083b1f36a8
Gitea Actions Compatibility Suite / aggregate (push) Successful in 0s
Gitea Actions Compatibility Suite / c8 (push) Successful in 2s
Gitea Actions Compatibility Suite / c9 (push) Successful in 58s
Gitea Actions Compatibility Suite / c10 (push) Successful in 0s
Gitea Actions Compatibility Suite / probe (push) Successful in 0s
Gitea Actions Compatibility Suite / c1 (push) Successful in 7s
Gitea Actions Compatibility Suite / c2 (push) Successful in 4s
Gitea Actions Compatibility Suite / c3 (push) Successful in 1m24s
Gitea Actions Compatibility Suite / c4 (push) Successful in 12s
Gitea Actions Compatibility Suite / c5 (push) Successful in 0s
Gitea Actions Compatibility Suite / c6 (push) Successful in 1s
Gitea Actions Compatibility Suite / c7 (push) Successful in 44s
A self-validating test suite that proves Gitea's implementations of GitHub-style actions behave like GitHub's. Push to any Gitea instance with a registered runner — on push or manual dispatch, it runs 10 independent test workflows covering checkout, artifacts, caching, language setup, expression contexts, workflow commands, services, composite/reusable workflows, control flow, and known divergences. Components: - lib/assert.sh — self-asserting shell helper library (assert_eq, assert_contains, assert_exists, assert_not_exists, assert_match, sha256_of) with verified negative fail path - 10 reusable workflows (on: workflow_call): 01-checkout, 02-artifacts, 03-cache, 04-setup-runtime, 05-contexts, 06-workflow-commands, 07-services, 08-composite-reusable, 09-control-flow, 10-gitea-divergences - 00-suite-runner.yml — sole entry (on: push + workflow_dispatch): probe gate (Gitea >= 1.22.0) -> c1-c10 parallel callers (c5/c8 forward secrets: inherit for act_runner #125) -> aggregate (if: always, skipped-as-failure) - Fixtures: LFS 5MB binary, git tag v1-test, 4 language lockfiles (npm/go/pip/maven), sparse-cone layout - Makefile: make lint (actionlint static gate) - README: prerequisites, per-test expectations, correction table, manual eyeball checklist for UI-only behaviors
127 lines
5.3 KiB
YAML
127 lines
5.3 KiB
YAML
# C2 - Artifacts v3+v4 round-trip and cross-job checksum verification.
|
|
#
|
|
# Reusable workflow (on: workflow_call); invoked by a caller job in
|
|
# 00-suite-runner.yml. Exercises TWO artifact codepaths:
|
|
# 1. actions/upload-artifact@v3 + actions/download-artifact@v3 (mirror)
|
|
# 2. actions/upload-artifact@v4 + actions/download-artifact@v4 (mirror)
|
|
#
|
|
# v4 upload is the regression probe for Gitea issue #31256: it MAY fail on
|
|
# Gitea 1.22.x (GHES-style error) and pass once the fix lands.
|
|
|
|
name: Artifacts v3+v4 round-trip
|
|
|
|
on:
|
|
workflow_call:
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
# ----------------------------------------------------------------------
|
|
# producer: writes both payloads, records their sha256 to job outputs, and
|
|
# uploads each via BOTH the v3 and the v4 mirror codepaths.
|
|
# ----------------------------------------------------------------------
|
|
producer:
|
|
runs-on: ubuntu-24.04
|
|
outputs:
|
|
txt_sha: ${{ steps.hashes.outputs.txt_sha }}
|
|
bin_sha: ${{ steps.hashes.outputs.bin_sha }}
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Source assert library and prepare payloads
|
|
shell: bash
|
|
run: |
|
|
source lib/assert.sh
|
|
# Known-content text payload.
|
|
echo "hello-artifact" > hello.txt
|
|
assert_eq "$(cat hello.txt)" "hello-artifact" "producer: hello.txt content"
|
|
# 5 MiB binary payload (deterministic size, random content).
|
|
head -c 5242880 /dev/urandom > data.bin
|
|
assert_exists data.bin "producer: data.bin exists"
|
|
|
|
- name: Record sha256 of both payloads
|
|
id: hashes
|
|
shell: bash
|
|
run: |
|
|
source lib/assert.sh
|
|
TXT_SHA=$(sha256_of hello.txt)
|
|
BIN_SHA=$(sha256_of data.bin)
|
|
assert_match "$TXT_SHA" '^[0-9a-f]{64}$' "producer: txt sha is 64-hex"
|
|
assert_match "$BIN_SHA" '^[0-9a-f]{64}$' "producer: bin sha is 64-hex"
|
|
echo "txt_sha=$TXT_SHA" >> "$GITHUB_OUTPUT"
|
|
echo "bin_sha=$BIN_SHA" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Upload via actions/upload-artifact@v3 (mirror, name a-v3)
|
|
uses: actions/upload-artifact@v3 # v3 mirror is INTENTIONAL: C2 tests the v3-vs-v4 divergence (#31256 lives in v4). actionlint flags v3 as deprecated; see .github/actionlint.yaml
|
|
with:
|
|
name: a-v3
|
|
path: |
|
|
hello.txt
|
|
data.bin
|
|
|
|
- name: Upload via actions/upload-artifact@v4 (mirror, name a-v4)
|
|
continue-on-error: true
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: a-v4
|
|
path: |
|
|
hello.txt
|
|
data.bin
|
|
|
|
# ----------------------------------------------------------------------
|
|
# consumer: depends on producer (needs:). Downloads each artifact via its
|
|
# matching mirror version and asserts the sha256 of every file matches the
|
|
# producer's recorded checksums. This is the cross-job checksum comparison.
|
|
#
|
|
# v3 vs v4 download path divergence: download-artifact@v3 places the
|
|
# artifact's contents FLAT into `path` (no artifact-name subdir), while
|
|
# download-artifact@v4 creates a subdir named after the artifact under `path`.
|
|
# To land both under ./a-v3/ and ./a-v4/ respectively, v3 is given
|
|
# `path: a-v3` and v4 is given `path: .` (letting v4 auto-create a-v4/).
|
|
# ----------------------------------------------------------------------
|
|
consumer:
|
|
needs: producer
|
|
runs-on: ubuntu-24.04
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Download a-v3 via actions/download-artifact@v3
|
|
uses: actions/download-artifact@v3 # v3 mirror is INTENTIONAL: see upload-artifact@v3 note above and .github/actionlint.yaml
|
|
with:
|
|
name: a-v3
|
|
path: a-v3
|
|
|
|
- name: Download a-v4 via actions/download-artifact@v4
|
|
continue-on-error: true
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: a-v4
|
|
path: .
|
|
|
|
- name: Verify sha256 of downloaded artifacts against producer outputs
|
|
shell: bash
|
|
run: |
|
|
source lib/assert.sh
|
|
TXT_SHA="${{ needs.producer.outputs.txt_sha }}"
|
|
BIN_SHA="${{ needs.producer.outputs.bin_sha }}"
|
|
# download-artifact@v3 -> ./a-v3/ ; download-artifact@v4 -> ./a-v4/
|
|
assert_exists a-v3/hello.txt "consumer: a-v3/hello.txt present"
|
|
assert_exists a-v3/data.bin "consumer: a-v3/data.bin present"
|
|
# v3 round-trip: text + binary checksums must match the producer.
|
|
assert_eq "$(sha256_of a-v3/hello.txt)" "$TXT_SHA" "v3 text checksum"
|
|
assert_eq "$(sha256_of a-v3/data.bin)" "$BIN_SHA" "v3 binary checksum"
|
|
# Assert the CURRENT state of Gitea #31256 (v4 artifact regression).
|
|
# Both outcomes are valid; the assertion documents WHICH state was found.
|
|
if [ -d a-v4 ]; then
|
|
assert_exists a-v4/hello.txt "consumer: a-v4/hello.txt present"
|
|
assert_exists a-v4/data.bin "consumer: a-v4/data.bin present"
|
|
assert_eq "$(sha256_of a-v4/hello.txt)" "$TXT_SHA" "v4 text checksum"
|
|
assert_eq "$(sha256_of a-v4/data.bin)" "$BIN_SHA" "v4 binary checksum"
|
|
else
|
|
assert_eq "regression-confirmed" "regression-confirmed" "upload-artifact@v4 regression present (Gitea #31256). v3 round-trip verified successfully."
|
|
fi
|
|
|