mirror of
https://github.com/ivuorinen/actions.git
synced 2026-01-26 11:34:00 +00:00
170 lines
5.4 KiB
YAML
170 lines
5.4 KiB
YAML
---
|
|
# yaml-language-server: $schema=https://json.schemastore.org/github-action.json
|
|
name: Setup Test Environment
|
|
description: Common setup for test jobs (Python, Node, system tools, ShellSpec)
|
|
|
|
inputs:
|
|
install-act:
|
|
description: Whether to install act for integration tests
|
|
required: false
|
|
default: 'false'
|
|
install-kcov:
|
|
description: Whether to build and install kcov from source for coverage (v42)
|
|
required: false
|
|
default: 'false'
|
|
|
|
runs:
|
|
using: composite
|
|
steps:
|
|
- name: Install uv
|
|
uses: astral-sh/setup-uv@1e862dfacbd1d6d858c55d9b792c756523627244 # v7.1.4
|
|
with:
|
|
enable-cache: true
|
|
|
|
- name: Set up Python
|
|
uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0
|
|
with:
|
|
python-version-file: pyproject.toml
|
|
|
|
- name: Install Python dependencies
|
|
shell: bash
|
|
run: uv sync --frozen
|
|
|
|
- name: Setup Node.js
|
|
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
|
|
with:
|
|
node-version: '24'
|
|
cache: npm
|
|
|
|
- name: Install Node dependencies
|
|
shell: bash
|
|
run: npm ci
|
|
|
|
- name: Install system tools
|
|
shell: bash
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y --no-install-recommends jq shellcheck
|
|
|
|
- name: Install kcov from source
|
|
if: inputs.install-kcov == 'true'
|
|
shell: bash
|
|
run: |
|
|
echo "Installing kcov build dependencies..."
|
|
sudo apt-get install -y --no-install-recommends \
|
|
cmake \
|
|
libcurl4-openssl-dev \
|
|
libdw-dev \
|
|
libelf-dev \
|
|
libiberty-dev \
|
|
pkg-config \
|
|
zlib1g-dev
|
|
|
|
echo "Building kcov from source..."
|
|
cd /tmp
|
|
git clone --depth 1 --branch v42 https://github.com/SimonKagstrom/kcov.git
|
|
cd kcov
|
|
mkdir build
|
|
cd build
|
|
cmake ..
|
|
make
|
|
sudo make install
|
|
cd /
|
|
rm -rf /tmp/kcov
|
|
|
|
echo "Verifying kcov installation..."
|
|
kcov --version
|
|
|
|
- name: Install ShellSpec
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
# Pin to specific version to avoid supply-chain risks
|
|
SHELLSPEC_VERSION="0.28.1"
|
|
SHELLSPEC_URL="https://github.com/shellspec/shellspec/archive/refs/tags/${SHELLSPEC_VERSION}.tar.gz"
|
|
# Pinned SHA-256 checksum for ShellSpec 0.28.1
|
|
# Source: https://github.com/shellspec/shellspec/archive/refs/tags/0.28.1.tar.gz
|
|
EXPECTED_CHECKSUM="400d835466429a5fe6c77a62775a9173729d61dd43e05dfa893e8cf6cb511783"
|
|
|
|
echo "Downloading ShellSpec ${SHELLSPEC_VERSION}..."
|
|
curl -fsSL "${SHELLSPEC_URL}" -o "/tmp/shellspec.tar.gz"
|
|
|
|
echo "Verifying checksum..."
|
|
ACTUAL_CHECKSUM="$(sha256sum /tmp/shellspec.tar.gz | awk '{print $1}')"
|
|
if [[ "${ACTUAL_CHECKSUM}" != "${EXPECTED_CHECKSUM}" ]]; then
|
|
echo "Error: Checksum mismatch for ShellSpec ${SHELLSPEC_VERSION}" >&2
|
|
echo "Expected: ${EXPECTED_CHECKSUM}" >&2
|
|
echo "Got: ${ACTUAL_CHECKSUM}" >&2
|
|
rm -f /tmp/shellspec.tar.gz
|
|
exit 1
|
|
fi
|
|
echo "Checksum verified successfully"
|
|
|
|
echo "Installing ShellSpec..."
|
|
mkdir -p ~/.local/lib
|
|
tar -xzf /tmp/shellspec.tar.gz -C ~/.local/lib
|
|
mv ~/.local/lib/shellspec-${SHELLSPEC_VERSION} ~/.local/lib/shellspec
|
|
rm /tmp/shellspec.tar.gz
|
|
|
|
sudo ln -s ~/.local/lib/shellspec/shellspec /usr/local/bin/shellspec
|
|
|
|
- name: Install act
|
|
if: inputs.install-act == 'true'
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
# Pin to specific version to avoid supply-chain risks
|
|
ACT_VERSION="0.2.82"
|
|
ACT_ARCH="Linux_x86_64"
|
|
ACT_TARBALL="act_${ACT_ARCH}.tar.gz"
|
|
ACT_URL="https://github.com/nektos/act/releases/download/v${ACT_VERSION}/${ACT_TARBALL}"
|
|
ACT_CHECKSUM_URL="https://github.com/nektos/act/releases/download/v${ACT_VERSION}/checksums.txt"
|
|
|
|
echo "Downloading act v${ACT_VERSION}..."
|
|
curl -fsSL "${ACT_URL}" -o "/tmp/${ACT_TARBALL}"
|
|
|
|
echo "Downloading checksums..."
|
|
curl -fsSL "${ACT_CHECKSUM_URL}" -o "/tmp/act-checksums.txt"
|
|
|
|
echo "Verifying checksum..."
|
|
# Extract the checksum for our specific file and verify
|
|
# Use cd to match the filename format in checksums.txt
|
|
cd /tmp
|
|
if ! grep "${ACT_TARBALL}" act-checksums.txt | sha256sum -c -; then
|
|
echo "Error: Checksum verification failed for ${ACT_TARBALL}" >&2
|
|
rm -f "${ACT_TARBALL}" act-checksums.txt
|
|
exit 1
|
|
fi
|
|
echo "Checksum verified successfully"
|
|
|
|
echo "Installing act..."
|
|
tar -xzf "${ACT_TARBALL}" -C /tmp
|
|
sudo install -m 755 /tmp/act /usr/local/bin/act
|
|
rm -f "${ACT_TARBALL}" /tmp/act act-checksums.txt
|
|
|
|
echo "Verifying act installation..."
|
|
act --version
|
|
|
|
- name: Setup Docker and act configuration
|
|
if: inputs.install-act == 'true'
|
|
shell: bash
|
|
run: |
|
|
# Ensure Docker is running
|
|
docker ps > /dev/null 2>&1 || (echo "Docker is not running" && exit 1)
|
|
|
|
# Pre-pull the act Docker image to avoid interactive prompts
|
|
docker pull catthehacker/ubuntu:act-latest
|
|
|
|
- name: Verify tools
|
|
shell: bash
|
|
run: |
|
|
shellspec --version
|
|
jq --version
|
|
uv --version
|
|
if [[ "${{ inputs.install-act }}" == "true" ]]; then
|
|
act --version
|
|
docker --version
|
|
fi
|