[wf] push images of latest and 2nd latest version #1846
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Tnauth Tests | |
on: | |
push: | |
pull_request: | |
branches: [ devel ] | |
schedule: | |
# * is a special character in YAML so you have to quote this string | |
- cron: '0 2 * * 6' | |
jobs: | |
tnauth_tests: | |
name: "tnauth_tests" | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
websrv: ['apache2', 'nginx'] | |
dbhandler: ['wsgi', 'django'] | |
steps: | |
- name: "checkout GIT" | |
uses: actions/checkout@v4 | |
- name: "Build container" | |
uses: ./.github/actions/container_prep | |
with: | |
DB_HANDLER: ${{ matrix.dbhandler }} | |
WEB_SRV: ${{ matrix.websrv }} | |
- name: "Setup openssl ca_handler" | |
run: | | |
sudo mkdir -p examples/Docker/data/acme_ca/certs | |
sudo cp test/ca/sub-ca-key.pem test/ca/sub-ca-crl.pem test/ca/sub-ca-cert.pem test/ca/root-ca-cert.pem examples/Docker/data/acme_ca/ | |
sudo cp .github/openssl_ca_handler.py_acme_srv_choosen_handler.cfg examples/Docker/data/acme_srv.cfg | |
sudo sed -i "s/tnauthlist_support: False/tnauthlist_support: True/g" examples/Docker/data/acme_srv.cfg | |
cd examples/Docker/ | |
docker-compose restart | |
docker-compose logs | |
- name: "Sleep for 10s" | |
uses: juliangruber/[email protected] | |
with: | |
time: 10s | |
- name: "Test http://acme-srv/directory is accessible" | |
run: docker run -i --rm --network acme curlimages/curl -f http://acme-srv/directory | |
- name: "Test if https://acme-srv/directory is accessible" | |
run: docker run -i --rm --network acme curlimages/curl --insecure -f https://acme-srv/directory | |
- name: "Install curl and socat and test connction" | |
run: | | |
sudo apt-get install -y curl socat | |
curl -f http://localhost:22280 | |
- name: "Install acme.sh" | |
run: | | |
mkdir /tmp/acme_sh | |
curl -kL https://github.com/grindsa/acme.sh/archive/tnauth_list_support.tar.gz | tar xz -C /tmp/acme_sh --strip-components=1 | |
- name: "Enroll certificate using tnauth identifier" | |
run: | | |
cd /tmp/acme_sh | |
/tmp/acme_sh/acme.sh --server http://127.0.0.1:22280 --accountemail [email protected] --issue -d cert.acme.local --tnauth 123456 --spctoken 1234 --standalone --force --debug 2 | |
- name: "Check container configuration" | |
uses: ./.github/actions/container_check | |
with: | |
DB_HANDLER: ${{ matrix.dbhandler }} | |
WEB_SRV: ${{ matrix.websrv }} | |
- name: "[ * ] collecting test logs" | |
if: ${{ failure() }} | |
run: | | |
mkdir -p ${{ github.workspace }}/artifact/upload | |
sudo cp -rp examples/Docker/data/ ${{ github.workspace }}/artifact/data/ | |
cd examples/Docker | |
docker-compose logs > ${{ github.workspace }}/artifact/docker-compose.log | |
sudo tar -C ${{ github.workspace }}/artifact/ -cvzf ${{ github.workspace }}/artifact/upload/artifact.tar.gz docker-compose.log data | |
- name: "[ * ] uploading artificates" | |
uses: actions/upload-artifact@v4 | |
if: ${{ failure() }} | |
with: | |
name: tnauth-${{ matrix.websrv }}-${{ matrix.dbhandler }}.tar.gz | |
path: ${{ github.workspace }}/artifact/upload/ | |
tnauth_rpm_tests: | |
name: "tnauth_rpm_tests" | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
rhversion: [8, 9] | |
steps: | |
- name: "checkout GIT" | |
uses: actions/checkout@v4 | |
- name: "Prepare Alma environment" | |
uses: ./.github/actions/rpm_prep | |
with: | |
GH_SBOM_USER: ${{ secrets.GH_SBOM_USER }} | |
GH_SBOM_TOKEN: ${{ secrets.GH_SBOM_TOKEN }} | |
RH_VERSION: ${{ matrix.rhversion }} | |
- name: "Prepare acme_srv.cfg with openssl_ca_handler" | |
run: | | |
mkdir -p data/acme_ca | |
sudo mkdir -p examples/Docker/data/acme_ca/certs | |
sudo cp test/ca/sub-ca-key.pem test/ca/sub-ca-crl.pem test/ca/sub-ca-cert.pem test/ca/root-ca-cert.pem data/acme_ca/ | |
sudo cp .github/openssl_ca_handler.py_acme_srv_choosen_handler.cfg data/acme_srv.cfg | |
sudo sed -i "s/tnauthlist_support: False/tnauthlist_support: True/g" data/acme_srv.cfg | |
- name: "Execute install scipt" | |
run: | | |
docker exec acme-srv sh /tmp/acme2certifier/rpm_tester.sh | |
- name: "Test http://acme-srv/directory is accessible" | |
run: docker run -i --rm --network acme curlimages/curl -f http://acme-srv/directory | |
- name: "Install curl and socat and test connction" | |
run: | | |
sudo apt-get install -y curl socat | |
curl -f http://localhost:22280 | |
- name: "Install acme.sh" | |
run: | | |
mkdir /tmp/acme_sh | |
curl -kL https://github.com/grindsa/acme.sh/archive/tnauth_list_support.tar.gz | tar xz -C /tmp/acme_sh --strip-components=1 | |
- name: "Enroll certificate using tnauth identifier" | |
run: | | |
cd /tmp/acme_sh | |
/tmp/acme_sh/acme.sh --server http://127.0.0.1:22280 --accountemail [email protected] --issue -d cert.acme.local --tnauth 123456 --spctoken 1234 --standalone --force --debug 2 | |
- name: "[ * ] collecting test logs" | |
if: ${{ failure() }} | |
run: | | |
mkdir -p ${{ github.workspace }}/artifact/upload | |
docker exec acme-srv tar cvfz /tmp/acme2certifier/a2c.tgz /opt/acme2certifier | |
sudo cp -rp data/ ${{ github.workspace }}/artifact/data/ | |
sudo rm ${{ github.workspace }}/artifact/data/*.rpm | |
# sudo cp -rp /tmp/acme_sh/ ${{ github.workspace }}/artifact/acme_sh/ | |
docker exec acme-srv cat /etc/nginx/nginx.conf.orig > ${{ github.workspace }}/artifact/data/nginx.conf.orig | |
docker exec acme-srv cat /etc/nginx/nginx.conf > ${{ github.workspace }}/artifact/data/nginx.conf | |
docker exec acme-srv cat /var/log/messages > ${{ github.workspace }}/artifact/acme-srv.log | |
sudo tar -C ${{ github.workspace }}/artifact/ -cvzf ${{ github.workspace }}/artifact/upload/artifact.tar.gz data acme-srv.log | |
- name: "[ * ] uploading artificates" | |
uses: actions/upload-artifact@v4 | |
if: ${{ failure() }} | |
with: | |
name: tnauth-rpm-rh${{ matrix.rhversion }}.tar.gz | |
path: ${{ github.workspace }}/artifact/upload/ |