180 lines
6.1 KiB
YAML
180 lines
6.1 KiB
YAML
---
|
|
# Copyright (c) Ansible Project
|
|
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
|
|
|
name: execution environment
|
|
on:
|
|
# Run CI against all pushes (direct commits, also merged PRs), Pull Requests
|
|
push:
|
|
branches:
|
|
- main
|
|
- stable-*
|
|
pull_request:
|
|
# Run CI once per day (at 04:45 UTC)
|
|
# This ensures that even if there haven't been commits that we are still testing against latest version of ansible-builder
|
|
schedule:
|
|
- cron: '45 4 * * *'
|
|
|
|
env:
|
|
NAMESPACE: community
|
|
COLLECTION_NAME: crypto
|
|
|
|
jobs:
|
|
build:
|
|
name: Build and test EE (${{ matrix.name }})
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
name:
|
|
- ''
|
|
ansible_core:
|
|
- ''
|
|
ansible_runner:
|
|
- ''
|
|
base_image:
|
|
- ''
|
|
pre_base:
|
|
- ''
|
|
extra_vars:
|
|
- ''
|
|
other_deps:
|
|
- ''
|
|
exclude:
|
|
- ansible_core: ''
|
|
include:
|
|
- name: ansible-core devel @ RHEL UBI 9
|
|
ansible_core: https://github.com/ansible/ansible/archive/devel.tar.gz
|
|
ansible_runner: ansible-runner
|
|
other_deps: |2
|
|
python_interpreter:
|
|
package_system: python3.11 python3.11-pip python3.11-wheel python3.11-cryptography
|
|
python_path: "/usr/bin/python3.11"
|
|
base_image: docker.io/redhat/ubi9:latest
|
|
pre_base: '"#"'
|
|
# For some reason ansible-builder will not install EPEL dependencies on RHEL
|
|
extra_vars: -e has_no_pyopenssl=true
|
|
- name: ansible-core 2.15 @ Rocky Linux 9
|
|
ansible_core: https://github.com/ansible/ansible/archive/stable-2.15.tar.gz
|
|
ansible_runner: ansible-runner
|
|
base_image: quay.io/rockylinux/rockylinux:9
|
|
pre_base: RUN dnf install -y epel-release
|
|
# For some reason ansible-builder will not install EPEL dependencies on Rocky Linux
|
|
extra_vars: -e has_no_pyopenssl=true
|
|
- name: ansible-core 2.14 @ CentOS Stream 9
|
|
ansible_core: https://github.com/ansible/ansible/archive/stable-2.14.tar.gz
|
|
ansible_runner: ansible-runner
|
|
base_image: quay.io/centos/centos:stream9
|
|
pre_base: RUN dnf install -y epel-release epel-next-release
|
|
# For some reason, PyOpenSSL is **broken** on CentOS Stream 9 / EPEL
|
|
extra_vars: -e has_no_pyopenssl=true
|
|
- name: ansible-core 2.13 @ RHEL UBI 8
|
|
ansible_core: https://github.com/ansible/ansible/archive/stable-2.13.tar.gz
|
|
ansible_runner: ansible-runner
|
|
other_deps: |2
|
|
python_interpreter:
|
|
package_system: python39 python39-pip python39-wheel python39-cryptography
|
|
base_image: docker.io/redhat/ubi8:latest
|
|
pre_base: '"#"'
|
|
# We don't have PyOpenSSL for Python 3.9
|
|
extra_vars: -e has_no_pyopenssl=true
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Check out code
|
|
uses: actions/checkout@v4
|
|
with:
|
|
path: ansible_collections/${{ env.NAMESPACE }}/${{ env.COLLECTION_NAME }}
|
|
|
|
- name: Set up Python
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: '3.11'
|
|
|
|
- name: Install ansible-builder and ansible-navigator
|
|
run: pip install ansible-builder ansible-navigator
|
|
|
|
- name: Verify requirements
|
|
run: ansible-builder introspect --sanitize .
|
|
|
|
- name: Make sure galaxy.yml has version entry
|
|
run: >-
|
|
python -c
|
|
'import yaml ;
|
|
f = open("galaxy.yml", "rb") ;
|
|
data = yaml.safe_load(f) ;
|
|
f.close() ;
|
|
data["version"] = data.get("version") or "0.0.1" ;
|
|
f = open("galaxy.yml", "wb") ;
|
|
f.write(yaml.dump(data).encode("utf-8")) ;
|
|
f.close() ;
|
|
'
|
|
working-directory: ansible_collections/${{ env.NAMESPACE }}/${{ env.COLLECTION_NAME }}
|
|
|
|
- name: Build collection
|
|
run: |
|
|
ansible-galaxy collection build --output-path ../../../
|
|
working-directory: ansible_collections/${{ env.NAMESPACE }}/${{ env.COLLECTION_NAME }}
|
|
|
|
- name: Create files for building execution environment
|
|
run: |
|
|
COLLECTION_FILENAME="$(ls "${{ env.NAMESPACE }}-${{ env.COLLECTION_NAME }}"-*.tar.gz)"
|
|
|
|
# EE config
|
|
cat > execution-environment.yml <<EOF
|
|
---
|
|
version: 3
|
|
dependencies:
|
|
ansible_core:
|
|
package_pip: ${{ matrix.ansible_core }}
|
|
ansible_runner:
|
|
package_pip: ${{ matrix.ansible_runner }}
|
|
galaxy: requirements.yml
|
|
${{ matrix.other_deps }}
|
|
|
|
images:
|
|
base_image:
|
|
name: ${{ matrix.base_image }}
|
|
|
|
additional_build_files:
|
|
- src: ${COLLECTION_FILENAME}
|
|
dest: src
|
|
|
|
additional_build_steps:
|
|
prepend_base:
|
|
- ${{ matrix.pre_base }}
|
|
EOF
|
|
echo "::group::execution-environment.yml"
|
|
cat execution-environment.yml
|
|
echo "::endgroup::"
|
|
|
|
# Requirements
|
|
cat > requirements.yml <<EOF
|
|
---
|
|
collections:
|
|
- name: src/${COLLECTION_FILENAME}
|
|
type: file
|
|
EOF
|
|
echo "::group::requirements.yml"
|
|
cat requirements.yml
|
|
echo "::endgroup::"
|
|
|
|
- name: Build image based on ${{ matrix.base_image }}
|
|
run: |
|
|
ansible-builder build --verbosity 3 --tag test-ee:latest --container-runtime podman
|
|
|
|
- name: Show images
|
|
run: podman image ls
|
|
|
|
- name: Run basic tests
|
|
run: >
|
|
ansible-navigator run
|
|
--mode stdout
|
|
--container-engine podman
|
|
--pull-policy never
|
|
--set-environment-variable ANSIBLE_PRIVATE_ROLE_VARS=true
|
|
--execution-environment-image test-ee:latest
|
|
-v
|
|
all.yml
|
|
${{ matrix.extra_vars }}
|
|
working-directory: ansible_collections/${{ env.NAMESPACE }}/${{ env.COLLECTION_NAME }}/tests/ee
|