-
Notifications
You must be signed in to change notification settings - Fork 7
test: add Podman integration tests for OCI runtime compatibility #1143
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from 5 commits
Commits
Show all changes
31 commits
Select commit
Hold shift + click to select a range
0c2015a
Initial plan
Copilot 9a89c91
Add Podman integration tests for OCI runtime compatibility
Copilot 269bf0d
Pass environment variables to Podman container
Copilot 8a54623
Add comment clarifying Ubuntu runner requirement for Podman
Copilot aa27255
Fix code injection vulnerabilities in Podman workflow
Copilot 5891521
Merge branch 'main' into copilot/test-compatibility-with-podman
rjaegers 2f5b5c1
Fix DNS resolution issue in Podman tests by using host network
Copilot 9abfa4a
chore(deps, rust): update github.vscode-pull-request-github in devcon…
philips-software-forest-releaser[bot] 7857c0b
chore(deps): bump conan from 2.25.1 to 2.25.2 in /.devcontainer (#1149)
dependabot[bot] aa1f4fe
ci(deps): bump the github-actions group with 4 updates (#1151)
dependabot[bot] 965666b
test(deps): bump the npm group with 4 updates (#1150)
dependabot[bot] 218e65d
chore(deps, base): update g++-14 (#1156)
philips-software-forest-releaser[bot] ec93132
chore(deps, cpp): update ms-vscode.cpptools in devcontainer-metadata.…
philips-software-forest-releaser[bot] 31ea3e8
chore(deps, rust): update rust-lang.rust-analyzer in devcontainer-met…
philips-software-forest-releaser[bot] 138b2e5
chore(deps, cpp): update alexkrechik.cucumberautocomplete, ms-vscode.…
philips-software-forest-releaser[bot] e441bff
chore(deps, rust): update rust-lang.rust-analyzer in devcontainer.jso…
philips-software-forest-releaser[bot] 1f05c32
Initial plan
Copilot d34bb7b
Merge branch 'main' into copilot/test-compatibility-with-podman
rjaegers 3d287dd
Merge branch 'main' into copilot/test-compatibility-with-podman
rjaegers 06d1031
ci: minor updates
rjaegers 75ac14c
Merge branch 'main' into copilot/test-compatibility-with-podman
rjaegers 1a7b277
Merge branch 'main' into copilot/test-compatibility-with-podman
rjaegers 0942a2f
ci: process review comments
rjaegers a021052
Merge branch 'main' into copilot/test-compatibility-with-podman
rjaegers 4508d51
ci: make podman tests optional
rjaegers 2f143c5
ci: reduce duplication
rjaegers 5ab54a1
ci: fix workflow needs
rjaegers 6488602
ci: remove concurrency from workflow_call workflow
rjaegers 6c0f10f
ci: pass secrets to workflow
rjaegers ca9025c
ci: correct syntax for passing secrets
rjaegers aae1dd9
Merge branch 'main' into copilot/test-compatibility-with-podman
rjaegers File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,94 @@ | ||
| --- | ||
| name: Integration Test (Podman) | ||
|
|
||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| build-test-runner-labels: | ||
| required: true | ||
| type: string | ||
| fully-qualified-image-name: | ||
| required: true | ||
| type: string | ||
| image-basename: | ||
| required: true | ||
| type: string | ||
| image-digest: | ||
| required: true | ||
| type: string | ||
| registry: | ||
| required: true | ||
| type: string | ||
| test-file: | ||
| required: true | ||
| type: string | ||
| secrets: | ||
| DOCKER_REGISTRY_PASSWORD: | ||
| required: true | ||
| DOCKER_REGISTRY_USERNAME: | ||
| required: true | ||
|
|
||
| permissions: {} | ||
|
|
||
| jobs: | ||
| run-test: | ||
| name: Integration Test Podman (${{ (startsWith(matrix.runner, '[') && endsWith(matrix.runner, ']')) && join(matrix.runner, ', ') || matrix.runner }}) | ||
| strategy: | ||
| matrix: | ||
| runner: ${{ fromJson(inputs.build-test-runner-labels) }} | ||
| runs-on: ${{ matrix.runner }} | ||
| permissions: | ||
| contents: read | ||
| steps: | ||
| - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 | ||
|
|
||
| with: | ||
| disable-sudo: false | ||
| egress-policy: audit | ||
| - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | ||
| with: | ||
| persist-credentials: false | ||
| - name: Install Podman | ||
| run: | | ||
| # Install Podman on Ubuntu (Ubuntu 20.10+ has Podman in default repositories) | ||
| # This workflow is designed for Ubuntu runners (ubuntu-latest, ubuntu-24.04-arm) | ||
| sudo apt-get update | ||
| sudo apt-get install -y podman | ||
| podman --version | ||
| - name: Login to container registry | ||
| run: | | ||
| echo "${REGISTRY_PASSWORD}" | \ | ||
| podman login "${REGISTRY}" \ | ||
| --username "${REGISTRY_USERNAME}" \ | ||
| --password-stdin | ||
| env: | ||
| REGISTRY: ${{ inputs.registry }} | ||
|
rjaegers marked this conversation as resolved.
Outdated
|
||
| REGISTRY_USERNAME: ${{ secrets.DOCKER_REGISTRY_USERNAME || github.actor }} | ||
| REGISTRY_PASSWORD: ${{ secrets.DOCKER_REGISTRY_PASSWORD || github.token }} | ||
| - name: Pull container image | ||
| run: | | ||
| podman pull "${IMAGE_WITH_DIGEST}" | ||
| env: | ||
| IMAGE_WITH_DIGEST: ${{ inputs.fully-qualified-image-name }}@${{ inputs.image-digest }} | ||
| - run: echo "arch=$(echo "${RUNNER_ARCH}" | tr '[:upper:]' '[:lower:]')" >> "$GITHUB_OUTPUT" | ||
| id: runner-arch | ||
| - name: Run integration tests using Podman | ||
| run: | | ||
| podman run --rm \ | ||
| -v "${WORKSPACE}:${WORKSPACE}" \ | ||
| -w "${WORKSPACE}" \ | ||
| -e IMAGE_BASENAME="${IMAGE_BASENAME}" \ | ||
| -e TEST_FILE="${TEST_FILE}" \ | ||
| -e RUNNER_ARCH="${RUNNER_ARCH}" \ | ||
| "${IMAGE_WITH_DIGEST}" \ | ||
| bats --formatter junit "${TEST_FILE}" | tee "test-report-${IMAGE_BASENAME}-podman-${RUNNER_ARCH}.xml" | ||
| env: | ||
| IMAGE_BASENAME: ${{ inputs.image-basename }} | ||
|
rjaegers marked this conversation as resolved.
|
||
| IMAGE_WITH_DIGEST: ${{ inputs.fully-qualified-image-name }}@${{ inputs.image-digest }} | ||
| RUNNER_ARCH: ${{ steps.runner-arch.outputs.arch }} | ||
| TEST_FILE: ${{ inputs.test-file }} | ||
| WORKSPACE: ${{ github.workspace }} | ||
| - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 | ||
| if: ${{ !cancelled() }} | ||
| with: | ||
| name: test-results-integration-podman-${{ inputs.image-basename }}-${{ steps.runner-arch.outputs.arch }} | ||
| path: test-report-*.xml | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.