s3lph/easywks
s3lph/easywks
1
0
Fork 0
Code Issues Pull requests Projects Releases 12 Packages 2 Wiki Activity Actions

feat: migrate from woodpecker to forgejo actions
All checks were successful
/ test (push) Successful in 1m21s
Details
/ codestyle (push) Successful in 1m25s
Details
/ easywksserver_gpgwksclient (push) Successful in 1m43s
Details
/ build_wheel (push) Successful in 1m47s
Details
/ build_debian (push) Successful in 2m41s
Details

Browse source
This commit is contained in:
s3lph 2023-12-19 07:29:11 +01:00
parent 32855f2472
commit 19cde32909
Signed by: s3lph
GPG key ID: 0AA29A52FB33CFB5
6 changed files with 127 additions and 139 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

38
.forgejo/workflows/package.yml Normal file
View file

@ -0,0 +1,38 @@
---
on:
push:
tags:
- "v*"
jobs:
build_wheel:
runs-on: docker
steps:
- uses: https://code.forgejo.org/actions/checkout@v4
- name: Build Python wheel
run: |
apt update; apt install -y python3-pip
pip3 install --break-system-packages -e .[test]
python3 setup.py egg_info bdist_wheel
- uses: https://git.kabelsalat.ch/s3lph/forgejo-action-wheel-package-upload@v3
with:
username: ${{ secrets.API_USERNAME }}
password: ${{ secrets.API_PASSWORD }}
build_debian:
runs-on: docker
steps:
- uses: https://code.forgejo.org/actions/checkout@v4
- uses: https://git.kabelsalat.ch/s3lph/forgejo-action-python-debian-package@v5
with:
python_module: easywks
package_name: easywks
package_root: package/debian/easywks
package_output_path: package/debian
- uses: https://git.kabelsalat.ch/s3lph/forgejo-action-debian-package-upload@v2
with:
username: ${{ secrets.API_USERNAME }}
password: ${{ secrets.API_PASSWORD }}
deb: "package/debian/*.deb"

74
.forgejo/workflows/test.yml Normal file
View file

@ -0,0 +1,74 @@
---
on: push
jobs:
test:
runs-on: docker
steps:
- uses: https://code.forgejo.org/actions/checkout@v4
- name: Run unit tests
run: |
apt update; apt install -y python3-pip
pip3 install --break-system-packages -e .[test]
python3 -m coverage run --rcfile=setup.cfg -m unittest discover easywks
python3 -m coverage combine
python3 -m coverage report --rcfile=setup.cfg
codestyle:
runs-on: docker
steps:
- uses: https://code.forgejo.org/actions/checkout@v4
- name: pycodestyle
run: |
apt update; apt install -y python3-pip
pip3 install --break-system-packages -e .[test]
pycodestyle easywks
easywksserver_gpgwksclient:
runs-on: docker
steps:
- uses: https://code.forgejo.org/actions/checkout@v4
- name: Integration Test against gpg-wks-client
run: |
apt update; apt install --yes gnupg2 socat ca-certificates python3-pip
echo "openpgpkey" > /etc/hostname
echo "127.0.0.1 openpgpkey.example.org openpgpkey example.org" > /etc/hosts
pip3 install --break-system-packages -e .[test]
openssl req -x509 -newkey rsa:4096 -keyout /etc/ssl/key.pem -out /etc/ssl/cert.pem -sha256 -days 365 -nodes -subj '/CN=openpgpkey.example.org'
cp /etc/ssl/cert.pem /usr/local/share/ca-certificates/local.crt
update-ca-certificates
mkdir -p /tmp/easywks
cat > /tmp/easywks.yml <<EOF
directory: /tmp/easywks
httpd:
host: 127.0.0.1
port: 8080
mailing_method: stdout
domains:
example.org:
submission_address: webkey@example.org
policy_flags:
me.s3lph.easywks_permit-unsigned-response: true # required for gpg-wks-client compat
EOF
easywks --config /tmp/easywks.yml init
easywks --config /tmp/easywks.yml webserver &
socat OPENSSL-LISTEN:443,fork,reuseaddr,verify=0,cert=/etc/ssl/cert.pem,key=/etc/ssl/key.pem TCP:127.0.0.1:8080 &
sleep 3
install -m 0700 -d /tmp/gpg /tmp/cleangpg
export GNUPGHOME=/tmp/gpg
test/genkey.sh alice@example.org
export FINGERPRINT="$(gpg --with-colons --fingerprint alice@example.org | grep -A1 ^pub | grep ^fpr | cut -d: -f10)"
/usr/lib/gnupg/gpg-wks-client --supported alice@example.org
/usr/lib/gnupg/gpg-wks-client --check webkey@example.org
PUBREQ="$(/usr/lib/gnupg/gpg-wks-client --create "${FINGERPRINT}" alice@example.org)"
CONFREQ="$(echo "${PUBREQ}" | easywks --config /tmp/easywks.yml process)"
CONFRESP="$(echo "${CONFREQ}" | /usr/lib/gnupg/gpg-wks-client --receive --verbose)"
PUBRESP="$(echo "${CONFRESP}" | easywks --config /tmp/easywks.yml process)"
echo "${PUBRESP}" | gpg --batch --decrypt
/usr/lib/gnupg/gpg-wks-client --check alice@example.org
export GNUPGHOME=/tmp/gpg
gpg --auto-key-locate=clear,wkd,nodefault --locate-keys alice@example.org
kill %2 || true
kill %1 || true

137
.woodpecker.yml
View file

@ -1,137 +0,0 @@
---
steps:
test:
image: python:3.11-bookworm
group: test
commands:
- pip3 install -e .[test]
- python3 -m coverage run --rcfile=setup.cfg -m unittest discover easywks
codestyle:
image: python:3.11-bookworm
group: test
commands:
- pip3 install -e .[test]
- pycodestyle easywks
easywksserver_gpgwksclient:
image: python:3.11-bookworm
group: integration
commands:
- echo "openpgpkey" > /etc/hostname
- echo "127.0.0.1 openpgpkey.example.org openpgpkey example.org" > /etc/hosts
- pip3 install -e .[test]
- apt update; apt install --yes gnupg2 socat ca-certificates
- openssl req -x509 -newkey rsa:4096 -keyout /etc/ssl/key.pem -out /etc/ssl/cert.pem -sha256 -days 365 -nodes -subj '/CN=openpgpkey.example.org'
- cp /etc/ssl/cert.pem /usr/local/share/ca-certificates/local.crt
- update-ca-certificates
- mkdir -p /tmp/easywks
- |
cat > /tmp/easywks.yml <<EOF
directory: /tmp/easywks
httpd:
host: 127.0.0.1
port: 8080
mailing_method: stdout
domains:
example.org:
submission_address: webkey@example.org
policy_flags:
me.s3lph.easywks_permit-unsigned-response: true # required for gpg-wks-client compat
EOF
- easywks --config /tmp/easywks.yml init
- easywks --config /tmp/easywks.yml webserver &
- socat OPENSSL-LISTEN:443,fork,reuseaddr,verify=0,cert=/etc/ssl/cert.pem,key=/etc/ssl/key.pem TCP:127.0.0.1:8080 &
- sleep 3
- install -m 0700 -d /tmp/gpg /tmp/cleangpg
- export GNUPGHOME=/tmp/gpg
- test/genkey.sh alice@example.org
- >-
export FINGERPRINT="$(gpg --with-colons --fingerprint alice@example.org | grep -A1 ^pub | grep ^fpr | cut -d: -f10)"
- /usr/lib/gnupg/gpg-wks-client --supported alice@example.org
- /usr/lib/gnupg/gpg-wks-client --check webkey@example.org
- PUBREQ="$(/usr/lib/gnupg/gpg-wks-client --create "$${FINGERPRINT}" alice@example.org)"
- CONFREQ="$(echo "$${PUBREQ}" | easywks --config /tmp/easywks.yml process)"
- CONFRESP="$(echo "$${CONFREQ}" | /usr/lib/gnupg/gpg-wks-client --receive --verbose)"
- PUBRESP="$(echo "$${CONFRESP}" | easywks --config /tmp/easywks.yml process)"
- echo "$${PUBRESP}" | gpg --batch --decrypt
- /usr/lib/gnupg/gpg-wks-client --check alice@example.org
- export GNUPGHOME=/tmp/gpg
- gpg --auto-key-locate=clear,wkd,nodefault --locate-keys alice@example.org
- kill %2 || true
- kill %1 || true
coverage:
image: python:3.11-bookworm
group: integration
commands:
- pip3 install -e .[test]
- python3 -m coverage combine
- python3 -m coverage report --rcfile=setup.cfg
build_wheel:
image: python:3.11-bookworm
group: package
when:
- event: tag
secrets:
- GITEA_API_REPOSITORY_PYPI
- GITEA_API_USERNAME
- GITEA_API_PASSWORD
commands:
- pip3 install -e .[test]
- python3 setup.py egg_info bdist_wheel
- |
cat > ~/.pypirc <<EOF
[distutils]
index-servers = gitea
[gitea]
repository = $${GITEA_API_REPOSITORY_PYPI}
username = $${GITEA_API_USERNAME}
password = $${GITEA_API_PASSWORD}
EOF
- python3 -m twine upload --repository gitea dist/*.whl
build_debian:
image: python:3.11-bookworm
group: package
when:
- event: tag
secrets:
- GITEA_API_REPOSITORY_DEB
- GITEA_API_USERNAME
- GITEA_API_PASSWORD
commands:
- apt update; apt install -y lintian rsync sudo curl
- export EASYWKS_VERSION=$(python -c 'import easywks; print(easywks.__version__)')
- |
(for version in "$(cat CHANGELOG.md | grep '<!-- BEGIN CHANGES' | cut -d ' ' -f 4)"; do
echo "easywks ($${version}-1) stable; urgency=medium\n"
cat CHANGELOG.md | grep -A 1000 "<"'!'"-- BEGIN CHANGES $${version} -->" | grep -B 1000 "<"'!'"-- END CHANGES $${version} -->" | tail -n +2 | head -n -1 | sed -re 's/^-/ */g'
echo "\n -- s3lph@kabelsalat.ch $(date -R)\n"
done) > package/debian/easywks/usr/share/doc/easywks/changelog
- gzip -9n package/debian/easywks/usr/share/doc/easywks/changelog
- python3 setup.py egg_info install --root=package/debian/easywks/ --prefix=/usr --optimize=1
- cd package/debian
- sed -re "s/__EASYWKS_VERSION__/$${EASYWKS_VERSION}/g" -i easywks/DEBIAN/control
- mkdir -p easywks/usr/lib/python3/dist-packages/
- rsync -a easywks/usr/lib/python3.11/site-packages/ easywks/usr/lib/python3/dist-packages/
- rm -rf easywks/usr/lib/python3.11/site-packages
- find easywks/usr/lib/python3/dist-packages -name __pycache__ -exec rm -r {} \; 2>/dev/null || true
- find easywks/usr/lib/python3/dist-packages -name '*.pyc' -exec rm {} \;
- find easywks/usr/lib/python3/dist-packages -name '*.pyo' -exec rm {} \;
- sed -re 's$#!/usr/local/bin/python3$#!/usr/bin/python3$' -i easywks/usr/bin/easywks
- find easywks -type f -exec chmod 0644 {} \;
- find easywks -type d -exec chmod 755 {} \;
- chmod +x easywks/usr/bin/easywks easywks/DEBIAN/postinst easywks/DEBIAN/prerm easywks/DEBIAN/postrm
- dpkg-deb --build easywks
- mv easywks.deb "easywks_$${EASYWKS_VERSION}-1_all.deb"
- sudo -u nobody lintian "easywks_$${EASYWKS_VERSION}-1_all.deb" || true
- >-
curl
--user "$${GITEA_API_USERNAME}:$${GITEA_API_PASSWORD}"
--upload-file "easywks_$${EASYWKS_VERSION}-1_all.deb"
$${GITEA_API_REPOSITORY_DEB}

13
CHANGELOG.md
View file

@ -1,5 +1,18 @@
# EasyWKS Changelog # EasyWKS Changelog
<!-- BEGIN RELEASE v0.4.5 -->
## Version 0.4.5
Migrate from Woodpecker CI to Forgejo Actions
### Changes
<!-- BEGIN CHANGES 0.4.5 -->
- Migrate from Woodpecker CI to Forgejo Actions
<!-- END CHANGES 0.4.5-->
<!-- END RELEASE v0.4.5 -->
<!-- BEGIN RELEASE v0.4.4 --> <!-- BEGIN RELEASE v0.4.4 -->
## Version 0.4.4 ## Version 0.4.4

2
easywks/__init__.py
View file

@ -1,2 +1,2 @@
__version__ = '0.4.4' __version__ = '0.4.5'

2
package/debian/easywks/DEBIAN/control
View file

@ -1,5 +1,5 @@
Package: easywks Package: easywks
Version: __EASYWKS_VERSION__ Version: __VERSION__
Maintainer: s3lph <1375407-s3lph@users.noreply.gitlab.com> Maintainer: s3lph <1375407-s3lph@users.noreply.gitlab.com>
Section: web Section: web
Priority: optional Priority: optional