fix(ci): retry pod health check for slow volume attach #146
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # RemoteJuggler CI Workflow | |
| # Continuous integration for Chapel CLI and Rust GTK GUI | |
| # NOTE: macOS builds are handled by GitLab CI (signing keys are there) | |
| name: CI | |
| on: | |
| push: | |
| branches: [main, develop] | |
| pull_request: | |
| branches: [main] | |
| workflow_dispatch: | |
| env: | |
| CHAPEL_VERSION: "2.7.0" | |
| CARGO_TERM_COLOR: always | |
| jobs: | |
| # =========================================================================== | |
| # Chapel CLI Build & Test (Linux only - macOS in GitLab CI) | |
| # =========================================================================== | |
| chapel-lint: | |
| name: Chapel Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install Chapel | |
| run: | | |
| wget -q https://github.com/chapel-lang/chapel/releases/download/${CHAPEL_VERSION}/chapel-${CHAPEL_VERSION}-1.ubuntu24.amd64.deb | |
| sudo apt-get install -y ./chapel-${CHAPEL_VERSION}-1.ubuntu24.amd64.deb | |
| - name: Run chplcheck | |
| run: | | |
| # Check main source files | |
| find src -name "*.chpl" -exec chplcheck {} \; || true | |
| # Check test files | |
| find test -name "*.chpl" -exec chplcheck {} \; || true | |
| continue-on-error: true # chplcheck may not be available in all Chapel versions | |
| chapel-build-linux-amd64: | |
| name: Chapel Build (Linux amd64) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install Chapel | |
| run: | | |
| wget -q https://github.com/chapel-lang/chapel/releases/download/${CHAPEL_VERSION}/chapel-${CHAPEL_VERSION}-1.ubuntu24.amd64.deb | |
| sudo apt-get install -y ./chapel-${CHAPEL_VERSION}-1.ubuntu24.amd64.deb | |
| - name: Build | |
| run: mason build --release | |
| env: | |
| CHPL_TARGET_CPU: none | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: remote-juggler-linux-amd64 | |
| path: target/release/remote_juggler | |
| retention-days: 7 | |
| chapel-build-linux-arm64: | |
| name: Chapel Build (Linux arm64) | |
| runs-on: ubuntu-24.04-arm | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install Chapel | |
| run: | | |
| wget -q https://github.com/chapel-lang/chapel/releases/download/${CHAPEL_VERSION}/chapel-${CHAPEL_VERSION}-1.ubuntu24.arm64.deb | |
| sudo apt-get install -y ./chapel-${CHAPEL_VERSION}-1.ubuntu24.arm64.deb | |
| - name: Build | |
| run: mason build --release | |
| env: | |
| CHPL_TARGET_CPU: none | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: remote-juggler-linux-arm64 | |
| path: target/release/remote_juggler | |
| retention-days: 7 | |
| continue-on-error: true # ARM64 runners may not be available | |
| chapel-unit-tests: | |
| name: Chapel Unit Tests | |
| runs-on: ubuntu-latest | |
| needs: chapel-build-linux-amd64 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install Chapel | |
| run: | | |
| wget -q https://github.com/chapel-lang/chapel/releases/download/${CHAPEL_VERSION}/chapel-${CHAPEL_VERSION}-1.ubuntu24.amd64.deb | |
| sudo apt-get install -y ./chapel-${CHAPEL_VERSION}-1.ubuntu24.amd64.deb | |
| - name: Setup Mason registry | |
| run: | | |
| mkdir -p ~/.mason/registry | |
| # Create registry config for quickchpl | |
| cat > ~/.mason/registry/mason-registry.toml << 'EOF' | |
| [[registry]] | |
| name = "tinyland" | |
| source = "https://github.com/Jesssullivan/mason-registry" | |
| branch = "sid" | |
| EOF | |
| - name: Run Core Tests | |
| run: | | |
| # Chapel installed via deb, already in PATH | |
| cd test/unit | |
| chpl -o core_tests CoreTests.chpl -M ../../src/remote_juggler --permit-unhandled-module-errors | |
| ./core_tests || true | |
| continue-on-error: true | |
| - name: Run Identity Tests | |
| run: | | |
| # Chapel installed via deb, already in PATH | |
| cd test/unit | |
| chpl -o identity_tests IdentityTests.chpl -M ../../src/remote_juggler --permit-unhandled-module-errors | |
| ./identity_tests || true | |
| continue-on-error: true | |
| - name: Run Config Tests | |
| run: | | |
| # Chapel installed via deb, already in PATH | |
| cd test/unit | |
| chpl -o config_tests ConfigTests.chpl -M ../../src/remote_juggler --permit-unhandled-module-errors | |
| ./config_tests || true | |
| continue-on-error: true | |
| - name: Run Remote Tests | |
| run: | | |
| # Chapel installed via deb, already in PATH | |
| cd test/unit | |
| chpl -o remote_tests RemoteTests.chpl -M ../../src/remote_juggler --permit-unhandled-module-errors | |
| ./remote_tests || true | |
| continue-on-error: true | |
| - name: Run Token Health Tests | |
| run: | | |
| # Chapel installed via deb, already in PATH | |
| cd test/unit | |
| chpl -o token_health_tests TokenHealthTests.chpl -M ../../src/remote_juggler --permit-unhandled-module-errors | |
| ./token_health_tests || true | |
| continue-on-error: true | |
| chapel-integration-tests: | |
| name: Chapel Integration Tests | |
| runs-on: ubuntu-latest | |
| needs: chapel-build-linux-amd64 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: remote-juggler-linux-amd64 | |
| - name: Install Chapel runtime dependencies | |
| run: sudo apt-get update && sudo apt-get install -y libhwloc15 | |
| - name: Run integration tests | |
| run: | | |
| chmod +x remote_juggler | |
| # Test help command (must succeed) | |
| echo "=== Testing --help ===" | |
| ./remote_juggler --help | |
| # Test list command (may fail without config, exit 1 is OK) | |
| echo "=== Testing list ===" | |
| ./remote_juggler list || true | |
| # Test MCP mode initialization (exits after processing input) | |
| echo "=== Testing MCP mode ===" | |
| echo '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2025-11-25","capabilities":{},"clientInfo":{"name":"test","version":"1.0.0"}}}' | \ | |
| timeout 5 ./remote_juggler --mode=mcp || true | |
| # =========================================================================== | |
| # E2E Tests (MCP Protocol + Installation) | |
| # =========================================================================== | |
| e2e-tests: | |
| name: E2E Tests (MCP & Installation) | |
| runs-on: ubuntu-latest | |
| needs: chapel-build-linux-amd64 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: remote-juggler-linux-amd64 | |
| - name: Install Chapel runtime dependencies | |
| run: sudo apt-get update && sudo apt-get install -y libhwloc15 | |
| - name: Setup Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| - name: Install test dependencies | |
| run: pip install -r test/e2e/requirements.txt | |
| - name: Run E2E tests | |
| env: | |
| REMOTE_JUGGLER_BIN: ${{ github.workspace }}/remote_juggler | |
| run: | | |
| chmod +x $REMOTE_JUGGLER_BIN | |
| pytest test/e2e/test_installation.py test/e2e/test_mcp_protocol.py test/e2e/test_mcp_tools.py -v \ | |
| -m "not tpm and not secure_enclave and not yubikey and not hardware and not gpg and not keys" \ | |
| --timeout=30 | |
| # =========================================================================== | |
| # Rust GTK GUI Build & Test | |
| # =========================================================================== | |
| gtk-gui-lint: | |
| name: GTK GUI Lint | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: gtk-gui | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install GTK4 dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y \ | |
| libgtk-4-dev \ | |
| libadwaita-1-dev \ | |
| pkg-config \ | |
| build-essential | |
| - name: Setup Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| components: clippy, rustfmt | |
| - name: Cache cargo | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| workspaces: gtk-gui | |
| - name: Check formatting | |
| run: cargo fmt --check | |
| - name: Run clippy | |
| run: cargo clippy --all-targets --all-features -- -D warnings | |
| gtk-gui-build: | |
| name: GTK GUI Build | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: gtk-gui | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install GTK4 dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y \ | |
| libgtk-4-dev \ | |
| libadwaita-1-dev \ | |
| pkg-config \ | |
| build-essential | |
| - name: Setup Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| - name: Cache cargo | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| workspaces: gtk-gui | |
| - name: Build | |
| run: cargo build --release | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: remote-juggler-gui-linux | |
| path: gtk-gui/target/release/remote-juggler-gui | |
| retention-days: 7 | |
| gtk-gui-test: | |
| name: GTK GUI Tests | |
| runs-on: ubuntu-latest | |
| defaults: | |
| run: | |
| working-directory: gtk-gui | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install GTK4 dependencies and Xvfb | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y \ | |
| libgtk-4-dev \ | |
| libadwaita-1-dev \ | |
| pkg-config \ | |
| build-essential \ | |
| xvfb \ | |
| at-spi2-core | |
| - name: Setup Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| - name: Cache cargo | |
| uses: Swatinem/rust-cache@v2 | |
| with: | |
| workspaces: gtk-gui | |
| - name: Run unit tests | |
| run: | | |
| # Start Xvfb for headless GTK tests | |
| export DISPLAY=:99 | |
| Xvfb :99 -screen 0 1024x768x24 & | |
| sleep 2 | |
| # Run tests | |
| cargo test --all-features | |
| - name: Run property tests | |
| run: | | |
| # Start Xvfb for headless GTK tests | |
| export DISPLAY=:99 | |
| Xvfb :99 -screen 0 1024x768x24 & | |
| sleep 2 | |
| # Run proptest if available | |
| cargo test --all-features -- --include-ignored proptest || true | |
| continue-on-error: true | |
| # =========================================================================== | |
| # HSM C Library Tests | |
| # =========================================================================== | |
| hsm-unit-tests: | |
| name: HSM Unit Tests (Linux) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install build dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y build-essential | |
| - name: Build and run HSM unit tests | |
| run: | | |
| cd pinentry | |
| make test | |
| - name: Upload test binary | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: hsm-test-binary | |
| path: pinentry/test_hsm | |
| retention-days: 7 | |
| hsm-integration-tests: | |
| name: HSM Integration Tests (Linux) | |
| runs-on: ubuntu-latest | |
| needs: hsm-unit-tests | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y build-essential python3 gnupg gpg-agent | |
| - name: Build HSM library | |
| run: | | |
| cd pinentry | |
| make all | |
| - name: Run integration tests | |
| run: | | |
| cd pinentry | |
| chmod +x test_hsm_integration.sh | |
| ./test_hsm_integration.sh --verbose | |
| continue-on-error: true # Some tests require hardware | |
| hsm-macos-tests: | |
| name: HSM Tests (macOS) | |
| runs-on: macos-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup CI Keychain | |
| run: | | |
| # Create a temporary keychain for CI | |
| security create-keychain -p "" ci-keychain.keychain | |
| security set-keychain-settings -lut 7200 ci-keychain.keychain | |
| security unlock-keychain -p "" ci-keychain.keychain | |
| security list-keychains -d user -s ci-keychain.keychain $(security list-keychains -d user | tr -d '"') | |
| security default-keychain -s ci-keychain.keychain | |
| continue-on-error: true # Keychain setup may fail in some CI envs | |
| - name: Build HSM library (Darwin/Keychain backend) | |
| run: | | |
| cd pinentry | |
| make all | |
| - name: Run HSM unit tests | |
| run: | | |
| cd pinentry | |
| make test | |
| continue-on-error: true # Keychain API may not work fully in CI | |
| - name: Run basic integration tests | |
| run: | | |
| cd pinentry | |
| chmod +x test_hsm_integration.sh | |
| ./test_hsm_integration.sh --skip-gpg --verbose | |
| continue-on-error: true # No SE hardware in CI | |
| - name: Cleanup CI Keychain | |
| if: always() | |
| run: | | |
| security delete-keychain ci-keychain.keychain 2>/dev/null || true | |
| # =========================================================================== | |
| # Tray App Build & Test | |
| # =========================================================================== | |
| tray-linux-build: | |
| name: Tray (Linux) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y libgtk-3-dev libayatana-appindicator3-dev | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: '1.21' | |
| cache-dependency-path: tray/linux/go.sum | |
| - name: Build | |
| run: | | |
| cd tray/linux | |
| go build -ldflags "-s -w" -o ../../remote-juggler-tray . | |
| - name: Test | |
| run: | | |
| cd tray/linux | |
| go test -v ./... | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: remote-juggler-tray-linux-amd64 | |
| path: remote-juggler-tray | |
| retention-days: 7 | |
| tray-darwin-build: | |
| name: Tray (macOS) | |
| runs-on: macos-15 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Build | |
| run: | | |
| cd tray/darwin | |
| swift build -c release | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: remote-juggler-tray-darwin-arm64 | |
| path: tray/darwin/.build/arm64-apple-macosx/release/RemoteJugglerTray | |
| retention-days: 7 | |
| continue-on-error: true | |
| # =========================================================================== | |
| # Summary Job | |
| # =========================================================================== | |
| ci-summary: | |
| name: CI Summary | |
| runs-on: ubuntu-latest | |
| needs: | |
| - chapel-lint | |
| - chapel-build-linux-amd64 | |
| - chapel-unit-tests | |
| - chapel-integration-tests | |
| - e2e-tests | |
| - gtk-gui-lint | |
| - gtk-gui-build | |
| - gtk-gui-test | |
| - hsm-unit-tests | |
| - hsm-integration-tests | |
| - hsm-macos-tests | |
| - tray-linux-build | |
| - tray-darwin-build | |
| if: always() | |
| steps: | |
| - name: Summary | |
| run: | | |
| echo "## CI Summary" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "| Component | Status |" >> $GITHUB_STEP_SUMMARY | |
| echo "|-----------|--------|" >> $GITHUB_STEP_SUMMARY | |
| echo "| Chapel CLI (Linux amd64) | ${{ needs.chapel-build-linux-amd64.result }} |" >> $GITHUB_STEP_SUMMARY | |
| echo "| Chapel Unit Tests | ${{ needs.chapel-unit-tests.result }} |" >> $GITHUB_STEP_SUMMARY | |
| echo "| Chapel Integration Tests | ${{ needs.chapel-integration-tests.result }} |" >> $GITHUB_STEP_SUMMARY | |
| echo "| E2E Tests (MCP & Install) | ${{ needs.e2e-tests.result }} |" >> $GITHUB_STEP_SUMMARY | |
| echo "| GTK GUI Lint | ${{ needs.gtk-gui-lint.result }} |" >> $GITHUB_STEP_SUMMARY | |
| echo "| GTK GUI Build | ${{ needs.gtk-gui-build.result }} |" >> $GITHUB_STEP_SUMMARY | |
| echo "| GTK GUI Tests | ${{ needs.gtk-gui-test.result }} |" >> $GITHUB_STEP_SUMMARY | |
| echo "| Tray (Linux) | ${{ needs.tray-linux-build.result }} |" >> $GITHUB_STEP_SUMMARY | |
| echo "| Tray (macOS) | ${{ needs.tray-darwin-build.result }} |" >> $GITHUB_STEP_SUMMARY | |
| echo "| HSM Unit Tests (Linux) | ${{ needs.hsm-unit-tests.result }} |" >> $GITHUB_STEP_SUMMARY | |
| echo "| HSM Integration Tests (Linux) | ${{ needs.hsm-integration-tests.result }} |" >> $GITHUB_STEP_SUMMARY | |
| echo "| HSM Tests (macOS) | ${{ needs.hsm-macos-tests.result }} |" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "> **Note:** macOS builds and signing are handled by GitLab CI" >> $GITHUB_STEP_SUMMARY |