name: CI Test on: push: branches: [main] workflow_dispatch: env: # WIN_HOST is the host machine reachable from inside the job container. # Resolved at runtime to the container's default gateway, since Forgejo Runner # creates a per-job Docker network whose gateway IP varies between runs. WIN_PORT: 2210 WIN_USER: edr jobs: hello: runs-on: docker steps: - name: Say hello run: | echo "Hello from Forgejo Actions!" echo "Runner: $RUNNER_NAME" uname -a node --version - name: Math check run: echo "2+2 = $((2+2))" windows-test: runs-on: docker steps: - name: Checkout uses: actions/checkout@v4 - name: Install sshpass run: | apt-get update -qq apt-get install -y -qq sshpass openssh-client iproute2 - name: Resolve host gateway run: | GW=$(ip route | awk '/default/ {print $3; exit}') echo "WIN_HOST=$GW" >> "$GITHUB_ENV" echo "Using host gateway: $GW" - name: Wait for Windows VM SSH env: SSHPASS: ${{ secrets.WINDOWS_SSH_PASSWORD }} run: | for i in $(seq 1 30); do if sshpass -e ssh -o StrictHostKeyChecking=no -o ConnectTimeout=3 \ -p "$WIN_PORT" "$WIN_USER@$WIN_HOST" "exit" 2>/dev/null; then echo "VM SSH ready"; exit 0 fi echo "[$i/30] waiting for VM..."; sleep 5 done echo "VM SSH never became ready"; exit 1 - name: Smoke test on Windows env: SSHPASS: ${{ secrets.WINDOWS_SSH_PASSWORD }} run: | sshpass -e ssh -o StrictHostKeyChecking=no \ -p "$WIN_PORT" "$WIN_USER@$WIN_HOST" \ "whoami && ver && echo windows-smoke-ok" # Verifies the revert actually wiped the previous run's marker. # Fails fast if it finds C:\ci-marker.txt, which would only be there if # a previous CI run left it behind and the revert step didn't restore gold. - name: Verify clean baseline (no marker from prior run) env: SSHPASS: ${{ secrets.WINDOWS_SSH_PASSWORD }} run: | out=$(sshpass -e ssh -o StrictHostKeyChecking=no \ -p "$WIN_PORT" "$WIN_USER@$WIN_HOST" \ "if exist C:\\ci-marker.txt (echo MARKER_EXISTS & type C:\\ci-marker.txt) else (echo CLEAN)") echo "$out" echo "$out" | grep -q "^CLEAN" || { echo "marker from previous run survived — revert is broken"; exit 1; } - name: Copy tests into VM env: SSHPASS: ${{ secrets.WINDOWS_SSH_PASSWORD }} run: | sshpass -e ssh -o StrictHostKeyChecking=no \ -p "$WIN_PORT" "$WIN_USER@$WIN_HOST" \ "if not exist C:\\ci mkdir C:\\ci" sshpass -e scp -o StrictHostKeyChecking=no \ -P "$WIN_PORT" -r tests \ "$WIN_USER@$WIN_HOST:C:/ci/" - name: Run PowerShell tests on Windows env: SSHPASS: ${{ secrets.WINDOWS_SSH_PASSWORD }} run: | sshpass -e ssh -o StrictHostKeyChecking=no \ -p "$WIN_PORT" "$WIN_USER@$WIN_HOST" \ "powershell -NoProfile -ExecutionPolicy Bypass -File C:\\ci\\tests\\run-tests.ps1" - name: Drop marker file (would persist without revert) env: SSHPASS: ${{ secrets.WINDOWS_SSH_PASSWORD }} run: | sshpass -e ssh -o StrictHostKeyChecking=no \ -p "$WIN_PORT" "$WIN_USER@$WIN_HOST" \ "echo run=${GITHUB_RUN_NUMBER} sha=${GITHUB_SHA} > C:\\ci-marker.txt && type C:\\ci-marker.txt" # Always-runs cleanup: rolls the VM back to the gold snapshot on the host. # In a separate job so it fires even when windows-test crashes mid-step. revert-vm: runs-on: docker needs: [windows-test] if: always() steps: - name: Install client tools run: | apt-get update -qq apt-get install -y -qq curl iproute2 - name: Trigger revert on host env: REVERT_TOKEN: ${{ secrets.REVERT_TOKEN }} run: | GW=$(ip route | awk '/default/ {print $3; exit}') echo "calling revert endpoint at $GW:8765" curl -fsSL --max-time 90 -X POST \ -H "Authorization: Bearer $REVERT_TOKEN" \ "http://$GW:8765/revert"