-
Notifications
You must be signed in to change notification settings - Fork 0
127 lines (114 loc) · 4.96 KB
/
Copy pathintegration.yml
File metadata and controls
127 lines (114 loc) · 4.96 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
name: integration
# End-to-end test on the real target OS (EL8) in a rockylinux:8 container.
# A matrix covers both Trac handlers:
# mod_wsgi -> install trac svn git gitExternal (all four services)
# mod_python -> install trac (the legacy in-process handler; the two interpreters
# cannot coexist, so each runs in its own container)
# Each job stages a minimal hub vhost, runs a faithful `hzforge install` (real
# hubzero packages), then `hzforge test` (a throwaway project per configured
# service, each served over HTTP -> 200) and doctor.
#
# Containers have no systemd, so hzforge drives `httpd -k` directly.
on:
push:
branches: [ main ]
paths:
- 'hzforge.py'
- '.github/workflows/integration.yml'
pull_request:
branches: [ main ]
paths:
- 'hzforge.py'
- '.github/workflows/integration.yml'
workflow_dispatch:
jobs:
el8:
name: EL8 ${{ matrix.handler }} install + self-test
runs-on: ubuntu-latest
container:
image: rockylinux:8
timeout-minutes: 30
strategy:
fail-fast: false
matrix:
include:
- handler: mod_wsgi
services: trac svn git gitExternal
- handler: mod_python
services: trac
steps:
- name: Tools for checkout
run: dnf -y install git tar gzip
- uses: actions/checkout@v4
- name: Enable repos (EPEL, PowerTools, hubzero) + base packages
run: |
set -eux
dnf -y install dnf-plugins-core epel-release
dnf config-manager --set-enabled powertools \
|| dnf config-manager --set-enabled crb || true
cat >/etc/yum.repos.d/hubzero.repo <<'REPO'
[hubzero]
name=HUBzero
baseurl=http://packages.hubzero.org/rpm/julian-el8
enabled=1
gpgcheck=1
gpgkey=https://packages.hubzero.org/rpm/hubzero-rpm-key-pub-2025
REPO
rpm --import https://packages.hubzero.org/rpm/hubzero-rpm-key-pub-2025
# python3 to run hzforge; python2 stack for Trac; build deps for pip Trac/mod_wsgi.
# mod_python (for the mod_python handler) is pulled by hzforge from the hubzero repo.
dnf -y install python3 \
httpd httpd-devel mod_ssl openssl \
python2 python2-pip python2-devel gcc redhat-rpm-config \
procps-ng which findutils
# NOTE: /run/httpd is intentionally NOT created here -- hzforge's
# ensure_httpd_runtime_dir() must make it itself on a non-systemd host.
# Creating it here would mask a regression in that path.
- name: Self-signed localhost cert for stock ssl.conf
# mod_ssl ships /etc/httpd/conf.d/ssl.conf referencing localhost.crt/.key;
# the post-install scriptlet that normally generates them doesn't run in
# a container, so configtest fails until we create them ourselves.
run: |
set -eux
openssl req -x509 -newkey rsa:2048 -nodes -days 3650 \
-keyout /etc/pki/tls/private/localhost.key \
-out /etc/pki/tls/certs/localhost.crt \
-subj "/CN=localhost"
chmod 600 /etc/pki/tls/private/localhost.key
- name: Stage a minimal hub vhost
run: |
set -eux
mkdir -p /etc/httpd/sites.d /etc/httpd/testhub.conf.d /var/www/testhub
cat >/etc/httpd/sites.d/testhub-ssl.conf <<'VHOST'
Listen 127.0.0.1:80
<VirtualHost 127.0.0.1:80>
ServerName localhost
DocumentRoot /var/www/testhub
RewriteEngine On
<Directory /var/www/testhub>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule (.*) index.php
</Directory>
IncludeOptional testhub.conf.d/*.conf
</VirtualHost>
VHOST
# stock httpd.conf doesn't load sites.d (a hubzero convention) -- add it
grep -q 'sites.d/\*.conf' /etc/httpd/conf/httpd.conf \
|| echo 'IncludeOptional sites.d/*.conf' >> /etc/httpd/conf/httpd.conf
# stock httpd.conf has `Listen 80`; our vhost adds `Listen 127.0.0.1:80`.
# Both cover :80 and httpd refuses the duplicate bind -- drop the stock one.
sed -i 's/^Listen 80$/# Listen 80 (superseded by the test vhost)/' \
/etc/httpd/conf/httpd.conf
- name: hzforge install ${{ matrix.services }} (${{ matrix.handler }}) — appstream svn source
run: |
python3 hzforge.py install ${{ matrix.services }} --hub testhub \
--svn-source appstream --trac-handler ${{ matrix.handler }} --no-test
- name: hzforge test (throwaway projects -> HTTP 200)
run: python3 hzforge.py test --hub testhub
- name: hzforge doctor
run: python3 hzforge.py doctor --hub testhub
- name: httpd error log on failure
if: failure()
run: tail -n 100 /var/log/httpd/*error* 2>/dev/null || true