forgejo/.forgejo/workflows/build-release-integration.yml
Earl Warren ba453920aa
[CI] Forgejo Actions based release process
Refs: https://codeberg.org/forgejo/website/pulls/230
(cherry picked from commit 87d56bf6c7)

[CI] Forgejo Actions based release process (squash)

base64 -w0 to avoid wrapping when the doer name is long as it creates
a broken config.json

(cherry picked from commit 9efdc27e49)

[CI] Forgejo Actions based release process (squash) generate .xz files and sources

Generate .xz files
Check .sha256
Generate the source tarbal

(cherry picked from commit 7afec520c4)

[CI] Forgejo Actions based release process (squash) release notes

(cherry picked from commit d8f4f4807b)

[CI] Forgejo Actions based release process (squash) publish and sign release

(cherry picked from commit a52778c747)
(cherry picked from commit cf2ec62740)

[CI] Forgejo Actions based release process (squash) version

use Actions environment variables in Makefile (#25319) (#25318)

uses Actions variable to determine the version. But Forgejo builds
happen in a container where they are not available. Do not use them.

Also verify the version of the binary is as expected for sanity check.

(cherry picked from commit 6decf111a1)
(cherry picked from commit 206d0b3886)
(cherry picked from commit e75cfdcfb4)
(cherry picked from commit adc6436330)
(cherry picked from commit cd6221dfea)
2023-07-16 23:21:44 +02:00

104 lines
4.1 KiB
YAML

name: Integration tests for the release process
on:
push:
paths:
- Makefile
- Dockerfile
- Dockerfile.rootless
- docker/**
- .forgejo/actions/build-release/action.yml
- .forgejo/workflows/build-release.yml
- .forgejo/workflows/build-release-integration.yml
jobs:
release-simulation:
runs-on: self-hosted
if: secrets.ROLE != 'forgejo-integration' && secrets.ROLE != 'forgejo-experimental' && secrets.ROLE != 'forgejo-release'
steps:
- uses: actions/checkout@v3
- id: forgejo
uses: https://code.forgejo.org/actions/setup-forgejo@v1
with:
user: root
password: admin1234
image-version: 1.19
lxc-ip-prefix: 10.0.9
- name: publish the forgejo release
run: |
set -x
version=1.2.3
cat > /etc/docker/daemon.json <<EOF
{
"insecure-registries" : ["${{ steps.forgejo.outputs.host-port }}"]
}
EOF
systemctl restart docker
apt-get install -qq -y xz-utils
dir=$(mktemp -d)
trap "rm -fr $dir" EXIT
url=http://root:admin1234@${{ steps.forgejo.outputs.host-port }}
export FORGEJO_RUNNER_LOGS="${{ steps.forgejo.outputs.runner-logs }}"
#
# Create a new project with a fake forgejo and the release workflow only
#
mkdir -p $dir/.forgejo/workflows
cp .forgejo/workflows/build-release.yml $dir/.forgejo/workflows
cp -a .forgejo/actions $dir/.forgejo/actions
cat > $dir/Dockerfile <<EOF
FROM docker.io/library/alpine:3.18
RUN mkdir -p /app/gitea
RUN ( echo '#!/bin/sh' ; echo "echo forgejo v$version" ) > /app/gitea/gitea ; chmod +x /app/gitea/gitea
EOF
cp $dir/Dockerfile $dir/Dockerfile.rootless
sources=forgejo-src-$version.tar.gz
( echo 'sources-tarbal:' ; echo -e '\tmkdir -p dist/release ; cd dist/release ; sources=forgejo-src-$(VERSION).tar.gz ; echo sources > $$sources ; shasum -a 256 $$sources > $$sources.sha256' ) > $dir/Makefile
forgejo-test-helper.sh push $dir $url root forgejo |& tee $dir/pushed
eval $(grep '^sha=' < $dir/pushed)
#
# Push a tag to trigger the release workflow and wait for it to complete
#
forgejo-test-helper.sh api POST $url repos/root/forgejo/tags ${{ steps.forgejo.outputs.token }} --data-raw '{"tag_name": "v'$version'", "target": "'$sha'"}'
LOOPS=180 forgejo-test-helper.sh wait_success "$url" root/forgejo $sha
#
# uncomment to see the logs even when everything is reported to be working ok
#
#cat $FORGEJO_RUNNER_LOGS
#
# Minimal sanity checks. e2e test is for the setup-forgejo
# action and the infrastructure playbook. Since the binary
# is a script shell it does not test the sanity of the cross
# build, only the sanity of the naming of the binaries.
#
for arch in amd64 arm64 arm-6 ; do
binary=forgejo-$version-linux-$arch
for suffix in '' '.xz' ; do
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix > $binary$suffix
if test "$suffix" = .xz ; then
unxz --keep $binary$suffix
fi
chmod +x $binary
./$binary --version | grep $version
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$binary$suffix.sha256 > $binary$suffix.sha256
shasum -a 256 --check $binary$suffix.sha256
rm $binary$suffix
done
done
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources > $sources
curl --fail -L -sS $url/root/forgejo/releases/download/v$version/$sources.sha256 > $sources.sha256
shasum -a 256 --check $sources.sha256
docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version
docker pull ${{ steps.forgejo.outputs.host-port }}/root/forgejo:$version-rootless