New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Switch to GitHub Actions #209
Conversation
- ubuntu-latest | ||
- macOS-latest | ||
- windows-latest |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tests are also run on specific runners with respect to the target OS and the results are merged and sent to Codecov.
--mount=type=bind,from=version,source=/tmp/.ldflags,target=/tmp/.ldflags <<EOT | ||
set -ex | ||
mkdir /out | ||
xx-go install std |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
std
needs to be installed for stdlib.
FROM scratch AS binaries | ||
COPY --from=build /out / | ||
|
||
FROM debian:bullseye-slim AS build-deb |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Build debian packages for pass
and secretservice
platforms = [ | ||
// "darwin/amd64", | ||
// "darwin/arm64", | ||
"linux/amd64", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Containerized tests are only available for linux platform (that's why a specific job has been added in the build workflow).
#SIGNINGHASH=$(security find-identity -v -p codesigning | grep "Developer ID Application: Docker Inc" | cut -d ' ' -f 4) | ||
#xcrun -log codesign -s $(SIGNINGHASH) --force --verbose docker-credential-osxkeychain | ||
#xcrun codesign --verify --deep --strict --verbose=2 --display docker-credential-osxkeychain |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We discussed about that with @tonistiigi to sign our buildx MacOS binaries. I'm not sure if we should add secrets on the repo to be able to codesign (can be painful) or if we should create our own self-hosted MacOS GitHub Runner with the identity already available (cc @chris-crone).
#echo ${PFX} | base64 -d > $dockerpfx | ||
#signtool sign /fd SHA256 /a /f pfx /p ${PFXPASSWORD} /d Docker /du https://www.docker.com /t http://timestamp.verisign.com/scripts/timestamp.dll docker-credential-wincred.exe |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as previous comment with Windows signtool.
// These tests are not runnable from a headless environment such as | ||
// Docker or a CI pipeline due to the DBus "prompt" interface being called | ||
// when creating and unlocking a keychain. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Need to find a headless CLI tool to be able to run secretservice
tests suite or we could mock prompter that connects to DBus.
ea27162
to
206d3c3
Compare
@crazy-max , Jenkinsfile is not used, you can delete it |
6b0653f
to
9097437
Compare
Done As @thaJeztah suggested I removed |
PTAL @thaJeztah @ebriney Since https://twitter.com/peter_szilagyi/status/1437646118700175360 I guess it's important to start ditching travis :) |
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
Removed the GitHub Release step as discussed with @ebriney |
Closing this one as we have moved to GHA in other PRs. Debian packaging will be moved to another repo in a follow-up. |
Follow-up #208 (cc @thaJeztah)
This PR allows to build credential helpers on GitHub Actions using cross-compilation thanks to tonistiigi/xx (cc @tonistiigi).
Run example: https://github.com/crazy-max/docker-credential-helpers/actions/runs/1181534227
@ebriney Is Jenkinsfile still used?
Signed-off-by: CrazyMax crazy-max@users.noreply.github.com