-
Notifications
You must be signed in to change notification settings - Fork 29
156 lines (119 loc) · 3.92 KB
/
tests.yml
File metadata and controls
156 lines (119 loc) · 3.92 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
name: Tests
on:
push:
pull_request:
env:
CARGO_TERM_COLOR: always
RUST_BACKTRACE: 1
jobs:
test-macos:
name: macOS Integration Tests
runs-on: macos-15-xlarge
steps:
- uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
- name: Setup Rust cache
uses: Swatinem/rust-cache@v2
- name: Install nextest
uses: taiki-e/install-action@nextest
- name: Build
run: cargo build --verbose
- name: Run unit tests
run: cargo nextest run --profile ci --bins --verbose
- name: Run smoke tests
run: cargo nextest run --profile ci --test smoke_test --verbose
- name: Run macOS integration tests (with sudo)
run: |
# The tests require root privileges for PF rules on macOS
# GitHub Actions provides passwordless sudo on macOS runners
# Use -E to preserve environment and full path to cargo and nextest
sudo -E $(which cargo) nextest run --profile ci --test macos_integration --verbose
test-linux:
name: Linux Tests
runs-on: ubuntu-latest
strategy:
matrix:
rust: [stable]
steps:
- uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
with:
toolchain: ${{ matrix.rust }}
- name: Setup Rust cache
uses: Swatinem/rust-cache@v2
- name: Install nextest
uses: taiki-e/install-action@nextest
- name: Build
run: cargo build --verbose
- name: Run unit tests
run: cargo nextest run --profile ci --bins --verbose
- name: Run smoke tests
run: cargo nextest run --profile ci --test smoke_test --verbose
- name: Debug TLS environment
run: |
echo "=== Debugging TLS/Certificate Environment ==="
chmod +x scripts/debug_tls_env.sh
./scripts/debug_tls_env.sh
sudo ./scripts/debug_tls_env.sh
echo ""
echo "=== Testing Certificate Generation ==="
chmod +x scripts/debug_cert_generation.sh
./scripts/debug_cert_generation.sh || true
echo "=== End Debug ==="
- name: Run Linux jail integration tests (with sudo)
run: |
# Ensure ip netns support is available
sudo ip netns list || true
# Run the Linux-specific jail tests with root privileges
# Use full path to cargo and nextest since sudo doesn't preserve PATH
sudo -E $(which cargo) nextest run --profile ci --test linux_integration --verbose
test-weak:
name: Weak Mode Integration Tests (Linux)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
- name: Setup Rust cache
uses: Swatinem/rust-cache@v2
- name: Install nextest
uses: taiki-e/install-action@nextest
- name: Build
run: cargo build --verbose
- name: Run weak mode integration tests
run: cargo nextest run --profile ci --test weak_integration --verbose
clippy:
name: Clippy (${{ matrix.os }})
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
steps:
- uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
components: clippy
- name: Setup Rust cache
uses: Swatinem/rust-cache@v2
- name: Run clippy
run: cargo clippy --all-targets -- -D warnings
fmt:
name: Format
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
with:
toolchain: stable
components: rustfmt
- name: Check formatting
run: cargo fmt -- --check