ci: enforce version sync invariant #85
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Test | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| jobs: | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| - name: Check version invariants | |
| run: ./hack/check-versions.sh | |
| - name: Self-test version-invariant check | |
| run: ./hack/test-check-versions.sh | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: "3.14" | |
| - name: Install dependencies | |
| run: pip install ansible-core ansible-lint | |
| - name: Build and install collection | |
| run: | | |
| ansible-galaxy collection build | |
| ansible-galaxy collection install cozystack-installer-*.tar.gz --force | |
| - name: Install collection dependencies | |
| run: ansible-galaxy collection install --requirements-file requirements.yml | |
| - name: Run ansible-lint | |
| run: ansible-lint | |
| - name: Syntax check Ubuntu example | |
| run: ansible-playbook examples/ubuntu/prepare-ubuntu.yml --syntax-check | |
| - name: Syntax check SUSE example | |
| run: ansible-playbook examples/suse/prepare-suse.yml --syntax-check | |
| - name: Syntax check RHEL example | |
| run: ansible-playbook examples/rhel/prepare-rhel.yml --syntax-check | |
| sanity: | |
| name: Sanity | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| with: | |
| path: ansible_collections/cozystack/installer | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: "3.14" | |
| - name: Install ansible-core and unit test dependencies | |
| run: pip install ansible-core pytest pytest-xdist pytest-forked pytest-mock | |
| - name: Run sanity tests | |
| working-directory: ansible_collections/cozystack/installer | |
| run: ansible-test sanity --color | |
| - name: Run unit tests | |
| working-directory: ansible_collections/cozystack/installer | |
| run: ansible-test units --color --python 3.14 | |
| master-nodes: | |
| name: Multi-master MASTER_NODES | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: "3.14" | |
| - name: Install Ansible | |
| run: pip install ansible-core | |
| - name: Build and install collection | |
| run: | | |
| ansible-galaxy collection build | |
| ansible-galaxy collection install cozystack-installer-*.tar.gz --force | |
| - name: Test auto-detection from server group (3 nodes) | |
| run: >- | |
| ansible-playbook tests/test-master-nodes.yml | |
| --inventory tests/test-multi-master-inventory.yml | |
| - name: Test single-node auto-detection (IP host key) | |
| run: >- | |
| ansible-playbook tests/test-master-nodes.yml | |
| --inventory tests/test-single-master-inventory.yml | |
| - name: Test single-node explicit override (CI inventory) | |
| run: >- | |
| ansible-playbook tests/test-master-nodes.yml | |
| --inventory tests/ci-inventory.yml | |
| - name: Test IPv6 host keys are accepted | |
| run: >- | |
| ansible-playbook tests/test-master-nodes.yml | |
| --inventory tests/test-ipv6-inventory.yml | |
| - name: Test hostname host keys are rejected | |
| run: | | |
| set +e | |
| output="$(ansible-playbook tests/test-master-nodes.yml \ | |
| --inventory tests/test-hostname-inventory.yml 2>&1)" | |
| status=$? | |
| set -e | |
| if [ "$status" -eq 0 ]; then | |
| echo "ERROR: Expected failure for hostname host keys, but playbook succeeded" | |
| exit 1 | |
| fi | |
| if ! grep -q "not a valid IP address in MASTER_NODES" <<< "$output"; then | |
| echo "ERROR: Playbook failed, but not due to hostname/IP validation" | |
| echo "$output" | |
| exit 1 | |
| fi | |
| echo "OK: Hostname host keys correctly rejected" | |
| external-ips: | |
| name: External IPs validation | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: "3.14" | |
| - name: Install Ansible | |
| run: pip install ansible-core | |
| - name: Build and install collection | |
| run: | | |
| ansible-galaxy collection build | |
| ansible-galaxy collection install cozystack-installer-*.tar.gz --force | |
| - name: Test external IPs rendering | |
| run: >- | |
| ansible-playbook tests/test-external-ips.yml | |
| --inventory tests/test-external-ips-inventory.yml | |
| - name: Test invalid IPs are rejected | |
| run: | | |
| set +e | |
| output="$(ansible-playbook tests/test-external-ips.yml \ | |
| --inventory tests/test-invalid-ips-inventory.yml 2>&1)" | |
| status=$? | |
| set -e | |
| if [ "$status" -eq 0 ]; then | |
| echo "ERROR: Expected failure for invalid IPs, but playbook succeeded" | |
| exit 1 | |
| fi | |
| if ! grep -q "not a valid IP address in cozystack_external_ips" <<< "$output"; then | |
| echo "ERROR: Playbook failed, but not due to IP validation" | |
| echo "$output" | |
| exit 1 | |
| fi | |
| echo "OK: Invalid IPs correctly rejected" | |
| e2e: | |
| name: E2E | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| - name: Set up Python | |
| uses: actions/setup-python@v6 | |
| with: | |
| python-version: "3.14" | |
| - name: Install Ansible | |
| run: pip install ansible-core | |
| - name: Build and install collection | |
| run: | | |
| ansible-galaxy collection build | |
| ansible-galaxy collection install cozystack-installer-*.tar.gz --force | |
| - name: Install collection dependencies | |
| run: | | |
| ansible-galaxy collection install --requirements-file requirements.yml | |
| ansible-galaxy collection install --requirements-file tests/requirements.yml | |
| - name: Run full pipeline | |
| run: >- | |
| sudo env "PATH=$PATH" "HOME=$HOME" ansible-playbook examples/ubuntu/site.yml | |
| --inventory tests/ci-inventory.yml | |
| - name: Verify operator is running | |
| run: | | |
| sudo kubectl --kubeconfig /etc/rancher/k3s/k3s.yaml \ | |
| wait deployment/cozystack-operator \ | |
| --namespace cozy-system \ | |
| --timeout=120s \ | |
| --for=condition=Available | |
| - name: Verify CRDs are established | |
| run: | | |
| sudo kubectl --kubeconfig /etc/rancher/k3s/k3s.yaml \ | |
| wait crd/packages.cozystack.io \ | |
| --for=condition=Established \ | |
| --timeout=60s | |
| - name: Verify Platform Package exists | |
| run: | | |
| sudo kubectl --kubeconfig /etc/rancher/k3s/k3s.yaml \ | |
| get package cozystack.cozystack-platform \ | |
| --namespace cozy-system | |
| - name: Test idempotency (second run) | |
| run: >- | |
| sudo env "PATH=$PATH" "HOME=$HOME" ansible-playbook examples/ubuntu/site.yml | |
| --inventory tests/ci-inventory.yml |