Skip to content

Commit

Permalink
Merge branch 'main' into dependabot/cargo/warp-sessions-1.0.19
Browse files Browse the repository at this point in the history
  • Loading branch information
nullr0ute authored Oct 26, 2023
2 parents 2d450b5 + b83d784 commit f279a9d
Show file tree
Hide file tree
Showing 66 changed files with 2,916 additions and 1,225 deletions.
17 changes: 14 additions & 3 deletions .github/actions/build_containers/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -46,14 +46,14 @@ runs:
allimages=""
alltags=""
allimagetags=""
for container in admin-cli manufacturing-server rendezvous-server serviceinfo-api-server owner-onboarding-server aio
for container in admin-cli manufacturing-server rendezvous-server serviceinfo-api-server owner-onboarding-server aio client-linuxapp
do
allimages="$allimages $container"
done
for tag in "$rawtags"
do
alltags="$alltags ${tag//imagename:/}"
for container in admin-cli manufacturing-server rendezvous-server serviceinfo-api-server owner-onboarding-server aio
for container in admin-cli manufacturing-server rendezvous-server serviceinfo-api-server owner-onboarding-server aio client-linuxapp
do
allimagetags="$allimagetags ${tag//imagename/"$container"}"
done
Expand Down Expand Up @@ -134,10 +134,21 @@ runs:
build-args: |
BUILDID=${{ steps.buildid.outputs.buildid }}
- name: Create client-linuxapp container
uses: redhat-actions/buildah-build@v2
with:
containerfiles: contrib/containers/client-linuxapp
tags: |
${{ format(steps.container-metadata.outputs.tags, 'client-linuxapp') }}
client-linuxapp:${{ steps.buildid.outputs.buildid }}
labels: ${{ steps.container-metadata.outputs.labels }}
build-args: |
BUILDID=${{ steps.buildid.outputs.buildid }}
- name: Test containers
shell: bash
run: |
for container in admin-cli manufacturing-server rendezvous-server serviceinfo-api-server owner-onboarding-server aio
for container in admin-cli manufacturing-server rendezvous-server serviceinfo-api-server owner-onboarding-server aio client-linuxapp
do
podman run --rm $container:${{ steps.buildid.outputs.buildid }} --version
done
9 changes: 9 additions & 0 deletions .github/workflows/cd.yml
Original file line number Diff line number Diff line change
Expand Up @@ -77,3 +77,12 @@ jobs:
tags: ${{ steps.build.outputs.tags }}
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_ROBOT_TOKEN }}

- name: Push client-linuxapp to quay.io
uses: redhat-actions/push-to-registry@v2
with:
registry: "quay.io/${{ env.quay_org }}"
image: client-linuxapp
tags: ${{ steps.build.outputs.tags }}
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_ROBOT_TOKEN }}
6 changes: 3 additions & 3 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -107,12 +107,12 @@ jobs:
with:
toolchain: stable
- name: Build
run: cargo build
run: cargo build --workspace
- name: Run tests
env:
FDO_PRIVILEGED: true
PER_DEVICE_SERVICEINFO: false
run: cargo test
run: cargo test --workspace
- name: Check aio
run: |
mkdir aio-dir/
Expand Down Expand Up @@ -167,4 +167,4 @@ jobs:
- name: Build devcontainer
run: devcontainer build --image-name devcontainer-fdo-rs .
- name: Test building in devcontainer
run: docker run --rm -v `pwd`:/code:z --workdir /code --user root devcontainer-fdo-rs cargo build --verbose
run: docker run --rm -v `pwd`:/code:z --workdir /code --user root devcontainer-fdo-rs cargo build --workspace --verbose
160 changes: 160 additions & 0 deletions .github/workflows/integration.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,160 @@
---
name: FDO container test

on:
issue_comment:
types:
- created

jobs:
pr-info:
if: ${{ github.event.issue.pull_request &&
(startsWith(github.event.comment.body, '/test-all') ||
startsWith(github.event.comment.body, '/test-container')) }}
runs-on: ubuntu-latest
steps:
- name: Query author repository permissions
uses: octokit/[email protected]
id: user_permission
with:
route: GET /repos/${{ github.repository }}/collaborators/${{ github.event.sender.login }}/permission
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

# restrict running of tests to users with admin or write permission for the repository
# see https://docs.github.com/en/free-pro-team@latest/rest/reference/repos#get-repository-permissions-for-a-user
- name: Check if user does have correct permissions
if: contains('admin write', fromJson(steps.user_permission.outputs.data).permission)
id: check_user_perm
run: |
echo "User '${{ github.event.sender.login }}' has permission '${{ fromJson(steps.user_permission.outputs.data).permission }}' allowed values: 'admin', 'write'"
echo "allowed_user=true" >> $GITHUB_OUTPUT
- name: Get information for pull request
uses: octokit/[email protected]
id: pr-api
with:
route: GET /repos/${{ github.repository }}/pulls/${{ github.event.issue.number }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

outputs:
allowed_user: ${{ steps.check_user_perm.outputs.allowed_user }}
sha: ${{ fromJson(steps.pr-api.outputs.data).head.sha }}

pre-fido-container:
needs: pr-info
if: ${{ needs.pr-info.outputs.allowed_user == 'true' }} &&
(startsWith(github.event.comment.body, '/test-all') ||
startsWith(github.event.comment.body, '/test-container'))}}
runs-on: ubuntu-latest
env:
STATUS_NAME: fido-container-test

steps:
- name: Get Current Job Log URL
id: job-log-url
run: |
JOB_HTML_URL=$(curl --get -Ss -H "Authorization: token ${GITHUB_TOKEN}" -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/fedora-iot/fido-device-onboard-rs/actions/runs/${GITHUB_RUN_ID}/jobs?per_page=30" | jq -r --arg job_name "pre-fido-container" '.jobs | map(select(.name == "pre-fido-container")) | .[0].html_url')
echo "html_url=$JOB_HTML_URL" >> $GITHUB_OUTPUT
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Create in-progress status
uses: octokit/[email protected]
with:
route: 'POST /repos/${{ github.repository }}/statuses/${{ needs.pr-info.outputs.sha }}'
context: ${{ env.STATUS_NAME }}
state: pending
description: 'CentOS Stream 9 - Runner has been deploying...'
target_url: ${{ steps.job-log-url.outputs.html_url }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

fido-container:
needs: [pr-info, pre-fido-container]
if: ${{ needs.pr-info.outputs.allowed_user == 'true' }} &&
(startsWith(github.event.comment.body, '/test-all') ||
startsWith(github.event.comment.body, '/test-container'))}}
runs-on: [kite, x86_64, gcp, centos-stream-9, medium]
env:
STATUS_NAME: fido-container-test

steps:
- name: Get Current Job Log URL
id: job-log-url
run: |
sudo dnf install -y jq
JOB_HTML_URL=$(curl --get -Ss -H "Authorization: token ${GITHUB_TOKEN}" -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/fedora-iot/fido-device-onboard-rs/actions/runs/${GITHUB_RUN_ID}/jobs?per_page=30" | jq -r --arg job_name "fido-container" '.jobs | map(select(.name == "fido-container")) | .[0].html_url')
echo "html_url=$JOB_HTML_URL" >> $GITHUB_OUTPUT
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Create in-progress status
uses: octokit/[email protected]
with:
route: 'POST /repos/${{ github.repository }}/statuses/${{ needs.pr-info.outputs.sha }}'
context: ${{ env.STATUS_NAME }}
state: pending
description: 'CentOS Stream 9 - Test has been running...'
target_url: ${{ steps.job-log-url.outputs.html_url }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Install required packages
run: sudo dnf install -y make gcc openssl openssl-devel findutils golang git tpm2-tss-devel swtpm swtpm-tools git clevis clevis-luks cryptsetup cryptsetup-devel clang-devel cracklib-dicts rust-toolset rpmdevtools python3-docutils createrepo_c podman buildah skopeo

- name: Clone repository
uses: actions/checkout@v3
with:
ref: ${{ needs.pr-info.outputs.sha }}
fetch-depth: 0

- name: Build fido containers
uses: ./.github/actions/build_containers

- name: Build fido PRM pakcages
run: make rpm

- name: Prepare
run: |
sudo mkdir -p /var/www/html/source
sudo cp ./rpmbuild/RPMS/x86_64/* /var/www/html/source/ 2>/dev/null || :
sudo createrepo_c /var/www/html/source
sudo ls -al /var/www/html/source
- name: Run fdo-container.sh test
run: ./fdo-container.sh
working-directory: test
timeout-minutes: 100

- name: Set non cancelled result status
if: ${{ !cancelled() }}
uses: octokit/[email protected]
with:
route: 'POST /repos/${{ github.repository }}/statuses/${{ needs.pr-info.outputs.sha }}'
context: ${{ env.STATUS_NAME }}
state: ${{ job.status }}
description: 'CentOS Stream 9 - Test got ${{ job.status }}'
target_url: ${{ steps.job-log-url.outputs.html_url }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Set cancelled result status
if: ${{ cancelled() }}
uses: octokit/[email protected]
with:
route: 'POST /repos/${{ github.repository }}/statuses/${{ needs.pr-info.outputs.sha }}'
context: ${{ env.STATUS_NAME }}
state: error
description: 'CentOS Stream 9 - Test got error'
target_url: ${{ steps.job-log-url.outputs.html_url }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- uses: actions/upload-artifact@v3
if: ${{ always() }}
with:
name: fido-container
path: |
*.json
*.log
20 changes: 14 additions & 6 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,11 @@ If you want to suggest any changes to the process, please feel free to open a Pu

There are a number of ways in which you can set up development environments for working on FDO (FIDO Device Onboarding).

##### On Fedora host system
#### On Fedora host system

Please note that the build requirement are valid for the **latest stable Fedora release**.
Previous Fedora releases *might* need a different set of dependencies than the ones outlined here.

In order to make a test build of this crate, when using Fedora, you can run:

``` bash
Expand All @@ -24,11 +28,14 @@ cargo build --release
After making changes, you can use `cargo test` to run the test suite, `cargo fmt` to ensure the code style is adhered to, and `cargo clippy` to check for some common lints against the code.


##### On non-Fedora host system
#### On non-Fedora host system

If your host operating system is other than Fedora, following two ways are suggested for devlopement setup.
1.VSCODE remote containers
2.Toolbox
###### 1. VSCODE remote container setup:

##### 1. VSCODE remote container setup:

Pre-requisites:
- Install VSCODE for your host operating system.
- Install ‘Remote-containers’ extension OR you can also install the ‘Remote Development’ extension which contains three extensions useful for remote container development.
Expand All @@ -46,13 +53,14 @@ cargo build
cargo test
```

###### 2. ToolBox
##### 2. ToolBox

ToolBox is an utility for containerized command line environments on Linux. So if you are working on RHEL and instead of creating another vm for fedora ‘ToolBox’ is a good option too. So by creating a container for fedora and then fdo can be built on it. Follow below commands to get build env up & running.

``` bash
sudo yum install toolbox
toolbox create --distro fedora --release f36
toolbox enter fedora-toolbox-36
toolbox create --distro fedora
toolbox enter fedora-toolbox-{VERSION}
```

You can find the name of the container using : 'toolbox list' command.
Expand Down
Loading

0 comments on commit f279a9d

Please sign in to comment.