mig5/enroll
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Activity Actions
This repository has been archived on 2026-06-22. You can view files and clone it, but you cannot make any changes to it's state, such as pushing and creating new issues, pull requests or comments.
enroll/.forgejo/workflows/ci.yml
Miguel Jacq 00f960d01e
Upgrade to Poetry 2
2026-06-22 15:03:32 +10:00

124 lines
4.6 KiB
YAML
Raw Blame History

name: CI
on:
push:
jobs:
test:
runs-on: docker
strategy:
fail-fast: false
matrix:
include:
- distro: debian
image: docker.io/library/debian:13
python: python3
- distro: almalinux
image: docker.io/library/almalinux:9
python: python3.11
container:
image: ${{ matrix.image }}
steps:
- name: Install system dependencies
env:
DISTRO: ${{ matrix.distro }}
PYTHON_BIN: ${{ matrix.python }}
run: |
set -eux
case "${DISTRO}" in
debian)
mkdir -m 755 -p /etc/apt/keyrings
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
ca-certificates curl gnupg git tar gzip findutils bash nodejs procps \
ansible ansible-lint python3 python3-venv python3-pip pipx systemctl python3-apt jq python3-jsonschema \
puppet hiera
curl -fsSL https://packages.broadcom.com/artifactory/api/security/keypair/SaltProjectKey/public | gpg --dearmor | tee /etc/apt/keyrings/salt-archive-keyring.pgp > /dev/null
curl -fsSL https://github.com/saltstack/salt-install-guide/releases/latest/download/salt.sources | tee /etc/apt/sources.list.d/salt.sources
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
salt-master salt-minion salt-ssh salt-syndic salt-cloud salt-api
;;
almalinux)
dnf -y upgrade --refresh
dnf -y install \
ca-certificates curl-minimal gnupg2 git tar gzip findutils bash which jq nodejs procps-ng \
dnf-plugins-core epel-release
dnf -y config-manager --set-enabled crb || true
curl -fsSL https://github.com/saltstack/salt-install-guide/releases/latest/download/salt.repo > /etc/yum.repos.d/salt.repo
dnf -y install https://yum.puppet.com/puppet8-release-el-9.noarch.rpm
dnf -y makecache
dnf -y install \
python3.11 python3.11-devel python3.11-pip gcc make \
ansible-core ansible-lint systemd rpm httpd \
puppet-agent \
salt-master salt-minion salt-ssh salt-syndic salt-cloud salt-api
echo "/opt/puppetlabs/bin" >> "$GITHUB_PATH"
;;
*)
echo "Unsupported CI distro: ${DISTRO}" >&2
exit 1
;;
esac
- name: Checkout
uses: actions/checkout@v4
- name: Install Poetry
env:
PYTHON_BIN: ${{ matrix.python }}
POETRY_VERSION: "2.4.1"
run: |
set -eux
if ! command -v pipx >/dev/null 2>&1; then
"${PYTHON_BIN}" -m pip install --user pipx
fi
PIPX_BIN="$(command -v pipx || true)"
if [ -z "${PIPX_BIN}" ]; then
PIPX_BIN="${HOME}/.local/bin/pipx"
fi
"${PIPX_BIN}" install --python "${PYTHON_BIN}" "poetry==${POETRY_VERSION}"
echo "$HOME/.local/bin" >> "$GITHUB_PATH"
export PATH="$HOME/.local/bin:$PATH"
poetry --version
poetry --version | grep -E "Poetry \(version 2\."
- name: Install project deps (including test extras)
env:
PYTHON_BIN: ${{ matrix.python }}
run: |
poetry env use "${PYTHON_BIN}"
poetry install --with dev
- name: Install sops
run: |
set -eux
case "$(uname -m)" in
x86_64) sops_arch=amd64 ;;
aarch64|arm64) sops_arch=arm64 ;;
*) echo "Unsupported architecture for sops: $(uname -m)" >&2; exit 1 ;;
esac
curl -L -o /usr/local/bin/sops "https://github.com/getsops/sops/releases/download/v3.13.1/sops-v3.13.1.linux.${sops_arch}"
chmod +x /usr/local/bin/sops
- name: Run test script
run: |
./tests.sh
# Notify if any previous step in this job failed
- name: Notify on failure
if: ${{ failure() }}
env:
WEBHOOK_URL: ${{ secrets.NODERED_WEBHOOK_URL }}
REPOSITORY: ${{ forgejo.repository }}
RUN_NUMBER: ${{ forgejo.run_number }}
SERVER_URL: ${{ forgejo.server_url }}
run: |
curl -X POST \
-H "Content-Type: application/json" \
-d "{\"repository\":\"$REPOSITORY\",\"run_number\":\"$RUN_NUMBER\",\"status\":\"failure\",\"url\":\"$SERVER_URL/$REPOSITORY/actions/runs/$RUN_NUMBER\"}" \
"$WEBHOOK_URL"
Reference in a new issue View git blame Copy permalink