-
Notifications
You must be signed in to change notification settings - Fork 717
132 lines (123 loc) · 3.74 KB
/
Copy pathci.yml
File metadata and controls
132 lines (123 loc) · 3.74 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: CI
on:
push:
branches: ["develop", "release/**"]
pull_request:
types: ["opened", "synchronize"]
merge_group:
defaults:
run:
shell: bash
jobs:
lint:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
ubuntu_version:
- noble
container: ubuntu:${{ matrix.ubuntu_version }}
steps:
- name: Install Git
run: |
apt-get update && apt-get install --yes git
- uses: actions/checkout@v6
with:
persist-credentials: false
- name: Install dependencies
run: |
DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt-get install --yes --no-install-recommends \
build-essential python3-virtualenv python3-dev enchant-2 file apache2-dev jq libarchive-tools
virtualenv .venv
# TODO: this should be one step, but there are too many conflicting dependencies
./.venv/bin/pip install -r securedrop/requirements/test-requirements.txt
./.venv/bin/pip install -r securedrop/requirements/requirements.txt
./.venv/bin/pip install -r securedrop/requirements/develop-requirements.txt
- name: Run lint
run: |
git config --global --add safe.directory $GITHUB_WORKSPACE
source .venv/bin/activate
make lint
make verify-mo
test-app:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
ubuntu_version:
- noble
steps:
- uses: actions/checkout@v6
with:
persist-credentials: false
- name: Build image
run: |
UBUNTU_VERSION=${{ matrix.ubuntu_version }} DOCKER_BUILD_VERBOSE=true ./securedrop/bin/dev-shell true
- name: Run application tests
run: |
UBUNTU_VERSION=${{ matrix.ubuntu_version }} make test-app
test-functional:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
ubuntu_version:
- noble
steps:
- uses: actions/checkout@v6
with:
persist-credentials: false
- name: Build image
run: |
UBUNTU_VERSION=${{ matrix.ubuntu_version }} DOCKER_BUILD_VERBOSE=true ./securedrop/bin/dev-shell true
- name: Run functional tests
run: |
UBUNTU_VERSION=${{ matrix.ubuntu_version }} make test-functional
test-pageslayout:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
ubuntu_version:
- noble
steps:
- uses: actions/checkout@v6
with:
persist-credentials: false
- name: Build image
run: |
UBUNTU_VERSION=${{ matrix.ubuntu_version }} DOCKER_BUILD_VERBOSE=true ./securedrop/bin/dev-shell true
- name: Run page layout tests
run: |
UBUNTU_VERSION=${{ matrix.ubuntu_version }} make test-pageslayout
- name: Validate HTML (informational)
run: |
UBUNTU_VERSION=${{ matrix.ubuntu_version }} make validate-test-html || true
- name: Validate accessibility (informational)
run: |
UBUNTU_VERSION=${{ matrix.ubuntu_version }} make accessibility-summary || true
rust:
runs-on: ubuntu-latest
# Keep version in sync with rust-toolchain.toml
container: rust:1.90.0
steps:
- uses: actions/checkout@v6
with:
persist-credentials: false
- name: Install dependencies
run: |
rustup component add rustfmt
rustup component add clippy
- name: Lint and test Rust code
run: |
make rust-lint
make rust-test
admin-tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
with:
persist-credentials: false
- name: Run tests
run: |
make -C admin test