mirror of
https://code.forgejo.org/actions/setup-forgejo.git
synced 2024-11-23 23:50:58 -05:00
verify volume restrictions are enforced
This commit is contained in:
parent
df44f56dd9
commit
d986bc3b3d
5 changed files with 53 additions and 1 deletions
|
@ -21,13 +21,21 @@ jobs:
|
|||
./forgejo-runner.sh setup
|
||||
export FORGEJO_RUNNER_LOGS=forgejo-runner.log
|
||||
for example in $TESTS ; do
|
||||
|
||||
if test $example = service ; then
|
||||
> /srv/example-service-volume-valid
|
||||
> /srv/example-service-volume-invalid
|
||||
fi
|
||||
|
||||
config=$(pwd)/testdata/example-$example/runner-config.yaml
|
||||
if test -f $config ; then
|
||||
FORGEJO_RUNNER_CONFIG=$config ./forgejo-runner.sh reload
|
||||
fi
|
||||
|
||||
echo "============================ BEGIN example-$example ==================="
|
||||
./forgejo-test-helper.sh run_workflow testdata/example-$example http://root:admin1234@$(cat forgejo-ip):3000 root example-$example setup-forgejo $(cat forgejo-token)
|
||||
echo "============================ END example-$example ==================="
|
||||
|
||||
if test -f $config ; then
|
||||
./forgejo-runner.sh reload
|
||||
fi
|
||||
|
|
6
testdata/README.txt
vendored
Normal file
6
testdata/README.txt
vendored
Normal file
|
@ -0,0 +1,6 @@
|
|||
Run the tests from source for debugging purposes with:
|
||||
|
||||
#
|
||||
# runner-config.yaml will be ignored if it does not exist and the default configuration will be used
|
||||
#
|
||||
forgejo-runner exec --config testdata/example-$service/runner-config.yaml --workflows testdata/example-$service/.forgejo/workflows
|
38
testdata/example-service/.forgejo/workflows/volume.yml
vendored
Normal file
38
testdata/example-service/.forgejo/workflows/volume.yml
vendored
Normal file
|
@ -0,0 +1,38 @@
|
|||
on: [push]
|
||||
|
||||
jobs:
|
||||
#
|
||||
# A --volume option will expose the volume from the docker host to the job
|
||||
#
|
||||
volume-on-step:
|
||||
runs-on: docker
|
||||
container:
|
||||
image: debian:bookworm
|
||||
options: "--volume /srv/example-service-volume-valid:/srv/example-service-volume-valid --volume /srv/example-service-volume-invalid:/srv/example-service-volume-invalid"
|
||||
|
||||
steps:
|
||||
- run: |
|
||||
test -f /srv/example-service-volume-valid
|
||||
! test -f /srv/example-service-volume-invalid
|
||||
|
||||
#
|
||||
# A --volume option will expose the volume from the docker host to the service
|
||||
#
|
||||
volume-on-service:
|
||||
runs-on: docker
|
||||
container:
|
||||
image: debian:bookworm
|
||||
options: "--volume /srv/example-service-volume-valid:/srv/example-service-volume-valid"
|
||||
|
||||
services:
|
||||
myservice:
|
||||
image: debian:bookworm
|
||||
options: "--volume /srv/example-service-volume-valid:/srv/example-service-volume-valid"
|
||||
cmd: ["bash", "-c", "echo -n SUCCESS > /srv/example-service-volume-valid ; sleep infinity"]
|
||||
|
||||
steps:
|
||||
- run: |
|
||||
set -x
|
||||
f=/srv/example-service-volume-valid
|
||||
test -f $f
|
||||
test $(cat $f) = SUCCESS
|
2
testdata/example-service/runner-config.yaml
vendored
2
testdata/example-service/runner-config.yaml
vendored
|
@ -23,7 +23,7 @@ container:
|
|||
privileged: false
|
||||
options:
|
||||
workdir_parent:
|
||||
valid_volumes: []
|
||||
valid_volumes: ["/srv/example-service-volume-valid"]
|
||||
docker_host: ""
|
||||
|
||||
host:
|
||||
|
|
Loading…
Reference in a new issue