-
Notifications
You must be signed in to change notification settings - Fork 24
117 lines (107 loc) · 3.59 KB
/
go.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
name: Go
on: [push, workflow_dispatch]
jobs:
test:
name: ${{ matrix.module }}
strategy:
fail-fast: false
matrix:
module: ["awsutil",
"base62",
"configutil",
"fileutil",
"gatedwriter",
"kv-builder",
"listenerutil",
"mlock",
"nonceutil",
"parseutil",
"password",
"plugincontainer",
"pluginutil",
"reloadutil",
"strutil",
"tlsutil"]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Set up Go
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version-file: ${{ matrix.module }}/go.mod
cache-dependency-path: ${{ matrix.module }}/go.sum
- name: Build
run: cd ${{ matrix.module }} && go build ./...
- name: Install gVisor
if: ${{ matrix.module == 'plugincontainer' }}
run: |
(
set -e
ARCH="$(uname -m)"
URL="https://storage.googleapis.com/gvisor/releases/release/latest/${ARCH}"
wget --quiet "${URL}/runsc" "${URL}/runsc.sha512" \
"${URL}/containerd-shim-runsc-v1" "${URL}/containerd-shim-runsc-v1.sha512"
sha512sum -c runsc.sha512 \
-c containerd-shim-runsc-v1.sha512
rm -f -- *.sha512
chmod a+rx runsc containerd-shim-runsc-v1
sudo mv runsc containerd-shim-runsc-v1 /usr/local/bin
)
sudo tee /etc/docker/daemon.json <<EOF
{
"runtimes": {
"runsc": {
"path": "/usr/local/bin/runsc",
"runtimeArgs": [
"--host-uds=all"
]
}
}
}
EOF
sudo systemctl reload docker
- name: Install rootless docker
if: ${{ matrix.module == 'plugincontainer' }}
run: |
sudo apt-get install -y uidmap dbus-user-session
export FORCE_ROOTLESS_INSTALL=1
curl -fsSL https://get.docker.com/rootless | sh
mkdir -p ~/.config/docker/
tee ~/.config/docker/daemon.json <<EOF
{
"runtimes": {
"runsc": {
"path": "/usr/local/bin/runsc",
"runtimeArgs": [
"--host-uds=all",
"--ignore-cgroups"
]
}
}
}
EOF
systemctl --user restart docker
- name: Install rootless podman
if: ${{ matrix.module == 'plugincontainer' }}
run: |
sudo apt-get install -y podman slirp4netns fuse-overlayfs
mkdir -p ~/local/bin
RUNSC_SCRIPT=~/local/bin/runsc.podman
tee "${RUNSC_SCRIPT}" <<EOF
#!/bin/bash
/usr/local/bin/runsc --host-uds=all --ignore-cgroups "\$@"
EOF
chmod u+x "${RUNSC_SCRIPT}"
podman --runtime "${RUNSC_SCRIPT}" system service -t 0 &
- name: Test
run: cd ${{ matrix.module }} && go test ./...
# Verify that every module folder is mentioned in this workflow file.
verify-ci:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- run: |
if ! find * -name go.mod -print0 | xargs -0 dirname | xargs -I % grep % .github/workflows/go.yml > /dev/null; then
echo "Ensure every submodule is included in the matrix 'module' input in go.yml in the github workflows folder"
exit 1
fi