akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 16 Packages Projects Releases Wiki Activity

chore(ci): use build artifact for integration tests

Browse Source 
Update CI pipeline to pass the built Docker image to integration tests as a file artifact instead of pulling from a registry.

Adds explicit list of integration tests to build-image job outputs logic
Adds step to export charon:local image to tarball in linux/amd64 architecture
Updates integration jobs to download and load the image artifact
Resolves "invalid reference format" errors when registry tags are missing or invalid
Enables integration testing on PRs that do not push to registry
This commit is contained in:
GitHub Actions
2026-02-09 02:49:34 +00:00
parent 6e334515e3
commit aa6db54795
2 changed files with 204 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

93
.github/workflows/ci-pipeline.yml vendored
View File

@@ -149,7 +149,7 @@ jobs:
image_tag: ${{ steps.outputs.outputs.image_tag }}
push_image: ${{ steps.image-policy.outputs.push }}
image_pushed: ${{ steps.image-policy.outputs.push == 'true' && steps.push.outcome == 'success' }}
run_integration: ${{ needs.setup.outputs.input_run_integration == 'true' && steps.image-policy.outputs.push == 'true' && steps.push.outcome == 'success' }}
run_integration: ${{ needs.setup.outputs.input_run_integration == 'true' }}
steps:
- name: Checkout repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
@@ -347,9 +347,28 @@ jobs:
push: ${{ steps.image-policy.outputs.push == 'true' }}
load: ${{ steps.image-policy.outputs.push != 'true' }}
tags: ${{ steps.tags.outputs.tags }}
cache-to: type=gha,mode=max
labels: |
org.opencontainers.image.revision=${{ github.sha }}
- name: Build image for integration tests
id: export-image
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6
with:
context: .
file: ./Dockerfile
platforms: linux/amd64
outputs: type=docker,dest=/tmp/charon.tar
tags: charon:local
cache-from: type=gha
- name: Upload image artifact
uses: actions/upload-artifact@v4
with:
name: docker-image
path: /tmp/charon.tar
retention-days: 1
- name: Emit image outputs
id: outputs
env:
@@ -457,17 +476,17 @@ jobs:
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Log in to Docker Hub
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
- name: Download Docker image artifact
uses: actions/download-artifact@v4
with:
registry: ${{ env.DOCKERHUB_REGISTRY }}
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
name: docker-image
path: /tmp
- name: Pull shared image
run: |
docker pull "${{ needs.build-image.outputs.image_ref_dockerhub }}"
docker tag "${{ needs.build-image.outputs.image_ref_dockerhub }}" charon:local
- name: Load Docker image
run: docker load -i /tmp/charon.tar
- name: Verify local image
run: docker image inspect charon:local
- name: Run Cerberus integration tests
run: |
@@ -482,17 +501,17 @@ jobs:
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Log in to Docker Hub
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
- name: Download Docker image artifact
uses: actions/download-artifact@v4
with:
registry: ${{ env.DOCKERHUB_REGISTRY }}
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
name: docker-image
path: /tmp
- name: Pull shared image
run: |
docker pull "${{ needs.build-image.outputs.image_ref_dockerhub }}"
docker tag "${{ needs.build-image.outputs.image_ref_dockerhub }}" charon:local
- name: Load Docker image
run: docker load -i /tmp/charon.tar
- name: Verify local image
run: docker image inspect charon:local
- name: Run CrowdSec integration tests
run: |
@@ -508,17 +527,17 @@ jobs:
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Log in to Docker Hub
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
- name: Download Docker image artifact
uses: actions/download-artifact@v4
with:
registry: ${{ env.DOCKERHUB_REGISTRY }}
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
name: docker-image
path: /tmp
- name: Pull shared image
run: |
docker pull "${{ needs.build-image.outputs.image_ref_dockerhub }}"
docker tag "${{ needs.build-image.outputs.image_ref_dockerhub }}" charon:local
- name: Load Docker image
run: docker load -i /tmp/charon.tar
- name: Verify local image
run: docker image inspect charon:local
- name: Run WAF integration tests
run: |
@@ -533,17 +552,17 @@ jobs:
steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Log in to Docker Hub
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
- name: Download Docker image artifact
uses: actions/download-artifact@v4
with:
registry: ${{ env.DOCKERHUB_REGISTRY }}
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
name: docker-image
path: /tmp
- name: Pull shared image
run: |
docker pull "${{ needs.build-image.outputs.image_ref_dockerhub }}"
docker tag "${{ needs.build-image.outputs.image_ref_dockerhub }}" charon:local
- name: Load Docker image
run: docker load -i /tmp/charon.tar
- name: Verify local image
run: docker image inspect charon:local
- name: Run rate limit integration tests
run: |