Compare commits
3 commits
13f554ba6d
...
23a8281f5f
| Author | SHA1 | Date | |
|---|---|---|---|
| 23a8281f5f | |||
| b1fb4739ae | |||
| 9086906180 |
4 changed files with 65 additions and 55 deletions
|
|
@ -14,6 +14,7 @@ jobs:
|
||||||
RUN_ID: ${{ github.run_id }}
|
RUN_ID: ${{ github.run_id }}
|
||||||
POSTGRES_IMG_DIGEST: ${{ secrets.POSTGRES_IMG_DIGEST }}
|
POSTGRES_IMG_DIGEST: ${{ secrets.POSTGRES_IMG_DIGEST }}
|
||||||
RUST_IMG_DIGEST: ${{ secrets.RUST_IMG_DIGEST }}
|
RUST_IMG_DIGEST: ${{ secrets.RUST_IMG_DIGEST }}
|
||||||
|
PREBUILT_BACKEND_TEST_IMAGE: ${{ secrets.REGISTRY_HOST }}/${{ github.repository }}/sharenet-test-rust
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout code
|
- name: Checkout code
|
||||||
|
|
@ -35,9 +36,41 @@ jobs:
|
||||||
podman --remote version
|
podman --remote version
|
||||||
podman --remote run --rm alpine:3.20 echo "Hello from host rootless Podman!"
|
podman --remote run --rm alpine:3.20 echo "Hello from host rootless Podman!"
|
||||||
|
|
||||||
|
- name: Login to container registry with PAT
|
||||||
|
run: |
|
||||||
|
echo "${{ secrets.REGISTRY_TOKEN }}" | podman --remote login \
|
||||||
|
-u "${{ secrets.REGISTRY_USERNAME }}" \
|
||||||
|
--password-stdin \
|
||||||
|
"${{ secrets.REGISTRY_HOST }}"
|
||||||
|
|
||||||
- name: Create network
|
- name: Create network
|
||||||
run: podman --remote network create integ-${{ env.RUN_ID }}
|
run: podman --remote network create integ-${{ env.RUN_ID }}
|
||||||
|
|
||||||
|
- name: Check if dependencies changed
|
||||||
|
id: check-deps
|
||||||
|
run: |
|
||||||
|
# Get hash of Cargo.toml and Cargo.lock
|
||||||
|
DEPS_HASH=$(sha256sum Cargo.toml Cargo.lock | sha256sum | cut -d' ' -f1)
|
||||||
|
echo "deps_hash=$DEPS_HASH" >> $GITHUB_OUTPUT
|
||||||
|
|
||||||
|
# Check if image exists with this hash tag
|
||||||
|
if podman --remote manifest inspect "$PREBUILT_BACKEND_TEST_IMAGE:$DEPS_HASH" >/dev/null 2>&1; then
|
||||||
|
echo "rebuild_needed=false" >> $GITHUB_OUTPUT
|
||||||
|
else
|
||||||
|
echo "rebuild_needed=true" >> $GITHUB_OUTPUT
|
||||||
|
fi
|
||||||
|
|
||||||
|
- name: Build optimized Rust test image (if needed)
|
||||||
|
if: steps.check-deps.outputs.rebuild_needed == 'true'
|
||||||
|
run: |
|
||||||
|
podman --remote build \
|
||||||
|
-f backend/Dockerfile.test-rust \
|
||||||
|
-t "$PREBUILT_BACKEND_TEST_IMAGE:${{ steps.check-deps.outputs.deps_hash }}" \
|
||||||
|
-t "$PREBUILT_BACKEND_TEST_IMAGE:latest"
|
||||||
|
|
||||||
|
podman --remote push "$PREBUILT_BACKEND_TEST_IMAGE:${{ steps.check-deps.outputs.deps_hash }}"
|
||||||
|
podman --remote push "$PREBUILT_BACKEND_TEST_IMAGE:latest"
|
||||||
|
|
||||||
- name: Start PostgreSQL
|
- name: Start PostgreSQL
|
||||||
run: |
|
run: |
|
||||||
podman --remote run -d \
|
podman --remote run -d \
|
||||||
|
|
@ -63,7 +96,7 @@ jobs:
|
||||||
-v /home/ci-service/.cache:/c \
|
-v /home/ci-service/.cache:/c \
|
||||||
alpine:3.20 sh -lc 'mkdir -p /c/cargo'
|
alpine:3.20 sh -lc 'mkdir -p /c/cargo'
|
||||||
|
|
||||||
- name: Run backend tests (tar-pipe, no bind mount of source)
|
- name: Run backend tests with cached dependencies
|
||||||
run: |
|
run: |
|
||||||
set -euo pipefail
|
set -euo pipefail
|
||||||
set -o pipefail
|
set -o pipefail
|
||||||
|
|
@ -73,11 +106,12 @@ jobs:
|
||||||
-e CARGO_HOME=/cargo \
|
-e CARGO_HOME=/cargo \
|
||||||
-e DATABASE_URL=postgres://postgres:password@test-postgres-${{ env.RUN_ID }}:5432/sharenet_test \
|
-e DATABASE_URL=postgres://postgres:password@test-postgres-${{ env.RUN_ID }}:5432/sharenet_test \
|
||||||
-v /home/ci-service/.cache/cargo:/cargo \
|
-v /home/ci-service/.cache/cargo:/cargo \
|
||||||
"$RUST_IMG_DIGEST" \
|
"$PREBUILT_BACKEND_TEST_IMAGE:${{ steps.check-deps.outputs.deps_hash }}" \
|
||||||
sh -euxc '
|
sh -euxc '
|
||||||
mkdir -p /workspace
|
mkdir -p /workspace
|
||||||
tar -x -C /workspace
|
tar -x -C /workspace
|
||||||
cd /workspace/backend
|
cd /workspace/backend
|
||||||
|
cargo chef cook --release --recipe-path /app/recipe.json
|
||||||
cargo test --lib -- --test-threads=1
|
cargo test --lib -- --test-threads=1
|
||||||
'
|
'
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,39 +0,0 @@
|
||||||
name: Podman Rootless Demo
|
|
||||||
on: [push, pull_request]
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
test-rootless:
|
|
||||||
runs-on: [ci]
|
|
||||||
|
|
||||||
# Point all steps at the host's rootless Podman socket
|
|
||||||
env:
|
|
||||||
# Point the client at the mounted socket
|
|
||||||
CONTAINER_HOST: unix:///run/user/1001/podman/podman.sock
|
|
||||||
# Make sure podman looks in the correct runtime dir hierarchy
|
|
||||||
XDG_RUNTIME_DIR: /tmp
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: Checkout code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
|
|
||||||
|
|
||||||
- name: Verify socket visibility
|
|
||||||
run: |
|
|
||||||
set -euo pipefail
|
|
||||||
id -u; id -g
|
|
||||||
ls -ld /run/user/1001/podman
|
|
||||||
ls -l /run/user/1001/podman/podman.sock
|
|
||||||
test -S /run/user/1001/podman/podman.sock
|
|
||||||
|
|
||||||
- name: Use host rootless Podman
|
|
||||||
run: |
|
|
||||||
set -euo pipefail
|
|
||||||
podman --remote info --format '{{.Host.RemoteSocket.Path}} (remote={{.Host.RemoteSocket.Exists}})'
|
|
||||||
podman --remote version
|
|
||||||
podman --remote run --rm alpine:3.20 echo "Hello from host rootless Podman!"
|
|
||||||
|
|
||||||
- name: Build and run a container
|
|
||||||
run: |
|
|
||||||
set -euo pipefail
|
|
||||||
podman --remote build -t test-image .
|
|
||||||
podman --remote run --rm test-image
|
|
||||||
|
|
@ -1,16 +1,31 @@
|
||||||
# Rust testing environment for CI/CD
|
# planner: produce recipe.json
|
||||||
ARG REGISTRY_HOST=localhost
|
FROM rust:1.89-slim AS planner
|
||||||
ARG OWNER_REPO=owner/repo
|
WORKDIR /app
|
||||||
FROM ${REGISTRY_HOST}/${OWNER_REPO}/rust:1.75-slim
|
RUN apt-get update && apt-get install -y --no-install-recommends pkg-config libssl-dev ca-certificates postgresql-client curl && rm -rf /var/lib/apt/lists/*
|
||||||
|
RUN cargo install --locked cargo-chef
|
||||||
|
COPY . .
|
||||||
|
RUN cargo chef prepare --recipe-path recipe.json
|
||||||
|
|
||||||
# Install additional tools needed for testing
|
# deps: compile only external crates
|
||||||
RUN apt-get update && apt-get install -y \
|
FROM rust:1.89-slim AS deps
|
||||||
postgresql-client \
|
WORKDIR /app
|
||||||
curl \
|
RUN apt-get update && apt-get install -y --no-install-recommends pkg-config libssl-dev ca-certificates postgresql-client curl && rm -rf /var/lib/apt/lists/*
|
||||||
&& rm -rf /var/lib/apt/lists/*
|
RUN cargo install --locked cargo-chef
|
||||||
|
ENV CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse
|
||||||
|
COPY --from=planner /app/recipe.json recipe.json
|
||||||
|
RUN cargo chef cook --release --recipe-path recipe.json
|
||||||
|
|
||||||
# Set working directory
|
# builder: compile local workspace crates using cached deps
|
||||||
|
FROM rust:1.89-slim AS builder
|
||||||
|
WORKDIR /app
|
||||||
|
COPY --from=deps /usr/local/cargo /usr/local/cargo
|
||||||
|
COPY --from=deps /usr/local/rustup /usr/local/rustup
|
||||||
|
COPY --from=deps /app/target /app/target
|
||||||
|
COPY . .
|
||||||
|
RUN cargo build --release --locked
|
||||||
|
|
||||||
|
# runtime: minimal test environment
|
||||||
|
FROM rust:1.89-slim AS runtime
|
||||||
|
RUN apt-get update && apt-get install -y --no-install-recommends postgresql-client curl && rm -rf /var/lib/apt/lists/*
|
||||||
WORKDIR /workspace/backend
|
WORKDIR /workspace/backend
|
||||||
|
CMD ["sleep", "infinity"]
|
||||||
# Keep container running for testing
|
|
||||||
CMD ["sleep", "infinity"]
|
|
||||||
|
|
@ -17,7 +17,7 @@ spec:
|
||||||
- containerPort: 5432
|
- containerPort: 5432
|
||||||
|
|
||||||
- name: backend
|
- name: backend
|
||||||
image: rust:1.89-slim
|
image: localhost/sharenet-test-rust:latest
|
||||||
workingDir: /app/backend
|
workingDir: /app/backend
|
||||||
env:
|
env:
|
||||||
- name: DATABASE_URL
|
- name: DATABASE_URL
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue