Fixed PNG chunk stripping breaking image validation #136
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main, develop, feature/*] | |
| pull_request: | |
| branches: [main, develop] | |
| env: | |
| REGISTRY: ghcr.io | |
| CACHE_REPO: ${{ github.repository_owner }}/trmnl-ha-cache | |
| jobs: | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Setup Bun | |
| uses: oven-sh/setup-bun@v1 | |
| with: | |
| bun-version: latest | |
| - name: Cache Bun dependencies | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.bun/install/cache | |
| key: bun-${{ runner.os }}-${{ hashFiles('trmnl-ha/ha-trmnl/bun.lock') }} | |
| restore-keys: bun-${{ runner.os }}- | |
| - name: Install dependencies | |
| working-directory: trmnl-ha/ha-trmnl | |
| run: bun install | |
| - name: Run ESLint | |
| working-directory: trmnl-ha/ha-trmnl | |
| run: bun run lint | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Setup Bun | |
| uses: oven-sh/setup-bun@v1 | |
| with: | |
| bun-version: latest | |
| - name: Cache Bun dependencies | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.bun/install/cache | |
| key: bun-${{ runner.os }}-${{ hashFiles('trmnl-ha/ha-trmnl/bun.lock') }} | |
| restore-keys: bun-${{ runner.os }}- | |
| - name: Install ImageMagick 7 (Q16-HDRI) | |
| run: | | |
| # Start a container from the same IM7 image used in production | |
| docker create --name im7 --entrypoint "" \ | |
| dpokidov/imagemagick:7.1.1-47-bookworm tail -f /dev/null | |
| docker start im7 | |
| # Copy IM7 binary, libraries, and config via docker cp | |
| sudo docker cp im7:/usr/local/bin/magick /usr/local/bin/ | |
| sudo docker cp im7:/usr/local/lib/. /usr/local/lib/ | |
| sudo docker cp im7:/usr/local/etc/ImageMagick-7/ /usr/local/etc/ImageMagick-7/ | |
| # Copy system libraries that Ubuntu 24.04 doesn't provide. | |
| # NOTE: -L follows symlinks so we get the actual .so file, not a broken link. | |
| # libjpeg62-turbo: Ubuntu has libjpeg-turbo8 (different soname) | |
| # libomp5: not installed by default on Ubuntu | |
| sudo docker cp -L im7:/usr/lib/x86_64-linux-gnu/libjpeg.so.62 /usr/local/lib/ | |
| sudo docker cp -L im7:/usr/lib/x86_64-linux-gnu/libomp.so.5 /usr/local/lib/ | |
| docker stop im7 && docker rm im7 | |
| # Wrapper script: gm package calls 'convert', IM7 uses 'magick' | |
| sudo cp trmnl-ha/ha-trmnl/scripts/imagemagick-wrapper.sh /usr/local/bin/convert | |
| sudo chmod +x /usr/local/bin/convert | |
| sudo ln -sf /usr/local/bin/magick /usr/local/bin/identify | |
| sudo ln -sf /usr/local/bin/magick /usr/local/bin/mogrify | |
| sudo ldconfig | |
| # Verify — must show "ImageMagick 7" and "Q16-HDRI" | |
| /usr/local/bin/magick --version | |
| - name: Install dependencies | |
| working-directory: trmnl-ha/ha-trmnl | |
| run: bun install | |
| - name: Create test options file | |
| working-directory: trmnl-ha/ha-trmnl | |
| run: cp options-dev.json.example options-dev.json | |
| - name: Run unit tests | |
| working-directory: trmnl-ha/ha-trmnl | |
| run: bun test tests/unit | |
| - name: Run integration tests | |
| working-directory: trmnl-ha/ha-trmnl | |
| run: MOCK_HA=true bun test tests/integration | |
| - name: Check coverage | |
| working-directory: trmnl-ha/ha-trmnl | |
| run: bun test --coverage | |
| build: | |
| name: Build Docker Image | |
| runs-on: ubuntu-latest | |
| needs: [lint, test] | |
| # NOTE: Write to packages needed for registry cache on push to main | |
| permissions: | |
| contents: read | |
| packages: write | |
| strategy: | |
| matrix: | |
| include: | |
| - platform: linux/amd64 | |
| tag: amd64 | |
| - platform: linux/arm64 | |
| tag: arm64 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| # Login to GHCR for registry cache (read for PRs, write for push) | |
| - name: Login to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| # NOTE: Registry cache is branch-agnostic - PR builds reuse main's cache! | |
| # On push to main: update the shared registry cache | |
| # On PR: read from registry cache, write to GHA cache (branch-scoped fallback) | |
| - name: Build Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: trmnl-ha | |
| platforms: ${{ matrix.platform }} | |
| push: false | |
| load: true | |
| tags: trmnl-ha:test-${{ matrix.tag }} | |
| cache-from: | | |
| type=registry,ref=${{ env.REGISTRY }}/${{ env.CACHE_REPO }}:${{ matrix.tag }} | |
| type=gha,scope=build-${{ matrix.tag }} | |
| cache-to: ${{ github.event_name == 'push' && format('type=registry,ref={0}/{1}:{2},mode=max', env.REGISTRY, env.CACHE_REPO, matrix.tag) || format('type=gha,mode=max,scope=build-{0}', matrix.tag) }} | |
| provenance: false | |
| - name: Verify Bun installation in image | |
| run: docker run --rm trmnl-ha:test-${{ matrix.tag }} bun --version | |
| - name: Test image can start | |
| run: | | |
| docker run -d --name test-container trmnl-ha:test-${{ matrix.tag }} | |
| sleep 5 | |
| docker logs test-container | |
| docker stop test-container | |
| docker rm test-container |