feat(users/services): Local groups cleanup #732
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: QA & sanity checks | |
on: | |
push: | |
branches: | |
- main | |
tags: | |
- "*" | |
pull_request: | |
env: | |
apt_deps: >- | |
libpam0g-dev | |
# In Rust the grpc stubs are generated at build time | |
# so we always need to install the protobuf compilers | |
# when building the NSS crate. | |
protobuf_compilers: >- | |
protobuf-compiler | |
jobs: | |
go-sanity: | |
name: "Go: Code sanity" | |
runs-on: ubuntu-latest | |
steps: | |
- name: Install dependencies | |
run: | | |
sudo DEBIAN_FRONTEND=noninteractive apt update | |
sudo DEBIAN_FRONTEND=noninteractive apt install -y ${{ env.apt_deps }} | |
- uses: actions/checkout@v4 | |
- name: Go code sanity check | |
uses: canonical/desktop-engineering/gh-actions/go/code-sanity@main | |
with: | |
golangci-lint-configfile: ".golangci.yaml" | |
tools-directory: "tools" | |
- name: Build cmd/authd with withexamplebroker tag | |
run: | | |
set -eu | |
go build -tags withexamplebroker ./cmd/authd | |
rust-sanity: | |
name: "Rust: Code sanity" | |
runs-on: ubuntu-latest | |
steps: | |
- name: Install dependencies | |
run: | | |
sudo DEBIAN_FRONTEND=noninteractive apt update | |
sudo DEBIAN_FRONTEND=noninteractive apt install -y ${{ env.apt_deps }} ${{ env.protobuf_compilers}} | |
- uses: actions/checkout@v4 | |
- uses: actions-rs/toolchain@v1 | |
with: | |
profile: minimal | |
toolchain: stable | |
override: true | |
components: rustfmt, clippy | |
- name: Build crate | |
uses: actions-rs/cargo@v1 | |
with: | |
command: build | |
args: --all-features | |
- name: Check code format with rustfmt | |
uses: actions-rs/cargo@v1 | |
with: | |
command: fmt | |
- name: Check code format with clippy | |
uses: actions-rs/clippy-check@v1 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
args: --all-features | |
go-tests: | |
name: "Go: Tests" | |
runs-on: ubuntu-latest | |
steps: | |
- name: Install dependencies | |
run: | | |
sudo DEBIAN_FRONTEND=noninteractive apt update | |
# The integration tests build the NSS crate, so we need the cargo build dependencies in order to run them. | |
sudo DEBIAN_FRONTEND=noninteractive apt install -y ${{ env.apt_deps }} ${{ env.protobuf_compilers}} | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: go.mod | |
- uses: actions-rs/toolchain@v1 | |
with: | |
profile: minimal | |
toolchain: nightly # We need nightly to enable instrumentation for coverage. | |
override: true | |
components: llvm-tools-preview | |
- name: Install grcov | |
run: | | |
set -eu | |
cargo install grcov | |
- name: Run tests (with coverage collection) | |
run: | | |
set -eu | |
# The coverage is not written if the output directory does not exist, so we need to create it. | |
raw_cov_dir="/tmp/raw_files" | |
rm -fr "${raw_cov_dir}" | |
mkdir -p "${raw_cov_dir}" | |
# Overriding the default coverage directory is not an exported flag of go test (yet), so | |
# we need to override it using the test.gocoverdir flag instead. | |
#TODO: Update when https://go-review.googlesource.com/c/go/+/456595 is merged. | |
go test -cover -covermode=set ./... -shuffle=on -args -test.gocoverdir="${raw_cov_dir}" | |
# Convert the raw coverage data into textfmt so we can merge the Rust one into it | |
go tool covdata textfmt -i="${raw_cov_dir}" -o="/tmp/coverage.out" | |
# Append the Rust coverage data to the Go one | |
cat "${raw_cov_dir}/rust-cov/rust2go_coverage" >>"/tmp/coverage.out" | |
# Filter out the testutils package and the pb.go file | |
grep -v -e "testutils" -e "pb.go" "/tmp/coverage.out" >"/tmp/coverage.out.filtered" | |
- name: Run tests (with race detector) | |
run: | | |
go test -race ./... | |
- name: Run PAM tests (with Address Sanitizer) | |
env: | |
# Do not optimize, keep debug symbols and frame pointer for better | |
# stack trace information in case of ASAN errors. | |
CGO_CFLAGS: "-O0 -g3 -fno-omit-frame-pointer" | |
run: | | |
# Use `-dwarflocationlists` to give ASAN a better time to unwind the stack trace | |
go test -C pam -asan -gcflags="-dwarflocationlists=true" ./... | |
- name: Upload coverage to Codecov | |
uses: codecov/codecov-action@v3 | |
with: | |
file: /tmp/coverage.out.filtered |