Merge pull request 'example: pull-request events' (#50) from earl-warren/setup-forgejo:wip-pull-request into main

Reviewed-on: https://code.forgejo.org/actions/setup-forgejo/pulls/50
Reviewed-by: dachary <dachary@noreply.code.forgejo.org>
This commit is contained in:
earl-warren 2023-09-27 21:36:38 +00:00
commit 658c3ba60d
9 changed files with 249 additions and 5 deletions

View file

@ -6,9 +6,9 @@ jobs:
strategy:
matrix:
info:
- version: "1.21.0-0-rc0"
- version: "1.21.0-1-rc0"
image: codeberg.org/forgejo-experimental/forgejo
tests: "echo cron service container expression local-action docker-action if if-fail"
tests: "echo cron pull-request service container expression local-action docker-action if if-fail"
- version: "1.20"
image: codeberg.org/forgejo/forgejo
tests: "echo service container expression local-action docker-action if if-fail"
@ -31,15 +31,16 @@ jobs:
export FORGEJO_RUNNER_LOGS=forgejo-runner.log
for example in ${{ matrix.info.tests }} ; do
export example
export EXAMPLE_DIR=$(pwd)/testdata/example-$example
if test -f $EXAMPLE_DIR/setup.sh ; then
source $EXAMPLE_DIR/setup.sh
$EXAMPLE_DIR/setup.sh
fi
echo "============================ BEGIN example-$example ==================="
if test -f $EXAMPLE_DIR/run.sh ; then
source $EXAMPLE_DIR/run.sh
$EXAMPLE_DIR/run.sh
else
if ! forgejo-test-helper.sh run_workflow testdata/example-$example http://root:admin1234@$(cat forgejo-ip):3000 root example-$example setup-forgejo $(cat forgejo-token) >& /tmp/run.out ; then
cat /tmp/run.out
@ -49,7 +50,7 @@ jobs:
echo "============================ END example-$example ==================="
if test -f $EXAMPLE_DIR/teardown.sh ; then
source $EXAMPLE_DIR/teardown.sh
$EXAMPLE_DIR/teardown.sh
fi
done
echo "============================ demo ==================="

View file

@ -88,3 +88,20 @@ jobs:
## Hacking
* Update the README from the action file with https://github.com/npalm/action-docs `action-docs --update-readme`
To manually run and debug workflows from `testdata/example-*`, from
the root of the source directory, with docker and forgejo-curl.sh
installed, mimic what `.forgejo/workflows/integration.yml` does. There
may be some manual tweaking (such as creating temporary directories)
because the tests run as root, but they do not need to run as root.
* `forgejo-curl.sh logout`
* `forgejo.sh setup root admin1234 codeberg.org/forgejo/forgejo 1.21`
* `firefox http://$(cat forgejo-ip):3000`
* `forgejo-runner.sh setup`
* `export example=pull-request`
* `export EXAMPLE_DIR=$(pwd)/testdata/example-$example`
* `$EXAMPLE_DIR/setup.sh` # if it exists
* `$EXAMPLE_DIR/run.sh`
* `forgejo-runner.sh teardown`
* `forgejo.sh teardown`

View file

@ -3,6 +3,8 @@
set -ex
export DEBIAN_FRONTEND=noninteractive
: ${LOOPS:=40}
: ${LOOP_DELAY:=10}
DIR=$(mktemp -d)

View file

@ -0,0 +1,123 @@
on:
pull_request:
pull_request_target:
types:
- opened
- synchronize
jobs:
test:
runs-on: docker
container:
image: debian:bookworm
options: "--volume /srv/example-pull-request:/srv/example-pull-request"
steps:
- name: setup
shell: bash
run: |
set -x
test $GITHUB_TOKEN = ${{ env.GITHUB_TOKEN }}
test $GITHUB_TOKEN = ${{ github.token }}
export DEBIAN_FRONTEND=noninteractive ; apt-get -qq update ; apt-get install -y -qq curl git >& /dev/null
curl -sS -o /usr/local/bin/forgejo-curl.sh https://code.forgejo.org/forgejo/forgejo-curl/raw/branch/main/forgejo-curl.sh && chmod +x /usr/local/bin/forgejo-curl.sh
forgejo-curl.sh --token "$GITHUB_TOKEN" login $GITHUB_SERVER_URL
forgejo-curl.sh api_json $GITHUB_SERVER_URL/api/v1/user
- name: secrets
shell: bash
run: |
set -x
if test ${{ github.event.pull_request.base.repo.full_name }} = ${{ github.event.pull_request.head.repo.full_name }} ; then
forked=false
else
forked=true
fi
case $GITHUB_EVENT_NAME in
pull_request_target)
#
# all PRs: secrets
#
test "${{ secrets.SECRET }}"
;;
pull_request)
if $forked ; then
#
# PRs from forked repositories: no secrets
#
test -z "${{ secrets.SECRET }}"
else
#
# PRs from the same repository: secrets
#
test "${{ secrets.SECRET }}"
fi
;;
*)
echo unexpected event $GITHUB_EVENT_NAME
false
;;
esac
- name: PR TOKEN scopes
shell: bash
run: |
set -x
if test ${{ github.event.pull_request.base.repo.full_name }} = ${{ github.event.pull_request.head.repo.full_name }} ; then
forked=false
else
forked=true
fi
function assert_fail_if_forked() {
if "$@" ; then
! $forked
else
$forked
fi
}
#
# create an issue
#
base_repo=${{ github.event.pull_request.base.repo.full_name }}
forgejo-curl.sh api_json --data-raw '{"title":"ISSUE"}' $GITHUB_SERVER_URL/api/v1/repos/$base_repo/issues
url=$(echo $GITHUB_SERVER_URL | sed -e "s|://|://$GITHUB_TOKEN@|")
git clone $url/$base_repo base
branch=B$RANDOM
(
cd base
git checkout -b $branch
git config user.email root@example.com
git config user.name username
echo CHANGE >> README
git add .
git commit -m 'change'
case $GITHUB_EVENT_NAME in
pull_request_target|pull_request)
#
# repository write scope via http git passthrough
#
assert_fail_if_forked git push --force -u origin $branch
#
# repository write scope via the API
#
assert_fail_if_forked forgejo-curl.sh api_json --data-raw '{"title":"PR","base":"main","head":"'$branch'"}' $GITHUB_SERVER_URL/api/v1/repos/$base_repo/pulls
assert_fail_if_forked forgejo-curl.sh api_json --data-raw '{"color":"#ffffff","name":"labelname"}' $GITHUB_SERVER_URL/api/v1/repos/$base_repo/labels
#
# See https://codeberg.org/forgejo/forgejo/issues/1525
#
! forgejo-curl.sh api_json --data-raw '{"new_branch_name":"B'$RANDOM'"}' $GITHUB_SERVER_URL/api/v1/repos/$base_repo/branches
;;
*)
echo unexpected event $GITHUB_EVENT_NAME
false
;;
esac
)
- name: save event
run: |
d=/srv/example-pull-request/${{ github.event.pull_request.head.repo.owner.username }}/$GITHUB_EVENT_NAME/${{ github.event.action }}
mkdir -p $d
cat > $d/event <<EOF
${{ toJSON(github.event) }}
EOF

View file

@ -0,0 +1,8 @@
#!/bin/bash
set -ex
test -d $d/fork-org/pull_request/opened
test -d $d/fork-org/pull_request_target/opened
test -d $d/root/pull_request/opened
test -d $d/root/pull_request_target/opened

60
testdata/example-pull-request/run.sh vendored Executable file
View file

@ -0,0 +1,60 @@
set -e
url=http://root:admin1234@$(cat forgejo-ip):3000
api=$url/api/v1
export d=/srv/example-pull-request
PROOF='some proof'
function setup() {
forgejo-test-helper.sh push_workflow testdata/example-$example http://root:admin1234@$(cat forgejo-ip):3000 root example-$example setup-forgejo $(cat forgejo-token)
forgejo-curl.sh api_json --data-raw '{"username":"fork-org"}' $api/orgs
forgejo-curl.sh api_json --data-raw '{"organization":"fork-org"}' $api/repos/root/example-pull-request/forks
forgejo-curl.sh api_json -X PUT --data-raw '{"data":"AAAA"}' $api/repos/root/example-pull-request/actions/secrets/SECRET
(
cd $d
git clone $url/fork-org/example-pull-request fork
cd fork
git config user.email root@example.com
git config user.name username
echo fork $PROOF >> README
git add .
git commit -m 'fork change'
git push
)
forgejo.sh retry forgejo-curl.sh api_json --data-raw '{"title":"PR from fork","base":"main","head":"fork-org:main"}' $api/repos/root/example-pull-request/pulls
(
cd $d
git clone $url/root/example-pull-request
cd example-pull-request
git checkout -b other
git config user.email root@example.com
git config user.name username
echo other $PROOF >> README
git add .
git commit -m 'other change'
git push --force -u origin other
)
forgejo.sh retry forgejo-curl.sh api_json --data-raw '{"title":"PR same repo","base":"main","head":"other"}' $api/repos/root/example-pull-request/pulls
export RETRY_DELAYS="60 60 60 60 60 60 60"
for assert in $EXAMPLE_DIR/assert-*.sh ; do
if ! forgejo.sh retry $assert ; then
find $d
cat $FORGEJO_RUNNER_LOGS
false
fi
done
}
function main() {
setup
}
main

View file

@ -0,0 +1,30 @@
log:
level: info
runner:
file: .runner
capacity: 1
env_file: .env
timeout: 3h
insecure: false
fetch_timeout: 5s
fetch_interval: 2s
labels: []
cache:
enabled: false
dir: ""
host: ""
port: 0
container:
network: "bridge"
privileged: false
options:
workdir_parent:
valid_volumes: ["/srv/example-pull-request"]
docker_host: ""
host:
workdir_parent:

2
testdata/example-pull-request/setup.sh vendored Executable file
View file

@ -0,0 +1,2 @@
mkdir -p /srv/example-pull-request
FORGEJO_RUNNER_CONFIG=$EXAMPLE_DIR/runner-config.yaml forgejo-runner.sh reload

1
testdata/example-pull-request/teardown.sh vendored Executable file
View file

@ -0,0 +1 @@
forgejo-runner.sh reload