upstream/mattermost
1
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2026-02-03 20:40:00 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
mattermost/.github/workflows/e2e-tests-ci.yml
Jesse Hallam 06b1bf3a51
MM-64878: FIPS Build (#33809) 
* pin to ubuntu-24.04

* always use FIPS compatible Postgres settings

* use sha256 for remote cluster IDs

* use sha256 for client config hash

* rework S3 backend to be FIPS compatible

* skip setup-node during build, since already in container

* support FIPS builds

* Dockerfile for FIPS image, using glibc-openssl-fips

* workaround entrypoint inconsistencies

* authenticate to DockerHub

* fix FIPS_ENABLED, add test-mmctl-fips

* decouple check-mattermost-vet from test/build steps

* fixup! decouple check-mattermost-vet from test/build steps

* only build-linux-amd64 for fips

* rm entrypoint workaround

* tweak comment grammar

* rm unused Dockerfile.fips (for now)

* ignore gpg import errors, since would fail later anyway

* for fips, only make package-linux-amd64

* set FIPS_ENABLED for build step

* Add a FIPS-specific list of prepackaged plugins

Note that the names are still temporary, since they are not uploaded to
S3 yet. We may need to tweak them when that happens.

* s/golangci-lint/check-style/

This ensures we run all the `check-style` checks: previously,
`modernize` was missing.

* pin go-vet to @v2, remove annoying comment

* add -fips to linux-amd64.tz.gz package

* rm unused setup-chainctl

* use BUILD_TYPE_NAME instead

* mv fips build to enterprise-only

* fixup! use BUILD_TYPE_NAME instead

* temporarily pre-package no plugins for FIPS

* split package-cleanup

* undo package-cleanup, just skip ARM, also test

* skip arm for FIPS in second target too

* fmt Makefile

* Revert "rm unused Dockerfile.fips (for now)"

This reverts commit 601e37e0ff.

* reintroduce Dockerfile.fips and align with existing Dockerfile

* s/IMAGE/BUILD_IMAGE/

* bump the glibc-openssl-fips version

* rm redundant comment

* fix FIPS checks

* set PLUGIN_PACKAGES empty until prepackaged plugins ready

* upgrade glibc-openssl-fips, use non-dev version for final stage

* another BUILD_IMAGE case

* Prepackage the FIPS versions of plugins

* relocate FIPS_ENABLED initialization before use

* s/Config File MD5/Config File Hash/

* Update the FIPS plugin names and encode the + sign

* add /var/tmp for local socket manipulation

---------

Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com>
Co-authored-by: Mattermost Build <build@mattermost.com>
2025-09-15 10:53:28 -03:00

49 lines
2.1 KiB
YAML
Raw Permalink Blame History

---
name: E2E Smoketests
on:
# For PRs, this workflow gets triggered from the Argo Events platform.
# Check the following repo for details: https://github.com/mattermost/delivery-platform
workflow_dispatch:
inputs:
commit_sha:
type: string
required: true
jobs:
generate-test-variables:
runs-on: ubuntu-24.04
outputs:
BRANCH: "${{ steps.generate.outputs.BRANCH }}"
BUILD_ID: "${{ steps.generate.outputs.BUILD_ID }}"
SERVER_IMAGE: "${{ steps.generate.outputs.SERVER_IMAGE }}"
steps:
- name: ci/smoke/generate-test-variables
id: generate
run: |
### Populate support variables
COMMIT_SHA=${{ inputs.commit_sha }}
SERVER_IMAGE_TAG="${COMMIT_SHA::7}"
# BUILD_ID format: $pipelineID-$imageTag-$testType-$serverType-$serverEdition
# Reference on BUILD_ID parsing: https://github.com/saturninoabril/automation-dashboard/blob/175891781bf1072c162c58c6ec0abfc5bcb3520e/lib/common_utils.ts#L3-L23
BUILD_ID="${{ github.run_id }}_${{ github.run_attempt }}-${SERVER_IMAGE_TAG}-smoketest-onprem-ent"
echo "BRANCH=server-smoketest-${COMMIT_SHA::7}" >> $GITHUB_OUTPUT
echo "BUILD_ID=${BUILD_ID}" >> $GITHUB_OUTPUT
echo "SERVER_IMAGE=mattermostdevelopment/mattermost-enterprise-edition:${SERVER_IMAGE_TAG}" >> $GITHUB_OUTPUT
e2e-smoketest:
needs:
- generate-test-variables
uses: ./.github/workflows/e2e-tests-ci-template.yml
with:
commit_sha: "${{ inputs.commit_sha }}"
status_check_context: "E2E Tests/smoketests"
TEST: cypress
REPORT_TYPE: none
SERVER: onprem
BRANCH: "${{ needs.generate-test-variables.outputs.BRANCH }}"
BUILD_ID: "${{ needs.generate-test-variables.outputs.BUILD_ID }}"
SERVER_IMAGE: "${{ needs.generate-test-variables.outputs.SERVER_IMAGE }}"
secrets:
MM_LICENSE: "${{ secrets.MM_E2E_TEST_LICENSE_ONPREM_ENT }}"
AUTOMATION_DASHBOARD_URL: "${{ secrets.MM_E2E_AUTOMATION_DASHBOARD_URL }}"
AUTOMATION_DASHBOARD_TOKEN: "${{ secrets.MM_E2E_AUTOMATION_DASHBOARD_TOKEN }}"
Reference in a new issue View git blame Copy permalink