v2.2.0 Features & Fixes #552
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
workflow_dispatch: | |
pull_request: | |
branches: | |
- "master" | |
# Ensure only one build job runs at a time | |
concurrency: build | |
# Commit SHAs may differ when trigger via pull request vs workflow_dispatch, ensure the correct commit is referenced. | |
env: | |
COMMIT_ID: "${{ github.event.pull_request.head.sha || github.sha }}" | |
BUILD_VERSION: "0.0_0-dev-${{ github.event.pull_request.head.sha || github.sha }}" | |
jobs: | |
build_pkg: | |
runs-on: self-hosted | |
strategy: | |
matrix: | |
include: | |
- FREEBSD_VERSION: FreeBSD-14.0-CURRENT | |
FREEBSD_ID: freebsd14 | |
- FREEBSD_VERSION: FreeBSD-15.0-CURRENT | |
FREEBSD_ID: freebsd15 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup FreeBSD build VM | |
run: | | |
/usr/local/bin/VBoxManage controlvm ${{ matrix.FREEBSD_VERSION }} poweroff || true | |
/usr/local/bin/VBoxManage snapshot ${{ matrix.FREEBSD_VERSION }} restore initial | |
/usr/local/bin/VBoxManage startvm ${{ matrix.FREEBSD_VERSION }} --type headless | |
sleep 5 | |
- name: Build pfSense-pkg-RESTAPI on FreeBSD | |
run: | | |
/usr/bin/ssh -o StrictHostKeyChecking=no -o LogLevel=quiet ${{ matrix.FREEBSD_VERSION }}.jaredhendrickson.com 'sudo pkill ntpd || true && sudo ntpdate pool.ntp.org || true' | |
/usr/local/bin/python3 tools/make_package.py --host ${{ matrix.FREEBSD_VERSION }}.jaredhendrickson.com --branch ${{ env.COMMIT_ID }} --tag ${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }} | |
- name: Teardown FreeBSD build VM | |
if: "${{ always() }}" | |
run: | | |
/usr/local/bin/VBoxManage controlvm ${{ matrix.FREEBSD_VERSION }} poweroff || true | |
/usr/local/bin/VBoxManage snapshot ${{matrix.FREEBSD_VERSION}} restore initial | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg | |
path: pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg | |
build_openapi: | |
runs-on: self-hosted | |
needs: [build_pkg] | |
strategy: | |
matrix: | |
include: | |
- PFSENSE_VERSION: pfSense-2.7.2-RELEASE | |
FREEBSD_ID: freebsd14 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v4 | |
with: | |
name: pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg | |
path: pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg | |
- name: Setup pfSense VM | |
run: | | |
/usr/local/bin/VBoxManage controlvm ${{ matrix.PFSENSE_VERSION }} poweroff || true | |
/usr/local/bin/VBoxManage snapshot ${{ matrix.PFSENSE_VERSION }} restore initial | |
/usr/local/bin/VBoxManage startvm ${{ matrix.PFSENSE_VERSION }} --type headless | |
sleep 5 | |
# This is only necessary until GitHub Actions allows an easier way to get a URL to download the artifact within pfSense | |
- name: Copy pfSense-pkg-RESTAPI build to pfSense | |
run: | | |
pfsense-vshell --host ${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com -u admin -p pfsense -c 'pfSsh.php playback enablesshd' -k | |
pfsense-vshell --host ${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com -u admin -p pfsense -c "mkdir /root/.ssh/ && echo $(cat ~/.ssh/id_rsa.pub) > /root/.ssh/authorized_keys" -k | |
scp -o StrictHostKeyChecking=no pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg/pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg admin@${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com:/tmp/ | |
- name: Install pfSense-pkg-RESTAPI on pfSense | |
run: | | |
ssh -o StrictHostKeyChecking=no -o LogLevel=quiet admin@${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com "pkg -C /dev/null add /tmp/pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg" | |
sleep 5 | |
- name: Fetch OpenAPI schema from pfSense | |
run: curl -s -k -u admin:pfsense -X GET https://${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com/api/v2/schema/openapi > openapi-${{ matrix.PFSENSE_VERSION }}.json | |
- name: Teardown pfSense VM | |
if: "${{ always() }}" | |
run: | | |
/usr/local/bin/VBoxManage controlvm ${{ matrix.PFSENSE_VERSION }} poweroff || true | |
/usr/local/bin/VBoxManage snapshot ${{ matrix.PFSENSE_VERSION }} restore initial | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: openapi-${{ matrix.PFSENSE_VERSION }}.json | |
path: openapi-${{ matrix.PFSENSE_VERSION }}.json | |
check_openapi: | |
runs-on: ubuntu-latest | |
needs: [build_openapi] | |
strategy: | |
matrix: | |
include: | |
- PFSENSE_VERSION: pfSense-2.7.2-RELEASE | |
FREEBSD_ID: freebsd14 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v4 | |
with: | |
name: openapi-${{ matrix.PFSENSE_VERSION }}.json | |
path: openapi-${{ matrix.PFSENSE_VERSION }}.json | |
- name: Install Node.js | |
uses: actions/setup-node@v4 | |
with: | |
node-version: "20" | |
- name: Install npm dependencies | |
run: npm i | |
- name: Validate OpenAPI schema | |
run: ./node_modules/.bin/spectral lint openapi-${{ matrix.PFSENSE_VERSION }}.json/openapi-${{ matrix.PFSENSE_VERSION }}.json --fail-severity warn | |
check_tests: | |
runs-on: self-hosted | |
needs: [build_openapi] | |
strategy: | |
matrix: | |
include: | |
- PFSENSE_VERSION: pfSense-2.7.2-RELEASE | |
FREEBSD_ID: freebsd14 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v4 | |
with: | |
name: pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg | |
path: pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg | |
- name: Setup pfSense VM | |
run: | | |
/usr/local/bin/VBoxManage controlvm ${{ matrix.PFSENSE_VERSION }} poweroff || true | |
/usr/local/bin/VBoxManage snapshot ${{ matrix.PFSENSE_VERSION }} restore initial | |
/usr/local/bin/VBoxManage startvm ${{ matrix.PFSENSE_VERSION }} --type headless | |
sleep 5 | |
# This is only necessary until GitHub Actions allows an easier way to get a URL to download the artifact within pfSense | |
- name: Copy pfSense-pkg-RESTAPI build to pfSense | |
run: | | |
pfsense-vshell --host ${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com -u admin -p pfsense -c 'pfSsh.php playback enablesshd' -k | |
pfsense-vshell --host ${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com -u admin -p pfsense -c "mkdir /root/.ssh/ && echo $(cat ~/.ssh/id_rsa.pub) > /root/.ssh/authorized_keys" -k | |
scp -o StrictHostKeyChecking=no pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg/pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg admin@${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com:/tmp/ | |
- name: Install pfSense-pkg-RESTAPI on pfSense | |
run: | | |
ssh -o StrictHostKeyChecking=no -o LogLevel=quiet admin@${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com "pkg -C /dev/null add /tmp/pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg" | |
sleep 5 | |
- name: Run pfSense-pkg-RESTAPI tests | |
run: | | |
ssh -o StrictHostKeyChecking=no -o LogLevel=quiet admin@${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com 'pfsense-restapi runtests' | |
- name: Teardown pfSense VM | |
if: "${{ always() }}" | |
run: | | |
/usr/local/bin/VBoxManage controlvm ${{ matrix.PFSENSE_VERSION }} poweroff || true | |
/usr/local/bin/VBoxManage snapshot ${{ matrix.PFSENSE_VERSION }} restore initial |