Skip to content

Commit

Permalink
Use harden runner for testing workflow
Browse files Browse the repository at this point in the history
  • Loading branch information
@waybackarchiver
waybackarchiver committed Nov 30, 2022
1 parent b82a0b1 commit 53915ab
Showing 1 changed file with 143 additions and 137 deletions.
280 changes: 143 additions & 137 deletions .github/workflows/testing.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,140 +51,146 @@ jobs:
RECVER_UID: ${{ secrets.MATRIX_RECVER_UID }}
RECVER_PWD: ${{ secrets.MATRIX_RECVER_PWD }}
steps:
- name: Set up Go ${{ matrix.go }}.x
uses: actions/setup-go@v3
with:
go-version: ${{ matrix.go }}

- name: Set up IPFS
uses: ibnesayeed/setup-ipfs@3e5452e358dfa43a0fb92496e96c82cf756be94a
with:
run_daemon: true

- name: Set up Tor
uses: tor-actions/setup-tor@main
with:
daemon: true

- name: Set up Chrome
uses: browser-actions/setup-chrome@37c79b7f0199cec79c8b6a414e806d88c8662bdd
with:
chrome-version: stable

- name: Set up Meilisearch
if: matrix.os == 'ubuntu-latest'
uses: moy2010/meilisearch-github-action@fcc5ef714af0596633665032d459bfb279d3c730 # 0.1.4
with:
meilisearch-version: v0.28.0
meilisearch-port: 7700
meilisearch-api-key: foobar

- name: Set up Chocolatey
if: matrix.os == 'windows-latest'
uses: crazy-max/ghaction-chocolatey@b59ffdb6594d2e2c36d9e1174e15ac799dd0a8f1 # v2.0.0
with:
args: -h

- name: Install Packages
if: matrix.os == 'ubuntu-latest'
shell: bash
run: |
# search package https://pkgs.org/
sudo add-apt-repository universe
sudo apt-get -y -qq update
sudo apt-get -y -qq install ffmpeg webp youtube-dl
pip3 install you-get
echo "youtube-dl version $(youtube-dl --version)"
you-get --version
ffmpeg -version
- name: Install Packages
if: matrix.os == 'macos-latest'
shell: bash
run: |
# search package https://brew.sh/
brew install --quiet ffmpeg webp youtube-dl you-get
echo "youtube-dl version $(youtube-dl --version)"
you-get --version
ffmpeg -version
- name: Install Packages
if: matrix.os == 'windows-latest'
shell: bash
run: |
# search package https://community.chocolatey.org/packages
choco install --no-progress wget ffmpeg webp youtube-dl you-get
echo "youtube-dl version $(youtube-dl --version)"
you-get --version
ffmpeg -version
wget --help
- name: Set environments
shell: bash
run: |
# Set env to enable reduxer
echo "WAYBACK_STORAGE_DIR=${{ runner.temp }}" >> $GITHUB_ENV
# Append paths to environment path
# echo "$(which youtube-dl)" >> $GITHUB_PATH
# echo "$(which you-get)" >> $GITHUB_PATH
# echo "$(which ffmpeg)" >> $GITHUB_PATH
# echo "$(which wget)" >> $GITHUB_PATH
- name: Set environments for Meilisearch
if: matrix.os == 'ubuntu-latest'
shell: bash
run: |
# Set env to enable reduxer
echo "WAYBACK_MEILI_ENDPOINT=http://localhost:7700" >> $GITHUB_ENV
echo "PLAYBACK_MEILI_ENDPOINT=http://localhost:7700" >> $GITHUB_ENV
echo "WAYBACK_MEILI_APIKEY=foobar" >> $GITHUB_ENV
echo "PLAYBACK_MEILI_APIKEY=foobar" >> $GITHUB_ENV
- name: Check out code base
if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
uses: actions/checkout@v3
with:
fetch-depth: 0

- name: Check out code base
if: github.event_name == 'pull_request'
uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}

- name: Cache go module
uses: actions/cache@v3
with:
path: |
~/.cache/go-build
~/go/pkg/mod
~/Library/Caches/go-build
~\AppData\Local\go-build
~\go\pkg\mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Get dependencies
run: |
go get -v -t -d ./...
- name: Run test
run: |
make test
make test-cover
shell: bash

- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: coverage-${{ matrix.os }}
path: coverage.*

- name: Upload coverage to Codecov
if: ${{ matrix.update-coverage }}
uses: codecov/codecov-action@81cd2dc8148241f03f5839d295e000b8f761e378 #v3.1.0

- name: Run integration test
run: make test-integration
- name: Harden Runner
uses: step-security/harden-runner@2e205a28d0e1da00c5f53b161f4067b052c61f34 # v1.5.0
with:
egress-policy: audit
disable-telemetry: true

- name: Set up Go ${{ matrix.go }}.x
uses: actions/setup-go@v3
with:
go-version: ${{ matrix.go }}

- name: Set up IPFS
uses: ibnesayeed/setup-ipfs@3e5452e358dfa43a0fb92496e96c82cf756be94a
with:
run_daemon: true

- name: Set up Tor
uses: tor-actions/setup-tor@main
with:
daemon: true

- name: Set up Chrome
uses: browser-actions/setup-chrome@37c79b7f0199cec79c8b6a414e806d88c8662bdd
with:
chrome-version: stable

- name: Set up Meilisearch
if: matrix.os == 'ubuntu-latest'
uses: moy2010/meilisearch-github-action@fcc5ef714af0596633665032d459bfb279d3c730 # 0.1.4
with:
meilisearch-version: v0.28.0
meilisearch-port: 7700
meilisearch-api-key: foobar

- name: Set up Chocolatey
if: matrix.os == 'windows-latest'
uses: crazy-max/ghaction-chocolatey@b59ffdb6594d2e2c36d9e1174e15ac799dd0a8f1 # v2.0.0
with:
args: -h

- name: Install Packages
if: matrix.os == 'ubuntu-latest'
shell: bash
run: |
# search package https://pkgs.org/
sudo add-apt-repository universe
sudo apt-get -y -qq update
sudo apt-get -y -qq install ffmpeg webp youtube-dl
pip3 install you-get
echo "youtube-dl version $(youtube-dl --version)"
you-get --version
ffmpeg -version
- name: Install Packages
if: matrix.os == 'macos-latest'
shell: bash
run: |
# search package https://brew.sh/
brew install --quiet ffmpeg webp youtube-dl you-get
echo "youtube-dl version $(youtube-dl --version)"
you-get --version
ffmpeg -version
- name: Install Packages
if: matrix.os == 'windows-latest'
shell: bash
run: |
# search package https://community.chocolatey.org/packages
choco install --no-progress wget ffmpeg webp youtube-dl you-get
echo "youtube-dl version $(youtube-dl --version)"
you-get --version
ffmpeg -version
wget --help
- name: Set environments
shell: bash
run: |
# Set env to enable reduxer
echo "WAYBACK_STORAGE_DIR=${{ runner.temp }}" >> $GITHUB_ENV
# Append paths to environment path
# echo "$(which youtube-dl)" >> $GITHUB_PATH
# echo "$(which you-get)" >> $GITHUB_PATH
# echo "$(which ffmpeg)" >> $GITHUB_PATH
# echo "$(which wget)" >> $GITHUB_PATH
- name: Set environments for Meilisearch
if: matrix.os == 'ubuntu-latest'
shell: bash
run: |
# Set env to enable reduxer
echo "WAYBACK_MEILI_ENDPOINT=http://localhost:7700" >> $GITHUB_ENV
echo "PLAYBACK_MEILI_ENDPOINT=http://localhost:7700" >> $GITHUB_ENV
echo "WAYBACK_MEILI_APIKEY=foobar" >> $GITHUB_ENV
echo "PLAYBACK_MEILI_APIKEY=foobar" >> $GITHUB_ENV
- name: Check out code base
if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
uses: actions/checkout@v3
with:
fetch-depth: 0

- name: Check out code base
if: github.event_name == 'pull_request'
uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}

- name: Cache go module
uses: actions/cache@v3
with:
path: |
~/.cache/go-build
~/go/pkg/mod
~/Library/Caches/go-build
~\AppData\Local\go-build
~\go\pkg\mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Get dependencies
run: |
go get -v -t -d ./...
- name: Run test
run: |
make test
make test-cover
shell: bash

- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: coverage-${{ matrix.os }}
path: coverage.*

- name: Upload coverage to Codecov
if: ${{ matrix.update-coverage }}
uses: codecov/codecov-action@81cd2dc8148241f03f5839d295e000b8f761e378 #v3.1.0

- name: Run integration test
run: make test-integration

0 comments on commit 53915ab

Please sign in to comment.