Initial implementation #46
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Integration Tests | |
| on: | |
| pull_request: | |
| paths: | |
| - "action.yaml" | |
| - ".github/workflows/integration-tests.yaml" | |
| push: | |
| branches: | |
| - main | |
| paths: | |
| - "action.yaml" | |
| - ".github/workflows/integration-tests.yaml" | |
| jobs: | |
| test: | |
| name: Test ${{ matrix.test.title }} | |
| # These permissions are needed to: | |
| # - Checkout the repo | |
| permissions: | |
| contents: read | |
| packages: write | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| test: | |
| # We need to avoid running concurrent tests using the same commit SHA as | |
| # otherwise we could see tests pass when one of them doesn't say output | |
| # the cache layers. We could address this in two ways in the future if this | |
| # becomes limiting: | |
| # | |
| # 1. Make use of separate image repositories for each test. This allows each | |
| # test to run in parallel without the potential for conflicts. | |
| # 2. Use job concurrency and `max-parallel` for matrix jobs to run jobs | |
| # sequentially with cleanup in between. May be rather slow. | |
| # | |
| # I also considered revising the action to avoid pushing images entirely. | |
| # Doing this may be challenging in otherways as pushing the image is a | |
| # requirement for getting the digests in some contexts: | |
| # https://github.com/docker/build-push-action/issues/906#issuecomment-1674567311 | |
| - title: Merge Commit | |
| commit-sha: ${{ github.sha }} | |
| from-scratch: true | |
| - title: Head Commit | |
| commit-sha: ${{ github.event.pull_request.head.sha }} | |
| - title: Fixed Commit | |
| commit-sha: 5921a42f27af154dec1372cb1e1d1fe11c701437 | |
| steps: | |
| - name: Job started at | |
| id: job-started | |
| run: | | |
| job_started_at="$(date --utc --iso-8601=seconds)" | |
| echo "at=$job_started_at" | tee -a "$GITHUB_OUTPUT" | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ matrix.test.commit-sha }} | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ github.token }} | |
| - uses: ./ | |
| id: build | |
| with: | |
| image-repository: ghcr.io/beacon-biosignals/temporary/whalesay | |
| context: test | |
| build-args: | | |
| DEBIAN_VERSION=12.9 | |
| from-scratch: ${{ matrix.test.from-scratch || 'false' }} | |
| - name: Validate image works | |
| run: | | |
| docker pull "${{ steps.build.outputs.image }}" | |
| output="$(docker run "${{ steps.build.outputs.image }}")" | |
| if [[ "$(wc -l <<<"$output")" -lt 14 ]]; then | |
| echo "$output" | |
| exit 1 | |
| fi | |
| debian_version="$(docker run --entrypoint=/bin/cat "${{ steps.build.outputs.image }}" /etc/debian_version)" | |
| [[ "$debian_version" == "12.9" ]] || exit 2 | |
| - name: Layer created at | |
| id: layer-created | |
| run: | | |
| layer_created_at="$(docker run --entrypoint=/bin/cat "${{ steps.build.outputs.image }}" /etc/layer-created-at)" | |
| echo "at=$layer_created_at" | tee -a "$GITHUB_OUTPUT" | |
| - name: Validate layer caching | |
| if: ${{ matrix.test.from-scratch == false }} | |
| run: | | |
| [[ "$(date -d "$layer_created_at" +%s)" -lt "$(date -d "$job_started_at" +%s)" ]] || exit 1 | |
| env: | |
| job_started_at: ${{ steps.job-started.outputs.at }} | |
| layer_created_at: ${{ steps.layer-created.outputs.at }} | |
| - name: Validate no layer caching | |
| if: ${{ matrix.test.from-scratch == true }} | |
| run: | | |
| [[ "$(date -d "$layer_created_at" +%s)" -gt "$(date -d "$job_started_at" +%s)" ]] || exit 1 | |
| env: | |
| job_started_at: ${{ steps.job-started.outputs.at }} | |
| layer_created_at: ${{ steps.layer-created.outputs.at }} | |
| - name: Validate cache images | |
| run: | | |
| docker manifest inspect "${{ steps.build.outputs.image-repository }}:cache-sha-${{ matrix.test.commit-sha }}" | |
| docker manifest inspect "${{ steps.build.outputs.image-repository }}:cache-branch-${branch//[^[:alnum:]]/-}" | |
| env: | |
| branch: ${{ github.head_ref || (github.ref_type == 'branch' && github.ref_name) }} | |
| - name: Validate annotations | |
| run: | | |
| set -x | |
| json="$(docker manifest inspect "${{ steps.build.outputs.image }}")" | |
| [[ "$(jq -r '.annotations."org.opencontainers.image.revision"' <<<"$json")" == "${{ matrix.test.commit-sha }}" ]] || exit 1 | |
| cleanup: | |
| name: Cleanup | |
| needs: test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: dataaxiom/ghcr-cleanup-action@cd0cdb900b5dbf3a6f2cc869f0dbb0b8211f50c4 # v1.0.16 | |
| with: | |
| package: temporary/whalesay | |
| older-than: 1 day | |
| keep-n-tagged: 0 | |
| exclude-tags: branch-main,cache-branch-main |