-
Notifications
You must be signed in to change notification settings - Fork 426
132 lines (110 loc) · 4.48 KB
/
test-packaging.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
# This workflow tests packaging of fleetd with the
# `fleetctl package` command.
#
# It fetches the targets: orbit, osquery and fleet-desktop from the default
# (Fleet's) TUF server, https://tuf.fleetctl.com.
#
# Docker and colima are extremely unreliable on macOS Github runners
# thus this workflow is not testing MSI package generation on macOS.
name: Test packaging
on:
push:
branches:
- main
- patch-*
- prepare-*
paths:
- 'cmd/fleetctl/**.go'
- 'pkg/**.go'
- 'server/context/**.go'
- 'orbit/**.go'
- 'ee/fleetctl/**.go'
- 'tools/fleetctl-docker/**'
- 'tools/wix-docker/**'
- 'tools/bomutils-docker/**'
- '.github/workflows/test-packaging.yml'
pull_request:
paths:
- 'cmd/fleetctl/**.go'
- 'pkg/**.go'
- 'server/context/**.go'
- 'orbit/**.go'
- 'ee/fleetctl/**.go'
- 'tools/fleetctl-docker/**'
- 'tools/wix-docker/**'
- 'tools/bomutils-docker/**'
- '.github/workflows/test-packaging.yml'
workflow_dispatch: # Manual
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference
shell: bash
permissions:
contents: read
jobs:
test-packaging:
strategy:
fail-fast: false
matrix:
os: [ubuntu-latest, macos-15]
runs-on: ${{ matrix.os }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- name: Pull fleetdm/wix
if: ${{ !startsWith(matrix.os, 'macos') }}
# Run in background while other steps complete to speed up the workflow
run: |
docker pull fleetdm/wix:latest &
- name: Pull fleetdm/bomutils
if: ${{ !startsWith(matrix.os, 'macos') }}
# Run in background while other steps complete to speed up the workflow
run: |
docker pull fleetdm/bomutils:latest &
- name: Checkout Code
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Install Go
uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version-file: "go.mod"
- name: Install wine and wix
if: startsWith(matrix.os, 'macos')
run: |
./scripts/macos-install-wine.sh -n
wget https://github.com/wixtoolset/wix3/releases/download/wix3112rtm/wix311-binaries.zip -nv -O wix.zip
mkdir wix
unzip wix.zip -d wix
rm -f wix.zip
echo wix installed at $(pwd)/wix
# It seems faster not to cache Go dependencies
- name: Install Go Dependencies
run: make deps-go
- name: Build fleetctl
run: make fleetctl
- name: Build DEB
run: ./build/fleetctl package --type deb --enroll-secret=foo --fleet-url=https://localhost:8080
- name: Build DEB with Fleet Desktop
run: ./build/fleetctl package --type deb --enroll-secret=foo --fleet-url=https://localhost:8080 --fleet-desktop
- name: Build RPM
run: ./build/fleetctl package --type rpm --enroll-secret=foo --fleet-url=https://localhost:8080
- name: Build RPM with Fleet Desktop
run: ./build/fleetctl package --type rpm --enroll-secret=foo --fleet-url=https://localhost:8080 --fleet-desktop
- name: Build MSI
if: ${{ !startsWith(matrix.os, 'macos') }}
run: ./build/fleetctl package --type msi --enroll-secret=foo --fleet-url=https://localhost:8080
- name: Build MSI with Fleet Desktop
if: ${{ !startsWith(matrix.os, 'macos') }}
run: ./build/fleetctl package --type msi --enroll-secret=foo --fleet-url=https://localhost:8080 --fleet-desktop
- name: Build PKG
run: ./build/fleetctl package --type pkg --enroll-secret=foo --fleet-url=https://localhost:8080
- name: Build PKG with Fleet Desktop
run: ./build/fleetctl package --type pkg --enroll-secret=foo --fleet-url=https://localhost:8080 --fleet-desktop
- name: Build MSI on macOS (using local Wix)
if: startsWith(matrix.os, 'macos')
run: ./build/fleetctl package --type msi --enroll-secret=foo --fleet-url=https://localhost:8080 --fleet-desktop --local-wix-dir ./wix