ci #330
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ci | |
| on: | |
| schedule: | |
| - cron: '36 7 2,12,22 * *' | |
| create: {} | |
| pull_request: | |
| branches: [master] | |
| push: | |
| branches: [master, ci-test] | |
| env: | |
| DOCKER_REPO: 'sorah/acmesmith' | |
| jobs: | |
| test: | |
| name: rspec | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| ruby-version: ['3.2', '3.3', '3.4'] | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| - uses: sorah-rbpkg/actions@9cc24ab1f61acf159a1a05da78e03ffceb5b97e2 # v2.0.4 | |
| with: | |
| ruby-version: "${{ matrix.ruby-version }}" | |
| bundler-cache: true | |
| - run: 'bundle exec rspec -fd' | |
| integration-pebble: | |
| name: integration-pebble | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| ruby-version: ['3.2', '3.3', '3.4'] | |
| # FIXME: once GitHub Actions gains support of adding command line arguments to container | |
| # services: | |
| # # https://github.com/letsencrypt/pebble | |
| # pebble: | |
| # image: letsencrypt/pebble | |
| # ports: | |
| # - 14000:14000 # ACME port | |
| # - 15000:15000 # Management port | |
| # options: "pebble -config /test/config/pebble-config.json -strict -dnsserver 127.0.0.1:8053" | |
| # | |
| # challtestsrv: | |
| # image: letsencrypt/pebble-challtestsrv:latest | |
| # ports: | |
| # - 8055:8055 # HTTP Management API | |
| # - 8053:8053/udp # DNS | |
| # - 8053:8053 # DNS | |
| # options: 'pebble-challtestsrv -management :8055 -defaultIPv4 127.0.0.1' | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| - uses: sorah-rbpkg/actions@9cc24ab1f61acf159a1a05da78e03ffceb5b97e2 # v2.0.4 | |
| with: | |
| ruby-version: "${{ matrix.ruby-version }}" | |
| bundler-cache: true | |
| - run: 'docker run -d --net=host --rm ghcr.io/letsencrypt/pebble:2.8 -config /test/config/pebble-config.json -strict -dnsserver 127.0.0.1:8053' | |
| - run: 'docker run -d --net=host --rm ghcr.io/letsencrypt/pebble-challtestsrv:2.8 -management :8055 -defaultIPv4 127.0.0.1' | |
| - run: 'bundle exec rspec -fd -t integration_pebble' | |
| docker-build: | |
| name: docker-build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| - run: 'echo $GITHUB_SHA > REVISION' | |
| - run: "docker pull ${DOCKER_REPO}:latest || :" | |
| - name: "docker tag ${DOCKER_REPO}:${TAG} ${DOCKER_REPO}:latest" | |
| run: | | |
| TAG=$(basename "${{ github.ref }}") | |
| docker pull ${DOCKER_REPO}:${TAG} || : | |
| docker tag ${DOCKER_REPO}:${TAG} ${DOCKER_REPO}:latest || : | |
| if: "${{ startsWith(github.ref, 'refs/tags/v') }}" | |
| - run: "docker pull ${DOCKER_REPO}:builder || :" | |
| - run: "docker build --pull --cache-from ${DOCKER_REPO}:builder --target builder -t ${DOCKER_REPO}:builder -f Dockerfile ." | |
| - run: "docker build --pull --cache-from ${DOCKER_REPO}:builder --cache-from ${DOCKER_REPO}:latest -t ${DOCKER_REPO}:${GITHUB_SHA} -f Dockerfile ." | |
| - run: "echo ${{ secrets.DOCKERHUB_TOKEN }} | docker login -u sorah --password-stdin" | |
| if: "${{ github.event_name != 'pull_request' }}" | |
| - run: "docker push ${DOCKER_REPO}:builder" | |
| if: "${{ github.ref == 'refs/heads/master' }}" | |
| - run: "docker push ${DOCKER_REPO}:${GITHUB_SHA}" | |
| if: "${{ github.event_name != 'pull_request' }}" | |
| docker-push: | |
| name: docker-push | |
| needs: [test, integration-pebble, docker-build] | |
| if: "${{ github.event_name == 'push' || github.event_name == 'create' }}" | |
| runs-on: ubuntu-latest | |
| steps: | |
| - run: "echo ${{ secrets.DOCKERHUB_TOKEN }} | docker login -u sorah --password-stdin" | |
| - run: "docker pull ${DOCKER_REPO}:${GITHUB_SHA}" | |
| - run: | | |
| docker tag ${DOCKER_REPO}:${GITHUB_SHA} ${DOCKER_REPO}:latest | |
| docker push ${DOCKER_REPO}:latest | |
| if: "${{ github.ref == 'refs/heads/master' }}" | |
| - run: | | |
| TAG=$(basename "${{ github.ref }}") | |
| docker tag ${DOCKER_REPO}:${GITHUB_SHA} ${DOCKER_REPO}:${TAG} | |
| docker push ${DOCKER_REPO}:${TAG} | |
| if: "${{ startsWith(github.ref, 'refs/tags/v') }}" |