dev volatile #470
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| concurrency: | |
| cancel-in-progress: true | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} | |
| defaults: | |
| run: | |
| shell: bash | |
| jobs: | |
| # Check that the project is able to configure the current user | |
| # This is the main use case, except for the fact that the current user is root due to GitHub Actions defaults | |
| # This might not be representative, so here we just check that configuring the current user works | |
| check_current_user: | |
| env: | |
| HOME: /root | |
| runs-on: ubuntu-22.04 | |
| container: ubuntu:22.04 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Bootstrap control node | |
| run: ./bootstrap.sh | |
| - name: Config | |
| run: make | |
| - name: Check idempotence | |
| run: make VERIFY_UNCHANGED=true | |
| # All format checks only available after complete machine setup | |
| # So, we need to do them in one of the check jobs | |
| - name: Check format | |
| run: | | |
| make format | |
| if [[ -n "$(git diff)" ]]; then | |
| echo "Code is not formatted." | |
| git diff | |
| exit 1 | |
| fi | |
| # As mentioned, previous check for the root user might not be representative | |
| # Thus, all the main checks are done by root for the "random_user" | |
| check: | |
| runs-on: ubuntu-22.04 | |
| container: ${{ matrix.image }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Bootstrap control node | |
| run: ./bootstrap.sh | |
| - name: Bootstrap localhost | |
| run: make bootstrap_hosts REMOTE_USER=random_user | |
| - name: Set permissions | |
| run: chown -R random_user:random_user . | |
| - name: Config | |
| run: sudo -u random_user make | |
| - name: Check idempotence | |
| run: sudo -u random_user make VERIFY_UNCHANGED=true | |
| strategy: | |
| matrix: | |
| image: ["ubuntu:22.04", "ubuntu:23.04", "ubuntu:23.10", "ubuntu:24.04"] | |
| # Check that the project is able to configure remote host | |
| check_remote: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Check remote config | |
| run: make check_host IMAGE=ubuntu:22.04 REMOTE_USER=random_user REDUCED_CHECK=true | |
| - name: Check remote idempotence | |
| run: make check_host IMAGE=ubuntu:22.04 REMOTE_USER=random_user REDUCED_CHECK=true VERIFY_UNCHANGED=true | |
| lint: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| # Checkout must be onto the original commit, not a single PR | |
| # Otherwise lint will not see full history and diagnose secrets leakage | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Lint | |
| run: make lint | |
| scripts: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Generate roles graph | |
| run: make graph | |
| - name: Check update works | |
| run: make update | |
| - name: Show diff | |
| run: git diff | |
| name: dotfiles workflow | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| push: | |
| branches: | |
| - main |