version: 2.1 aliases: - &install-podman name: Install Podman in Ubuntu Focal command: ./install/linux/install-podman-ubuntu-focal.sh # FIXME: Remove the following step once we drop Ubuntu Focal support. The # python-all dependency is an artificial requirement due to an stdeb bug # prior to v0.9.1. See: # # * https://github.com/astraw/stdeb/issues/153 # * https://github.com/freedomofpress/dangerzone/issues/292#issuecomment-1349967888 - &install-python-all name: Install python-all package command: | export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true apt-get update apt-get install -y python-all - &install-dependencies-deb name: Install dependencies (deb) command: | export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true apt-get update apt-get install -y dh-python python3 python3-stdeb - &install-dependencies-rpm name: Install dependencies (rpm) command: | dnf install -y rpm-build python3 python3-devel python3-poetry-core pipx pipx install poetry - &build-deb name: Build the .deb package command: | ./install/linux/build-deb.py ls -lh deb_dist/ - &build-rpm name: Build the .rpm package command: | PATH=/root/.local/bin:$PATH ./install/linux/build-rpm.py ls -lh dist/ - &build-rpm-qubes name: Build the Qubes .rpm package command: | PATH=/root/.local/bin:$PATH ./install/linux/build-rpm.py --qubes ls -lh dist/ - &calculate-cache-key name: Caculating container cache key command: | mkdir -p /caches/ cd dangerzone/conversion/ cat common.py doc_to_pixels.py pixels_to_pdf.py | sha1sum | cut -d' ' -f1 > /caches/cache-id.txt cd ../../ - &restore-cache key: v1-{{ checksum "Dockerfile" }}-{{ checksum "/caches/cache-id.txt" }} paths: - /caches/container.tar.gz - /caches/image-id.txt - ©-image name: Copy container image into package command: | cp /caches/container.tar.gz share/ cp /caches/image-id.txt share/ jobs: run-lint: docker: - image: debian:bookworm resource_class: small steps: - checkout - run: name: Install dev. dependencies # Install only the necessary packages to run our linters. # # We run poetry with --no-ansi, to sidestep a Poetry bug that # currently exists in 1.3. See: # https://github.com/freedomofpress/dangerzone/issues/292#issuecomment-1351368122 command: | apt-get update apt-get install -y git make python3 python3-poetry --no-install-recommends poetry install --no-ansi --only lint,test - run: name: Run linters to enforce code style command: poetry run make lint - run: name: Check that the QA script is up to date with the docs command: ./dev_scripts/qa.py --check-refs build-container-image: machine: image: ubuntu-2004:202111-01 steps: - checkout - run: *install-podman - run: name: Prepare cache directory command: | sudo mkdir -p /caches sudo chown -R $USER:$USER /caches - run: *calculate-cache-key - restore_cache: *restore-cache # setup_remote_docker - run: name: Build Dangerzone image command: | if [ -f "/caches/container.tar.gz" ]; then echo "Already cached, skipping" else sudo pip3 install poetry python3 ./install/common/build-image.py fi - run: name: Save Dangerzone image and image-id.txt to cache command: | if [ -f "/caches/container.tar.gz" ]; then echo "Already cached, skipping" else mkdir -p /caches podman save -o /caches/container.tar dangerzone.rocks/dangerzone gzip -f /caches/container.tar podman image ls dangerzone.rocks/dangerzone | grep "dangerzone.rocks/dangerzone" | tr -s ' ' | cut -d' ' -f3 > /caches/image-id.txt fi - run: *calculate-cache-key - save_cache: key: v1-{{ checksum "Dockerfile" }}-{{ checksum "/caches/cache-id.txt" }} paths: - /caches/container.tar.gz - /caches/image-id.txt convert-test-docs: machine: image: ubuntu-2004:202111-01 steps: - checkout - run: *install-podman - run: name: Install poetry dependencies command: | sudo pip3 install poetry # This flag is important, due to an open upstream Poetry issue: # https://github.com/python-poetry/poetry/issues/7184 poetry install --no-ansi - run: name: Install test dependencies command: | sudo apt-get install -y libqt5gui5 libxcb-cursor0 --no-install-recommends - run: name: Prepare cache directory command: | sudo mkdir -p /caches sudo chown -R $USER:$USER /caches - run: *calculate-cache-key - restore_cache: *restore-cache - run: *copy-image - run: name: run automated tests command: | poetry run make test ci-ubuntu-noble: machine: image: ubuntu-2004:202111-01 steps: - checkout - run: *install-podman - run: name: Prepare cache directory command: | sudo mkdir -p /caches sudo chown -R $USER:$USER /caches - run: *calculate-cache-key - restore_cache: *restore-cache - run: *copy-image - run: name: Prepare Dangerzone environment command: | ./dev_scripts/env.py --distro ubuntu --version 24.04 build-dev - run: name: Run CI tests command: | ./dev_scripts/env.py --distro ubuntu --version 24.04 run --dev \ bash -c 'cd dangerzone; poetry run make test' ci-ubuntu-mantic: machine: image: ubuntu-2004:202111-01 steps: - checkout - run: *install-podman - run: name: Prepare cache directory command: | sudo mkdir -p /caches sudo chown -R $USER:$USER /caches - run: *calculate-cache-key - restore_cache: *restore-cache - run: *copy-image - run: name: Prepare Dangerzone environment command: | ./dev_scripts/env.py --distro ubuntu --version 23.10 build-dev - run: name: Run CI tests command: | ./dev_scripts/env.py --distro ubuntu --version 23.10 run --dev \ bash -c 'cd dangerzone; poetry run make test' ci-ubuntu-jammy: machine: image: ubuntu-2004:202111-01 steps: - checkout - run: *install-podman - run: name: Prepare cache directory command: | sudo mkdir -p /caches sudo chown -R $USER:$USER /caches - run: *calculate-cache-key - restore_cache: *restore-cache - run: *copy-image - run: name: Prepare Dangerzone environment command: | ./dev_scripts/env.py --distro ubuntu --version 22.04 build-dev - run: name: Run CI tests command: | ./dev_scripts/env.py --distro ubuntu --version 22.04 run --dev \ bash -c 'cd dangerzone; poetry run make test' ci-ubuntu-focal: machine: image: ubuntu-2004:202111-01 steps: - checkout - run: *install-podman - run: name: Prepare cache directory command: | sudo mkdir -p /caches sudo chown -R $USER:$USER /caches - run: *calculate-cache-key - restore_cache: *restore-cache - run: *copy-image - run: name: Prepare Dangerzone environment command: | ./dev_scripts/env.py --distro ubuntu --version 20.04 build-dev - run: name: Run CI tests command: | ./dev_scripts/env.py --distro ubuntu --version 20.04 run --dev \ bash -c 'cd dangerzone; poetry run make test' ci-fedora-40: machine: image: ubuntu-2004:202111-01 steps: - checkout - run: *install-podman - run: name: Prepare cache directory command: | sudo mkdir -p /caches sudo chown -R $USER:$USER /caches - run: *calculate-cache-key - restore_cache: *restore-cache - run: *copy-image - run: name: Prepare Dangerzone environment command: | ./dev_scripts/env.py --distro fedora --version 40 build-dev - run: name: Run CI tests command: | ./dev_scripts/env.py --distro fedora --version 40 run --dev \ bash -c 'cd dangerzone; poetry run make test' ci-fedora-39: machine: image: ubuntu-2004:202111-01 steps: - checkout - run: *install-podman - run: name: Prepare cache directory command: | sudo mkdir -p /caches sudo chown -R $USER:$USER /caches - run: *calculate-cache-key - restore_cache: *restore-cache - run: *copy-image - run: name: Prepare Dangerzone environment command: | ./dev_scripts/env.py --distro fedora --version 39 build-dev - run: name: Run CI tests command: | ./dev_scripts/env.py --distro fedora --version 39 run --dev \ bash -c 'cd dangerzone; poetry run make test' ci-debian-trixie: machine: image: ubuntu-2004:202111-01 steps: - checkout - run: *install-podman - run: name: Prepare cache directory command: | sudo mkdir -p /caches sudo chown -R $USER:$USER /caches - run: *calculate-cache-key - restore_cache: *restore-cache - run: *copy-image - run: name: Prepare Dangerzone environment command: | ./dev_scripts/env.py --distro debian --version trixie build-dev - run: name: Run CI tests command: | ./dev_scripts/env.py --distro debian --version trixie run --dev \ bash -c 'cd dangerzone; poetry run make test' ci-debian-bookworm: machine: image: ubuntu-2004:202111-01 steps: - checkout - run: *install-podman - run: name: Prepare cache directory command: | sudo mkdir -p /caches sudo chown -R $USER:$USER /caches - run: *calculate-cache-key - restore_cache: *restore-cache - run: *copy-image - run: name: Prepare Dangerzone environment command: | ./dev_scripts/env.py --distro debian --version bookworm build-dev - run: name: Run CI tests command: | ./dev_scripts/env.py --distro debian --version bookworm run --dev \ bash -c 'cd dangerzone; poetry run make test' # NOTE: Making CI tests work in Debian Bullseye requires some tip-toeing # around certain Podman issues, as you'll see below. Read the following for # more details: # # https://github.com/freedomofpress/dangerzone/issues/388 ci-debian-bullseye: machine: image: ubuntu-2204:2023.04.2 steps: - checkout - run: *install-podman - run: name: Configure Podman for Ubuntu 22.04 command: | # This config circumvents the following issues: # * https://github.com/containers/podman/issues/6368 # * https://github.com/containers/podman/issues/10987 mkdir -p ~/.config/containers cat > ~/.config/containers/containers.conf \< Dockerfile.bullseye \<