mirror of
https://github.com/tailscale/tailscale.git
synced 2024-11-29 04:55:31 +00:00
07991dec83
Pin actions/checkout usage to latest 3.x or 4.x as appropriate. These were previously pointing to `@4` or `@3` which pull in the latest versions at these tags as they are released, with the potential to break our workflows if a breaking change or malicious version for either of these streams are released. Changing this to a pinned version also means that dependabot will keep this in the pinend version format (e.g., referencing a SHA) when it opens a PR to bump the dependency. Updates #cleanup Signed-off-by: Mario Minardi <mario@tailscale.com>
110 lines
3.9 KiB
YAML
110 lines
3.9 KiB
YAML
name: test installer.sh
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- "main"
|
|
paths:
|
|
- scripts/installer.sh
|
|
pull_request:
|
|
branches:
|
|
- "*"
|
|
paths:
|
|
- scripts/installer.sh
|
|
|
|
jobs:
|
|
test:
|
|
strategy:
|
|
# Don't abort the entire matrix if one element fails.
|
|
fail-fast: false
|
|
# Don't start all of these at once, which could saturate Github workers.
|
|
max-parallel: 4
|
|
matrix:
|
|
image:
|
|
# This is a list of Docker images against which we test our installer.
|
|
# If you find that some of these no longer exist, please feel free
|
|
# to remove them from the list.
|
|
# When adding new images, please only use official ones.
|
|
- "debian:oldstable-slim"
|
|
- "debian:stable-slim"
|
|
- "debian:testing-slim"
|
|
- "debian:sid-slim"
|
|
- "ubuntu:18.04"
|
|
- "ubuntu:20.04"
|
|
- "ubuntu:22.04"
|
|
- "ubuntu:23.04"
|
|
- "elementary/docker:stable"
|
|
- "elementary/docker:unstable"
|
|
- "parrotsec/core:lts-amd64"
|
|
- "parrotsec/core:latest"
|
|
- "kalilinux/kali-rolling"
|
|
- "kalilinux/kali-dev"
|
|
- "oraclelinux:9"
|
|
- "oraclelinux:8"
|
|
- "fedora:latest"
|
|
- "rockylinux:8.7"
|
|
- "rockylinux:9"
|
|
- "amazonlinux:latest"
|
|
- "opensuse/leap:latest"
|
|
- "opensuse/tumbleweed:latest"
|
|
- "archlinux:latest"
|
|
- "alpine:3.14"
|
|
- "alpine:latest"
|
|
- "alpine:edge"
|
|
deps:
|
|
# Run all images installing curl as a dependency.
|
|
- curl
|
|
include:
|
|
# Check a few images with wget rather than curl.
|
|
- { image: "debian:oldstable-slim", deps: "wget" }
|
|
- { image: "debian:sid-slim", deps: "wget" }
|
|
- { image: "ubuntu:23.04", deps: "wget" }
|
|
# Ubuntu 16.04 also needs apt-transport-https installed.
|
|
- { image: "ubuntu:16.04", deps: "curl apt-transport-https" }
|
|
- { image: "ubuntu:16.04", deps: "wget apt-transport-https" }
|
|
runs-on: ubuntu-latest
|
|
container:
|
|
image: ${{ matrix.image }}
|
|
options: --user root
|
|
steps:
|
|
- name: install dependencies (pacman)
|
|
# Refresh the package databases to ensure that the tailscale package is
|
|
# defined.
|
|
run: pacman -Sy
|
|
if: contains(matrix.image, 'archlinux')
|
|
- name: install dependencies (yum)
|
|
# tar and gzip are needed by the actions/checkout below.
|
|
run: yum install -y --allowerasing tar gzip ${{ matrix.deps }}
|
|
if: |
|
|
contains(matrix.image, 'centos')
|
|
|| contains(matrix.image, 'oraclelinux')
|
|
|| contains(matrix.image, 'fedora')
|
|
|| contains(matrix.image, 'amazonlinux')
|
|
- name: install dependencies (zypper)
|
|
# tar and gzip are needed by the actions/checkout below.
|
|
run: zypper --non-interactive install tar gzip ${{ matrix.deps }}
|
|
if: contains(matrix.image, 'opensuse')
|
|
- name: install dependencies (apt-get)
|
|
run: |
|
|
apt-get update
|
|
apt-get install -y ${{ matrix.deps }}
|
|
if: |
|
|
contains(matrix.image, 'debian')
|
|
|| contains(matrix.image, 'ubuntu')
|
|
|| contains(matrix.image, 'elementary')
|
|
|| contains(matrix.image, 'parrotsec')
|
|
|| contains(matrix.image, 'kalilinux')
|
|
- name: checkout
|
|
# We cannot use v4, as it requires a newer glibc version than some of the
|
|
# tested images provide. See
|
|
# https://github.com/actions/checkout/issues/1487
|
|
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
|
|
- name: run installer
|
|
run: scripts/installer.sh
|
|
# Package installation can fail in docker because systemd is not running
|
|
# as PID 1, so ignore errors at this step. The real check is the
|
|
# `tailscale --version` command below.
|
|
continue-on-error: true
|
|
- name: check tailscale version
|
|
run: tailscale --version
|