STACKITGit/end-to-end
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: STACKITGit:main
Branches Tags
STACKITGit:main
STACKITGit:renovate/actionsdata.forgejo.org-oci-node-replacement
STACKITGit:feat/allow-override-release-versions
STACKITGit:legacy/v11.0-v7.0
STACKITGit:wip-gitea
STACKITGit:legacy/v9.0-v1.22
STACKITGit:legacy/v8.0-v1.21
STACKITGit:legacy/v7.0-v1.18
STACKITGit:forgejo-pr
..
compare: STACKITGit:legacy/v9.0-v1.22
Branches Tags
STACKITGit:main
STACKITGit:renovate/actionsdata.forgejo.org-oci-node-replacement
STACKITGit:feat/allow-override-release-versions
STACKITGit:legacy/v11.0-v7.0
STACKITGit:wip-gitea
STACKITGit:legacy/v9.0-v1.22
STACKITGit:legacy/v8.0-v1.21
STACKITGit:legacy/v7.0-v1.18
STACKITGit:forgejo-pr

No commits in common. "main" and "legacy/v9.0-v1.22" have entirely different histories.
main ... legacy/v9.

132 changed files with 346 additions and 2229 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.dockerignore
View file

@ -1 +0,0 @@
.git

15
.forgejo/prepare-end-to-end/action.yml
View file

@ -1,13 +1,9 @@
inputs:
built:
description: 'True if a source build is available, false otherwise'
runs:
using: "composite"
steps:
- name: cache S3 binaries
id: S3
uses: https://data.forgejo.org/actions/cache@v4
uses: https://code.forgejo.org/actions/cache@v4
with:
path: |
/usr/local/bin/minio
@ -15,18 +11,11 @@ runs:
/usr/local/bin/garage
key: S3
- uses: https://data.forgejo.org/actions/setup-forgejo@v3.1.6
- uses: https://code.forgejo.org/actions/setup-forgejo@v2.0.6
with:
install-only: true
- run: forgejo-binary.sh ensure_user forgejo
- name: inputs context dump for debug
run: |
set -x
cat <<EOF
${{ toJSON(inputs) }}
EOF
- uses: actions/download-artifact@v3
if: ${{ inputs.built == 'yes' }}
with:
name: forgejo-dev
path: /srv/forgejo-binaries

11
.forgejo/upload-coverage/action.yml
View file

@ -1,11 +0,0 @@
inputs:
scope:
description: 'Scope of the coverage'
runs:
using: "composite"
steps:
- uses: actions/upload-artifact@v3
with:
name: coverage-${{ inputs.scope }}
path: /tmp/forgejo-end-to-end/coverage

143
.forgejo/workflows/end-to-end.yml
View file

@ -2,6 +2,16 @@
#
# https://code.forgejo.org/forgejo/end-to-end/settings/actions
#
# secrets.CASCADE_DOCS_ORIGIN_TOKEN
# https://code.forgejo.org/forgejo-ci scope write:issue, read:repository, read:user
# vars.CASCADE_DOCS_DESTINATION_DOER
# forgejo-cascading-pr (https://codeberg.org/forgejo-cascading-pr)
# secrets.CASCADE_DOCS_DESTINATION_TOKEN
# https://codeberg.org/forgejo-cascading-pr scope write:issue, write:repository, read:user
# vars.CASCADE_DOCS_FORCE_VERSION
# replace the generated documentation for a given version even if it has already
# been generated (e.g. v7.0.0-test)
#
on:
pull_request:
@ -9,32 +19,23 @@ on:
branches:
- 'main'
enable-email-notifications: true
jobs:
build:
runs-on: docker
container:
image: 'data.forgejo.org/oci/node:24-trixie'
outputs:
built: "${{ steps.build.outputs.built }}"
forgejo_versions_json: "${{ steps.build.outputs.forgejo_versions_json }}"
image: 'code.forgejo.org/oci/node:20-bookworm'
steps:
- uses: https://data.forgejo.org/actions/checkout@v4
- uses: https://data.forgejo.org/actions/setup-go@v5
- uses: https://code.forgejo.org/actions/checkout@v4
- uses: https://code.forgejo.org/actions/setup-go@v5
with:
go-version: "1.25"
go-version: "1.22"
- name: lib/build.sh
id: build
run: |
mkdir $d /tmp/forgejo-upload
touch /tmp/forgejo-upload/PLACEHOLDER
if ! test -f forgejo/build-from-sources; then
echo forgejo/build-from-sources is not present, do not build any version from source
source lib/lib.sh
echo "forgejo_versions_json=$(node -p "JSON.stringify(process.argv[1].split(' '))" "$RELEASE_NUMBERS")" >> $FORGEJO_OUTPUT
echo "built=no" >> $FORGEJO_OUTPUT
exit 0
fi
@ -54,113 +55,109 @@ jobs:
$forgejo --version
mv $forgejo /tmp/forgejo-upload/forgejo-$version
done
echo "forgejo_versions_json=$(node -p "JSON.stringify(process.argv[1].split(' '))" "$(cat forgejo/build-from-sources)")" >> $FORGEJO_OUTPUT
echo "built=yes" >> $FORGEJO_OUTPUT
- name: steps context dump for debug
run: |
set -x
cat <<EOF
${{ toJSON(steps) }}
EOF
- uses: actions/upload-artifact@v3
if: ${{ steps.build.outputs.built == 'yes' }}
with:
name: forgejo-dev
path: /tmp/forgejo-upload
packages:
needs: [build]
runs-on: lxc-trixie
strategy:
matrix:
forgejo_version: ${{ fromJSON(needs.build.outputs.forgejo_versions_json) }}
runs-on: lxc-bookworm
steps:
- uses: https://data.forgejo.org/actions/checkout@v4
- uses: https://code.forgejo.org/actions/checkout@v4
- uses: ./.forgejo/prepare-end-to-end
with:
built: ${{ needs.build.outputs.built }}
- run: su forgejo -c "./end-to-end.sh test_packages ${{ matrix.forgejo_version }}"
- if: ${{ needs.build.outputs.built == 'yes' }}
uses: ./.forgejo/upload-coverage
with:
scope: packages
- run: su forgejo -c "./end-to-end.sh test_packages"
- name: full logs
if: always()
run: su forgejo -c "./end-to-end.sh show_logs"
actions:
needs: [build]
runs-on: lxc-trixie
strategy:
matrix:
forgejo_version: ${{ fromJSON(needs.build.outputs.forgejo_versions_json) }}
runs-on: lxc-bookworm
steps:
- uses: https://data.forgejo.org/actions/checkout@v4
- uses: https://code.forgejo.org/actions/checkout@v4
- uses: ./.forgejo/prepare-end-to-end
with:
built: ${{ needs.build.outputs.built }}
- run: ./end-to-end.sh prepare_dockerd
- run: su forgejo -c "./end-to-end.sh test_actions ${{ matrix.forgejo_version }}"
- if: ${{ needs.build.outputs.built == 'yes' }}
uses: ./.forgejo/upload-coverage
with:
scope: actions
- run: su forgejo -c "./end-to-end.sh test_actions"
- name: full logs
if: always()
run: su forgejo -c "./end-to-end.sh show_logs"
federation:
needs: [build]
runs-on: lxc-trixie
runs-on: lxc-bookworm
steps:
- uses: https://data.forgejo.org/actions/checkout@v4
- uses: https://code.forgejo.org/actions/checkout@v4
- uses: ./.forgejo/prepare-end-to-end
with:
built: ${{ needs.build.outputs.built }}
- name: install zstd
run: |
export DEBIAN_FRONTEND=noninteractive
apt-get -q install -y -qq zstd
- name: cache GitLab OCI image
uses: https://data.forgejo.org/actions/cache@v4
uses: https://code.forgejo.org/actions/cache@v4
with:
path: |
/srv/forgejo-binaries/gitlab
key: gitlab
- name: setup dbus
run: |
apt-get -q install -y -qq dbus
systemctl enable --now dbus
- name: run test_federation
run: |
chown -R forgejo:forgejo .
- run: |
su forgejo -c "./end-to-end.sh test_federation"
- if: ${{ needs.build.outputs.built == 'yes' }}
uses: ./.forgejo/upload-coverage
with:
scope: federation
- name: full logs
if: always()
run: su forgejo -c "./end-to-end.sh show_logs"
actions-docs:
needs: [build]
runs-on: lxc-bookworm
if: github.ref == 'refs/heads/main'
strategy:
matrix:
info:
- version: "11.0"
branch: next
forgejo: https://codeberg.org
owner: forgejo-experimental
- version: "10.0"
forgejo: https://codeberg.org
owner: forgejo
steps:
- uses: https://code.forgejo.org/actions/checkout@v4
- uses: ./.forgejo/prepare-end-to-end
- name: set full-version
id: full-version
shell: bash
run: |
set -x
full_version=$(./end-to-end.sh full_version ${{ matrix.info.version }} ${{ matrix.info.owner }})
echo value="$full_version" >> $GITHUB_OUTPUT
- run: ./end-to-end.sh prepare_dockerd
- run: su forgejo -c "./end-to-end.sh test_actions ${{ matrix.info.version }}"
- name: update documentation
uses: https://code.forgejo.org/actions/cascading-pr@v2.1
with:
origin-url: ${{ env.GITHUB_SERVER_URL }}
origin-repo: ${{ github.repository }}
origin-token: ${{ secrets.CASCADE_DOCS_ORIGIN_TOKEN }}
origin-ref: refs/heads/main
destination-url: https://codeberg.org
destination-fork-repo: ${{ vars.CASCADE_DOCS_DESTINATION_DOER }}/docs
destination-repo: forgejo/docs
destination-branch: ${{ matrix.info.branch || format('v{0}', matrix.info.version) }}
destination-token: ${{ secrets.CASCADE_DOCS_DESTINATION_TOKEN }}
prefix: ${{ env.GITHUB_REPOSITORY }}-${{ matrix.info.version }}
update: .forgejo/cascading-docs
env:
FORCE_VERSION: "${{ vars.CASCADE_DOCS_FORCE_VERSION }}"
VERSION: "${{ steps.full-version.outputs.value }}"
upgrade:
name: upgrade and storage
needs: [build]
runs-on: lxc-trixie
runs-on: lxc-bookworm
steps:
- uses: https://data.forgejo.org/actions/checkout@v4
- uses: https://code.forgejo.org/actions/checkout@v4
- uses: ./.forgejo/prepare-end-to-end
with:
built: ${{ needs.build.outputs.built }}
- run: su forgejo -c "./end-to-end.sh test_upgrades"
- run: su forgejo -c "./end-to-end.sh test_storage"
- if: ${{ needs.build.outputs.built == 'yes' }}
uses: ./.forgejo/upload-coverage
with:
scope: upgrade
- name: full logs
if: always()
run: su forgejo -c "./end-to-end.sh show_logs"

50
Dockerfile
View file

@ -1,50 +0,0 @@
FROM data.forgejo.org/oci/node:24-trixie
ENV PATH=$PATH:/setup-forgejo
ENV _CONTAINERS_USERNS_CONFIGURED=""
RUN apt-get update && \
apt-get --assume-yes --no-install-recommends install \
aardvark-dns \
ca-certificates \
curl \
daemon \
fuse-overlayfs \
gettext \
git \
jq \
libcap2-bin \
neovim \
nftables \
passt \
podman \
podman-compose \
podman-docker \
procps \
pup \
slirp4netns \
sudo \
tcpdump \
uidmap \
wget && \
adduser -u 1001 forgejo-tests && \
groupadd wheel && \
adduser forgejo-tests wheel && \
echo "%wheel ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers && \
echo "forgejo-tests:10000:9999" > /etc/subuid && \
echo "forgejo-tests:10000:9999" > /etc/subgid && \
mkdir /srv/forgejo-binaries && \
chown forgejo-tests:forgejo-tests /srv/forgejo-binaries && \
apt-get clean && \
apt-get autoremove --purge && \
apt-get autoclean
COPY --chown=1001:1001 . /e2e
RUN git clone https://code.forgejo.org/actions/setup-forgejo.git /setup-forgejo
USER forgejo-tests
WORKDIR /e2e
ENTRYPOINT /bin/bash

74
README.md
View file

@ -1,18 +1,5 @@
# Forgejo end-to-end tests
- [Forgejo end-to-end tests](#forgejo-end-to-end-tests)
- [Removing legacy tests](#removing-legacy-tests)
- [Hacking](#hacking)
- [Running from locally built binary](#running-from-locally-built-binary)
- [Forgejo](#forgejo)
- [Forgejo runner](#forgejo-runner)
- [Running from locally built container image](#running-from-locally-built-container-image)
- [Running actions tests locally](#running-actions-tests-locally)
- [Running federation tests locally](#running-federation-tests-locally)
- [Federated Mastodon Follow Test](#federated-mastodon-follow-test)
- [Running other tests locally](#running-other-tests-locally)
- [Running tests in Docker/Podman](#running-tests-in-dockerpodman)
A series of tests scenarios and assertions covering
[Forgejo](https://codeberg.org/forgejo/forgejo) and the [Forgejo
runner](https://code.forgejo.org/forgejo/runner).
@ -20,7 +7,7 @@ runner](https://code.forgejo.org/forgejo/runner).
They are designed to run using Forgejo releases and development
versions compiled from designated repositories.
## Removing legacy tests
# Removing legacy tests
End-to-end tests cover the supported range of releases and when one of
them is EOL, it must be removed as well as the tests that target it
@ -30,7 +17,7 @@ When a release is EOL, a branch is cut with a name following the
pattern `legacy/vX.Y-vA.B`. For instance when `v8.0` is published and
`v1.21` is EOL, the branch `legacy/v8.0-v1.21` is cut.
## Hacking
# Hacking
docker and sudo must be installed with insecure registries allowed in
/etc/docker/daemon.json for the IP that will be used for forgejo such
@ -59,38 +46,16 @@ git clone https://code.forgejo.org/forgejo/end-to-end
cd end-to-end
```
### Running from locally built binary
Before injecting a manually built binary, make sure a simple test was
run so that the directories are populated.
#### Forgejo
From a checkout of https://codeberg.org/forgejo/forgejo/
## Running from locally built binary
```sh
make clean-all && make frontend && make TAGS='bindata sqlite sqlite_unlock_notify' generate forgejo
cp -a forgejo /srv/forgejo-binaries/forgejo-11.0
make TAGS='bindata sqlite sqlite_unlock_notify' generate forgejo
cp -a forgejo /srv/forgejo-binaries/forgejo-10.0
```
It will be used whenever the version `11.0` is specified in a test.
It will be used whenever the version `10.0` is specified in a test.
#### Forgejo runner
From a checkout of https://code.forgejo.org/forgejo/runner
```sh
make --always-make forgejo-runner
cp forgejo-runner /tmp/forgejo-end-to-end/forgejo-runner
```
### Running from locally built container image
```bash
docker buildx build --output=type=docker --tag codeberg.org/forgejo/forgejo:latest .
```
## Running actions tests locally
## Running actions locally
To run and debug workflows from `actions/example-*`, from the root of
the source directory, with docker and forgejo-curl.sh installed, mimic
@ -101,7 +66,6 @@ admin permissions. But they do not need to run as root and must work
fine when run as a regular user.
```sh
export FORGEJO_RUNNER_LOGS=/tmp/forgejo-end-to-end/forgejo-runner.log
./end-to-end.sh run dependencies
./end-to-end.sh actions_setup 10.0
firefox 0.0.0.0:3000 # user root / admin1234
@ -112,23 +76,6 @@ firefox 0.0.0.0:3000 # user root / admin1234
Note that `with-docker-tcp` requires the docker daemon listens to
tcp://127.0.0.1:2375. See `actions/actions.sh` for how to do that.
## Running federation tests locally
To run and debug scenarios from `federation/*`, from the root of
the source directory, mimic what `.forgejo/workflows/end-to-end.yml` does.
```sh
./end-to-end.sh run dependencies
./end-to-end.sh federation_setup 12.0
firefox 0.0.0.0:3001 # user root / admin1234
firefox 0.0.0.0:3002 # user root / admin1234
firefox 0.0.0.0:3003 # user root / admin1234
./end-to-end.sh federation_verify_scenario star
./end-to-end.sh federation_verify_scenario gotosocial
./end-to-end.sh federation_verify_scenario mastodon
./end-to-end.sh federation_teardown
```
## Running other tests locally
To run and debug tests, from the root of the source directory.
@ -145,10 +92,3 @@ Cleanup. It will teardown the Forgejo instance.
```sh
./end-to-end.sh stop
```
## Running tests in Docker/Podman
There is an included Dockerfile in which the tests can be run. Building the
conatiner will copy the the entire repo state into the container from which
changes to the tests can be tested. Note: running in podman requires the
`--privileged` flag because this will run podman in podman for some tests.

21
actions/actions.sh
View file

@ -133,7 +133,7 @@ function test_actions() {
done
fi
if dpkg --compare-versions $runner_version gt 10.0.0; then
if dpkg --compare-versions $runner_version gt 6.0.1; then
run actions_verify_example force-rebuild
fi
@ -143,18 +143,10 @@ function test_actions() {
done
fi
for example in echo matrix needs workflow-call lxc config-options cache cache-pull-request checkout service container expression local-action docker-action if if-fail push tag push-cancel artifacts pull-request context private-workflow-call create-runner-file; do
for example in echo config-options cache checkout service container expression local-action docker-action if if-fail push tag push-cancel artifacts pull-request context; do
run actions_verify_example $example
done
if dpkg --compare-versions $runner_version ge 6.3.0; then
run actions_verify_example cache-proxy
fi
if dpkg --compare-versions $runner_version ge 8.0.0; then
run actions_verify_example shell
fi
if dpkg --compare-versions $version lt 7.1; then
for example in cron; do
run actions_verify_example $example
@ -176,14 +168,5 @@ function test_actions() {
if dpkg --compare-versions $version ge 9.0; then
run actions_verify_example schedule-noncancel
fi
if dpkg --compare-versions $version ge 14.0; then
run actions_verify_example matrix-dynamic
fi
if dpkg --compare-versions $version ge 15.0; then
run actions_verify_example workflow-call-expansion
run actions_verify_example id-tokens
fi
done
}

2
actions/default-app.ini
View file

@ -18,7 +18,7 @@ PATH = ${WORK_PATH}/forgejo.db
[log]
MODE = file
LEVEL = trace
logger.router.MODE = file
ROUTER = file
[log.file]
FILE_NAME = forgejo.log

8
actions/example-artifacts-v4/.forgejo/workflows/test.yml
View file

@ -7,7 +7,7 @@ jobs:
- run: touch artifacts/ONE artifacts/TWO
- uses: https://data.forgejo.org/forgejo/upload-artifact@v4
- uses: https://code.forgejo.org/forgejo/upload-artifact@v4
with:
name: many-artifacts
path: artifacts/
@ -16,7 +16,7 @@ jobs:
needs: [upload-many]
runs-on: docker
steps:
- uses: https://data.forgejo.org/forgejo/download-artifact@v4
- uses: https://code.forgejo.org/forgejo/download-artifact@v4
- run: |
test -f many-artifacts/ONE
@ -29,7 +29,7 @@ jobs:
- run: echo hello > path/to/artifact/world.txt
- uses: https://data.forgejo.org/forgejo/upload-artifact@v4
- uses: https://code.forgejo.org/forgejo/upload-artifact@v4
with:
name: my-artifact
path: path/to/artifact/world.txt
@ -40,7 +40,7 @@ jobs:
steps:
- run: "! test -f world.txt"
- uses: https://data.forgejo.org/forgejo/download-artifact@v4
- uses: https://code.forgejo.org/forgejo/download-artifact@v4
with:
name: my-artifact

2
actions/example-automerge/.forgejo/workflows/test.yml
View file

@ -5,7 +5,7 @@ jobs:
test:
runs-on: docker
container:
image: data.forgejo.org/oci/node:20-bookworm
image: code.forgejo.org/oci/node:20-bookworm
options: "--volume /srv/example:/srv/example"
steps:

25
actions/example-cache-proxy/getter/.forgejo/workflows/get.yml
View file

@ -1,25 +0,0 @@
on: [push]
jobs:
build:
runs-on: docker
container:
image: data.forgejo.org/oci/node:20-bookworm
steps:
- name: cache restore
id: cachestep
uses: https://data.forgejo.org/actions/cache/restore@v4
with:
path: |
/usr/local/bin/something
key: thecoolsecretcachekey
- name: verify something
run: |
set -x
test SOMETHING = $(cat /usr/local/bin/something)
- name: cache hit
run: |
set -x
test "${{ steps.cachestep.outputs.cache-hit }}" = true

22
actions/example-cache-proxy/run.sh
View file

@ -1,22 +0,0 @@
source $EXAMPLE_DIR/../../lib/lib.sh
api=$url/api/v1
repostorer=root/example-cache-proxy-storer
repogetter=root/example-cache-proxy-getter
function main() {
forgejo-curl.sh api_json -X DELETE $api/repos/$repostorer >&/dev/null || true
forgejo-curl.sh api_json -X DELETE $api/repos/$repogetter >&/dev/null || true
forgejo-test-helper.sh push_workflow actions/example-$example/storer $url root example-$example-storer setup-forgejo $token
local shastorer=$(forgejo-test-helper.sh branch_tip $url $repostorer main)
forgejo-test-helper.sh wait_success $url $repostorer $shastorer
forgejo-test-helper.sh push_workflow actions/example-$example/getter $url root example-$example-getter setup-forgejo $token
local shagetter=$(forgejo-test-helper.sh branch_tip $url $repogetter main)
forgejo-test-helper.sh wait_failure $url $repogetter $shagetter
}
main

29
actions/example-cache-proxy/runner-config.yaml
View file

@ -1,29 +0,0 @@
log:
level: debug
runner:
file: .runner
capacity: 1
env_file: .env
timeout: 3h
insecure: false
fetch_timeout: 5s
fetch_interval: 2s
labels: ["docker:docker://code.forgejo.org/oci/node:20-bookworm"]
cache:
enabled: true
dir: "/srv/example/cache"
host: ""
port: 0
container:
network: "bridge"
privileged: false
options:
workdir_parent:
valid_volumes: ["/srv/example"]
docker_host: ""
host:
workdir_parent:

1
actions/example-cache-proxy/setup.sh
View file

@ -1 +0,0 @@
FORGEJO_RUNNER_CONFIG=$EXAMPLE_DIR/runner-config.yaml forgejo-runner.sh reload

17
actions/example-cache-proxy/storer/.forgejo/workflows/store.yml
View file

@ -1,17 +0,0 @@
on: [push]
jobs:
build:
runs-on: docker
container:
image: data.forgejo.org/oci/node:20-bookworm
steps:
- name: create something
run: echo SOMETHING > /usr/local/bin/something
- name: cache save
uses: https://data.forgejo.org/actions/cache/save@v4
with:
path: |
/usr/local/bin/something
key: thecoolsecretcachekey

1
actions/example-cache-proxy/teardown.sh
View file

@ -1 +0,0 @@
forgejo-runner.sh reload

96
actions/example-cache-pull-request/.forgejo/workflows/test.yml
View file

@ -1,96 +0,0 @@
on:
pull_request:
types:
- opened
- closed
jobs:
save-cache:
runs-on: docker
container:
image: data.forgejo.org/oci/node:20-bookworm
steps:
- name: cache restore
id: cachestep1
uses: https://data.forgejo.org/actions/cache/restore@v4
with:
path: |
/usr/local/bin/something
key: cachekey-${{ forge.event.pull_request.head.repo.full_name }}
- name: cache hit
run: |
set -x
test "${{ steps.cachestep1.outputs.cache-hit }}" != true
- name: create something
run: echo SOMETHING > /usr/local/bin/something
- name: cache save
uses: https://data.forgejo.org/actions/cache/save@v4
with:
path: |
/usr/local/bin/something
key: ${{ steps.cachestep1.outputs.cache-primary-key }}
restore-cache:
runs-on: docker
needs: [save-cache]
container:
image: data.forgejo.org/oci/node:20-bookworm
steps:
- name: cache restore
id: cachestep2
uses: https://data.forgejo.org/actions/cache/restore@v4
with:
path: |
/usr/local/bin/something
key: cachekey-${{ forge.event.pull_request.head.repo.full_name }}
- name: verify something
run: |
set -x
test SOMETHING = $(cat /usr/local/bin/something)
- name: cache hit
run: |
set -x
test "${{ steps.cachestep2.outputs.cache-hit }}" = true
test:
runs-on: docker
needs: [restore-cache]
container:
image: data.forgejo.org/oci/node:20-bookworm
options: "--volume /srv/example:/srv/example"
steps:
- name: setup
shell: bash
run: |
set -x
test $FORGEJO_TOKEN = ${{ env.FORGEJO_TOKEN }}
test $FORGEJO_TOKEN = ${{ forge.token }}
export DEBIAN_FRONTEND=noninteractive ; apt-get -qq update ; apt-get install -y -qq curl git >& /dev/null
curl -sS -o /usr/local/bin/forgejo-curl.sh https://code.forgejo.org/forgejo/forgejo-curl/raw/branch/main/forgejo-curl.sh && chmod +x /usr/local/bin/forgejo-curl.sh
forgejo-curl.sh --token "$FORGEJO_TOKEN" login $FORGEJO_SERVER_URL
forgejo-curl.sh api_json $FORGEJO_SERVER_URL/api/v1/user
- name: determine if the PR is from a fork
id: forked
run: |
set -x
if test ${{ forge.event.pull_request.base.repo.full_name }} = ${{ forge.event.pull_request.head.repo.full_name }} ; then
echo value=false >> $FORGEJO_OUTPUT
else
echo value=true >> $FORGEJO_OUTPUT
fi
- name: save event
run: |
set -x
d=/srv/example/cache-pull-request/contexts/${{ forgejo.event.pull_request.head.repo.owner.username }}/$FORGEJO_EVENT_NAME
mkdir -p $d
cat > $d/forgejo-${{ forgejo.event.action }} <<'EOF'
${{ toJSON(forgejo) }}
EOF

9
actions/example-cache-pull-request/assert-contexts-closed.sh
View file

@ -1,9 +0,0 @@
#!/bin/bash
set -ex
c=$d/contexts
for user in cache-fork-org root; do
test -f $c/$user/pull_request/forgejo-closed
done

9
actions/example-cache-pull-request/assert-contexts-opened.sh
View file

@ -1,9 +0,0 @@
#!/bin/bash
set -ex
c=$d/contexts
for user in cache-fork-org root; do
test -f $c/$user/pull_request/forgejo-opened
done

80
actions/example-cache-pull-request/run.sh
View file

@ -1,80 +0,0 @@
TMPDIR=$(mktemp -d)
trap "rm -fr $TMPDIR" EXIT
api=$url/api/v1
export d=/srv/example/cache-pull-request
function main() {
mkdir -p $d
#
# open a pull request
# - from the same repository
# - from a forked repository
#
forgejo-test-helper.sh push_workflow actions/example-$example $url root example-$example setup-forgejo $token
forgejo-curl.sh api_json --data-raw '{"username":"cache-fork-org"}' $api/orgs
forgejo-curl.sh api_json --data-raw '{"organization":"cache-fork-org"}' $api/repos/root/example-cache-pull-request/forks
(
cd $d
git clone $url/cache-fork-org/example-cache-pull-request fork
cd fork
git config user.email root@example.com
git config user.name username
touch file-unique-to-the-pr-branch
git add .
git commit -m 'fork change'
git push
)
forgejo.sh retry forgejo-curl.sh api_json --data-raw '{"title":"PR from fork","base":"main","head":"cache-fork-org:main"}' $api/repos/root/example-cache-pull-request/pulls
(
cd $d
git clone $url/root/example-cache-pull-request
cd example-cache-pull-request
git checkout -b other
git config user.email root@example.com
git config user.name username
touch file-unique-to-the-forked-pr
git add .
git commit -m 'other change'
git push --force -u origin other
)
forgejo.sh retry forgejo-curl.sh api_json --data-raw '{"title":"PR same repo","base":"main","head":"other"}' $api/repos/root/example-cache-pull-request/pulls
export RETRY_DELAYS="10 20 60 60 60 60 60"
#
# wait for the opened event to succeed using the cache on all pull requests
#
if ! forgejo.sh retry $EXAMPLE_DIR/assert-contexts-opened.sh; then
echo "assert-contexts-opened.sh failed; printing related logs and information:"
find $d
sed -e 's/^/[RUNNER LOGS]/' <$FORGEJO_RUNNER_LOGS
return 1
fi
#
# merge all pull requests
#
forgejo-curl.sh api_json $api/repos/root/example-cache-pull-request/pulls | jq -r '.[] | .number' | while read pr; do
forgejo-curl.sh api_json --data-raw '{"Do":"merge"}' $api/repos/root/example-cache-pull-request/pulls/$pr/merge
done
#
# wait for the closed event to succeed using the cache on all pull requests
#
if ! forgejo.sh retry $EXAMPLE_DIR/assert-contexts-closed.sh; then
echo "assert-contexts-closed.sh failed; printing related logs and information:"
find $d
sed -e 's/^/[RUNNER LOGS]/' <$FORGEJO_RUNNER_LOGS
return 1
fi
}
main

30
actions/example-cache-pull-request/runner-config.yaml
View file

@ -1,30 +0,0 @@
log:
level: debug
runner:
file: .runner
capacity: 1
env_file: .env
timeout: 3h
insecure: false
fetch_timeout: 5s
fetch_interval: 2s
labels: ["docker:docker://code.forgejo.org/oci/node:20-bookworm"]
cache:
enabled: true
dir: "/srv/example/cache"
host: ""
port: 0
container:
network: "bridge"
privileged: false
options:
workdir_parent:
valid_volumes: ["/srv/example"]
docker_host: ""
host:
workdir_parent:

2
actions/example-cache-pull-request/setup.sh
View file

@ -1,2 +0,0 @@
mkdir -p /srv/example/cache-pull-request
FORGEJO_RUNNER_CONFIG=$EXAMPLE_DIR/runner-config.yaml forgejo-runner.sh reload

1
actions/example-cache-pull-request/teardown.sh
View file

@ -1 +0,0 @@
forgejo-runner.sh reload

19
actions/example-cache/.forgejo/workflows/test.yml
View file

@ -1,14 +1,14 @@
on: [push]
jobs:
save-cache:
build:
runs-on: docker
container:
image: data.forgejo.org/oci/node:20-bookworm
image: code.forgejo.org/oci/node:20-bookworm
steps:
- name: cache restore
id: cachestep1
uses: https://data.forgejo.org/actions/cache/restore@v4
uses: https://code.forgejo.org/actions/cache/restore@v4
with:
path: |
/usr/local/bin/something
@ -23,21 +23,18 @@ jobs:
run: echo SOMETHING > /usr/local/bin/something
- name: cache save
uses: https://data.forgejo.org/actions/cache/save@v4
uses: https://code.forgejo.org/actions/cache/save@v4
with:
path: |
/usr/local/bin/something
key: ${{ steps.cachestep1.outputs.cache-primary-key }}
restore-cache:
runs-on: docker
needs: [save-cache]
container:
image: data.forgejo.org/oci/node:20-bookworm
steps:
- name: remove something
run: rm /usr/local/bin/something
- name: cache restore
id: cachestep2
uses: https://data.forgejo.org/actions/cache/restore@v4
uses: https://code.forgejo.org/actions/cache/restore@v4
with:
path: |
/usr/local/bin/something

14
actions/example-config-options/.forgejo/workflows/test.yml
View file

@ -3,24 +3,10 @@ on: [push]
jobs:
test:
runs-on: docker
container:
options: "--hostname customname"
steps:
- run: |
test -f /srv/example-config-options-volume-valid
- run: |
! test -w /srv/example-config-options-volume-valid
- run: |
! test -f /srv/example-config-options-volume-invalid
- run: |
set -x
test "$FROB" = "NITZ"
- run: |
set -x
test "$VAR_FROM_ENV_FILE" = "VALUE_FROM_ENV_FILE"
- run: |
set -x
test "$VAR_FROM_ENV_IN_CONFIG" = "VALUE_FROM_ENV_IN_CONFIG"
- run: |
set -x
test "$(cat /etc/hostname)" = customname

1
actions/example-config-options/env_file
View file

@ -1 +0,0 @@
VAR_FROM_ENV_FILE=VALUE_FROM_ENV_FILE

9
actions/example-config-options/runner-config.yaml
View file

@ -1,16 +1,13 @@
log:
level: debug
job_level: debug
runner:
file: .runner
capacity: 1
envs:
VAR_FROM_ENV_IN_CONFIG: VALUE_FROM_ENV_IN_CONFIG
env_file: env_file
env_file: .env
timeout: 3h
insecure: true
insecure: false
fetch_timeout: 5s
fetch_interval: 2s
labels: ["docker:docker://code.forgejo.org/oci/node:20-bookworm"]
@ -24,7 +21,7 @@ cache:
container:
network: ""
privileged: false
options: "--volume /srv/example-config-options-volume-valid:/srv/example-config-options-volume-valid:ro --volume /srv/example-config-options-volume-invalid:/srv/example-config-options-volume-invalid --env FROB=NITZ"
options: "--volume /srv/example-config-options-volume-valid:/srv/example-config-options-volume-valid --volume /srv/example-config-options-volume-invalid:/srv/example-config-options-volume-invalid --env FROB=NITZ"
workdir_parent:
valid_volumes: ["/srv/example-config-options-volume-valid"]
docker_host: ""

5
actions/example-config-options/setup.sh
View file

@ -1,6 +1,3 @@
>/srv/example-config-options-volume-valid
>/srv/example-config-options-volume-invalid
TMPDIR=$(mktemp -d)
cp $EXAMPLE_DIR/runner-config.yaml $EXAMPLE_DIR/env_file $TMPDIR
sed -i -e "s|env_file:.*|env_file: $TMPDIR/env_file|" $TMPDIR/runner-config.yaml
FORGEJO_RUNNER_CONFIG=$TMPDIR/runner-config.yaml forgejo-runner.sh reload
FORGEJO_RUNNER_CONFIG=$EXAMPLE_DIR/runner-config.yaml forgejo-runner.sh reload

2
actions/example-container/.forgejo/workflows/test.yml
View file

@ -3,6 +3,6 @@ jobs:
test:
runs-on: docker
container:
image: data.forgejo.org/oci/alpine:3.23
image: code.forgejo.org/oci/alpine:3.21
steps:
- run: grep Alpine /etc/os-release

253
actions/example-context/.forgejo/workflows/test.yml
View file

@ -4,7 +4,7 @@ jobs:
test:
runs-on: docker
container:
image: data.forgejo.org/oci/node:20-bookworm
image: code.forgejo.org/oci/node:20-bookworm
volumes:
- /srv/example:/srv/example
steps:
@ -15,240 +15,174 @@ jobs:
test "$CI" = true
test "$CI" = "${{ env.CI }}"
- name: FORGEJO_ACTION
- name: GITHUB_ACTION
run: |
set -x
echo "$FORGEJO_ACTION" | grep -E '^[0-9]+$'
test "$FORGEJO_ACTION" = "${{ env.FORGEJO_ACTION }}"
test "$FORGEJO_ACTION" = "${{ github.ACTION }}"
test "$FORGEJO_ACTION" = "${{ forge.ACTION }}"
test "$FORGEJO_ACTION" = "${{ forgejo.ACTION }}"
test "$FORGEJO_ACTION" = "$GITHUB_ACTION"
echo "$GITHUB_ACTION" | grep -E '^[0-9]+$'
test "$GITHUB_ACTION" = "${{ env.GITHUB_ACTION }}"
test "$GITHUB_ACTION" = "${{ github.ACTION }}"
# See also actions/example-local-action/.forgejo/local-action/action.yml
- name: FORGEJO_ACTION_PATH
- name: GITHUB_ACTION_PATH
run: |
set -x
test -z "$FORGEJO_ACTION_PATH"
test "$FORGEJO_ACTION_PATH" = "${{ env.FORGEJO_ACTION_PATH }}"
test "$FORGEJO_ACTION_PATH" = "${{ github.ACTION_PATH }}"
test "$FORGEJO_ACTION_PATH" = "${{ forge.ACTION_PATH }}"
test "$FORGEJO_ACTION_PATH" = "${{ forgejo.ACTION_PATH }}"
test "$FORGEJO_ACTION_PATH" = "$GITHUB_ACTION_PATH"
test -z "$GITHUB_ACTION_PATH"
test "$GITHUB_ACTION_PATH" = "${{ env.GITHUB_ACTION_PATH }}"
test "$GITHUB_ACTION_PATH" = "${{ github.ACTION_PATH }}"
- name: when running an action
if: ${{ env.FORGEJO_ACTIONS }}
if: ${{ env.GITHUB_ACTIONS }}
uses: SELF@main
with:
input-one: "otherone"
- name: FORGEJO_ACTION_REPOSITORY
run: test -f /srv/example/example-context/FORGEJO_ACTION_REPOSITORY
- name: GITHUB_ACTION_REPOSITORY
run: test -f /srv/example/example-context/GITHUB_ACTION_REPOSITORY
- name: FORGEJO_ACTION_PATH
run: test -f /srv/example/example-context/FORGEJO_ACTION_PATH
- name: GITHUB_ACTION_PATH
run: test -f /srv/example/example-context/GITHUB_ACTION_PATH
- name: FORGEJO_ACTIONS
- name: GITHUB_ACTIONS
run: |
set -x
test "$FORGEJO_ACTIONS" = true
test "$FORGEJO_ACTIONS" = "${{ env.FORGEJO_ACTIONS }}"
test "$FORGEJO_ACTIONS" = "$GITHUB_ACTIONS"
test "$GITHUB_ACTIONS" = true
test "$GITHUB_ACTIONS" = "${{ env.GITHUB_ACTIONS }}"
- name: FORGEJO_ACTOR
- name: GITHUB_ACTOR
run: |
set -x
test "$FORGEJO_ACTOR"
test "$FORGEJO_ACTOR" = "${{ env.FORGEJO_ACTOR }}"
test "$FORGEJO_ACTOR" = "${{ github.ACTOR }}"
test "$FORGEJO_ACTOR" = "${{ forge.ACTOR }}"
test "$FORGEJO_ACTOR" = "${{ forgejo.ACTOR }}"
test "$FORGEJO_ACTOR" = "$GITHUB_ACTOR"
test "$GITHUB_ACTOR"
test "$GITHUB_ACTOR" = "${{ env.GITHUB_ACTOR }}"
test "$GITHUB_ACTOR" = "${{ github.ACTOR }}"
- name: FORGEJO_API_URL
- name: GITHUB_API_URL
shell: bash
run: |
set -x
[[ "$FORGEJO_API_URL" =~ /api/v1$ ]]
test "$FORGEJO_API_URL" = "${{ env.FORGEJO_API_URL }}"
test "$FORGEJO_API_URL" = "${{ github.API_URL }}"
test "$FORGEJO_API_URL" = "${{ forge.API_URL }}"
test "$FORGEJO_API_URL" = "${{ forgejo.API_URL }}"
test "$FORGEJO_API_URL" = "$GITHUB_API_URL"
[[ "$GITHUB_API_URL" =~ /api/v1$ ]]
test "$GITHUB_API_URL" = "${{ env.GITHUB_API_URL }}"
test "$GITHUB_API_URL" = "${{ github.API_URL }}"
# See also actions/example-pull-request/.forgejo/workflows/test.yml
- name: FORGEJO_BASE_REF
- name: GITHUB_BASE_REF
run: |
set -x
test -z "$FORGEJO_BASE_REF"
test "$FORGEJO_BASE_REF" = "${{ env.FORGEJO_BASE_REF }}"
test "$FORGEJO_BASE_REF" = "${{ github.BASE_REF }}"
test "$FORGEJO_BASE_REF" = "${{ forge.BASE_REF }}"
test "$FORGEJO_BASE_REF" = "${{ forgejo.BASE_REF }}"
test "$FORGEJO_BASE_REF" = "$GITHUB_BASE_REF"
test -z "$GITHUB_BASE_REF"
test "$GITHUB_BASE_REF" = "${{ env.GITHUB_BASE_REF }}"
test "$GITHUB_BASE_REF" = "${{ github.BASE_REF }}"
# See also actions/example-pull-request/.forgejo/workflows/test.yml
- name: FORGEJO_HEAD_REF
- name: GITHUB_HEAD_REF
run: |
set -x
test -z "$FORGEJO_HEAD_REF"
test "$FORGEJO_HEAD_REF" = "${{ env.FORGEJO_HEAD_REF }}"
test "$FORGEJO_HEAD_REF" = "${{ github.HEAD_REF }}"
test "$FORGEJO_HEAD_REF" = "${{ forge.HEAD_REF }}"
test "$FORGEJO_HEAD_REF" = "${{ forgejo.HEAD_REF }}"
test "$FORGEJO_HEAD_REF" = "$GITHUB_HEAD_REF"
test -z "$GITHUB_HEAD_REF"
test "$GITHUB_HEAD_REF" = "${{ env.GITHUB_HEAD_REF }}"
test "$GITHUB_HEAD_REF" = "${{ github.HEAD_REF }}"
- name: FORGEJO_ENV
- name: GITHUB_ENV
run: |
set -x
test -f "$FORGEJO_ENV"
test "$FORGEJO_ENV" = "${{ env.FORGEJO_ENV }}"
test "$FORGEJO_ENV" = "$GITHUB_ENV"
test -f "$GITHUB_ENV"
test "$GITHUB_ENV" = "${{ env.GITHUB_ENV }}"
- name: FORGEJO_EVENT_NAME
- name: GITHUB_EVENT_NAME
run: |
set -x
test "$FORGEJO_EVENT_NAME" = push
test "$FORGEJO_EVENT_NAME" = "${{ env.FORGEJO_EVENT_NAME }}"
test "$FORGEJO_EVENT_NAME" = "${{ github.EVENT_NAME }}"
test "$FORGEJO_EVENT_NAME" = "${{ forge.EVENT_NAME }}"
test "$FORGEJO_EVENT_NAME" = "${{ forgejo.EVENT_NAME }}"
test "$FORGEJO_EVENT_NAME" = "$GITHUB_EVENT_NAME"
test "$GITHUB_EVENT_NAME" = push
test "$GITHUB_EVENT_NAME" = "${{ env.GITHUB_EVENT_NAME }}"
test "$GITHUB_EVENT_NAME" = "${{ github.EVENT_NAME }}"
- name: FORGEJO_JOB
- name: GITHUB_JOB
run: |
set -x
test "$FORGEJO_JOB" = test
test "$FORGEJO_JOB" = "${{ env.FORGEJO_JOB }}"
test "$FORGEJO_JOB" = "${{ github.JOB }}"
test "$FORGEJO_JOB" = "${{ forge.JOB }}"
test "$FORGEJO_JOB" = "${{ forgejo.JOB }}"
test "$FORGEJO_JOB" = "$GITHUB_JOB"
test "$GITHUB_JOB" = test
test "$GITHUB_JOB" = "${{ env.GITHUB_JOB }}"
test "$GITHUB_JOB" = "${{ github.JOB }}"
- name: FORGEJO_OUTPUT
- name: GITHUB_OUTPUT
run: |
set -x
test -f "$FORGEJO_OUTPUT"
test "$FORGEJO_OUTPUT" = "${{ env.FORGEJO_OUTPUT }}"
test "$FORGEJO_OUTPUT" = "$GITHUB_OUTPUT"
test -f "$GITHUB_OUTPUT"
test "$GITHUB_OUTPUT" = "${{ env.GITHUB_OUTPUT }}"
- name: FORGEJO_PATH
- name: GITHUB_PATH
run: |
set -x
test -f "$FORGEJO_PATH"
test "$FORGEJO_PATH" = "${{ env.FORGEJO_PATH }}"
test "$FORGEJO_PATH" = "$GITHUB_PATH"
test -f "$GITHUB_PATH"
test "$GITHUB_PATH" = "${{ env.GITHUB_PATH }}"
- name: FORGEJO_REF
- name: GITHUB_REF
shell: bash
run: |
set -x
[[ "$FORGEJO_REF" =~ ^refs/ ]]
test "$FORGEJO_REF" = "${{ env.FORGEJO_REF }}"
test "$FORGEJO_REF" = "${{ github.REF }}"
test "$FORGEJO_REF" = "${{ forge.REF }}"
test "$FORGEJO_REF" = "${{ forgejo.REF }}"
test "$FORGEJO_REF" = "$GITHUB_REF"
[[ "$GITHUB_REF" =~ ^refs/ ]]
test "$GITHUB_REF" = "${{ env.GITHUB_REF }}"
test "$GITHUB_REF" = "${{ github.REF }}"
- name: FORGEJO_REF_NAME
- name: GITHUB_REF_NAME
shell: bash
run: |
set -x
! [[ "$FORGEJO_REF_NAME" =~ ^refs/ ]]
test "$FORGEJO_REF_NAME" = "${{ env.FORGEJO_REF_NAME }}"
test "$FORGEJO_REF_NAME" = "${{ github.REF_NAME }}"
test "$FORGEJO_REF_NAME" = "${{ forge.REF_NAME }}"
test "$FORGEJO_REF_NAME" = "${{ forgejo.REF_NAME }}"
test "$FORGEJO_REF_NAME" = "$GITHUB_REF_NAME"
! [[ "$GITHUB_REF_NAME" =~ ^refs/ ]]
test "$GITHUB_REF_NAME" = "${{ env.GITHUB_REF_NAME }}"
test "$GITHUB_REF_NAME" = "${{ github.REF_NAME }}"
- name: FORGEJO_REPOSITORY
- name: GITHUB_REPOSITORY
run: |
set -x
test "$FORGEJO_REPOSITORY" = root/example-context
test "$FORGEJO_REPOSITORY" = "${{ env.FORGEJO_REPOSITORY }}"
test "$FORGEJO_REPOSITORY" = "${{ github.REPOSITORY }}"
test "$FORGEJO_REPOSITORY" = "${{ forge.REPOSITORY }}"
test "$FORGEJO_REPOSITORY" = "${{ forgejo.REPOSITORY }}"
test "$FORGEJO_REPOSITORY" = "$GITHUB_REPOSITORY"
test "$GITHUB_REPOSITORY" = root/example-context
test "$GITHUB_REPOSITORY" = "${{ env.GITHUB_REPOSITORY }}"
test "$GITHUB_REPOSITORY" = "${{ github.REPOSITORY }}"
- name: FORGEJO_REPOSITORY_OWNER
- name: GITHUB_REPOSITORY_OWNER
run: |
set -x
test "$FORGEJO_REPOSITORY_OWNER" = root
test "$FORGEJO_REPOSITORY_OWNER" = "${{ env.FORGEJO_REPOSITORY_OWNER }}"
test "$FORGEJO_REPOSITORY_OWNER" = "${{ github.REPOSITORY_OWNER }}"
test "$FORGEJO_REPOSITORY_OWNER" = "${{ forge.REPOSITORY_OWNER }}"
test "$FORGEJO_REPOSITORY_OWNER" = "${{ forgejo.REPOSITORY_OWNER }}"
test "$FORGEJO_REPOSITORY_OWNER" = "$GITHUB_REPOSITORY_OWNER"
test "$GITHUB_REPOSITORY_OWNER" = root
test "$GITHUB_REPOSITORY_OWNER" = "${{ env.GITHUB_REPOSITORY_OWNER }}"
test "$GITHUB_REPOSITORY_OWNER" = "${{ github.REPOSITORY_OWNER }}"
- name: FORGEJO_RUN_NUMBER
- name: GITHUB_RUN_NUMBER
run: |
set -x
echo "$FORGEJO_RUN_NUMBER" | grep -E '^[0-9]+$'
test "$FORGEJO_RUN_NUMBER" = "${{ env.FORGEJO_RUN_NUMBER }}"
test "$FORGEJO_RUN_NUMBER" = "${{ github.RUN_NUMBER }}"
test "$FORGEJO_RUN_NUMBER" = "${{ forge.RUN_NUMBER }}"
test "$FORGEJO_RUN_NUMBER" = "${{ forgejo.RUN_NUMBER }}"
test "$FORGEJO_RUN_NUMBER" = "$GITHUB_RUN_NUMBER"
echo "$GITHUB_RUN_NUMBER" | grep -E '^[0-9]+$'
test "$GITHUB_RUN_NUMBER" = "${{ env.GITHUB_RUN_NUMBER }}"
test "$GITHUB_RUN_NUMBER" = "${{ github.RUN_NUMBER }}"
- name: FORGEJO_RUN_ID
run: |
set -x
echo "$FORGEJO_RUN_ID" | grep -E '^[0-9]+$'
test "$FORGEJO_RUN_ID" = "${{ env.FORGEJO_RUN_ID }}"
test "$FORGEJO_RUN_ID" = "${{ github.RUN_ID }}"
test "$FORGEJO_RUN_ID" = "${{ forge.RUN_ID }}"
test "$FORGEJO_RUN_ID" = "${{ forgejo.RUN_ID }}"
test "$FORGEJO_RUN_ID" = "$GITHUB_RUN_ID"
- name: FORGEJO_SERVER_URL
- name: GITHUB_SERVER_URL
shell: bash
run: |
set -x
[[ "$FORGEJO_SERVER_URL" =~ ^http ]]
test "$FORGEJO_SERVER_URL" = "${{ env.FORGEJO_SERVER_URL }}"
test "$FORGEJO_SERVER_URL" = "${{ github.SERVER_URL }}"
test "$FORGEJO_SERVER_URL" = "${{ forge.SERVER_URL }}"
test "$FORGEJO_SERVER_URL" = "${{ forgejo.SERVER_URL }}"
test "$FORGEJO_SERVER_URL" = "$GITHUB_SERVER_URL"
[[ "$GITHUB_SERVER_URL" =~ ^http ]]
test "$GITHUB_SERVER_URL" = "${{ env.GITHUB_SERVER_URL }}"
test "$GITHUB_SERVER_URL" = "${{ github.SERVER_URL }}"
- name: FORGEJO_SHA
- name: GITHUB_SHA
run: |
set -x
test "$FORGEJO_SHA"
test "$FORGEJO_SHA" = "${{ env.FORGEJO_SHA }}"
test "$FORGEJO_SHA" = "${{ github.SHA }}"
test "$FORGEJO_SHA" = "${{ forge.SHA }}"
test "$FORGEJO_SHA" = "${{ forgejo.SHA }}"
test "$FORGEJO_SHA" = "$GITHUB_SHA"
test "$GITHUB_SHA"
test "$GITHUB_SHA" = "${{ env.GITHUB_SHA }}"
test "$GITHUB_SHA" = "${{ github.SHA }}"
- name: FORGEJO_STEP_SUMMARY
- name: GITHUB_STEP_SUMMARY
run: |
set -x
test -f "$FORGEJO_STEP_SUMMARY"
test "$FORGEJO_STEP_SUMMARY" = "${{ env.FORGEJO_STEP_SUMMARY }}"
test "$FORGEJO_STEP_SUMMARY" = "$GITHUB_STEP_SUMMARY"
test -f "$GITHUB_STEP_SUMMARY"
test "$GITHUB_STEP_SUMMARY" = "${{ env.GITHUB_STEP_SUMMARY }}"
# See also actions/example-pull-request/.forgejo/workflows/test.yml
- name: FORGEJO_TOKEN
- name: GITHUB_TOKEN
run: |
set -x
test "$FORGEJO_TOKEN"
test "$FORGEJO_TOKEN" = "${{ env.FORGEJO_TOKEN }}"
test "$FORGEJO_TOKEN" = "${{ github.TOKEN }}"
test "$FORGEJO_TOKEN" = "${{ forge.TOKEN }}"
test "$FORGEJO_TOKEN" = "${{ forgejo.TOKEN }}"
test "$FORGEJO_TOKEN" = "$GITHUB_TOKEN"
test "$GITHUB_TOKEN"
test "$GITHUB_TOKEN" = "${{ env.GITHUB_TOKEN }}"
test "$GITHUB_TOKEN" = "${{ github.TOKEN }}"
- name: FORGEJO_WORKSPACE
- name: GITHUB_WORKSPACE
run: |
set -x
test -d "$FORGEJO_WORKSPACE"
test "$FORGEJO_WORKSPACE" = "${{ env.FORGEJO_WORKSPACE }}"
test "$FORGEJO_WORKSPACE" = "${{ github.WORKSPACE }}"
test "$FORGEJO_WORKSPACE" = "${{ forge.WORKSPACE }}"
test "$FORGEJO_WORKSPACE" = "${{ forgejo.WORKSPACE }}"
test "$FORGEJO_WORKSPACE" = "$GITHUB_WORKSPACE"
test -d "$GITHUB_WORKSPACE"
test "$GITHUB_WORKSPACE" = "${{ env.GITHUB_WORKSPACE }}"
test "$GITHUB_WORKSPACE" = "${{ github.WORKSPACE }}"
- name: RUNNER_ARCH
run: |
@ -260,10 +194,11 @@ jobs:
set -x
test "$RUNNER_OS" = Linux
- name: RUNNER_TOOL_CACHE
run: |
set -x
test "$RUNNER_TOOL_CACHE"
# runner 3.3.0 $RUNNER_TOOL_CACHE is not an existing directory
# - name: RUNNER_TOOL_CACHE
# run: |
# set -x
# test -d "$RUNNER_TOOL_CACHE"
- name: RUNNER_TEMP
run: |

27
actions/example-context/action-for-context/action.yml
View file

@ -6,27 +6,18 @@ inputs:
runs:
using: "composite"
steps:
- name: FORGEJO_ACTION_REPOSITORY
- name: GITHUB_ACTION_REPOSITORY
run: |
set -x
test "$FORGEJO_ACTION_REPOSITORY" = root/action-for-context
test "$FORGEJO_ACTION_REPOSITORY" = "${{ env.FORGEJO_ACTION_REPOSITORY }}"
test "$FORGEJO_ACTION_REPOSITORY" = "${{ github.ACTION_REPOSITORY }}"
test "$FORGEJO_ACTION_REPOSITORY" = "${{ forge.ACTION_REPOSITORY }}"
test "$FORGEJO_ACTION_REPOSITORY" = "${{ forgejo.ACTION_REPOSITORY }}"
test "$FORGEJO_ACTION_REPOSITORY" = "$GITHUB_ACTION_REPOSITORY"
touch /srv/example/example-context/FORGEJO_ACTION_REPOSITORY
test "$GITHUB_ACTION_REPOSITORY" = root/action-for-context
test "$GITHUB_ACTION_REPOSITORY" = "${{ env.GITHUB_ACTION_REPOSITORY }}"
test "$GITHUB_ACTION_REPOSITORY" = "${{ github.ACTION_REPOSITORY }}"
touch /srv/example/example-context/GITHUB_ACTION_REPOSITORY
- name: FORGEJO_ACTION_PATH
- name: GITHUB_ACTION_PATH
shell: bash
run: |
set -x
# prior to Forgejo runner 8.0.0 the action path is built out of the file path.
# with Forgejo runner 8.0.0 and above is it a 64 character hash string
# e.g. /var/run/act/actions/1b/5c1802fa47e35716c2a0977bc907049d31aef29191cba400011c0b38b52d12
[[ "$FORGEJO_ACTION_PATH" =~ action-for-context@main$ ]] || [[ "$FORGEJO_ACTION_PATH" =~ /[0-9a-f]{2}/[0-9a-f]{62}$ ]]
test "$FORGEJO_ACTION_PATH" = "${{ github.ACTION_PATH }}"
test "$FORGEJO_ACTION_PATH" = "${{ forge.ACTION_PATH }}"
test "$FORGEJO_ACTION_PATH" = "${{ forgejo.ACTION_PATH }}"
test "$FORGEJO_ACTION_PATH" = "$GITHUB_ACTION_PATH"
touch /srv/example/example-context/FORGEJO_ACTION_PATH
[[ "$GITHUB_ACTION_PATH" =~ action-for-context@main$ ]]
test "$GITHUB_ACTION_PATH" = "${{ github.ACTION_PATH }}"
touch /srv/example/example-context/GITHUB_ACTION_PATH

9
actions/example-create-runner-file/.forgejo/workflows/test.yaml
View file

@ -1,9 +0,0 @@
on:
push:
jobs:
test:
runs-on: create-runner-file
steps:
- run: |
echo "OK"

40
actions/example-create-runner-file/run.sh
View file

@ -1,40 +0,0 @@
source "lib/lib.sh"
api="$url/api/v1"
function main() {
local repo
repo="root/example-$example"
secret="$(openssl rand -hex 20)"
runner_name="runner-$(openssl rand -hex 5)"
create_offline_registration_token "$runner_name" root "$secret"
# Changing to $DIR is necessary so that `.runner` gets created there. Otherwise, `forgejo-runner` would not pick it up.
pushd "$DIR" || exit 1
./forgejo-runner -c "$EXAMPLE_DIR/runner-config.yaml" create-runner-file --instance "http://$IP:3000" --name "$runner_name" --secret "$secret" --connect
popd || exit 1
FORGEJO_RUNNER_CONFIG="$EXAMPLE_DIR/runner-config.yaml" forgejo-runner.sh reload
label_count=$(jq '.labels | length ' "$DIR/.runner")
if [[ "$label_count" != "1" ]] ; then
echo "Unexpected number of labels in .runner file: $label_count instead of 1" >&2
exit 1
fi
runner_label=$(jq -r '.labels[0]' "$DIR/.runner")
if [[ "$runner_label" != "create-runner-file:docker://code.forgejo.org/oci/node:24-trixie" ]] ; then
echo "Unexpected runner label: '$runner_label' instead of create-runner-file:docker://code.forgejo.org/oci/node:24-trixie" >&2
exit 1
fi
forgejo-test-helper.sh push_workflow "actions/example-$example" "$url" root "example-$example" setup-forgejo "$token"
local sha
sha="$(forgejo-test-helper.sh branch_tip "$url" "$repo" main)"
forgejo-test-helper.sh wait_success "$url" "$repo" "$sha"
}
main

31
actions/example-create-runner-file/runner-config.yaml
View file

@ -1,31 +0,0 @@
log:
level: debug
runner:
file: .runner
capacity: 1
env_file: .env
timeout: 3h
insecure: false
fetch_timeout: 5s
fetch_interval: 2s
labels:
- "create-runner-file:docker://code.forgejo.org/oci/node:24-trixie"
cache:
enabled: true
dir: "/srv/example/cache"
host: ""
port: 0
container:
network: "bridge"
privileged: false
options:
workdir_parent:
valid_volumes: ["/srv/example"]
docker_host: ""
host:
workdir_parent:

4
actions/example-cron/.forgejo/workflows/test.yml
View file

@ -6,13 +6,13 @@ jobs:
test:
runs-on: docker
container:
image: data.forgejo.org/oci/debian:trixie
image: code.forgejo.org/oci/debian:bookworm
options: "--volume /srv/example:/srv/example"
steps:
- name: save context
run: |
d=/srv/example/cron/contexts/$FORGEJO_EVENT_NAME
d=/srv/example/cron/contexts/$GITHUB_EVENT_NAME
mkdir -p $d
cat > $d/github <<'EOF'
${{ toJSON(github) }}

4
actions/example-docker-action/.forgejo/workflows/test.yml
View file

@ -9,11 +9,11 @@ jobs:
#
- uses: https://code.forgejo.org/forgejo/test-setup-forgejo-docker@main
with:
args: ${{ forgejo.workspace }}/SOMEFILE
args: ${{ github.workspace }}/SOMEFILE
#
# ... which then also exists in the job workspace
# because both docker containers are automatically
# sharing the volume that contains it.
#
- run: |
test -f ${{ forgejo.workspace }}/SOMEFILE
test -f ${{ github.workspace }}/SOMEFILE

17
actions/example-expression/.forgejo/workflows/test.yml
View file

@ -23,7 +23,7 @@ jobs:
if: ${{ env.KEY1 == 'nogood' }}
- name: if does not skip
id: conditional
run: echo 'check=good' >> $FORGEJO_OUTPUT
run: echo 'check=good' >> $GITHUB_OUTPUT
if: env.KEY1 == 'value1'
- name: verify if did not skip
run: test ${{ steps.conditional.outputs.check }} = good
@ -98,11 +98,10 @@ jobs:
set -x
test "${{ fromJSON('["one","two"]')[0] }}" = 'one'
- uses: actions/checkout@v4
- name: hashFiles
run: |
set -x
hash="aea6ca2329c852f5b480ec35e1fe09d39a6bd1b50f4f9cc38fbd4fef870dc107"
test "${{ hashFiles('.forgejo/fileone.txt') }}" = $hash
test "${{ hashFiles('.forgejo/fileone.*') }}" = $hash
# As of act v1.13.0 this fails for real (before it pretended to work but did not)
# - name: hashFiles
# run: |
# set -x
# hash="bd52020371c038c4ad38a8d2df05dfa1a220d40fbe1ae83b63d6010cb527e531"
# test "${{ hashFiles('actions/example-expression/.forgejo/fileone.txt') }}" = $hash
# test "${{ hashFiles('actions/example-expression/.forgejo/fileone.*') }}" = $hash

5
actions/example-force-rebuild/.forgejo/local-docker-action/Dockerfile Normal file
View file

@ -0,0 +1,5 @@
FROM code.forgejo.org/oci/debian:bookworm
COPY entrypoint.sh /run/entrypoint.sh
# if we rebuild, we should notice this file change
COPY input.txt /run/input.txt
ENTRYPOINT [ "/run/entrypoint.sh" ]

6
actions/example-force-rebuild/.forgejo/local-docker-action/action.yml Normal file
View file

@ -0,0 +1,6 @@
name: local docker action
description: local docker action, build depends on "input.txt"
runs:
using: 'docker'
image: 'Dockerfile'

3
actions/example-force-rebuild/.forgejo/local-docker-action/entrypoint.sh Executable file
View file

@ -0,0 +1,3 @@
#! /usr/bin/env bash
set -x
exit "$(< /run/input.txt)"

1
actions/example-force-rebuild/.forgejo/local-docker-action/input.txt Normal file
View file

@ -0,0 +1 @@
this file will be filled by the test

15
actions/example-force-rebuild/.forgejo/workflows/test.yml
View file

@ -1,11 +1,10 @@
on: [push]
---
on:
push:
jobs:
ls:
test:
runs-on: docker
steps:
- uses: https://code.forgejo.org/forgejo/test-setup-forgejo-docker@main
with:
args: ${{ forgejo.workspace }}/SOMEFILE
- run: |
test -f ${{ forgejo.workspace }}/SOMEFILE
- name: Checkout repository
uses: actions/checkout@v4
- uses: ./.forgejo/local-docker-action

51
actions/example-force-rebuild/run.sh
View file

@ -19,51 +19,24 @@ function run() {
forgejo-test-helper.sh wait_$expected $url $repo $sha
}
function get_remote_image() {
docker image ls --format='{{ .Repository }}' | grep '^runner-remote-docker-action'
}
function remove_remote_images() {
docker image ls --format='{{ .Repository }}' | grep '^runner-remote-docker-action' | while read image; do
docker rmi $image
done
}
function was_built() {
grep --quiet 'docker build -t runner-remote-docker-action' $FORGEJO_RUNNER_LOGS
}
function main() {
local dir=$TMPDIR/repository
cp -a $EXAMPLE_DIR $dir
remove_remote_images
:
: Run one
:
setup_without_rebuild
run $dir success
local image="$(get_remote_image)"
test "$image"
was_built
:
: Run two: verify the image was not rebuilt
:
setup_without_rebuild # resets the logs
run $dir success
test "$image" = "$(get_remote_image)"
! was_built
:
: Run two: verify the image was rebuilt and
: the image name stayed the same
:
# set up passing docker action
echo "0" >$dir/.forgejo/local-docker-action/input.txt
setup_with_rebuild
run $dir success
test "$image" = "$(get_remote_image)"
was_built
# change docker action to fail
echo "1" >$dir/.forgejo/local-docker-action/input.txt
# ... but without a rebuild, it should still pass
setup_without_rebuild
run $dir success
# now the action should fail
setup_with_rebuild
run $dir failure
}
main

3
actions/example-force-rebuild/runner-config-with-rebuild.yml
View file

@ -1,6 +1,5 @@
log:
level: trace
job_level: trace
level: debug
runner:
file: .runner

3
actions/example-force-rebuild/runner-config-without-rebuild.yml
View file

@ -1,6 +1,5 @@
log:
level: trace
job_level: trace
level: debug
runner:
file: .runner

78
actions/example-id-tokens/.forgejo/workflows/test.yml
View file

@ -1,78 +0,0 @@
on: [push]
env:
JWT_CLI_VERSION: 6.2.0 # renovate: datasource=github-releases depName=jwt-cli packageName=mike-engel/jwt-cli
jobs:
generation-allowed:
enable-openid-connect: true
runs-on: docker
container:
image: data.forgejo.org/oci/ci:1
steps:
- run: curl -L -o jwt-linux.tar.gz https://github.com/mike-engel/jwt-cli/releases/download/${{ env.JWT_CLI_VERSION }}/jwt-linux-musl.tar.gz && tar -xvzf ./jwt-linux.tar.gz && chmod a+x ./jwt
- name: validate token generation works
run: |
RAW_JWT=$(curl -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=exampleAudience" | jq -r ".value")
if [[ -z "RAW_JWT" ]]; then
echo "Error: RAW_JWT should be set"
exit 1
fi
DECODED_JWT_BODY=$(echo $RAW_JWT | jq -R 'split(".") | .[1] | @base64d | fromjson')
if [[ -z "$DECODED_JWT_BODY" ]]; then
echo "Error: DECODED_JWT_BODY should be set"
exit 1
fi
ISS=$(echo $DECODED_JWT_BODY | jq -r '.iss')
if [[ -z "$ISS" ]]; then
echo "Error: ISS should be set"
exit 1
fi
curl "$ISS/.well-known/keys" > jwks.json
JWKS=$(cat ./jwks.json)
if [[ -z "$JWKS" ]]; then
echo "Error: JWKS should be set"
exit 1
fi
# Verify that the JWT decodes with the JWKS data
./jwt decode -S @./jwks.json -A RS256 $RAW_JWT || (echo "Error: failed signature validation" && exit 1)
WORKFLOW=$(echo $DECODED_JWT_BODY | jq -r '.workflow')
AUD=$(echo $DECODED_JWT_BODY | jq -r '.aud')
EVENT_NAME=$(echo $DECODED_JWT_BODY | jq -r '.event_name')
SUB=$(echo $DECODED_JWT_BODY | jq -r '.sub')
if [[ "$WORKFLOW" != "test.yml" ]]; then
echo "Error: WORKFLOW should be test.yml but is $WORKFLOW"
exit 1
fi
if [[ "$AUD" != "exampleAudience" ]]; then
echo "Error: AUD should be exampleAudience but is $AUD"
exit 1
fi
if [[ "$EVENT_NAME" != "push" ]]; then
echo "Error: EVENT_NAME should be push but is $EVENT_NAME"
exit 1
fi
if [[ "$SUB" != "repo:root/example-id-tokens:ref:refs/heads/main" ]]; then
echo "Error: SUB should be repo:root/example-id-tokens:ref:refs/heads/main but is $SUB"
exit 1
fi
generation-not-allowed:
enable-openid-connect: false
runs-on: docker
steps:
- name: check variables are unset
run: |
if [[ -n "$ACTIONS_ID_TOKEN_REQUEST_TOKEN" ]]; then
echo "Error: ACTIONS_ID_TOKEN_REQUEST_TOKEN should be unset"
exit 1
fi
if [[ -n "$ACTIONS_ID_TOKEN_REQUEST_URL" ]]; then
echo "Error: ACTIONS_ID_TOKEN_REQUEST_TOKEN should be unset"
exit 1
fi

2
actions/example-if/.forgejo/workflows/test.yml
View file

@ -8,7 +8,7 @@ jobs:
- name: if true
if: true
id: if_true
run: echo 'check=good' >> $FORGEJO_OUTPUT
run: echo 'check=good' >> $GITHUB_OUTPUT
- name: verify if true was run
run: test ${{ steps.if_true.outputs.check }} = good

8
actions/example-local-action/.forgejo/local-action/action.yml
View file

@ -13,10 +13,10 @@ outputs:
runs:
using: "composite"
steps:
- name: FORGEJO_ACTION_PATH
- name: GITHUB_ACTION_PATH
run: |
set -x
test -e "$FORGEJO_ACTION_PATH"
test "$FORGEJO_ACTION_PATH" = "${{ env.FORGEJO_ACTION_PATH }}"
test "$(basename $GITHUB_ACTION_PATH)" = local-action
test "$GITHUB_ACTION_PATH" = "${{ env.GITHUB_ACTION_PATH }}"
- run: echo key=${{ inputs.input-two-required }} >> $FORGEJO_OUTPUT
- run: echo key=${{ inputs.input-two-required }} >> $GITHUB_OUTPUT

16
actions/example-lxc/.forgejo/workflows/test.yml
View file

@ -1,16 +0,0 @@
on: [push]
jobs:
job1:
runs-on: lxc
steps:
- uses: https://data.forgejo.org/actions/checkout@v4
- run: systemctl --no-pager list-units
job2:
runs-on: lxc
steps:
- run: echo OK2
job3:
runs-on: lxc
steps:
- run: echo OK3

31
actions/example-lxc/runner-config.yaml
View file

@ -1,31 +0,0 @@
log:
level: debug
job_level: debug
runner:
file: .runner
capacity: 1
env_file: .env
timeout: 3h
insecure: false
fetch_timeout: 5s
fetch_interval: 2s
labels: ["lxc:lxc://debian:bookworm"]
cache:
enabled: false
dir: ""
host: ""
port: 0
container:
network: "bridge"
privileged: false
options:
workdir_parent:
valid_volumes: ["/srv/example"]
docker_host: ""
host:
workdir_parent:

1
actions/example-lxc/setup.sh
View file

@ -1 +0,0 @@
FORGEJO_RUNNER_CONFIG=$EXAMPLE_DIR/runner-config.yaml forgejo-runner.sh reload

1
actions/example-lxc/teardown.sh
View file

@ -1 +0,0 @@
forgejo-runner.sh reload

49
actions/example-matrix-dynamic/.forgejo/workflows/test.yml
View file

@ -1,49 +0,0 @@
on: [push]
jobs:
define-matrix:
runs-on: docker
outputs:
scalar-value: ${{ steps.define.outputs.scalar }}
array-value: ${{ steps.define.outputs.array }}
matrix-value: ${{ steps.define.outputs.matrix }}
steps:
- id: define
run: |
echo 'scalar=scalar value' >> "$FORGEJO_OUTPUT"
echo 'array=["value 1", "value 2"]' >> "$FORGEJO_OUTPUT"
echo 'matrix={"dimension-1": ["d1 v1", "d1 v2"], "dimension-2": ["d2 v1", "d2 v2"]}' >> "$GITHUB_OUTPUT"
scalar-job:
runs-on: docker
needs: define-matrix
strategy:
matrix:
scalar:
- "${{ needs.define-matrix.outputs.scalar-value }}"
- hard-coded value
steps:
- run: |
set -x
[ "${{ matrix.scalar }}" = "scalar value" ] || [ "${{ matrix.scalar }}" = "hard-coded value" ] || exit 1
array-job:
runs-on: docker
needs: define-matrix
strategy:
matrix:
array: ${{ fromJSON(needs.define-matrix.outputs.array-value) }}
steps:
- run: |
set -x
[ "${{ matrix.array }}" = "value 1" ] || [ "${{ matrix.array }}" = "value 2" ] || exit 1
matrix-job:
runs-on: docker
needs: define-matrix
strategy:
matrix: ${{ fromJSON(needs.define-matrix.outputs.matrix-value) }}
steps:
- run: |
set -x
[ "${{ matrix.dimension-1 }}" = "d1 v1" ] || [ "${{ matrix.dimension-1 }}" = "d1 v2" ] || exit 1
[ "${{ matrix.dimension-2 }}" = "d2 v1" ] || [ "${{ matrix.dimension-2 }}" = "d2 v2" ] || exit 1

10
actions/example-matrix-dynamic/run.sh
View file

@ -1,10 +0,0 @@
forgejo-test-helper.sh run_workflow actions/example-$example $url root example-$example setup-forgejo $token
# Verify that the matrix in the job was expanded correctly by checking that
# there are 9 completed jobs, by their commit statuses being present on the
# main branch's HEAD.
api=$url/api/v1
sha=$(forgejo-curl.sh api_json $api/repos/root/example-matrix-dynamic/branches/main | jq -r ".commit.id")
num_runs=$(forgejo-curl.sh api_json $api/repos/root/example-matrix-dynamic/commits/$sha/status | jq ".total_count")
echo "Expecting 9 commit statuses, found $num_runs commit statuses"
test $num_runs = 9

12
actions/example-matrix/.forgejo/workflows/test.yml
View file

@ -1,12 +0,0 @@
on: [push]
jobs:
test:
runs-on: docker
name: name-${{ matrix.version }}
strategy:
matrix:
version: [1.18, 1.19]
steps:
- run: |
set -x
test "${{ matrix.version }}"

19
actions/example-needs/.forgejo/workflows/test.yml
View file

@ -1,19 +0,0 @@
on: [push]
jobs:
job1:
runs-on: docker
outputs:
job1output: ${{ steps.step1.outputs.value }}
steps:
- id: step1
run: |
set -x
echo "value=value1" >> $FORGEJO_OUTPUT
job2:
needs: [job1]
runs-on: docker
steps:
- run: |
set -x
test "${{ needs.job1.outputs.job1output }}" = "value1"

4
actions/example-post-7-0-schedule/.forgejo/workflows/test.yml
View file

@ -6,13 +6,13 @@ jobs:
test:
runs-on: ${{ vars.TEST_SCHEDULE_RUNSON }}
container:
image: data.forgejo.org/oci/debian:trixie
image: code.forgejo.org/oci/debian:bookworm
options: "--volume /srv/example:/srv/example"
steps:
- name: save context
run: |
d=/srv/example/post-7-0-schedule/contexts/$FORGEJO_EVENT_NAME
d=/srv/example/post-7-0-schedule/contexts/$GITHUB_EVENT_NAME
mkdir -p $d
cat > $d/github <<'EOF'
${{ toJSON(github) }}

10
actions/example-private-workflow-call/.forgejo/workflows/reusable.yaml
View file

@ -1,10 +0,0 @@
on:
workflow_call:
jobs:
build:
runs-on: "docker"
container:
image: data.forgejo.org/oci/node:24-trixie
steps:
- run: echo 'OK'

11
actions/example-private-workflow-call/.forgejo/workflows/test.yaml
View file

@ -1,11 +0,0 @@
on:
push:
jobs:
test:
# `runs-on` disables workflow expansion. We want that in this case, because then Forgejo Runner has to authenticate
# itself to access the reusable workflow.
runs-on: docker
container:
image: data.forgejo.org/oci/node:24-trixie
uses: ./.forgejo/workflows/reusable.yaml

42
actions/example-private-workflow-call/run.sh
View file

@ -1,42 +0,0 @@
api="$url/api/v1"
export d=/srv/example/private-workflow-call
function main() {
mkdir -p "$d"
local repo
repo="root/example-$example"
forgejo-test-helper.sh push_workflow "actions/example-$example" "$url" root "example-$example" setup-forgejo "$token"
# push_workflow creates the repository and triggers a first workflow run. Wait for it to succeed. Ensures that the
# workflow is valid.
local sha
sha="$(forgejo-test-helper.sh branch_tip "$url" "$repo" main)"
forgejo-test-helper.sh wait_success "$url" "$repo" "$sha"
# Make the repository private. That is necessary to verify that Forgejo Runner includes the correct credentials when
# cloning the workflow.
forgejo-curl.sh api_json -X PATCH --data-raw '{"private":true}' "$api/repos/root/example-$example"
# Create a new commit that triggers a new workflow run that can be identified uniquely.
(
cd "$d" || exit 1
git clone "$url/root/example-$example"
cd "example-$example" || exit 1
git config user.email root@example.com
git config user.name username
echo "A new file" > test.txt
git add .
git commit -m 'Commit a new file'
git push
)
# Wait for the workflow pulled from the private repository to succeed.
local new_sha
new_sha="$(forgejo-test-helper.sh branch_tip "$url" "$repo" main)"
[[ "$new_sha" != "$sha" ]] || exit 1
forgejo-test-helper.sh wait_success "$url" "$repo" "$new_sha"
}
main

1
actions/example-private-workflow-call/setup.sh
View file

@ -1 +0,0 @@
mkdir -p /srv/example/private-workflow-call

58
actions/example-pull-request/.forgejo/workflows/test.yml
View file

@ -9,7 +9,7 @@ jobs:
test:
runs-on: docker
container:
image: data.forgejo.org/oci/node:20-bookworm
image: code.forgejo.org/oci/node:20-bookworm
options: "--volume /srv/example:/srv/example"
steps:
@ -17,45 +17,45 @@ jobs:
shell: bash
run: |
set -x
test $FORGEJO_TOKEN = ${{ env.FORGEJO_TOKEN }}
test $FORGEJO_TOKEN = ${{ forgejo.token }}
test $GITHUB_TOKEN = ${{ env.GITHUB_TOKEN }}
test $GITHUB_TOKEN = ${{ github.token }}
export DEBIAN_FRONTEND=noninteractive ; apt-get -qq update ; apt-get install -y -qq curl git >& /dev/null
curl -sS -o /usr/local/bin/forgejo-curl.sh https://code.forgejo.org/forgejo/forgejo-curl/raw/branch/main/forgejo-curl.sh && chmod +x /usr/local/bin/forgejo-curl.sh
forgejo-curl.sh --token "$FORGEJO_TOKEN" login $FORGEJO_SERVER_URL
forgejo-curl.sh api_json $FORGEJO_SERVER_URL/api/v1/user
forgejo-curl.sh --token "$GITHUB_TOKEN" login $GITHUB_SERVER_URL
forgejo-curl.sh api_json $GITHUB_SERVER_URL/api/v1/user
- name: determine if the PR is from a fork
id: forked
run: |
if test ${{ forgejo.event.pull_request.base.repo.full_name }} = ${{ forge.event.pull_request.head.repo.full_name }} ; then
echo value=false >> $FORGEJO_OUTPUT
if test ${{ github.event.pull_request.base.repo.full_name }} = ${{ github.event.pull_request.head.repo.full_name }} ; then
echo value=false >> $GITHUB_OUTPUT
else
echo value=true >> $FORGEJO_OUTPUT
echo value=true >> $GITHUB_OUTPUT
fi
# See also actions/example-context/.forgejo/workflows/test.yml
- name: env.FORGEJO_BASE_REF
- name: env.GITHUB_BASE_REF
run: |
set -x
test "$FORGEJO_BASE_REF" = main
test "$FORGEJO_BASE_REF" = "${{ env.FORGEJO_BASE_REF }}"
test "$GITHUB_BASE_REF" = main
test "$GITHUB_BASE_REF" = "${{ env.GITHUB_BASE_REF }}"
# See also actions/example-context/.forgejo/workflows/test.yml
- name: env.FORGEJO_HEAD_REF
- name: env.GITHUB_HEAD_REF
run: |
set -x
if ${{ steps.forked.outputs.value }} ; then
test "$FORGEJO_HEAD_REF" = main
test "$GITHUB_HEAD_REF" = main
else
test "$FORGEJO_HEAD_REF" = other
test "$GITHUB_HEAD_REF" = other
fi
test "$FORGEJO_HEAD_REF" = "${{ env.FORGEJO_HEAD_REF }}"
test "$GITHUB_HEAD_REF" = "${{ env.GITHUB_HEAD_REF }}"
- name: secrets
shell: bash
run: |
set -x
case $FORGEJO_EVENT_NAME in
case $GITHUB_EVENT_NAME in
pull_request_target)
#
# all PRs: secrets
@ -76,7 +76,7 @@ jobs:
fi
;;
*)
echo unexpected event $FORGEJO_EVENT_NAME
echo unexpected event $GITHUB_EVENT_NAME
false
;;
esac
@ -95,9 +95,9 @@ jobs:
#
# create an issue
#
base_repo=${{ forgejo.event.pull_request.base.repo.full_name }}
forgejo-curl.sh api_json --data-raw '{"title":"ISSUE"}' $FORGEJO_SERVER_URL/api/v1/repos/$base_repo/issues
url=$(echo $FORGEJO_SERVER_URL | sed -e "s|://|://$FORGEJO_TOKEN@|")
base_repo=${{ github.event.pull_request.base.repo.full_name }}
forgejo-curl.sh api_json --data-raw '{"title":"ISSUE"}' $GITHUB_SERVER_URL/api/v1/repos/$base_repo/issues
url=$(echo $GITHUB_SERVER_URL | sed -e "s|://|://$GITHUB_TOKEN@|")
git clone $url/$base_repo base
branch=B$RANDOM
(
@ -108,7 +108,7 @@ jobs:
echo CHANGE >> README
git add .
git commit -m 'change'
case $FORGEJO_EVENT_NAME in
case $GITHUB_EVENT_NAME in
pull_request_target|pull_request)
#
# repository write scope via http git passthrough
@ -117,15 +117,15 @@ jobs:
#
# repository write scope via the API
#
assert_fail_if_forked forgejo-curl.sh api_json --data-raw '{"title":"PR","base":"main","head":"'$branch'"}' $FORGEJO_SERVER_URL/api/v1/repos/$base_repo/pulls
assert_fail_if_forked forgejo-curl.sh api_json --data-raw '{"color":"#ffffff","name":"labelname"}' $FORGEJO_SERVER_URL/api/v1/repos/$base_repo/labels
assert_fail_if_forked forgejo-curl.sh api_json --data-raw '{"title":"PR","base":"main","head":"'$branch'"}' $GITHUB_SERVER_URL/api/v1/repos/$base_repo/pulls
assert_fail_if_forked forgejo-curl.sh api_json --data-raw '{"color":"#ffffff","name":"labelname"}' $GITHUB_SERVER_URL/api/v1/repos/$base_repo/labels
#
# See https://codeberg.org/forgejo/forgejo/issues/1525
#
! forgejo-curl.sh api_json --data-raw '{"new_branch_name":"B'$RANDOM'"}' $FORGEJO_SERVER_URL/api/v1/repos/$base_repo/branches
! forgejo-curl.sh api_json --data-raw '{"new_branch_name":"B'$RANDOM'"}' $GITHUB_SERVER_URL/api/v1/repos/$base_repo/branches
;;
*)
echo unexpected event $FORGEJO_EVENT_NAME
echo unexpected event $GITHUB_EVENT_NAME
false
;;
esac
@ -133,17 +133,17 @@ jobs:
- name: save event
run: |
d=/srv/example/pull-request/contexts/${{ forgejo.event.pull_request.head.repo.owner.username }}/$FORGEJO_EVENT_NAME
d=/srv/example/pull-request/contexts/${{ github.event.pull_request.head.repo.owner.username }}/$GITHUB_EVENT_NAME
mkdir -p $d
cat > $d/github <<'EOF'
${{ toJSON(github) }}
EOF
- uses: https://data.forgejo.org/actions/checkout@v4
- uses: https://code.forgejo.org/actions/checkout@v4
- name: checkout the default branch if pull_request_target
run: |
set -x
case $FORGEJO_EVENT_NAME in
case $GITHUB_EVENT_NAME in
pull_request_target)
! test -f file-unique-to-the-pr-branch
;;
@ -151,7 +151,7 @@ jobs:
test -f file-unique-to-the-pr-branch
;;
*)
echo unexpected event $FORGEJO_EVENT_NAME
echo unexpected event $GITHUB_EVENT_NAME
false
;;
esac

4
actions/example-push/.forgejo/workflows/test.yml
View file

@ -9,14 +9,14 @@ jobs:
test:
runs-on: docker
container:
image: data.forgejo.org/oci/node:20-bookworm
image: code.forgejo.org/oci/node:20-bookworm
volumes:
- /srv/example:/srv/example
steps:
- name: save event
run: |
d=/srv/example/push/contexts/$FORGEJO_EVENT_NAME
d=/srv/example/push/contexts/$GITHUB_EVENT_NAME
mkdir -p $d
cat > $d/github <<'EOF'
${{ toJSON(github) }}

2
actions/example-schedule-noncancel/.forgejo/workflows/schedule_continue.yml
View file

@ -5,7 +5,7 @@ jobs:
test:
runs-on: docker
container:
image: data.forgejo.org/oci/debian:trixie
image: code.forgejo.org/oci/debian:bookworm
volumes:
- /srv/example:/srv/example
steps:

12
actions/example-service/.forgejo/workflows/test.yml
View file

@ -8,7 +8,7 @@ jobs:
runs-on: docker
services:
pgsql:
image: data.forgejo.org/oci/postgres:15
image: code.forgejo.org/oci/postgres:15
env:
POSTGRES_DB: test
POSTGRES_PASSWORD: postgres
@ -23,11 +23,11 @@ jobs:
simple:
runs-on: docker
container:
image: data.forgejo.org/oci/debian:trixie
image: code.forgejo.org/oci/debian:bookworm
services:
pgsql:
image: data.forgejo.org/oci/postgres:15
image: code.forgejo.org/oci/postgres:15
env:
POSTGRES_DB: test
POSTGRES_PASSWORD: postgres
@ -43,7 +43,7 @@ jobs:
needs: [simple]
runs-on: docker
container:
image: data.forgejo.org/oci/debian:trixie
image: code.forgejo.org/oci/debian:bookworm
options: "--volume /srv/example-service-volume-valid:/srv/example-service-volume-valid --volume /srv/example-service-volume-invalid:/srv/example-service-volume-invalid"
steps:
@ -58,12 +58,12 @@ jobs:
needs: [volume-on-step]
runs-on: docker
container:
image: data.forgejo.org/oci/debian:trixie
image: code.forgejo.org/oci/debian:bookworm
options: "--volume /srv/example-service-volume-valid:/srv/example-service-volume-valid"
services:
myservice:
image: data.forgejo.org/oci/debian:trixie
image: code.forgejo.org/oci/debian:bookworm
options: "--volume /srv/example-service-volume-valid:/srv/example-service-volume-valid"
cmd: ["bash", "-c", "echo -n SUCCESS > /srv/example-service-volume-valid ; sleep infinity"]

87
actions/example-shell/.forgejo/workflows/test.yml
View file

@ -1,87 +0,0 @@
on: [push]
env:
ASSERT_SHELL: 'set -x ; readlink /proc/$$/exe ; readlink /proc/$$/exe | grep '
jobs:
default:
# docker:docker://code.forgejo.org/oci/node:22-bookworm
runs-on: docker
steps:
- name: default is bash
run: |
${{ env.ASSERT_SHELL }} /bash
sh-fallback:
needs: [default]
# alpine:docker://code.forgejo.org/oci/alpine:latest
runs-on: alpine
steps:
- name: default is bash but with a fallback to sh in case it does not exist
run: |
${{ env.ASSERT_SHELL }} /busybox
sh-fallback-with-container:
needs: [sh-fallback]
runs-on: docker
container:
image: data.forgejo.org/oci/alpine:latest
steps:
- name: default is bash but with a fallback to sh in case it does not exist
run: |
${{ env.ASSERT_SHELL }} /busybox
defaults-run:
needs: [sh-fallback-with-container]
# alpine:docker://code.forgejo.org/oci/alpine:latest
runs-on: alpine
defaults:
run:
shell: sh
steps:
- name: default is sh which is an alias for busybox in alpine
run: |
${{ env.ASSERT_SHELL }} /busybox
python:
needs: [alpine]
runs-on: docker
container:
image: data.forgejo.org/oci/python:slim
steps:
- name: python => python {0}
shell: python
run: |
print("something")
other:
needs: [python]
runs-on: docker
container:
image: data.forgejo.org/oci/node:22-bookworm
steps:
- name: default is bash
run: |
${{ env.ASSERT_SHELL }} /bash
- name: bash => bash --noprofile --norc -e -o pipefail {0}
shell: bash
run: |
${{ env.ASSERT_SHELL }} /bash
shopt -o
shopt -o | grep --quiet 'pipefail.*on'
- name: sh => sh -e {0}
shell: sh
run: |
${{ env.ASSERT_SHELL }} /dash
- name: node => node {0}
shell: node
run: |
console.log("something")
- name: dash -e {0}
shell: dash -e {0}
run: |
${{ env.ASSERT_SHELL }} /dash

32
actions/example-shell/runner-config.yaml
View file

@ -1,32 +0,0 @@
log:
level: debug
runner:
file: .runner
capacity: 1
env_file: .env
timeout: 3h
insecure: false
fetch_timeout: 5s
fetch_interval: 2s
labels:
- docker:docker://code.forgejo.org/oci/node:22-bookworm
- alpine:docker://code.forgejo.org/oci/alpine:latest
cache:
enabled: false
dir: ""
host: ""
port: 0
container:
network: ""
privileged: false
options:
workdir_parent:
valid_volumes: []
docker_host: ""
host:
workdir_parent:

1
actions/example-shell/setup.sh
View file

@ -1 +0,0 @@
FORGEJO_RUNNER_CONFIG=$EXAMPLE_DIR/runner-config.yaml forgejo-runner.sh reload

1
actions/example-shell/teardown.sh
View file

@ -1 +0,0 @@
forgejo-runner.sh reload

4
actions/example-tag/.forgejo/workflows/test.yml
View file

@ -7,14 +7,14 @@ jobs:
test:
runs-on: docker
container:
image: data.forgejo.org/oci/node:20-bookworm
image: code.forgejo.org/oci/node:20-bookworm
volumes:
- /srv/example:/srv/example
steps:
- name: save event
run: |
d=/srv/example/tag/contexts/$FORGEJO_EVENT_NAME
d=/srv/example/tag/contexts/$GITHUB_EVENT_NAME
mkdir -p $d
cat > $d/github <<'EOF'
${{ toJSON(github) }}

2
actions/example-with-docker-host/.forgejo/workflows/test.yml
View file

@ -4,7 +4,7 @@ jobs:
build:
runs-on: docker
container:
image: data.forgejo.org/oci/docker:28-cli
image: code.forgejo.org/oci/docker:cli
steps:
- run: ls -l /var/run/docker.sock
- run: docker ps

2
actions/example-with-docker-socket/.forgejo/workflows/test.yml
View file

@ -4,7 +4,7 @@ jobs:
build:
runs-on: docker
container:
image: data.forgejo.org/oci/docker:28-cli
image: code.forgejo.org/oci/docker:cli
steps:
- run: ls -l /var/run/docker.sock
- run: docker ps

2
actions/example-with-docker-tcp/.forgejo/workflows/test.yml
View file

@ -4,7 +4,7 @@ jobs:
build:
runs-on: docker
container:
image: data.forgejo.org/oci/node:20-bookworm
image: code.forgejo.org/oci/node:20-bookworm
steps:
- run: |
! test -e /var/run/docker.sock

74
actions/example-workflow-call-expansion/.forgejo/workflows/reusable-layer-1.yml
View file

@ -1,74 +0,0 @@
on:
workflow_call:
inputs:
input1:
required: true
type: string
input3:
required: true
type: string
outputs:
output1:
value: ${{ jobs.callee-1.outputs.job-output }}
output2:
value: ${{ jobs.callee-2.outputs.job-output }}
output3:
value: ${{ jobs.layer-2.outputs.output3 }}
output4:
value: ${{ jobs.layer-2.outputs.output4 }}
jobs:
callee-1:
runs-on: docker
outputs:
job-output: callee-1-output
container:
image: data.forgejo.org/oci/node:22-bookworm
volumes:
- /srv/example:/srv/example
steps:
- name: verify workflow inputs
run: |
set -x
test "top-level-input1" = "${{ inputs.input1 }}"
test "dynamic output" = "${{ inputs.input3 }}"
- name: verify workflow secrets
run: |
set -x
test "AAAA" = "${{ secrets.secret1 }}"
test "BBBB1234" = "${{ secrets.secret2 }}"
test "" = "${{ secrets.secret3 }}" # wasn't specified to the workflow, should be absent
- name: indicate callee-1 hit
run: touch /srv/example/callee-1
layer-2:
needs: [callee-1]
uses: ./.forgejo/workflows/reusable-layer-2.yml
with:
input1: ${{ inputs.input1 }}
input2: mid-level-input2
input3: ${{ inputs.input3 }}
input4: ${{ needs.callee-1.outputs.job-output }}
secrets: inherit
callee-2:
needs: [callee-1, layer-2]
runs-on: docker
outputs:
job-output: callee-2-output
container:
image: data.forgejo.org/oci/node:22-bookworm
volumes:
- /srv/example:/srv/example
steps:
- name: verify callee-1 completed
run: |
set -x
test -f /srv/example/callee-1
- name: verify layer-2 completed
run: |
set -x
test -f /srv/example/callee-3
test -f /srv/example/callee-4
- name: indicate callee-2 hit
run: touch /srv/example/callee-2

63
actions/example-workflow-call-expansion/.forgejo/workflows/reusable-layer-2.yml
View file

@ -1,63 +0,0 @@
on:
workflow_call:
inputs:
input1:
required: true
type: string
input2:
required: true
type: string
input3:
required: true
type: string
input4:
required: true
type: string
outputs:
output3:
value: ${{ jobs.callee-3.outputs.job-output }}
output4:
value: ${{ jobs.callee-4.outputs.job-output }}
jobs:
callee-3:
runs-on: docker
outputs:
job-output: callee-3-output
container:
image: data.forgejo.org/oci/node:22-bookworm
volumes:
- /srv/example:/srv/example
steps:
- name: verify workflow inputs
run: |
set -x
test "top-level-input1" = "${{ inputs.input1 }}"
test "mid-level-input2" = "${{ inputs.input2 }}"
test "dynamic output" = "${{ inputs.input3 }}"
test "callee-1-output" = "${{ inputs.input4 }}"
- name: verify workflow secrets inherited
run: |
set -x
test "AAAA" = "${{ secrets.secret1 }}"
test "BBBB1234" = "${{ secrets.secret2 }}"
test "" = "${{ secrets.secret3 }}" # wasn't specified to the workflow, should be absent
- name: indicate callee-3 hit
run: touch /srv/example/callee-3
callee-4:
needs: callee-3
runs-on: docker
outputs:
job-output: callee-4-output
container:
image: data.forgejo.org/oci/node:22-bookworm
volumes:
- /srv/example:/srv/example
steps:
- name: verify callee-3 completed
run: |
set -x
test -f /srv/example/callee-3
- name: indicate callee-4 hit
run: touch /srv/example/callee-4

53
actions/example-workflow-call-expansion/.forgejo/workflows/test.yml
View file

@ -1,53 +0,0 @@
on:
push:
jobs:
pre-job:
runs-on: docker
container:
image: data.forgejo.org/oci/node:22-bookworm
outputs:
dynamic: "${{ steps.dynamic-step.outputs.dynamic }}"
steps:
- id: dynamic-step
run: echo "dynamic=dynamic output" >> $FORGEJO_OUTPUT
layer-1:
needs: [pre-job]
uses: ./.forgejo/workflows/reusable-layer-1.yml
with:
input1: top-level-input1
input3: ${{ needs.pre-job.outputs.dynamic }}
secrets:
secret1: AAAA
secret2: BBBB1234
verify:
needs: [layer-1]
runs-on: docker
container:
image: data.forgejo.org/oci/node:22-bookworm
volumes:
- /srv/example:/srv/example
steps:
- name: verify test config secret
run: |
set -x
# SECRET3 is set on the repo, but not passed into `reusable-layer-1.yml` so that we can test secrets don't
# leak into the workflow if they're not explicitly defined. This check verifies that the test environment has
# that secret, otherwise the test assertions that it isn't present within the workflow would be meaningless.
test "CCCC" = "${{ secrets.secret3 }}"
- name: verify callee-[0-4] completed
run: |
set -x
test -f /srv/example/callee-1
test -f /srv/example/callee-2
test -f /srv/example/callee-3
test -f /srv/example/callee-4
- name: verify workflow outputs
run: |
set -x
test "callee-1-output" = "${{ needs.layer-1.outputs.output1 }}"
test "callee-2-output" = "${{ needs.layer-1.outputs.output2 }}"
test "callee-3-output" = "${{ needs.layer-1.outputs.output3 }}"
test "callee-4-output" = "${{ needs.layer-1.outputs.output4 }}"

12
actions/example-workflow-call-expansion/run.sh
View file

@ -1,12 +0,0 @@
repo=root/example-$example
api=$url/api/v1
# Prepare test repo
forgejo-test-helper.sh push_workflow actions/example-$example $url root example-$example setup-forgejo $token
sha=$(forgejo-test-helper.sh branch_tip $url $repo main)
# Install a repo secret
forgejo-curl.sh api_json -X PUT --data-raw '{"data":"CCCC"}' $api/repos/$repo/actions/secrets/SECRET3
# Wait for action to complete
forgejo-test-helper.sh wait_success $url root/example-$example $sha

35
actions/example-workflow-call/.forgejo/workflows/reusable.yml
View file

@ -1,35 +0,0 @@
on:
workflow_call:
inputs:
parameter1:
required: true
type: string
outputs:
output1:
value: ${{ jobs.callee.outputs.job-output }}
jobs:
callee:
runs-on: docker
container:
image: data.forgejo.org/oci/node:22-bookworm
volumes:
- /srv/example:/srv/example
outputs:
job-output: ${{ steps.stepwithoutput.outputs.myvalue }}
steps:
- id: stepwithoutput
run: |
set -x
test "${{ inputs.parameter1 }}" = "value1"
test "${{ secrets.secret }}" = "keep_it_private"
echo "myvalue=outputvalue1" >> $FORGEJO_OUTPUT
- name: save event
run: |
d=/srv/example/push/contexts/$FORGEJO_EVENT_NAME
mkdir -p $d
cat > $d/github <<'EOF'
${{ toJSON(github) }}
EOF

23
actions/example-workflow-call/.forgejo/workflows/test.yml
View file

@ -1,23 +0,0 @@
on:
push:
jobs:
caller:
runs-on: docker
container:
image: data.forgejo.org/oci/node:22-bookworm
uses: ./.forgejo/workflows/reusable.yml
with:
parameter1: value1
secrets:
secret: keep_it_private
verify:
needs: [caller]
runs-on: docker
container:
image: data.forgejo.org/oci/node:22-bookworm
steps:
- run: |
set -x
test "${{ needs.caller.outputs.output1 }}" = "outputvalue1"

4
actions/example-workflow-dispatch/.forgejo/workflows/test.yml
View file

@ -44,13 +44,13 @@ jobs:
test:
runs-on: docker
container:
image: data.forgejo.org/oci/debian:trixie
image: code.forgejo.org/oci/debian:bookworm
options: "--volume /srv/example:/srv/example"
steps:
- name: save and display context
run: |
d=/srv/example/workflow-dispatch/contexts/$FORGEJO_EVENT_NAME
d=/srv/example/workflow-dispatch/contexts/$GITHUB_EVENT_NAME
mkdir -p $d
tee $d/github <<'EOF'
${{ toJSON(github) }}

3
actions/runner-config.yaml
View file

@ -1,6 +1,5 @@
log:
level: trace
job_level: trace
level: debug
runner:
file: .runner

2
end-to-end.sh
View file

@ -1,4 +1,4 @@
#!/usr/bin/env bash
#!/bin/bash
# SPDX-License-Identifier: MIT
SELF_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"

3
federation/ONE-app.ini
View file

@ -17,7 +17,7 @@ PATH = ${WORK_PATH}/forgejo.db
[log]
MODE = file
LEVEL = trace
logger.router.MODE = file
ROUTER = file
[log.file]
FILE_NAME = forgejo.log
@ -31,4 +31,3 @@ DEFAULT_PUSH_CREATE_PRIVATE = false
[federation]
ENABLED = true

2
federation/TWO-app.ini
View file

@ -17,7 +17,7 @@ PATH = ${WORK_PATH}/forgejo.db
[log]
MODE = file
LEVEL = trace
logger.router.MODE = file
ROUTER = file
[log.file]
FILE_NAME = forgejo.log

24
federation/federation.sh
View file

@ -26,8 +26,6 @@ function federation_setup_variables() {
function federation_verify_scenario() {
local scenario=$1
federation_setup_variables
export scenario
export SCENARIO_DIR=$FEDERATION_DIR/scenario-$scenario
@ -68,29 +66,21 @@ function federation_teardown() {
}
function test_federation() {
# start_gitlab gitlab/gitlab-ce:17.1.0-ce.0
# start_gitlab octobus/heptapod:1.5.3
federation_setup_variables
local versions="${1:-$RELEASE_NUMBERS}"
for version in $versions; do
# name, minimum version
# NOTE: newline seperated, not comma :>
scenarios=(
"star 7.1"
"mastodon 14.0"
"gotosocial 14.0"
)
for scenario_version_str in "${scenarios[@]}"; do
IFS=' ' declare -a scenario_version="($scenario_version_str)"
if dpkg --compare-versions $version lt 7.1; then
continue
fi
if dpkg --compare-versions "$version" lt "${scenario_version[1]}"; then
continue
fi
federation_setup $version
federation_setup "$version"
run federation_verify_scenario "${scenario_version[0]}"
for scenario in star; do
run federation_verify_scenario $scenario
done
done
}

0
federation/scenario-gotosocial/.gitignore vendored
View file

16
federation/scenario-gotosocial/run.sh
View file

@ -1,16 +0,0 @@
#!/usr/bin/env bash
source "$DIR/federation_scenario-$scenario-env"
if [[ -z "$password" ]]; then
exit 1
fi
if [[ -z "$port" ]]; then
exit 1
fi
status_code="$(curl -o /dev/null -w '%{http_code}' "http://localhost:$port/")"
if [[ "$status_code" != "200" ]]; then
exit 1
fi

58
federation/scenario-gotosocial/setup.sh
View file

@ -1,58 +0,0 @@
#!/usr/bin/env bash
source $SCENARIO_DIR/../../lib/lib.sh
GTS_VERSION="0.20.0" # renovate: datasource=docker depName=data.forgejo.org/oci/gotosocial
echo "setting up gotosocial"
tmpdir="$(mktemp --tmpdir -d gts.XXXXXXXXXX)"
cat << EOF > "$tmpdir/config.yaml"
host: "localhost:8080"
protocol: http
db-type: sqlite
db-address: /mount/gts.db3
http-client:
allow-ips: ["0.0.0.0/0", "::/0"]
insecure-outgoing: true
EOF
podman unshare \
chown 1000:1000 -R $tmpdir
container_id="$(
podman run \
-d \
--env "GTS_CONFIG_PATH=/mount/config.yaml" \
-v "$tmpdir:/mount" \
-p "8080:8080" \
--network=host \
"data.forgejo.org/oci/gotosocial:$GTS_VERSION" \
server start
)"
function wait_gts_ready() {
http_status=$(curl -s -w \
"%{http_code}" -o /dev/null \
"http://localhost:8080/"
)
[[ "$http_status" == 200 ]] && echo "ready"
}
retry wait_gts_ready
password="verysecurepassword"
podman exec -it "$container_id" /gotosocial/gotosocial admin \
account create \
--username "test" \
--email "test@localhost" \
--password "$password"
cat << EOF > "$DIR/federation_scenario-gotosocial-env"
password="$password"
port="8080"
container_id="$container_id"
EOF

12
federation/scenario-gotosocial/teardown.sh
View file

@ -1,12 +0,0 @@
#!/usr/bin/env bash
source "$DIR/federation_scenario-gotosocial-env"
if [[ -z "$container_id" ]]; then
echo "gotosocial container ID not found, container may not be stopped"
exit 1
fi
podman stop "$container_id"
rm "$DIR/federation_scenario-gotosocial-env"

3
federation/scenario-mastodon/.gitignore vendored
View file

@ -1,3 +0,0 @@
/resources/certs/forgejo*
/forgejo/certs/*
!/forgejo/certs/.gitkeep

38
federation/scenario-mastodon/TEST_INSTRUCTION.md
View file

@ -1,38 +0,0 @@
# Manual testing
1. compile forgejo binary to test on a debian/ubuntu system
2. start applications
* local forgejo:
```sh
cd federation/scenario-mastodon
# create cert & startup & create test accounts
SCENARIO_DIR="." ./setup.sh
# Mastodon password in "/tmp/forgejo-end-to-end/federation_scenario-mastodon-env"
# Bind forgejo to localhost:3003 and set the domain to `forgejo`
```
* containerized forgejo:
```sh
cd federation/scenario-mastodon
# Generate self-signed certs on first run
source ./functions.sh
generate_certs forgejo "./resources/certs"
mv "./resources/certs/forgejo"* "forgejo/certs"
# Setup container
export FORGEJO_PATH="/path/to/forgejo/binary"
export COMPOSE_PROFILES="forgejo_container"
export MASTODON_HOST="mastodon-app"
podman-compose up -d
podman-compose exec forgejo-app bash -c "/init/create_test_account.sh"
# Mastodon password is the last line of the output
podman-compose exec mastodon-app bash -c "/init/create_test_account.sh"
```
3. login to mastodon: http://localhost:4000
1. test@localhost - password from start app.
4. search for forgejo user: `https://forgejo/api/v1/activitypub/user-id/1`
5. Press follow
6. FYI:
1. login to forgejo: http://localhost:3003/
2. me - me
3. swagger-uri: http://localhost:3003/api/swagger#/activitypub

95
federation/scenario-mastodon/compose.yaml
View file

@ -1,95 +0,0 @@
networks:
external_network:
internal_network:
internal: true
services:
forgejo:
image: data.forgejo.org/oci/alpine:latest
volumes:
- ./forgejo/certs/:/usr/local/share/ca-certificates/
- ./forgejo/init/:/init/
- ./forgejo/etc/lighttpd.conf:/etc/lighttpd.conf
restart: unless-stopped
entrypoint: "sh /init/init.sh"
networks:
- external_network
- internal_network
forgejo-app:
profiles:
- forgejo_container
# built from https://code.forgejo.org/federation/build-mastodon/src/branch/main/debian-containerfile
image: data.forgejo.org/federation/debian:trixie-cacerts
tmpfs:
- /data
volumes:
- ./forgejo-app/init/:/init/
- ./forgejo-app/config/:/config/
- ./resources/certs/:/usr/local/share/ca-certificates/
- "${FORGEJO_PATH}:/usr/local/bin/forgejo"
ports:
- 3003:3003
entrypoint: "sh /init/init.sh"
networks:
- external_network
- internal_network
postgres:
image: data.forgejo.org/oci/postgres:14
tmpfs:
- /var/lib/postgresql/data
environment:
POSTGRES_USER: postgres
POSTGRES_DB: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_HOST_AUTH_METHOD: trust
networks:
- internal_network
redis:
image: data.forgejo.org/oci/redis:7.2
tmpfs:
- /var/lib/redis/
networks:
- internal_network
mastodon-app:
# built from https://code.forgejo.org/federation/build-mastodon/src/branch/main/mastodon-containerfile
image: data.forgejo.org/federation/mastodon:v4.5-test
volumes:
- ./resources/certs:/usr/local/share/ca-certificates/
- ./mastodon-app/init/:/init/
environment: &mastodon_env
DB_HOST: postgres
DB_USER: postgres
DB_PASS: postgres
REDIS_HOST: redis
PORT: 4000
LOCAL_DOMAIN: ${MASTODON_HOST}:4000
ALTERNATE_DOMAINS: ${MASTODON_HOST},localhost
EMAIL_DOMAIN_ALLOWLIST: localhost
AUTHORIZED_FETCH: "true"
ALLOWED_PRIVATE_ADDRESSES: 0.0.0.0/0,::/0
SECRET_KEY_BASE: bc1bdb4d3d57a2c292a8f145d5d3c921
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY: fkSxKD2bF396kdQbrP1EJ7WbU7ZgNokR
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT: r0hvVmzBVsjxC7AMlwhOzmtc36ZCOS1E
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY: PhdFyyfy5xJ7WVd2lWBpcPScRQHzRTNr
ports:
- "4000:4000"
entrypoint: "sh /init/init.sh"
networks:
- external_network
- internal_network
mastodon-sidekiq:
# built from https://code.forgejo.org/federation/build-mastodon/src/branch/main/mastodon-containerfile
image: data.forgejo.org/federation/mastodon:v4.5-test
volumes:
- ./resources/certs:/usr/local/share/ca-certificates/
- ./mastodon-sidekiq/init/:/init/
restart: unless-stopped
environment: *mastodon_env
entrypoint: "sh /init/init.sh"
networks:
- internal_network

32
federation/scenario-mastodon/forgejo-app/config/app.ini
View file

@ -1,32 +0,0 @@
RUN_MODE = prod
[server]
APP_DATA_PATH = /data
DOMAIN = forgejo
ROOT_URL = https://forgejo/
HTTP_PORT = 3003
PROTOCOL = http
[queue]
TYPE = immediate
[database]
DB_TYPE = sqlite3
PATH = /data/forgejo.db
[log]
MODE = console
LEVEL = debug
[security]
INSTALL_LOCK = true
[repository]
ENABLE_PUSH_CREATE_USER = true
DEFAULT_PUSH_CREATE_PRIVATE = false
[federation]
ENABLED = true
[session]
COOKIE_SECURE = false

7
federation/scenario-mastodon/forgejo-app/init/create_test_account.sh
View file

@ -1,7 +0,0 @@
#!/usr/bin/env bash
sleep 10
/usr/local/bin/forgejo -c /etc/forgejo/app.ini admin user create --username me --password me --email "me@example.com" --admin --must-change-password=false
/usr/local/bin/forgejo -c /etc/forgejo/app.ini admin user create --username to-be-followd --password to-be-followd --email "to-be-followd@example.com" --admin --must-change-password=false
/usr/local/bin/forgejo -c /etc/forgejo/app.ini admin user generate-access-token -u me -t token --scopes write:activitypub,write:repository,write:user

10
federation/scenario-mastodon/forgejo-app/init/init.sh
View file

@ -1,10 +0,0 @@
#!/usr/bin/env bash
sudo update-ca-certificates
sudo mkdir -p /data/forgejo
sudo chown forgejo:forgejo /data/forgejo
sudo install -D -o forgejo -g forgejo /config/app.ini /etc/forgejo/app.ini
/usr/local/bin/forgejo -c /etc/forgejo/app.ini

0
federation/scenario-mastodon/forgejo/certs/.gitkeep
View file

22
federation/scenario-mastodon/forgejo/etc/lighttpd.conf
View file

@ -1,22 +0,0 @@
server.document-root = "/var/www"
server.modules = (
"mod_openssl",
"mod_proxy"
)
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = "/usr/local/share/ca-certificates/forgejo-snakeoil.crt"
ssl.privkey = "/usr/local/share/ca-certificates/forgejo-snakeoil.key"
}
proxy.server = (
"" => (
"forgejo" => (
"host" => "host.containers.internal",
"port" => 3003,
)
)
)

6
federation/scenario-mastodon/forgejo/init/init.sh
View file

@ -1,6 +0,0 @@
#!/usr/bin/env sh
apk add lighttpd
lighttpd -D -f /etc/lighttpd.conf

32
federation/scenario-mastodon/functions.sh
View file

@ -1,32 +0,0 @@
function generate_certs() {
host=${1}
cert_location=${2}
rootCertificate="${cert_location}/custom-snakeoil-rootCA.crt"
rootCertKey="${cert_location}/custom-snakeoil-rootCA.key"
extensionFile="${cert_location}/${host}-snakeoil.ext"
keyFile="${cert_location}/${host}-snakeoil.key"
csrFile="${cert_location}/${host}-snakeoil.csr"
crtAltSubFile="${cert_location}/${host}-snakeoil.crt"
cat << EOF > ${extensionFile}
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
subjectAltName = @alt_names
[alt_names]
DNS.1 = ${host}
DNS.2 = localhost
EOF
# Create CSR
openssl req -newkey rsa:2048 -nodes -keyout ${keyFile} \
-out ${csrFile} -subj "/CN=${host}" -addext "subjectAltName=DNS:localhost"
# Sign Our CSR with the root CA cert
openssl x509 -req -CA ${rootCertificate} \
-CAkey ${rootCertKey} \
-in ${csrFile} \
-out ${crtAltSubFile} \
-days 3650 -CAcreateserial -extfile ${extensionFile}
}

14
federation/scenario-mastodon/mastodon-app/init/create_test_account.sh
View file

@ -1,14 +0,0 @@
#!/usr/bin/env bash
account_create="$(tootctl accounts create test --email test@localhost --role Owner --confirmed)"
tootctl account modify test --approve
echo "${account_create}"
password=$(echo "${account_create}" |
tail -n 1 |
sed 's/New password: //' |
sed 's/\r//'
)
echo "$password"

Some files were not shown because too many files have changed in this diff Show more