2021-01-16 10:16:05 +01:00
|
|
|
name: "Test Merge Requests"
|
|
|
|
|
2021-09-28 12:37:54 +02:00
|
|
|
on:
|
2021-05-16 20:46:55 +02:00
|
|
|
workflow_dispatch:
|
2021-02-11 09:48:45 +01:00
|
|
|
pull_request:
|
2021-09-28 12:37:54 +02:00
|
|
|
paths:
|
2021-02-11 09:48:45 +01:00
|
|
|
- 'target/**'
|
|
|
|
- 'test/**'
|
|
|
|
- '.dockerignore'
|
|
|
|
- '.gitmodules'
|
|
|
|
- 'Dockerfile'
|
|
|
|
- 'setup.sh'
|
2021-01-16 10:16:05 +01:00
|
|
|
|
2022-05-11 09:51:15 +02:00
|
|
|
permissions:
|
|
|
|
contents: read
|
|
|
|
|
2022-08-28 01:42:42 +02:00
|
|
|
# `actions/cache` does not upload a new cache until completing a job successfully.
|
|
|
|
# To better cache image builds, tests are handled in a dependent job afterwards.
|
|
|
|
# This way failing tests will not prevent caching of an image. Useful when the build context
|
|
|
|
# is not changed by new commits.
|
2021-01-16 10:16:05 +01:00
|
|
|
jobs:
|
2022-08-28 01:42:42 +02:00
|
|
|
job-build-image:
|
2021-01-16 15:34:31 +01:00
|
|
|
runs-on: ubuntu-20.04
|
2022-08-28 01:42:42 +02:00
|
|
|
outputs:
|
|
|
|
image-build-key: ${{ steps.derive-image-cache-key.outputs.digest }}
|
2021-01-16 10:16:05 +01:00
|
|
|
steps:
|
2022-08-28 01:42:42 +02:00
|
|
|
- name: 'Checkout'
|
2022-03-08 23:57:01 +01:00
|
|
|
uses: actions/checkout@v3
|
2021-01-16 10:16:05 +01:00
|
|
|
with:
|
2022-08-28 01:42:42 +02:00
|
|
|
# Required for image to include `configomat.sh`:
|
2021-01-16 10:16:05 +01:00
|
|
|
submodules: recursive
|
2021-09-28 12:37:54 +02:00
|
|
|
|
2022-08-28 01:42:42 +02:00
|
|
|
# Can potentially be replaced by: `${{ hashFiles('target/**', 'Dockerfile', 'VERSION') }}`
|
|
|
|
# Must not be affected by file metadata changes and have a consistent sort order:
|
|
|
|
# https://docs.github.com/en/actions/learn-github-actions/expressions#hashfiles
|
|
|
|
# Keying by the relevant build context is more re-usable than a commit SHA.
|
|
|
|
- name: 'Derive Docker image cache key from content'
|
|
|
|
id: derive-image-cache-key
|
|
|
|
shell: bash
|
|
|
|
run: |
|
|
|
|
ADDITIONAL_FILES=(
|
|
|
|
'Dockerfile'
|
|
|
|
'VERSION'
|
|
|
|
)
|
2021-09-28 12:37:54 +02:00
|
|
|
|
2022-08-28 01:42:42 +02:00
|
|
|
# Recursively collect file paths from `target/` and pipe a list of
|
|
|
|
# checksums to be sorted (by hash value) and finally generate a checksum
|
|
|
|
# of that list, using `awk` to only return the hash value (digest):
|
|
|
|
IMAGE_CHECKSUM=$(\
|
|
|
|
find ./target -type f -exec sha256sum "${ADDITIONAL_FILES[@]}" {} + \
|
|
|
|
| sort \
|
|
|
|
| sha256sum \
|
|
|
|
| awk '{ print $1 }' \
|
|
|
|
)
|
2021-09-28 12:37:54 +02:00
|
|
|
|
2022-08-28 01:42:42 +02:00
|
|
|
echo "::set-output name=digest::${IMAGE_CHECKSUM}"
|
|
|
|
|
|
|
|
# Attempts to restore the build cache from a prior build run.
|
|
|
|
# If the exact key is not restored, then upon a successful job run
|
|
|
|
# the new cache is uploaded for this key containing the contents at `path`.
|
|
|
|
# Cache storage has a limit of 10GB, and uploads expire after 7 days.
|
|
|
|
# When full, the least accessed cache upload is evicted to free up storage.
|
|
|
|
# https://docs.github.com/en/actions/using-workflows/caching-dependencies-to-speed-up-workflows
|
|
|
|
- name: 'Handle Docker build layer cache'
|
2022-03-21 18:43:58 +01:00
|
|
|
uses: actions/cache@v3
|
2021-05-16 20:46:55 +02:00
|
|
|
with:
|
|
|
|
path: /tmp/.buildx-cache
|
2022-08-28 01:42:42 +02:00
|
|
|
key: cache-buildx-${{ steps.derive-image-cache-key.outputs.digest }}
|
|
|
|
# If no exact cache-hit for key found, lookup caches with a `cache-buildx-` key prefix:
|
|
|
|
# This is safe due to cache layer invalidation via the image build context.
|
2021-05-16 20:46:55 +02:00
|
|
|
restore-keys: |
|
2022-08-28 01:42:42 +02:00
|
|
|
cache-buildx-
|
|
|
|
|
|
|
|
# Support ARM64 builds on AMD64 host:
|
|
|
|
- name: 'Set up QEMU'
|
|
|
|
uses: docker/setup-qemu-action@v2.0.0
|
|
|
|
with:
|
|
|
|
platforms: arm64
|
|
|
|
|
|
|
|
# Enables `buildx` support within `build-push-action`, improving cache and platform support:
|
|
|
|
- name: 'Set up Docker Buildx'
|
|
|
|
uses: docker/setup-buildx-action@v2.0.0
|
2021-09-28 12:37:54 +02:00
|
|
|
|
2022-08-28 01:42:42 +02:00
|
|
|
# NOTE: AMD64 can build within 2 minutes, ARM adds 13 minutes. 330MB each
|
|
|
|
# ARMv7 can build in parallel, adding no extra time (but does add 150MB cache size).
|
|
|
|
# Moving ARM build to a separate job would cut down time to start running tests.
|
|
|
|
- name: 'Build images'
|
2022-08-08 16:37:07 +02:00
|
|
|
uses: docker/build-push-action@v3.1.1
|
2021-01-16 10:16:05 +01:00
|
|
|
with:
|
2021-01-17 17:41:47 +01:00
|
|
|
context: .
|
2021-01-16 10:16:05 +01:00
|
|
|
build-args: |
|
|
|
|
VCS_REF=${{ github.sha }}
|
|
|
|
VCS_VER=${{ github.ref }}
|
2021-05-16 20:46:55 +02:00
|
|
|
tags: mailserver-testing:ci
|
2022-08-28 01:42:42 +02:00
|
|
|
# Build for AMD64 (runs against test suite) and ARM64 (only to verify building works):
|
|
|
|
platforms: linux/amd64,linux/arm64
|
|
|
|
# Paired with steps `actions/cache` and `Replace cache` (replace src with dest):
|
|
|
|
# NOTE: `mode=max` is only for `cache-to`, it configures exporting all image layers.
|
|
|
|
# https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#cache-from
|
|
|
|
cache-from: type=local,src=/tmp/.buildx-cache
|
|
|
|
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
|
|
|
|
# This job just builds the image and stores to cache, no other exporting required:
|
|
|
|
# https://github.com/docker/build-push-action/issues/546#issuecomment-1122631106
|
|
|
|
outputs: type=cacheonly
|
2021-09-28 12:37:54 +02:00
|
|
|
|
2022-08-28 01:42:42 +02:00
|
|
|
# WORKAROUND: The `cache-to: type=local` input for `build-push-action` persists old-unused cache.
|
|
|
|
# The workaround is to write the new build cache to a different location that replaces the
|
|
|
|
# original restored cache after build, reducing frequency of eviction due to cache storage limit (10GB).
|
|
|
|
# https://github.com/docker/build-push-action/blob/965c6a410d446a30e95d35052c67d6eded60dad6/docs/advanced/cache.md?plain=1#L193-L199
|
|
|
|
# NOTE: This does not affect `cache-hit == 'true'` (which skips upload on direct cache key hit)
|
|
|
|
- name: 'Replace cache'
|
|
|
|
run: |
|
|
|
|
rm -rf /tmp/.buildx-cache
|
|
|
|
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
|
|
|
|
|
|
|
|
job-run-tests:
|
|
|
|
name: 'Run Test Suite'
|
|
|
|
needs: job-build-image
|
|
|
|
runs-on: ubuntu-20.04
|
|
|
|
steps:
|
|
|
|
- name: 'Checkout'
|
|
|
|
uses: actions/checkout@v3
|
|
|
|
with:
|
|
|
|
# Required to retrieve bats (core + extras):
|
|
|
|
submodules: recursive
|
|
|
|
|
|
|
|
# Get the cached build layers from the build job:
|
|
|
|
# This should always be a cache-hit, no new uploads should happen when this job finishes:
|
|
|
|
- name: 'Retrieve image build from build cache'
|
|
|
|
uses: actions/cache@v3
|
|
|
|
with:
|
|
|
|
path: /tmp/.buildx-cache
|
|
|
|
key: cache-buildx-${{ needs.job-build-image.outputs.image-build-key }}
|
|
|
|
restore-keys: |
|
|
|
|
cache-buildx-
|
|
|
|
|
|
|
|
# Importing from the cache should create the image within approx 30 seconds:
|
|
|
|
# buildx not needed as no exporting and only single AMD64 platform is loaded:
|
|
|
|
- name: 'Build AMD64 image from cache'
|
2022-08-08 16:37:07 +02:00
|
|
|
uses: docker/build-push-action@v3.1.1
|
2021-05-16 20:46:55 +02:00
|
|
|
with:
|
|
|
|
context: .
|
|
|
|
build-args: |
|
|
|
|
VCS_REF=${{ github.sha }}
|
|
|
|
VCS_VER=${{ github.ref }}
|
2021-01-17 17:41:47 +01:00
|
|
|
tags: mailserver-testing:ci
|
2022-08-28 01:42:42 +02:00
|
|
|
# Export the built image for the Docker host to use:
|
|
|
|
load: true
|
|
|
|
# Rebuilds the AMD64 image from the cache:
|
|
|
|
platforms: linux/amd64
|
2021-05-16 20:46:55 +02:00
|
|
|
cache-from: type=local,src=/tmp/.buildx-cache
|
2021-09-28 12:37:54 +02:00
|
|
|
|
2022-08-28 01:42:42 +02:00
|
|
|
- name: 'Run tests'
|
2021-01-16 10:16:05 +01:00
|
|
|
env:
|
2021-09-28 12:37:54 +02:00
|
|
|
CI: true
|
2022-08-28 01:42:42 +02:00
|
|
|
run: |
|
|
|
|
NAME=mailserver-testing:ci
|
|
|
|
make generate-accounts tests
|