-
Notifications
You must be signed in to change notification settings - Fork 3
160 lines (141 loc) · 6.07 KB
/
Copy pathtest.yml
File metadata and controls
160 lines (141 loc) · 6.07 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
name: Test
permissions:
contents: read
on:
push:
branches:
- main
- release
- release/*
pull_request:
branches:
- main
- release
- release/*
paths:
- 'Dockerfile'
- '.github/workflows/**'
- 'src/**'
- 'dfence'
- 'pom.xml'
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Set up JDK
uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4
with:
java-version: '17'
distribution: 'temurin'
cache: maven
- name: Maven verify (code quality checks)
run: mvn -B verify -DskipTests --file pom.xml
- name: Build with Maven (regular JAR for unit tests)
run: mvn -B package --file pom.xml
- name: Validate Javadoc Build
run: mvn javadoc:javadoc
build-docker-jar:
runs-on: ubuntu-latest
outputs:
jar-path: ${{ steps.build.outputs.jar-path }}
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Set up JDK
uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4
with:
java-version: '17'
distribution: 'temurin'
cache: maven
- name: Maven verify (code quality checks)
run: mvn -B verify -DskipTests --file pom.xml
- name: Build JAR for Docker (assembly profile)
id: build
run: |
mvn -B package -P assembly --file pom.xml
echo "jar-path=target/zoom-data-fence-jar-with-dependencies.jar" >> $GITHUB_OUTPUT
- name: Upload JAR artifact
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
with:
name: zoom-data-fence-jar
path: target/zoom-data-fence-jar-with-dependencies.jar
retention-days: 1
docker-test:
needs: build-docker-jar
runs-on: ubuntu-latest
strategy:
matrix:
variant: [standard, aws-cli]
steps:
- name: Checkout code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Download JAR artifact
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
with:
name: zoom-data-fence-jar
path: target/
- name: Verify JAR exists
run: |
echo "Checking if JAR file exists..."
ls -la target/
echo "JAR file should be: target/zoom-data-fence-jar-with-dependencies.jar"
test -f target/zoom-data-fence-jar-with-dependencies.jar
- name: Build Docker image (no push)
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6
with:
context: .
file: ./Dockerfile
push: false
tags: test-image:${{ matrix.variant }}
build-args: |
JAR_PATH=target/zoom-data-fence-jar-with-dependencies.jar
INSTALL_AWS_CLI=${{ matrix.variant == 'aws-cli' }}
- name: Validate basic functionality
run: |
echo "Testing basic dfence functionality..."
docker run --rm test-image:${{ matrix.variant }} --help
- name: Validate dfence command execution
run: |
echo "Testing dfence command execution..."
docker run --rm --entrypoint bash test-image:${{ matrix.variant }} -c "dfence --help"
- name: Validate AWS CLI (aws-cli variant only)
if: matrix.variant == 'aws-cli'
run: |
echo "Testing AWS CLI installation..."
docker run --rm --entrypoint bash test-image:${{ matrix.variant }} -c "aws --version"
- name: Validate tar command (aws-cli variant only)
if: matrix.variant == 'aws-cli'
run: |
echo "Testing tar command availability..."
docker run --rm --entrypoint bash test-image:${{ matrix.variant }} -c "tar --help > /dev/null && echo 'tar is working'"
docker run --rm --entrypoint bash test-image:${{ matrix.variant }} -c "command -v tar"
- name: Validate tar command not available (standard variant only)
if: matrix.variant == 'standard'
run: |
echo "Testing tar command is NOT available in standard variant..."
docker run --rm --entrypoint bash test-image:${{ matrix.variant }} -c "! command -v tar" || (echo "tar should not be available in standard variant" && exit 1)
- name: Validate file permissions
run: |
echo "Testing file permissions..."
docker run --rm --entrypoint bash test-image:${{ matrix.variant }} -c "ls -la /app/"
docker run --rm --entrypoint bash test-image:${{ matrix.variant }} -c "ls -la /usr/bin/dfence"
- name: Validate user context
run: |
echo "Testing user context..."
docker run --rm --entrypoint bash test-image:${{ matrix.variant }} -c "whoami"
docker run --rm --entrypoint bash test-image:${{ matrix.variant }} -c "id"
- name: Validate home directory and working directory
run: |
echo "Testing home directory and working directory..."
docker run --rm --entrypoint bash test-image:${{ matrix.variant }} -c "echo 'HOME: '\$HOME"
docker run --rm --entrypoint bash test-image:${{ matrix.variant }} -c "echo 'PWD: '\$PWD"
docker run --rm --entrypoint bash test-image:${{ matrix.variant }} -c "test \$HOME = '/home/app' && echo 'Home directory is correct: /home/app'"
docker run --rm --entrypoint bash test-image:${{ matrix.variant }} -c "test \$PWD = '/app' && echo 'Working directory is correct: /app'"
- name: Validate JAR file integrity
run: |
echo "Testing JAR file integrity..."
docker run --rm --entrypoint bash test-image:${{ matrix.variant }} -c "java -jar /app/app.jar --help"
- name: Validate environment variables
run: |
echo "Testing environment variables..."
docker run --rm --entrypoint bash test-image:${{ matrix.variant }} -c "env | grep DFENCE"