Move ls, version, checksum to own files. Add goss

Signed-off-by: Nicholas Wilde <ncwilde43@gmail.com>

Author: nicholaswilde

.github/workflows/ci.yaml

@@ -13,99 +13,211 @@ name: ci
 # or API.
 on:
   workflow_dispatch:
-    # Inputs the workflow accepts.
-    inputs:
-      version:
-        # Friendly description to be shown in the UI instead of 'name'
-        description: 'Version'
-        # Default value if no value is explicitly provided
-        default: '2.15.1'
-        # Input has to be provided for the workflow to run
-        required: true
-      ls:
-        description: 'ls'
-        default: 'ls2'
-        required: true
+  pull_request:
+    paths:
+      - 'Dockerfile'
+      - 'LS'
+      - 'VERSION'
+  push:
+    branches:
+      - main
+    paths:
+      - 'Dockerfile'
+      - 'LS'
+      - 'VERSION'
+
+env:
+  # How long to sleep before running the tests (gives the application time to start)
+  GOSS_SLEEP: 30
 
 jobs:
-  main:
-    runs-on: ubuntu-20.04
+  prep:
+    runs-on: ubuntu-latest
+    outputs:
+      version: ${{ steps.prep.outputs.version }}
+      checksum: ${{ steps.prep.outputs.checksum }}
+      ls: ${{ steps.prep.outputs.ls }}
+      goss: ${{ steps.prep.outputs.goss }}
+      push: ${{ steps.prep.outputs.push }}
+      tag: ${{ steps.prep.outputs.version }}-ls${{ steps.prep.outputs.ls }}
+      repo_name: ${{ steps.prep.outputs.repo_name }}
+      date: ${{ steps.prep.outputs.date }}
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2.3.4
+
+      # Define if tests and push should be run against which versions/platforms
+      - name: Prepare
+        id: prep
+        run: |
+          VERSION=$(cat ./VERSION)
+          echo ::set-output name=version::${VERSION}
+          LS=$(cat ./LS)
+          echo ::set-output name=ls::${LS}
+          REPO_NAME=$(echo "${{ github.event.repository.name }}" | sed 's/[^-]*-//')
+          echo ::set-output name=repo_name::${REPO_NAME}
+          DATE=$(date -u +%Y-%m-%dT%H%M%SZ)
+          echo ::set-output name=date::${DATE}
+          if test -f "./CHECKSUM"; then
+            CHECKSUM=$(cat ./CHECKSUM)
+            echo ::set-output name=checksum::${CHECKSUM}
+          else
+            echo ::set-output name=checksum::""
+          fi
+          if test -f "./goss.yaml"; then
+            echo ::set-output name=goss::true
+          else
+            echo ::set-output name=goss::false
+          fi
+          if [ "${{github.event_name}}" == "pull_request" ]; then
+            echo ::set-output name=push::false
+          else
+            echo ::set-output name=push::true
+          fi
+
+  tag-does-not-exist:
+    runs-on: ubuntu-latest
+    needs: prep
+    outputs:
+      exists: ${{ steps.checkTag.outputs.exists }}
+    steps:
+      - name: Check if tag already exists
+        uses: mukunku/tag-exists-action@v1.0.0
+        id: checkTag
+        with:
+          tag: ${{ needs.prep.outputs.tag }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Fail if tag already exists
+        id: set
+        run: |
+          if ${{ steps.checkTag.outputs.exists }} == true; then
+            echo "${{needs.prep.outputs.tag}} already exists"
+            exit 1
+          fi
+
+  build:
+    runs-on: ubuntu-latest
+    if: always() # Run regardless if tag-does-not-exist fails
+    needs:
+      - prep
+      - tag-does-not-exist
     steps:
-      -
-        name: Get tag
-        run: echo "tag=${{ github.event.inputs.version }}-${{ github.event.inputs.ls }}" >> $GITHUB_ENV
-      -
-        name: Remove docker from the repo name
-        run: echo "repo_name=$(echo "${{ github.event.repository.name }}" | sed 's/[^-]*-//')" >> $GITHUB_ENV
-      -
-        name: Get current date
-        run: echo "date=$(date -u +%Y-%m-%dT%H%M%SZ)" >> $GITHUB_ENV
-      -
-        name: Checkout
+      - name: Checkout
         uses: actions/checkout@v2.3.4
-      -
-        name: Set up QEMU
+
+      - name: Set up QEMU
         uses: docker/setup-qemu-action@v1.1.0
-      -
-        name: Set up Docker Buildx
+
+      - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v1.3.0
         with:
           driver-opts: image=moby/buildkit:master
-      -
-        name: Cache Docker layers
+
+      - name: Cache Docker layers
         uses: actions/cache@v2.1.5
         with:
           path: /tmp/.buildx-cache
           key: ${{ runner.os }}-buildx-${{ github.sha }}
           restore-keys: |
             ${{ runner.os }}-buildx-
-      -
-        name: Login to DockerHub
+
+      # Install the GOSS testing framework
+      - name: Set up goss/dgoss
+        uses: e1himself/goss-installation-action@v1.0.3
+        if: needs.prep.outputs.goss == 'true'
+        with:
+          version: 'v0.3.16'
+
+      # Creates a local build to run tests on
+      - name: Build and Load local test-container
+        uses: docker/build-push-action@v2
+        if: needs.prep.outputs.goss == 'true'
+        with:
+          build-args: |
+            VERSION=${{ needs.prep.outputs.version }}
+            CHECKSUM=${{ needs.prep.outputs.checksum }}
+          context: .
+          file: ./Dockerfile
+          load: true
+          tags: |
+            ghcr.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:test
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new
+
+      # Run GOSS tests if included with the container
+      - name: Run GOSS tests
+        if: needs.prep.outputs.goss == 'true'
+        env:
+          GOSS_FILE: ./goss.yaml
+        run: |
+          dgoss run ghcr.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:test
+
+      - name: Login to DockerHub
         uses: docker/login-action@v1.9.0
+        if: github.event_name != 'pull_request' && needs.tag-does-not-exist.outputs.exists == 'false'
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
-      -
-        name: Login to GitHub Container Registry
+
+      - name: Login to GitHub Container Registry
         uses: docker/login-action@v1.9.0
+        if: github.event_name != 'pull_request'  && needs.tag-does-not-exist.outputs.exists == 'false'
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.CR_PAT }}
-      -
-        name: Login to Quay Registry
+
+      - name: Login to Quay Registry
         uses: docker/login-action@v1.9.0
+        if: github.event_name != 'pull_request' && needs.tag-does-not-exist.outputs.exists == 'false'
         with:
           registry: quay.io
           username: ${{ secrets.QUAY_USERNAME }}
           password: ${{ secrets.QUAY_TOKEN }}
-      -
-        name: Build and push
+
+      - name: Build and push
         uses: docker/build-push-action@v2.4.0
         with:
           context: .
           file: ./Dockerfile
           platforms: linux/amd64,linux/arm/v7,linux/arm64
-          push: true
+          push: ${{ needs.prep.outputs.push }}
           build-args: |
-            BUILD_DATE=${{ env.date }}
-            VERSION=${{ github.event.inputs.version }}
+            BUILD_DATE=${{ needs.prep.outputs.date }}
+            VERSION=${{ needs.prep.outputs.version }}
+            CHECKSUM=${{ needs.prep.outputs.checksum }}
           tags: |
-            ${{ github.repository_owner }}/${{ env.repo_name }}:latest
-            ${{ github.repository_owner }}/${{ env.repo_name }}:${{ env.tag }}
-            ghcr.io/${{ github.repository_owner }}/${{ env.repo_name }}:latest
-            ghcr.io/${{ github.repository_owner }}/${{ env.repo_name }}:${{ env.tag }}
-            quay.io/${{ github.repository_owner }}/${{ env.repo_name }}:latest
-            quay.io/${{ github.repository_owner }}/${{ env.repo_name }}:${{ env.tag }}
-      -
-        name: Create Release
+            ${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:latest
+            ${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:${{needs.prep.outputs.tag}}
+            ghcr.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:latest
+            ghcr.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:${{needs.prep.outputs.tag}}
+            quay.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:latest
+            quay.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:${{needs.prep.outputs.tag}}
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new
+
+      # This ugly bit is necessary if you don't want your cache to grow forever
+      # till it hits GitHub's limit of 5GB.
+      # Temp fix
+      # https://github.com/docker/build-push-action/issues/252
+      # https://github.com/moby/buildkit/issues/1896
+      - name: Move cache
+        if: needs.prep.outputs.push == 'true'
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+
+      - name: Create Release
         id: create_release
         uses: actions/create-release@v1.1.4
+        if: github.event_name != 'pull_request' && needs.tag-does-not-exist.outputs.exists == 'false'
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
         with:
-          tag_name: ${{ env.tag }}
-          release_name: ${{ env.tag }}
+          tag_name: ${{needs.prep.outputs.tag}}
+          release_name: ${{needs.prep.outputs.tag}}
           draft: false
           prerelease: false
-

.taskfiles/chk.yaml

@@ -2,19 +2,61 @@
 version: '3'
 
 tasks:
+  print:
+    desc: Get the checksum of the release or source package.
+    deps:
+      - _varcheck
+      - _release
+      - _source
+
+  export:
+    silent: true
+    desc: Export the checksum of the release or source package to CHECKSUM
+    deps:
+      - _varcheck
+      - _release-export
+      - _source-export
+
+  _release-export:
+    silent: true
+    cmds:
+      - task: _dl-export
+        vars:
+          URL: "https://www.fossil-scm.org/home/uv/{{ .FILENAME }}"
+    status:
+      - test {{ .TYPE }} != "release"
+
+  _source-export:
+    silent: true
+    cmds:
+      - task: _dl-export
+        vars:
+          URL: "https://github.com/{{ .SOURCE_ORG }}/{{ .SOURCE_REPO }}/archive/{{ .VERSION }}.tar.gz"
+    status:
+      - test {{ .TYPE }} != "source"
+      - test {{ .TYPE }} != "commit"
+
+  _dl-export:
+    slient: true
+    cmds:
+      - |
+        SUM=$(wget -q {{ .URL }} -O- | sha256sum|awk '{print $1}')
+        printf "%s" "$SUM" > CHECKSUM
+        cat CHECKSUM
+
   _release:
     cmds:
       - task: _dl
         vars:
-          URL: "https://github.com/{{ .SOURCE_ORG }}/{{ .SOURCE_REPO }}/releases/download/{{ .VERSION }}/{{ .FILENAME }}"
+          URL: "https://www.fossil-scm.org/home/uv/{{ .FILENAME }}"
     status:
       - test {{ .TYPE }} != "release"
 
   _source:
     cmds:
       - task: _dl
         vars:
-          URL: "https://www.fossil-scm.org/home/uv/fossil-src-{{ .VERSION }}.tar.gz"
+          URL: "https://github.com/{{ .SOURCE_ORG }}/{{ .SOURCE_REPO }}/archive/{{ .VERSION }}.tar.gz"
     status:
       - test {{ .TYPE }} != "source"
       - test {{ .TYPE }} != "commit"

.taskfiles/goss.yaml

@@ -0,0 +1,17 @@
+---
+version: '3'
+
+tasks:
+  run:
+    desc: Run dgoss
+    cmds:
+      - "{{ .DGOSS_RUN }} {{ .TAG_VERSION }}"
+    preconditions:
+      - docker images -q {{ .TAG_VERSION }} 2> /dev/null
+
+  edit:
+    desc: Edit dgoss
+    cmds:
+      - "{{ .DGOSS_EDIT }} {{ .TAG_VERSION }}"
+    preconditions:
+      - docker images -q {{ .TAG_VERSION }} 2> /dev/null

.taskfiles/ls.yaml

@@ -0,0 +1,18 @@
+---
+version: '3'
+
+tasks:
+  print:
+    desc: Print the LS value
+    silent: true
+    cmds:
+      - printf "%s" "{{ .LS }}"
+
+  increment:
+    desc: Increment the LS value
+    silent: true
+    cmds:
+      - |
+        LS=$(( {{ .LS }} + 1 ))
+        printf "%s" "$LS" > LS
+        cat LS

.taskfiles/version.yaml

@@ -0,0 +1,20 @@
+---
+version: '3'
+
+tasks:
+  print:
+    desc: Print the latest app version
+    silent: true
+    cmds:
+      - printf %s {{ .VERSION }}
+    vars:
+      VERSION:
+        sh: curl -sX GET {{ .API_URL }} | jq --raw-output '.tag_name'
+
+  export:
+    desc: Export the latest app version to VERSION
+    cmds:
+      - printf "%s" "{{ .VERSION }}" > VERSION
+    vars:
+      VERSION:
+        sh: curl -sX GET {{ .API_URL }} | jq --raw-output '.tag_name'

CHECKSUM

@@ -0,0 +1 @@
+80d27923c663b2a2c710f8ae8cd549862e04f8c04285706274c34ae3c8ca17d1

Dockerfile

@@ -1,6 +1,6 @@
 FROM alpine:3.13.5 as base
-ARG VERSION=2.15.1
-ARG CHECKSUM=80d27923c663b2a2c710f8ae8cd549862e04f8c04285706274c34ae3c8ca17d1
+ARG VERSION
+ARG CHECKSUM
 SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
 RUN \
   echo "**** install packages ****" && \