32803ff27c
Some checks failed
CI/CD Pipeline / Code Format (push) Successful in 2s
CI/CD Pipeline / Clippy Lints (push) Successful in 46s
CI/CD Pipeline / All Unit Tests (push) Successful in 1m11s
CI/CD Pipeline / Security Audit (push) Successful in 5s
CI/CD Pipeline / Enrollment Tests (push) Successful in 1m27s
CI/CD Pipeline / Build Debian Package (Ubuntu 22.04) (push) Failing after 5s
CI/CD Pipeline / Verify Enrollment CLI Flag (push) Successful in 1m5s
CI/CD Pipeline / Build Debian Package (push) Failing after 4s
CI/CD Pipeline / Build Arch Package (push) Successful in 2m22s
CI/CD Pipeline / Build RPM Package (push) Successful in 2m17s
CI/CD Pipeline / Build Alpine Package (push) Successful in 3m7s
* fix: switch to build-package.sh for .deb builds
Replace dpkg-buildpackage with scripts/build-package.sh using
dpkg-deb --build approach. This bypasses the dpkg-buildpackage
subprocess chain (dh → make → debian/rules → cargo) which
does not inherit the rustup environment (RUSTUP_HOME, CARGO_HOME,
default toolchain) from GitHub Actions.
Same approach as Linux-Patch-Manager which passes CI.
- Add scripts/build-package.sh (modeled after Manager)
- Add Version and Installed-Size to debian/control
- Update CI workflow to use build-package.sh
- Fix release files path (project root, not ../)
* fix: extract only binary package paragraph from debian/control
dpkg-deb --build expects a single control paragraph starting
with Package: field. The debian/control file has two paragraphs
(source + binary). The awk command extracts only the binary
package paragraph to avoid dpkg-deb parse errors.
* fix: generate DEBIAN/control from scratch in build-package.sh
dpkg-deb --build is fundamentally incompatible with debian/control
which uses dpkg-buildpackage substitution variables like
${shlibs:Depends} and ${misc:Depends}. Generate a clean control
file from scratch in the script to eliminate all incompatibilities.
- No substitution variables
- No source paragraph
- No Build-Depends
- Homepage points to GitHub
- Installed-Size calculated before control file generation
---------
Co-authored-by: git-echo <git-echo@moon-dragon.us>
107 lines
3.3 KiB
YAML
107 lines
3.3 KiB
YAML
name: CI
|
|
|
|
on:
|
|
push:
|
|
branches: [master]
|
|
tags: ['v*.*.*']
|
|
pull_request:
|
|
branches: [master]
|
|
|
|
env:
|
|
CARGO_TERM_COLOR: always
|
|
|
|
permissions:
|
|
contents: write
|
|
|
|
jobs:
|
|
fmt:
|
|
name: Rust Format
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: dtolnay/rust-toolchain@stable
|
|
with:
|
|
components: rustfmt
|
|
- uses: Swatinem/rust-cache@v2
|
|
- run: cargo fmt --all -- --check
|
|
|
|
clippy:
|
|
name: Clippy
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: dtolnay/rust-toolchain@stable
|
|
with:
|
|
components: clippy
|
|
- uses: Swatinem/rust-cache@v2
|
|
- name: Install system dependencies
|
|
run: sudo apt-get update && sudo apt-get install -y build-essential libsystemd-dev pkg-config libssl-dev
|
|
- run: cargo clippy --all-targets --all-features -- -D warnings
|
|
|
|
test:
|
|
name: Tests
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: dtolnay/rust-toolchain@stable
|
|
- uses: Swatinem/rust-cache@v2
|
|
- name: Install system dependencies
|
|
run: sudo apt-get update && sudo apt-get install -y build-essential libsystemd-dev pkg-config libssl-dev
|
|
- run: cargo test --all-features
|
|
|
|
audit:
|
|
name: Security Audit
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: dtolnay/rust-toolchain@stable
|
|
- run: cargo install cargo-audit && cargo audit --ignore RUSTSEC-2025-0134
|
|
|
|
enrollment-tests:
|
|
name: Enrollment Tests
|
|
needs: [fmt, clippy]
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: dtolnay/rust-toolchain@stable
|
|
- uses: Swatinem/rust-cache@v2
|
|
- name: Install system dependencies
|
|
run: sudo apt-get update && sudo apt-get install -y build-essential libsystemd-dev pkg-config libssl-dev
|
|
- run: cargo test --test enroll_identity
|
|
- run: cargo test --test enrollment_test
|
|
- run: cargo test --test enrollment_e2e
|
|
|
|
build-deb:
|
|
name: Build & Release
|
|
needs: [fmt, clippy, test, enrollment-tests]
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
- uses: dtolnay/rust-toolchain@stable
|
|
- uses: Swatinem/rust-cache@v2
|
|
- name: Install system dependencies
|
|
run: sudo apt-get update && sudo apt-get install -y libsystemd-dev pkg-config libssl-dev
|
|
- name: Build .deb package
|
|
run: chmod +x scripts/build-package.sh && scripts/build-package.sh
|
|
- name: Generate release notes
|
|
if: startsWith(github.ref, 'refs/tags/v')
|
|
id: release_notes
|
|
run: |
|
|
PREV_TAG=$(git describe --tags --abbrev=0 HEAD^ 2>/dev/null || echo "")
|
|
if [ -n "$PREV_TAG" ]; then
|
|
NOTES=$(git log ${PREV_TAG}..HEAD --pretty=format:"- %s (%h)" --no-merges)
|
|
else
|
|
NOTES=$(git log --pretty=format:"- %s (%h)" --no-merges)
|
|
fi
|
|
echo "notes<<EOF" >> $GITHUB_OUTPUT
|
|
echo "$NOTES" >> $GITHUB_OUTPUT
|
|
echo "EOF" >> $GITHUB_OUTPUT
|
|
- name: Upload to GitHub Release
|
|
if: startsWith(github.ref, 'refs/tags/v')
|
|
uses: softprops/action-gh-release@v2
|
|
with:
|
|
body: ${{ steps.release_notes.outputs.notes }}
|
|
files: linux-patch-api_*.deb
|