Skip to content

Build

Build #220

Workflow file for this run

name: Build
on:
push:
branches:
- main
pull_request:
branches:
- main
workflow_dispatch:
schedule:
- cron: 0 0 * * 1
jobs:
test:
name: Build and Test
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
go:
- '1.22'
- '1.23'
env:
SSH_HOST: ssh.example.com
SSH_PORT: 8022
SSH_REALM: EXAMPLE.COM
SSH_USERNAME: test
SSH_PASSWORD: password
SSH_KEYTAB: ${{ github.workspace }}/testdata/test.keytab
KRB5_CONFIG: ${{ github.workspace }}/testdata/krb5.conf
KRB5_KTNAME: ${{ github.workspace }}/testdata/ssh.keytab
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go }}
- name: Install Kerberos client
run: |
sudo apt-get update
sudo DEBIAN_FRONTEND=noninteractive apt-get install -yq libkrb5-dev krb5-user
- name: golangci-lint (gokrb5)
uses: golangci/golangci-lint-action@v6
if: github.event_name == 'pull_request'
with:
only-new-issues: true
- name: golangci-lint (apcera)
uses: golangci/golangci-lint-action@v6
if: github.event_name == 'pull_request'
with:
only-new-issues: true
args: --build-tags apcera
- name: golangci-lint (SSPI)
uses: golangci/golangci-lint-action@v6
if: github.event_name == 'pull_request'
with:
only-new-issues: true
env:
GOOS: windows
- name: Podman version
id: podman
shell: bash
run: |
echo "version=$(podman version | grep '^Version:' | tr -s ' ' | cut -d ' ' -f 2)" >>"${GITHUB_OUTPUT}"
- name: Downgrade Docker
if: steps.podman.outputs.version == '3.4.4'
shell: bash
run: |
apt-cache madison docker.io
sudo apt-get remove containerd.io
sudo apt-get install docker.io=24.0.7-0ubuntu2~22.04.1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build KDC image
uses: docker/build-push-action@v6
with:
context: "{{defaultContext}}:testdata"
load: true
tags: kdc
target: kdc
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Build SSH image
uses: docker/build-push-action@v6
with:
context: "{{defaultContext}}:testdata"
load: true
tags: ssh
target: ssh
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Extract keytab
uses: docker/build-push-action@v6
with:
context: "{{defaultContext}}:testdata"
outputs: type=local,dest=testdata
target: keytab
- name: Pull containers into Podman
run: |
podman pull docker-daemon:kdc:latest
podman pull docker-daemon:ssh:latest
- name: Create infrastructure
run: |
podman run -d \
-v /etc/localtime:/etc/localtime:ro \
-p 127.0.0.1:8088:8088 \
-p 127.0.0.1:8088:8088/udp \
-p 127.0.0.1:8464:8464 \
-p 127.0.0.1:8464:8464/udp \
--name kdc kdc
podman run -d \
-v /etc/localtime:/etc/localtime:ro \
-p 127.0.0.1:${SSH_PORT}:${SSH_PORT} \
--name ssh --hostname $SSH_HOST ssh
# SSH container might still be running ssh-keygen before sshd is running
timeout 10 sh -c 'until nc -z $0 $1; do sleep 1; done' 127.0.0.1 $SSH_PORT
echo 127.0.0.1 $SSH_HOST | sudo tee -a /etc/hosts
echo $SSH_PASSWORD | KRB5_TRACE=/dev/stdout kinit ${SSH_USERNAME}@${SSH_REALM}
- name: Test (gokrb5)
run: go test -v -coverprofile=gokrb5.out ./...
- name: Test (apcera)
run: go test -v -coverprofile=apcera.out -tags apcera ./...
- name: Build (SSPI)
run: go build ./...
env:
GOARCH: amd64
GOOS: windows
- name: Install coverage tools
run: |
go install github.com/wadey/gocovmerge@latest
go install github.com/mattn/goveralls@latest
- name: Merge coverage reports
run: gocovmerge gokrb5.out apcera.out >cover.out
- name: Send coverage
run: goveralls -coverprofile=cover.out -service=github
env:
COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }}