses: sigstore/cosign-installer@v3 | |
if: github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags') | |
- name: Sign binary | |
if: github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags') | |
run: | | |
cd ${{ github.sha }} | |
cosign sign-blob -y conmonrs.${{ matrix.arch }} \ | |
--output-signature conmonrs.${{ matrix.arch }}.sig \ | |
--output-certificate conmonrs.${{ matrix.arch }}.cert | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: conmonrs-${{ matrix.arch }} | |
path: ${{ github.sha }}/* | |
- uses: google-github-actions/auth@v2 | |
if: github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags') | |
with: | |
credentials_json: ${{ secrets.GCS_CRIO_SA }} | |
- uses: google-github-actions/upload-cloud-storage@v2 | |
if: github.ref == 'refs/heads/main' || contains(github.ref, 'refs/tags') | |
with: | |
path: ${{ github.sha }} | |
destination: cri-o/conmon-rs | |
doc: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cargo/registry | |
~/.cargo/git | |
target | |
key: ${{ runner.os }}-cargo-doc-${{ hashFiles('**/Cargo.lock') }} | |
- run: .github/install-deps | |
- name: Select Toolchain | |
uses: actions-rs/toolchain@v1 | |
with: | |
toolchain: ${{ env['ACTION_MSRV_TOOLCHAIN'] }} | |
default: true | |
override: true | |
components: rustfmt | |
- name: Cargo doc | |
run: cargo doc --no-deps | |
lint-clippy: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cargo/registry | |
~/.cargo/git | |
target | |
key: ${{ runner.os }}-cargo-clippy-${{ hashFiles('**/Cargo.lock') }} | |
- run: .github/install-deps | |
- name: Select Toolchain | |
uses: actions-rs/toolchain@v1 | |
with: | |
toolchain: ${{ env['ACTION_MSRV_NIGHTLY_TOOLCHAIN'] }} | |
default: true | |
override: true | |
components: clippy, rustfmt | |
- name: Clippy Lint | |
run: | | |
cargo +${{ env['ACTION_MSRV_NIGHTLY_TOOLCHAIN'] }} clippy \ | |
--all-targets --all-features -- -D warnings | |
vendor: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cargo/registry | |
~/.cargo/git | |
target | |
key: ${{ runner.os }}-cargo-vendor-${{ hashFiles('**/Cargo.lock') }} | |
- run: .github/install-deps | |
- name: Select Toolchain | |
uses: actions-rs/toolchain@v1 | |
with: | |
toolchain: stable | |
default: true | |
override: true | |
- name: Vendor | |
run: cargo vendor .cargo-vendor && git diff --exit-code | |
lint-rustfmt: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Select Toolchain | |
uses: actions-rs/toolchain@v1 | |
with: | |
toolchain: ${{ env['ACTION_MSRV_TOOLCHAIN'] }} | |
default: true | |
override: true | |
components: rustfmt | |
- name: Rustfmt | |
run: cargo fmt && git diff --exit-code | |
test-unit: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- run: .github/install-deps | |
- name: Select Toolchain | |
uses: actions-rs/toolchain@v1 | |
with: | |
toolchain: ${{ env['ACTION_MSRV_NIGHTLY_TOOLCHAIN'] }} | |
override: true | |
- name: Install rustfmt | |
shell: bash | |
run: rustup component add rustfmt | |
- name: Unit tests | |
uses: actions-rs/cargo@v1 | |
with: | |
command: test | |
args: --no-fail-fast | |
env: | |
CARGO_INCREMENTAL: '0' | |
RUSTFLAGS: '-Zprofile -Ccodegen-units=1 -Cinline-threshold=0 -Clink-dead-code -Coverflow-checks=off -Zpanic_abort_tests' | |
RUSTDOCFLAGS: '-Zprofile -Ccodegen-units=1 -Cinline-threshold=0 -Clink-dead-code -Coverflow-checks=off -Zpanic_abort_tests' | |
- name: Coverage | |
uses: actions-rs/[email protected] | |
with: | |
config: .github/grcov.yml | |
- name: Upload Results | |
uses: codecov/codecov-action@v4 | |
test-integration: | |
needs: release-static | |
runs-on: ubuntu-latest | |
timeout-minutes: 10 | |
steps: | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Rust and Golang Cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cargo/registry | |
~/.cargo/git | |
target | |
~/go/pkg/mod | |
~/.cache/go-build | |
key: ${{ runner.os }}-cargo-test-integration-${{ hashFiles('**/Cargo.lock') }}-${{ hashFiles('**/go.sum') }} | |
- name: Setup Testfiles Cache | |
uses: actions/cache@v4 | |
with: | |
path: | | |
/tmp/conmon-test-images | |
key: ${{ runner.os }}-cargo-test-files-${{ hashFiles('pkg/client/files_test.go') }} | |
- run: rm -rf target/x86_64-unknown-linux-gnu/release/conmonrs | |
- uses: actions/download-artifact@v4 | |
with: | |
name: conmonrs | |
path: target/x86_64-unknown-linux-gnu/release | |
- run: chmod +x target/x86_64-unknown-linux-gnu/release/conmonrs | |
- run: .github/install-deps | |
- name: create symlink | |
run: sudo ln -f -s $(go env GOROOT)/bin/* /usr/bin/ | |
- name: Integration tests | |
run: sudo -E RUNTIME_PATH="/usr/sbin/runc" make integration-static | |
- name: Chown cache | |
run: | | |
sudo chown -R $(id -u):$(id -g) ~/go/pkg/mod | |
sudo chown -R $(id -u):$(id -g) ~/.cache/go-build | |
test-critest: | |
needs: release-static | |
runs-on: ubuntu-latest | |
timeout-minutes: 10 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- uses: actions/download-artifact@v4 | |
with: | |
name: conmonrs | |
path: target/x86_64-unknown-linux-musl/release | |
- run: .github/setup | |
- name: Install ginkgo | |
run: | | |
sudo chown -R $(id -u):$(id -g) ~/go | |
sudo chown -R $(id -u):$(id -g) ~/.cache | |
go install github.com/onsi/ginkgo/v2/ginkgo@latest | |
ginkgo version | |
sudo cp $(command -v ginkgo) /usr/local/bin | |
- name: Run critest | |
shell: bash | |
run: | | |
set -euox pipefail | |
sudo cp target/x86_64-unknown-linux-musl/release/conmonrs /usr/libexec/crio/conmonrs | |
sudo chmod +x /usr/libexec/crio/conmonrs | |
set +o errexit | |
sudo -E PATH=$PATH critest \ | |
--runtime-endpoint=unix:///var/run/crio/crio.sock \ | |
--parallel=$(nproc) \ | |
--ginkgo.flake-attempts=3 \ | |
--ginkgo.randomize-all \ | |
--ginkgo.timeout=2m \ | |
--ginkgo.trace \ | |
--ginkgo.vv | |
TEST_RC=$? | |
set -o errexit | |
sudo journalctl --no-pager > journal.log | |
test $TEST_RC -ne 0 && cat journal.log | |
exit $TEST_RC | |
- name: Upload logs | |
uses: actions/upload-artifact@v4 | |
with: | |
name: journal.log | |
path: journal.log | |
typos: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: crate-ci/[email protected] | |
with: | |
config: .github/typos.toml |