Build #220
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
workflow_dispatch: | |
schedule: | |
- cron: 0 0 * * 1 | |
jobs: | |
test: | |
name: Build and Test | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
go: | |
- '1.22' | |
- '1.23' | |
env: | |
SSH_HOST: ssh.example.com | |
SSH_PORT: 8022 | |
SSH_REALM: EXAMPLE.COM | |
SSH_USERNAME: test | |
SSH_PASSWORD: password | |
SSH_KEYTAB: ${{ github.workspace }}/testdata/test.keytab | |
KRB5_CONFIG: ${{ github.workspace }}/testdata/krb5.conf | |
KRB5_KTNAME: ${{ github.workspace }}/testdata/ssh.keytab | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ matrix.go }} | |
- name: Install Kerberos client | |
run: | | |
sudo apt-get update | |
sudo DEBIAN_FRONTEND=noninteractive apt-get install -yq libkrb5-dev krb5-user | |
- name: golangci-lint (gokrb5) | |
uses: golangci/golangci-lint-action@v6 | |
if: github.event_name == 'pull_request' | |
with: | |
only-new-issues: true | |
- name: golangci-lint (apcera) | |
uses: golangci/golangci-lint-action@v6 | |
if: github.event_name == 'pull_request' | |
with: | |
only-new-issues: true | |
args: --build-tags apcera | |
- name: golangci-lint (SSPI) | |
uses: golangci/golangci-lint-action@v6 | |
if: github.event_name == 'pull_request' | |
with: | |
only-new-issues: true | |
env: | |
GOOS: windows | |
- name: Podman version | |
id: podman | |
shell: bash | |
run: | | |
echo "version=$(podman version | grep '^Version:' | tr -s ' ' | cut -d ' ' -f 2)" >>"${GITHUB_OUTPUT}" | |
- name: Downgrade Docker | |
if: steps.podman.outputs.version == '3.4.4' | |
shell: bash | |
run: | | |
apt-cache madison docker.io | |
sudo apt-get remove containerd.io | |
sudo apt-get install docker.io=24.0.7-0ubuntu2~22.04.1 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Build KDC image | |
uses: docker/build-push-action@v6 | |
with: | |
context: "{{defaultContext}}:testdata" | |
load: true | |
tags: kdc | |
target: kdc | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
- name: Build SSH image | |
uses: docker/build-push-action@v6 | |
with: | |
context: "{{defaultContext}}:testdata" | |
load: true | |
tags: ssh | |
target: ssh | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
- name: Extract keytab | |
uses: docker/build-push-action@v6 | |
with: | |
context: "{{defaultContext}}:testdata" | |
outputs: type=local,dest=testdata | |
target: keytab | |
- name: Pull containers into Podman | |
run: | | |
podman pull docker-daemon:kdc:latest | |
podman pull docker-daemon:ssh:latest | |
- name: Create infrastructure | |
run: | | |
podman run -d \ | |
-v /etc/localtime:/etc/localtime:ro \ | |
-p 127.0.0.1:8088:8088 \ | |
-p 127.0.0.1:8088:8088/udp \ | |
-p 127.0.0.1:8464:8464 \ | |
-p 127.0.0.1:8464:8464/udp \ | |
--name kdc kdc | |
podman run -d \ | |
-v /etc/localtime:/etc/localtime:ro \ | |
-p 127.0.0.1:${SSH_PORT}:${SSH_PORT} \ | |
--name ssh --hostname $SSH_HOST ssh | |
# SSH container might still be running ssh-keygen before sshd is running | |
timeout 10 sh -c 'until nc -z $0 $1; do sleep 1; done' 127.0.0.1 $SSH_PORT | |
echo 127.0.0.1 $SSH_HOST | sudo tee -a /etc/hosts | |
echo $SSH_PASSWORD | KRB5_TRACE=/dev/stdout kinit ${SSH_USERNAME}@${SSH_REALM} | |
- name: Test (gokrb5) | |
run: go test -v -coverprofile=gokrb5.out ./... | |
- name: Test (apcera) | |
run: go test -v -coverprofile=apcera.out -tags apcera ./... | |
- name: Build (SSPI) | |
run: go build ./... | |
env: | |
GOARCH: amd64 | |
GOOS: windows | |
- name: Install coverage tools | |
run: | | |
go install github.com/wadey/gocovmerge@latest | |
go install github.com/mattn/goveralls@latest | |
- name: Merge coverage reports | |
run: gocovmerge gokrb5.out apcera.out >cover.out | |
- name: Send coverage | |
run: goveralls -coverprofile=cover.out -service=github | |
env: | |
COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }} |