Skip to content

Main

Main #2196

Workflow file for this run

name: Main
on:
push:
branches:
- master
pull_request:
branches:
- master
schedule:
- cron: '0 0 * * *'
workflow_dispatch:
jobs:
precommit:
name: pre-commit
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v4
- name: setup-python
uses: actions/setup-python@v5
with:
python-version: '3.12'
- name: pre-commit
uses: pre-commit/[email protected]
sast:
name: sast
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v4
- name: shellcheck
uses: ./.github/actions/shellcheck
- name: shfmt
uses: ./.github/actions/shfmt
- name: checkbashisms
uses: ./.github/actions/checkbashisms
tests:
name: tests
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v4
- name: unit tests
uses: ./.github/actions/bats
docker:
name: docker
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v4
- name: hadolint
uses: hadolint/[email protected]
with:
dockerfile: Dockerfile
failure-threshold: error
ignore: DL3018
- name: docker
run: docker build . --tag ${{ github.event.repository.name }}:scan
- name: install dockle
run: |
VERSION=$(
curl --silent "https://api.github.com/repos/goodwithtech/dockle/releases/latest" | \
grep '"tag_name":' | \
sed -E 's/.*"v([^"]+)".*/\1/' \
) && curl -L -o dockle.deb https://github.com/goodwithtech/dockle/releases/download/v${VERSION}/dockle_${VERSION}_Linux-64bit.deb
sudo dpkg -i dockle.deb && rm dockle.deb
- name: dockle
run: |
dockle --exit-code 1 --format list --ignore CIS-DI-0001 ${{ github.event.repository.name }}:scan
macos:
name: macos
runs-on: macos-latest
steps:
- name: checkout
uses: actions/checkout@v4
- name: brew bundle
run: brew bundle
- name: unit tests
run: ( cd tests ; ./runtests.bash )
- name: create wghub.conf
run: |
echo none > fwtype.txt
./easy-wg-quick
./easy-wg-quick macos_named_client
- name: dump configuration
run: head *.txt *.key *.conf
- name: dump wghub.conf
run: cat wghub.conf
- name: empty file check
run: ls *.txt *.key *.conf | xargs -tn1 test -s
- name: wg-quick up
run: sudo wg-quick up ./wghub.conf
- name: check interface
run: sudo wg show
- name: wg-quick down
run: sudo wg-quick down ./wghub.conf
ubuntu:
name: ubuntu
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v4
- name: install wireguard
run: sudo apt install -y wireguard-tools
- name: create wghub.conf
run: |
echo none > fwtype.txt
./easy-wg-quick
./easy-wg-quick macos_named_client
- name: dump configuration
run: head *.txt *.key *.conf
- name: dump wghub.conf
run: cat wghub.conf
- name: empty file check
run: ls *.txt *.key *.conf | xargs -tn1 test -s
- name: wg-quick up
run: sudo wg-quick up ./wghub.conf
- name: check interface
run: sudo wg show
- name: wg-quick down
run: sudo wg-quick down ./wghub.conf