algo/.github/workflows/main.yml at f668af22d0d0e6bf804ca612004abc42fabeb4e7 · Kiterepo/algo · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
---
name: Main

'on':
  push:
    branches:
      - master
      - main
  workflow_dispatch:

permissions:
  contents: read

jobs:
  syntax-check:
    name: Ansible syntax check
    runs-on: ubuntu-22.04
    permissions:
      contents: read
    steps:
      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8  # v5.0.0
        with:
          persist-credentials: false
      - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
        with:
          python-version: '3.11'

      - name: Setup uv environment
        uses: ./.github/actions/setup-uv

      - name: Check Ansible playbook syntax
        run: uv run ansible-playbook main.yml --syntax-check

  basic-tests:
    name: Basic sanity tests
    runs-on: ubuntu-22.04
    permissions:
      contents: read
    steps:
      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8  # v5.0.0
        with:
          persist-credentials: false
      - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
        with:
          python-version: '3.11'

      - name: Setup uv environment
        uses: ./.github/actions/setup-uv

      - name: Install system dependencies
        run: sudo apt-get update && sudo apt-get install -y shellcheck

      - name: Run basic sanity tests
        run: uv run pytest tests/unit/ -v

  docker-build:
    name: Docker build test
    runs-on: ubuntu-22.04
    permissions:
      contents: read
    steps:
      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8  # v5.0.0
        with:
          persist-credentials: false
      - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
        with:
          python-version: '3.11'

      - name: Setup uv environment
        uses: ./.github/actions/setup-uv

      - name: Build Docker image
        run: docker build -t local/algo:test .

      - name: Test Docker image starts
        run: |
          # Just verify the image can start and show help
          docker run --rm local/algo:test /algo/algo --help

      - name: Run Docker deployment tests
        run: uv run pytest tests/unit/test_docker_localhost_deployment.py -v

  config-generation:
    name: Configuration generation test
    runs-on: ubuntu-22.04
    timeout-minutes: 10
    permissions:
      contents: read
    steps:
      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8  # v5.0.0
        with:
          persist-credentials: false
      - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
        with:
          python-version: '3.11'

      - name: Setup uv environment
        uses: ./.github/actions/setup-uv

      - name: Test configuration generation (local mode)
        run: |
          # Run our simplified config test
          chmod +x tests/test-local-config.sh
          ./tests/test-local-config.sh

  ansible-dry-run:
    name: Ansible dry-run validation
    runs-on: ubuntu-22.04
    timeout-minutes: 10
    permissions:
      contents: read
    strategy:
      matrix:
        provider: [local, ec2, digitalocean, gce]
    steps:
      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8  # v5.0.0
        with:
          persist-credentials: false
      - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065  # v5.6.0
        with:
          python-version: '3.11'

      - name: Setup uv environment
        uses: ./.github/actions/setup-uv

      - name: Create test configuration for ${{ matrix.provider }}
        run: |
          # Create provider-specific test config
          cat > test-${{ matrix.provider }}.cfg << 'EOF'
          users:
            - testuser
          cloud_providers:
            ${{ matrix.provider }}:
              server: test-server
              size: t3.micro
              image: ubuntu-22.04
              region: us-east-1
          wireguard_enabled: true
          ipsec_enabled: false
          dns_adblocking: false
          ssh_tunneling: false
          store_pki: true
          algo_provider: ${{ matrix.provider }}
          algo_server_name: test-algo-vpn
          server: test-server
          endpoint: 10.0.0.1
          ansible_ssh_user: ubuntu
          ansible_ssh_port: 22
          algo_ssh_port: 4160
          algo_ondemand_cellular: false
          algo_ondemand_wifi: false
          EOF

      - name: Run Ansible check mode for ${{ matrix.provider }}
        run: |
          # Run ansible in check mode to validate playbooks work
          uv run ansible-playbook main.yml \
            -i "localhost," \
            -c local \
            -e @test-${{ matrix.provider }}.cfg \
            -e "provider=${{ matrix.provider }}" \
            --check \
            --diff \
            -vv \
            --skip-tags "facts,tests,local,update-alternatives,cloud_api" || true

          # The || true is because check mode will fail on some tasks
          # but we're looking for syntax/undefined variable errors