forgejoadmin/ci-test
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ci-test/.forgejo/workflows/ci.yml
ci-bot db0f36e029
All checks were successful
CI Test / hello (push) Successful in 1s
Details
CI Test / windows-test (push) Successful in 8s
Details
CI Test / revert-vm (push) Successful in 7s
Details
ci(windows): drop a marker file each run and assert it's gone next run 
If two runs in a row both pass, the revert flow is provably wiping state
between runs. If the second one fails on 'Verify clean baseline', the
revert isn't doing its job.
2026-05-01 14:42:56 -04:00

103 lines
3.5 KiB
YAML
Raw Blame History

name: CI Test
on:
push:
branches: [main]
workflow_dispatch:
env:
# WIN_HOST is the host machine reachable from inside the job container.
# Resolved at runtime to the container's default gateway, since Forgejo Runner
# creates a per-job Docker network whose gateway IP varies between runs.
WIN_PORT: 2210
WIN_USER: edr
jobs:
hello:
runs-on: docker
steps:
- name: Say hello
run: |
echo "Hello from Forgejo Actions!"
echo "Runner: $RUNNER_NAME"
uname -a
node --version
- name: Math check
run: echo "2+2 = $((2+2))"
windows-test:
runs-on: docker
steps:
- name: Install sshpass
run: |
apt-get update -qq
apt-get install -y -qq sshpass openssh-client iproute2
- name: Resolve host gateway
run: |
GW=$(ip route | awk '/default/ {print $3; exit}')
echo "WIN_HOST=$GW" >> "$GITHUB_ENV"
echo "Using host gateway: $GW"
- name: Wait for Windows VM SSH
env:
SSHPASS: ${{ secrets.WINDOWS_SSH_PASSWORD }}
run: |
for i in $(seq 1 30); do
if sshpass -e ssh -o StrictHostKeyChecking=no -o ConnectTimeout=3 \
-p "$WIN_PORT" "$WIN_USER@$WIN_HOST" "exit" 2>/dev/null; then
echo "VM SSH ready"; exit 0
fi
echo "[$i/30] waiting for VM..."; sleep 5
done
echo "VM SSH never became ready"; exit 1
- name: Smoke test on Windows
env:
SSHPASS: ${{ secrets.WINDOWS_SSH_PASSWORD }}
run: |
sshpass -e ssh -o StrictHostKeyChecking=no \
-p "$WIN_PORT" "$WIN_USER@$WIN_HOST" \
"whoami && ver && echo windows-smoke-ok"
# Verifies the revert actually wiped the previous run's marker.
# Fails fast if it finds C:\ci-marker.txt, which would only be there if
# a previous CI run left it behind and the revert step didn't restore gold.
- name: Verify clean baseline (no marker from prior run)
env:
SSHPASS: ${{ secrets.WINDOWS_SSH_PASSWORD }}
run: |
out=$(sshpass -e ssh -o StrictHostKeyChecking=no \
-p "$WIN_PORT" "$WIN_USER@$WIN_HOST" \
"if exist C:\\ci-marker.txt (echo MARKER_EXISTS & type C:\\ci-marker.txt) else (echo CLEAN)")
echo "$out"
echo "$out" | grep -q "^CLEAN" || { echo "marker from previous run survived — revert is broken"; exit 1; }
- name: Drop marker file (would persist without revert)
env:
SSHPASS: ${{ secrets.WINDOWS_SSH_PASSWORD }}
run: |
sshpass -e ssh -o StrictHostKeyChecking=no \
-p "$WIN_PORT" "$WIN_USER@$WIN_HOST" \
"echo run=${GITHUB_RUN_NUMBER} sha=${GITHUB_SHA} > C:\\ci-marker.txt && type C:\\ci-marker.txt"
# Always-runs cleanup: rolls the VM back to the gold snapshot on the host.
# In a separate job so it fires even when windows-test crashes mid-step.
revert-vm:
runs-on: docker
needs: [windows-test]
if: always()
steps:
- name: Install client tools
run: |
apt-get update -qq
apt-get install -y -qq curl iproute2
- name: Trigger revert on host
env:
REVERT_TOKEN: ${{ secrets.REVERT_TOKEN }}
run: |
GW=$(ip route | awk '/default/ {print $3; exit}')
echo "calling revert endpoint at $GW:8765"
curl -fsSL --max-time 90 -X POST \
-H "Authorization: Bearer $REVERT_TOKEN" \
"http://$GW:8765/revert"
Reference in a new issue View git blame Copy permalink