Add storage API #522
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Tests | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| permissions: | |
| contents: read | |
| jobs: | |
| code-tests: | |
| name: Code | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| # Differential ShellCheck requires full git history | |
| fetch-depth: 0 | |
| - name: Dependency Review | |
| uses: actions/dependency-review-action@v4 | |
| if: github.event_name == 'pull_request' | |
| - id: ShellCheck | |
| name: Differential ShellCheck | |
| uses: redhat-plumbers-in-action/differential-shellcheck@v5 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| if: github.event_name == 'pull_request' | |
| - name: Upload artifact with ShellCheck defects in SARIF format | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: Differential ShellCheck SARIF | |
| path: ${{ steps.ShellCheck.outputs.sarif }} | |
| if: github.event_name == 'pull_request' | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: stable | |
| - name: Fix repository permissions | |
| run: | | |
| sudo chown -R $(id -u):$(id -g) . | |
| - name: Check compatible min Go version | |
| run: | | |
| cd incus-osd | |
| go mod tidy | |
| - name: Download go dependencies | |
| run: | | |
| cd incus-osd | |
| go mod download | |
| - name: Run test build | |
| run: | | |
| cd incus-osd | |
| go build ./cmd/incus-osd | |
| - name: Run static analysis | |
| run: | | |
| make static-analysis | |
| - name: Run unit tests | |
| run: | | |
| cd incus-osd | |
| go test -v ./... | |
| end-to-end: | |
| name: End to end testing | |
| strategy: | |
| fail-fast: false | |
| timeout-minutes: 60 | |
| runs-on: | |
| - self-hosted | |
| - cpu-4 | |
| - mem-4G | |
| - disk-100G | |
| - arch-amd64 | |
| - image-debian-12 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: stable | |
| - name: Install dependencies | |
| run: | | |
| sudo apt-get install --yes \ | |
| binutils \ | |
| debian-archive-keyring \ | |
| devscripts \ | |
| efitools \ | |
| make \ | |
| pipx \ | |
| qemu-utils | |
| - name: Setup Incus | |
| run: | | |
| curl https://pkgs.zabbly.com/get/incus-daily | sudo sh | |
| sudo chmod 666 /var/lib/incus/unix.socket | |
| incus admin init --auto | |
| - name: Setup mkosi | |
| run: | | |
| pipx install git+https://github.com/systemd/[email protected] | |
| - name: Build initial image | |
| run: | | |
| export PATH=${PATH}:/root/.local/bin | |
| make generate-test-certs | |
| make | |
| - name: Start Incus OS | |
| run: | | |
| qemu-img convert -f raw -O qcow2 $(ls mkosi.output/IncusOS_*.raw | grep -v usr | grep -v esp | sort | tail -1) os-image.qcow2 | |
| incus image import --alias incus-os test/metadata.tar.xz os-image.qcow2 | |
| incus create --quiet --vm incus-os test-incus-os \ | |
| -c security.secureboot=false \ | |
| -c limits.cpu=2 \ | |
| -c limits.memory=2GiB \ | |
| -d root,size=50GiB | |
| incus config device add test-incus-os vtpm tpm | |
| incus start test-incus-os | |
| while :; do | |
| sleep 3 | |
| incus exec test-incus-os -- /usr/bin/true >/dev/null 2>&1 && break | |
| done | |
| sleep 1m | |
| incus list | |
| - name: Prepare incus-osd environment | |
| run: | | |
| RELEASE=$(ls mkosi.output/*.efi | sed -e "s/.*_//g" -e "s/.efi//g" | sort -n | tail -1) | |
| incus exec test-incus-os -- mkdir -p /root/updates | |
| echo ${RELEASE} | incus file push --quiet - test-incus-os/root/updates/RELEASE | |
| - name: Load the extensions | |
| run: | | |
| incus file push --quiet mkosi.output/debug.raw test-incus-os/root/updates/ | |
| incus file push --quiet mkosi.output/incus.raw test-incus-os/root/updates/ | |
| incus exec test-incus-os -- curl --unix-socket /run/incus-os/unix.socket http://localhost/1.0/system -X PUT -d '{"action": "update"}' | |
| sleep 3m | |
| incus exec test-incus-os -- journalctl -u incus-osd -b0 | |
| - name: Test Incus | |
| run: | | |
| incus exec test-incus-os -- incus admin init --auto | |
| incus exec test-incus-os -- incus launch --quiet images:debian/12 c1 | |
| incus exec test-incus-os -- incus launch --quiet images:debian/12 v1 --vm | |
| incus exec test-incus-os -- sleep 30s | |
| incus exec test-incus-os -- incus list | |
| - name: Test EFI db and dbx updates | |
| run: | | |
| incus file push certs/efi/updates/*.auth test-incus-os/root/updates/ | |
| incus exec test-incus-os -- curl --unix-socket /run/incus-os/unix.socket http://localhost/1.0/system -X PUT -d '{"action": "update"}' | |
| sleep 30s | |
| incus restart test-incus-os | |
| - name: Build a newer version of the image | |
| run: | | |
| export PATH=${PATH}:/root/.local/bin | |
| ./scripts/test/switch-secure-boot-signing-key.sh 2 | |
| make | |
| - name: Apply the update | |
| run: | | |
| RELEASE=$(ls mkosi.output/*.efi | sed -e "s/.*_//g" -e "s/.efi//g" | sort -n | tail -1) | |
| echo ${RELEASE} | incus file push --quiet - test-incus-os/root/updates/RELEASE | |
| incus file push --quiet mkosi.output/IncusOS_${RELEASE}.efi test-incus-os/root/updates/ | |
| incus file push --quiet mkosi.output/IncusOS_${RELEASE}.usr* test-incus-os/root/updates/ | |
| incus exec test-incus-os -- curl --unix-socket /run/incus-os/unix.socket http://localhost/1.0/system -X PUT -d '{"action": "update"}' | |
| sleep 3m | |
| incus exec test-incus-os -- journalctl -u incus-osd -b0 | |
| incus restart test-incus-os | |
| sleep 3m | |
| incus exec test-incus-os -- grep $RELEASE /usr/lib/os-release |