store/keychain(ci): linux default keychain collection

Signed-off-by: Alano Terblanche <18033717+Benehiko@users.noreply.github.com>

Author: Benehiko

.github/workflows/keychain.yml

@@ -9,15 +9,35 @@ on:
     paths:
       - 'store/**'
 jobs:
-  tests:
-    name: KeychainTests
+  linux-keychain:
+    name: LinuxKeychainTests
+    runs-on: ubuntu-24.04
+    strategy:
+      fail-fast: false
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Hub login
+        uses: docker/login-action@v3
+        with:
+          username: ${{ vars.DOCKERBUILDBOT_USERNAME }}
+          password: ${{ secrets.DOCKERBUILDBOT_WRITE_PAT }}
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          driver: cloud
+          endpoint: "docker/secrets-engine"
+          install: true
+      - name: Test
+        run: make keychain-linux-unit-tests
+  tests-other:
+    name: OtherKeychainTests
     runs-on: ${{ matrix.os }}
     strategy:
       fail-fast: false
       matrix:
         os:
-          - ubuntu-24.04
-          - ubuntu-22.04
           - macOS-15
           - macOS-14
           - macOS-13
@@ -30,10 +50,5 @@ jobs:
         uses: actions/setup-go@v5
         with:
           go-version-file: ./store/go.mod
-      - name: Install deps (ubuntu)
-        if: startsWith(matrix.os, 'ubuntu-')
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y dbus-x11 gnome-keyring
       - name: Test keychain
         run: make keychain-unit-tests

Makefile

@@ -28,7 +28,8 @@ DOCKER_BUILD_ARGS := --build-arg GO_VERSION \
           			--build-arg GOLANGCI_LINT_VERSION \
           			--build-arg NRI_PLUGIN_BINARY \
           			--build-arg BUF_VERSION \
-          			--build-arg GIT_TAG
+          			--build-arg GIT_TAG \
+					--build-arg MAIN_MODULE_PATH
 
 GO_TEST := go test
 ifneq ($(shell sh -c "which gotestsum 2> /dev/null"),)
@@ -54,8 +55,11 @@ clean: ## remove built binaries and packages
 unit-tests:
 	CGO_ENABLED=0 go test -v -tags="gen" $$(go list ./... | grep -v /store/)
 
+keychain-linux-unit-tests:
+	@docker buildx build $(DOCKER_BUILD_ARGS) --target=fedora43-gnome-keyring --file store/Dockerfile .
+
 keychain-unit-tests:
-	$(MAKE) -C store/ unit-tests
+	CGO_ENABLED=1 go test -v $$(go list ./store/keychain/...)
 
 nri-plugin:
 	CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -trimpath -ldflags "-s -w ${GO_LDFLAGS}" -o ./dist/$(NRI_PLUGIN_BINARY)$(EXTENSION) ./cmd/nri-plugin

store/Dockerfile

@@ -0,0 +1,31 @@
+ARG GO_VERSION=latest
+
+FROM --platform=${BUILDPLATFORM} golang:${GO_VERSION}-alpine AS go-base
+
+FROM --platform=${BUILDPLATFORM} fedora:42 AS fedora42
+RUN dnf install -y dbus gnome-keyring
+COPY --from=go-base /usr/local/go /usr/local/go
+ENV PATH="/usr/local/go/bin:${PATH}"
+RUN useradd -ms /bin/bash user
+USER user
+WORKDIR /app
+RUN --mount=type=bind,target=.
+
+FROM --platform=${BUILDPLATFORM} fedora:43 AS fedora43
+RUN dnf install -y dbus gnome-keyring
+COPY --from=go-base /usr/local/go /usr/local/go
+ENV PATH="/usr/local/go/bin:${PATH}"
+RUN useradd -ms /bin/bash user
+USER user
+WORKDIR /app
+RUN --mount=type=bind,target=.
+
+FROM fedora43 AS fedora43-gnome-keyring
+ENV CGO_ENABLED=0
+USER user
+WORKDIR /app
+RUN --mount=type=bind,target=. \
+    --mount=type=cache,target=/go/pkg/mod \
+    --mount=type=cache,target=/root/.cache/go-build \
+    /app/store/scripts/keychain \
+    go test -v ./store/keychain/...

store/Makefile

@@ -0,0 +1,18 @@
+#!/bin/sh
+
+set -euxo pipefail
+mkdir -p ~/.local/share/keyrings
+touch ~/.local/share/keyrings/login.keyring
+
+# Start D-Bus session (dbus must be installed)
+export DBUS_SESSION_BUS_ADDRESS=$(dbus-daemon --session --print-address --fork)
+
+# create fake passwordless 'login' keyring
+echo '[keyring]
+display-name=login
+ctime=1750965549
+mtime=0
+lock-on-idle=false
+lock-after=false' >> ~/.local/share/keyrings/login.keyring
+
+gnome-keyring-daemon --start --components=secrets