-
Notifications
You must be signed in to change notification settings - Fork 0
124 lines (124 loc) · 4.79 KB
/
test_kube.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
on: push
jobs:
test-commit:
name: Test commit
runs-on: ubuntu-24.04
steps:
# setup
- name: Install deps
run: |-
set -euo pipefail
sudo apt-get update -qy
sudo apt-get install -y podman>=4.4
- name: Checkout repo
uses: actions/checkout@v4
- name: Podman socket
run: systemctl --user start podman.socket
- name: Patch pods for testing
run: |-
set -euxo pipefail
sed -i \
-e '/^[[:blank:]]*env:/ {' \
-e 'a\ - { name: NEXTCLOUD_ADMIN_USER, value: admin }' \
-e 'a\ - { name: NEXTCLOUD_ADMIN_PASSWORD, value: admin }' \
-e '}' \
kube/nextcloud.yaml
sed -i \
-e "s|/run/user/1000/|${XDG_RUNTIME_DIR:-/run/user/1000}/|" \
kube/*.yaml
# startup
- name: Create pods
run: |-
set -euo pipefail
find init/ -name 'secrets.*.yaml' -print -exec podman kube play {} \;
find kube/ -name '*.yaml' -print -exec podman kube play --quiet --start=false {} \;
- name: Start databases
run: |-
set -euo pipefail
podman pod start mariadb
podman wait --condition healthy mariadb-app
- name: Start pods
run: podman pod start -a
- name: Wait for healthy state
run: |-
set -euo pipefail
yq -ot '. as $parent | (
.spec.containers[] | select(.livenessProbe) | $parent.metadata.name + "-" + .name,
.spec.template.spec.containers[] | select(.livenessProbe) | $parent.metadata.name + "-pod-" + .name
)' kube/*.yaml |
xargs -t podman wait --condition healthy
timeout-minutes: 2
# testing
- name: Test Claper
run: |-
set -euxo pipefail
DOMAIN=$(podman secret inspect caddy --showsecret --format "{{.SecretData}}" | yq -ot .data.CLAPER_DOMAIN | base64 -d | sed 's/ *,.*//')
curl -ikLsS \
--connect-to "$DOMAIN:80:127.0.0.1:8080" \
--connect-to "$DOMAIN:443:127.0.0.1:8443" \
"http://$DOMAIN/" |
tee /dev/stderr |
grep -q "^HTTP/[1-9\.]* 200"
- name: Test Dozzle
run: |-
set -euxo pipefail
DOMAIN=$(podman secret inspect caddy --showsecret --format "{{.SecretData}}" | yq -ot .data.NEXTCLOUD_DOMAIN | base64 -d | sed 's/ *,.*//')
USER_=$(podman secret inspect caddy --showsecret --format "{{.SecretData}}" | yq -ot .data.DOZZLE_USER | base64 -d)
curl -ikLsS --location-trusted --user "$USER_:$USER_" \
--connect-to "$DOMAIN:80:127.0.0.1:8080" \
--connect-to "$DOMAIN:443:127.0.0.1:8443" \
"http://$DOMAIN/dozzle/" |
tee /dev/stderr |
grep -q "^HTTP/[1-9\.]* 200"
- name: Test Nextcloud
run: |-
set -euxo pipefail
podman secret inspect caddy --showsecret --format "{{.SecretData}}" |
yq -ot .data.NEXTCLOUD_DOMAIN |
base64 -d |
tr -d ' ' |
tr ',' '\n' |
while read -r DOMAIN; do
curl -ikLsS \
--connect-to "$DOMAIN:80:127.0.0.1:8080" \
--connect-to "$DOMAIN:443:127.0.0.1:8443" \
"http://$DOMAIN/status.php" |
tee /dev/stderr |
grep -q '"installed":true'
done
- name: Test Redirection
run: |-
set -euxo pipefail
DOMAIN=$(podman secret inspect caddy --showsecret --format "{{.SecretData}}" | yq -ot .data.REDIR_DOMAIN | base64 -d)
TARGET=$(podman secret inspect caddy --showsecret --format "{{.SecretData}}" | yq -ot .data.REDIR_TARGET | base64 -d)
{
curl -ikLsS --max-redirs 1 \
--connect-to "$DOMAIN:80:127.0.0.1:8080" \
--connect-to "$DOMAIN:443:127.0.0.1:8443" \
"http://$DOMAIN/test.php" || [ $? = 47 ]
} |
tee /dev/stderr |
grep -iq "location: $TARGET"
- name: Test Wordpress
run: |-
set -euxo pipefail
DOMAIN=$(podman secret inspect caddy --showsecret --format "{{.SecretData}}" | yq -ot .data.WORDPRESS1_DOMAIN | base64 -d)
curl -ikLsS \
--connect-to "$DOMAIN:80:127.0.0.1:8080" \
--connect-to "$DOMAIN:443:127.0.0.1:8443" \
"http://$DOMAIN/wp-admin/install.php" |
tee /dev/stderr |
grep -q "^HTTP/[1-9\.]* 200"
# debug info
- name: State pods
if: ${{ always() }}
run: podman pod ls
- name: State containers
if: ${{ always() }}
run: podman ps -a
- name: Container logs
if: ${{ always() }}
run: |-
set -euo pipefail
podman ps -aq |
xargs -tn1 podman logs -n