ci: sudo #293
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Live test | |
on: | |
workflow_dispatch: | |
schedule: | |
- cron: "0 0 * * *" | |
push: | |
paths: | |
- ".github/workflows/live-test.yaml" | |
env: | |
HOSTNAME: mqtt.nordicsemi.academy | |
jobs: | |
# Ensures that the TLS certificate can be fetched | |
fetch-cert: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
protocol: [http, https] | |
steps: | |
- name: fetch TLS certificate | |
run: curl --fail-with-body -v ${{ matrix.protocol }}://${{ env.HOSTNAME }}/${{ env.HOSTNAME }}.pem | |
live-test: | |
# openresolv is not available on ubuntu-24.04 | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 10 | |
strategy: | |
matrix: | |
ipv: [ipv4, ipv6] | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: "20.x" | |
- name: Keep npm cache around to speed up installs | |
uses: actions/cache@v4 | |
with: | |
path: ~/.npm | |
key: build-${{ hashFiles('**/package-lock.json') }} | |
- name: Install dependencies | |
run: npm ci --no-audit | |
- name: Set up WARP (for IPv6) | |
if: matrix.ipv == 'ipv6' | |
run: | | |
echo "WARP mode: wireguard." | |
sudo apt-get -y update | |
sudo apt-get -y install --no-install-recommends net-tools iproute2 openresolv dnsutils iptables wireguard-tools | |
LAN=$(ip route get 192.168.193.10 | grep -oP 'src \K\S+') | |
CONFIG=" | |
[Interface] | |
PrivateKey = cKE7LmCF61IhqqABGhvJ44jWXp8fKymcMAEVAzbDF2k= | |
Address = 172.16.0.2/32 | |
Address = fd01:5ca1:ab1e:823e:e094:eb1c:ff87:1fab/128 | |
PostUp = ip -4 rule add from $LAN lookup main | |
PostDown = ip -4 rule delete from $LAN lookup main | |
DNS = 8.8.8.8,8.8.4.4 | |
MTU = 1280 | |
[Peer] | |
PublicKey = bmXOC+F1FxEMF9dyiK2H5/1SUtzH0JuVo51h2wPfgyo= | |
AllowedIPs = 0.0.0.0/0 | |
AllowedIPs = ::/0 | |
Endpoint = 162.159.193.10:2408 | |
" | |
echo "$CONFIG" | sed "s/^[ ]\+//g" | sudo tee /etc/wireguard/warp.conf | |
sudo cat /etc/wireguard/warp.conf | |
sudo wg-quick up warp | |
sleep 5 | |
- run: curl ifconfig.me | |
- name: fetch TLS certificate | |
run: curl --fail-with-body -v https://${{ env.HOSTNAME }}/${{ env.HOSTNAME }}.pem > ${{ github.workspace }}/${{ env.HOSTNAME }}.pem | |
- name: Run tests | |
env: | |
IPV: ${{ matrix.ipv }} | |
HOSTNAME: ${{ env.HOSTNAME }} | |
CERT_PATH: ${{ github.workspace }}/${{ env.HOSTNAME }}.pem | |
run: npx tsx --test test.ts | |
website: | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
protocol: [http, https] | |
steps: | |
- uses: actions/checkout@v4 | |
- name: ${{ matrix.protocol }} | |
run: | | |
curl -L --fail-with-body -v ${{ matrix.protocol }}://${{ env.HOSTNAME }}/ > ${{ matrix.protocol }}.html | |
diff ${{ matrix.protocol }}.html docs/index.html | |
certificate: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- run: npm ci | |
- run: npx tsx check-certificate-expiry.ts |