0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2025-01-06 22:40:28 -05:00
zot/.github/workflows/ecosystem-tools.yaml
peusebiu c6b822f3dd
refactor(authz): use a struct for user access control info operations (#1682)
fix(authz): fix isAdmin not using groups to determine if a user is admin.
fix(authz): return 401 instead of 403

403 is correct as per HTTP spec
However authz is not part of dist-spec and clients know only about 401
So this is a compromise.

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-09-01 11:13:53 -07:00

139 lines
4.9 KiB
YAML

name: "Ecosystem client tools"
on:
push:
branches:
- main
pull_request:
branches: [main]
release:
types:
- published
permissions: read-all
jobs:
client-tools:
name: Check client tools
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: ./.github/actions/clean-runner
- uses: actions/setup-go@v4
with:
cache: false
go-version: 1.20.x
- uses: ./.github/actions/clean-runner
- name: Install dependencies
run: |
cd $GITHUB_WORKSPACE
go install github.com/swaggo/swag/cmd/swag@v1.8.12
go mod download
sudo apt-get update
sudo apt-get install libgpgme-dev libassuan-dev libbtrfs-dev libdevmapper-dev pkg-config rpm uidmap
# install skopeo
git clone -b v1.12.0 https://github.com/containers/skopeo.git
cd skopeo
make bin/skopeo
sudo cp bin/skopeo /usr/bin
skopeo -v
# install cri-o (for crictl)
OS=xUbuntu_20.04
CRIO_VERSION=1.26
echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
echo "deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/$CRIO_VERSION/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION.list
curl -L https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/$CRIO_VERSION/$OS/Release.key | sudo apt-key add -
curl -L https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/Release.key | sudo apt-key add -
sudo apt update
sudo apt install -y cri-o cri-o-runc
sudo systemctl enable crio.service
sudo systemctl start crio.service
sudo chmod 0777 /var/run/crio/crio.sock
# install dex
git clone https://github.com/dexidp/dex.git
cd dex/
make bin/dex
./bin/dex serve $GITHUB_WORKSPACE/test/dex/config-dev.yaml &
cd $GITHUB_WORKSPACE
- name: Check disk space before build
run: |
cd $GITHUB_WORKSPACE
set -x
df -h
sudo ls -lRh /tmp/* || true
sudo du -sh /tmp || true
sudo du -sh /tmp/* || true
sudo find /tmp/ -size +5M | sudo xargs ls -lh
du -sh ./* || true
find ./ -size +5M | xargs ls -lh
sudo du -sh /var/
sudo du -sh /var/lib/docker/
du -sh /home/runner/work/
set +x
- name: Run referrers tests
run: |
make test-bats-referrers
- name: Run metadata tests
run: |
make test-bats-metadata
- name: Run push-pull tests
run: |
make test-push-pull
- name: Run push-pull-authn tests
run: |
make test-push-pull-authn
- name: Run metrics tests
run: |
make test-bats-metrics
- name: Run cve tests
run: |
make test-bats-cve
- name: Run sync test
run: |
make test-bats-sync
- name: Run scrub tests
run: |
make test-bats-scrub
- name: Run anonymous-push-pull tests
run: |
make test-anonymous-push-pull
- name: Run detect-manifest-collision tests
run: |
make test-detect-manifest-collision
- name: Run annotations tests
run: |
make test-annotations
- name: Run garbage collect tests
run: |
make test-garbage-collect
- name: Install localstack
run: |
pip install --upgrade pyopenssl
pip install localstack awscli-local[ver1] # install LocalStack cli and awslocal
docker pull localstack/localstack # Make sure to pull the latest version of the image
localstack start -d # Start LocalStack in the background
echo "Waiting for LocalStack startup..." # Wait 30 seconds for the LocalStack container
localstack wait -t 30 # to become ready before timing out
echo "Startup complete"
- name: Run cloud-only tests
run: |
make test-cloud-only
env:
AWS_ACCESS_KEY_ID: fake
AWS_SECRET_ACCESS_KEY: fake
- name: Check disk space after build
if: always()
run: |
cd $GITHUB_WORKSPACE
set -x
df -h
sudo ls -lRh /tmp/* || true
sudo du -sh /tmp || true
sudo du -sh /tmp/* || true
sudo find /tmp/ -size +5M | sudo xargs ls -lh
du -sh ./* || true
find ./ -size +5M | xargs ls -lh
sudo du -sh /var/
sudo du -sh /var/lib/docker/
du -sh /home/runner/work/
set +x