chore: bump dependencies via gobump #9
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Testing rhel content | |
| on: # yamllint disable-line rule:truthy | |
| pull_request_target: | |
| types: [opened, synchronize, reopened] | |
| # To use rhel content we need the SUBSCRIPTION_* secret available inside the | |
| # forked repo which requires the pull_request_target trigger. To protect | |
| # the secrets we need to make sure only people with repo write access | |
| # can trigger this workflow. This means that ouside contributors will | |
| # get an initial failure when the workflow is run. But once someone from | |
| # the team re-triggers it it will work. | |
| # | |
| # Note that "pull_request_target" events are always triggered even | |
| # when the "Fork pull request workflows from outside collaborators" | |
| # setting is restricted to "Require approval for all outside collaborators" | |
| # (see https://docs.github.com/en/actions/managing-workflow-runs/approving-workflow-runs-from-public-forks) | |
| # | |
| # This follows https://michaelheap.com/access-secrets-from-forks/ | |
| jobs: | |
| manifest-in-osbuild-container: | |
| name: "RHEL tar build in container" | |
| runs-on: ubuntu-latest | |
| container: | |
| image: fedora:latest | |
| options: --privileged | |
| steps: | |
| - name: Get User Permission | |
| id: checkAccess | |
| uses: actions-cool/check-user-permission@v2 | |
| with: | |
| require: write | |
| username: ${{ github.triggering_actor }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Check User Permission | |
| if: steps.checkAccess.outputs.require-result == 'false' | |
| run: | | |
| echo "${{ github.triggering_actor }} does not have permissions on this repo." | |
| echo "Current permission level is ${{ steps.checkAccess.outputs.user-permission }}" | |
| echo "Job originally triggered by ${{ github.actor }}" | |
| exit 1 | |
| - uses: actions/checkout@v6 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Run integration tests via pytest | |
| env: | |
| SUBSCRIPTION_ORG: ${{ secrets.SUBSCRIPTION_ORG }} | |
| SUBSCRIPTION_ACTIVATION_KEY: ${{ secrets.SUBSCRIPTION_ACTIVATION_KEY }} | |
| run: | | |
| # workaround nested podman | |
| mkdir -p /etc/containers | |
| cat > /etc/containers/containers.conf <<EOF | |
| [engine] | |
| cgroup_manager = "cgroupfs" | |
| [containers] | |
| cgroups = "disabled" | |
| EOF | |
| dnf install -y python3-pytest python3-yaml podman subscription-manager | |
| pytest -rs -v test/test_rhel.py |