Skip to content

WIP: Move CI to GitHub Actions #172

WIP: Move CI to GitHub Actions

WIP: Move CI to GitHub Actions #172

Workflow file for this run

name: CI
on: [push, pull_request]
defaults:
run:
shell: bash
jobs:
lint-desktop:
strategy:
matrix:
debian_version:
- bullseye
- bookworm
runs-on: ubuntu-latest
container: debian:${{ matrix.debian_version }}
steps:
- run: |
apt-get update && apt-get install --yes git make desktop-file-utils
- uses: actions/checkout@v4
- name: Lint .desktop files
run: |
make lint-desktop
lint:
strategy:
matrix:
debian_version:
- bullseye
- bookworm
runs-on: ubuntu-latest
container: debian:${{ matrix.debian_version }}
steps:
- run: |
apt-get update && apt-get install --yes git make
- uses: actions/checkout@v4
- name: Install dependencies
run: |
source /etc/os-release
if [[ "$VERSION_CODENAME" == "bullseye" ]]; then
# Install Poetry via PyPI
apt-get install --yes --no-install-recommends python3-pip
pip install poetry==1.6.1
elif [[ "$VERSION_CODENAME" == "bookworm" ]]; then
# Install Poetry via system package
apt-get install --yes --no-install-recommends python3-poetry
else
echo "Unsupported Debian version: $VERSION_CODENAME"
exit 1
fi
poetry install
- name: Run lint
run: make lint
# Run `make lint` across all components
component-lint:
strategy:
matrix:
component:
- client
- export
- log
- proxy
debian_version:
- bullseye
- bookworm
# bookworm jobs are failing and will be
# replaced with proxy v2 shortly, so skip
# https://github.com/freedomofpress/securedrop-client/issues/1681
exclude:
- component: proxy
debian_version: bookworm
runs-on: ubuntu-latest
container: debian:${{ matrix.debian_version }}
steps:
- run: |
apt-get update && apt-get install --yes git make gnupg
- uses: actions/checkout@v4
- name: Install dependencies
run: |
source /etc/os-release
if [[ "$VERSION_CODENAME" == "bullseye" ]]; then
# Install Poetry via PyPI
apt-get install --yes --no-install-recommends python3-pip
pip install poetry==1.6.1
elif [[ "$VERSION_CODENAME" == "bookworm" ]]; then
# Install Poetry via system package
apt-get install --yes --no-install-recommends python3-poetry
else
echo "Unsupported Debian version: $VERSION_CODENAME"
exit 1
fi
poetry -C ${{ matrix.component }} install
if [[ "${{ matrix.component }}" == "client" ]]; then
make -C ${{ matrix.component }} ci-install-deps
fi
- name: Run lint
run: make -C ${{ matrix.component }} lint
# Run `make test` against all components but client, which is special
component-test:
strategy:
matrix:
component:
- export
- log
- proxy
debian_version:
- bullseye
- bookworm
# bookworm jobs are failing and will be
# replaced with proxy v2 shortly, so skip
# https://github.com/freedomofpress/securedrop-client/issues/1681
exclude:
- component: proxy
debian_version: bookworm
runs-on: ubuntu-latest
container: debian:${{ matrix.debian_version }}
steps:
- run: |
apt-get update && apt-get install --yes git make gnupg
- uses: actions/checkout@v4
- name: Install dependencies
run: |
source /etc/os-release
if [[ "$VERSION_CODENAME" == "bullseye" ]]; then
# Install Poetry via PyPI
apt-get install --yes --no-install-recommends python3-pip
pip install poetry==1.6.1
elif [[ "$VERSION_CODENAME" == "bookworm" ]]; then
# Install Poetry via system package
apt-get install --yes --no-install-recommends python3-poetry
else
echo "Unsupported Debian version: $VERSION_CODENAME"
exit 1
fi
poetry -C ${{ matrix.component }} install
- name: Run test
run: |
make -C ${{ matrix.component }} test
# Run the various `make test-...` commands for the client.
# TODO: these should be consolidated into one when feasible
client-test:
strategy:
matrix:
command:
- test-functional
- test-integration
- test-random
debian_version:
- bullseye
- bookworm
runs-on: ubuntu-latest
container: debian:${{ matrix.debian_version }}
steps:
- run: |
apt-get update && apt-get install --yes git make gnupg
- uses: actions/checkout@v4
- name: Install dependencies
run: |
source /etc/os-release
if [[ "$VERSION_CODENAME" == "bullseye" ]]; then
# Install Poetry via PyPI
apt-get install --yes --no-install-recommends python3-pip
pip install poetry==1.6.1
elif [[ "$VERSION_CODENAME" == "bookworm" ]]; then
# Install Poetry via system package
apt-get install --yes --no-install-recommends python3-poetry
else
echo "Unsupported Debian version: $VERSION_CODENAME"
exit 1
fi
poetry -C client install
make -C client ci-install-deps
- name: Run test
run: |
make -C client test
safety:
runs-on: ubuntu-latest
container: debian:bookworm
steps:
- run: |
apt-get update && apt-get install --yes git make python3-poetry
- uses: actions/checkout@v4
- name: Run safety
run: |
poetry install
poetry update safety
make safety