name: Dev on: push: branches: - dev jobs: test: runs-on: docker container: image: python:3.13-slim services: postgres: image: postgres:17 env: POSTGRES_USER: wiregui POSTGRES_PASSWORD: wiregui POSTGRES_DB: wiregui options: >- --health-cmd "pg_isready -U wiregui" --health-interval 5s --health-timeout 5s --health-retries 5 valkey: image: valkey/valkey:8 options: >- --health-cmd "valkey-cli ping" --health-interval 5s --health-timeout 5s --health-retries 5 mock-oidc: image: ghcr.io/navikt/mock-oauth2-server:2.1.10 env: SERVER_PORT: "9000" JSON_CONFIG: '{"interactiveLogin":true,"httpServer":"NettyWrapper","tokenCallbacks":[{"issuerId":"test-idp","tokenExpiry":3600,"requestMappings":[{"requestParam":"scope","match":"*","claims":{"sub":"$${claim:sub}","email":"$${claim:sub}@test.local","name":"Test User"}}]}]}' mock-saml: image: kenchan0130/simplesamlphp env: SIMPLESAMLPHP_SP_ENTITY_ID: http://localhost:13003/auth/saml/test-saml/metadata SIMPLESAMLPHP_SP_ASSERTION_CONSUMER_SERVICE: http://localhost:13003/auth/saml/test-saml/callback SIMPLESAMLPHP_IDP_BASE_URL: http://mock-saml:8080/simplesaml/ options: >- --health-cmd "curl -sf http://localhost:8080/simplesaml/ || wget -q -O /dev/null http://localhost:8080/simplesaml/ || exit 1" --health-interval 5s --health-timeout 5s --health-retries 10 env: CI: "true" WG_DATABASE_URL: postgresql+asyncpg://wiregui:wiregui@postgres/wiregui WG_REDIS_URL: redis://valkey:6379/0 MOCK_OIDC_HOST: mock-oidc MOCK_SAML_HOST: mock-saml steps: - name: Install system dependencies and checkout run: | apt-get update && apt-get install -y --no-install-recommends \ git wireguard-tools pkg-config libxml2-dev libxmlsec1-dev libxmlsec1-openssl git clone --depth=1 -b "${GITHUB_REF_NAME}" ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git . - name: Install uv run: pip install uv - name: Install dependencies run: uv sync - name: Run migrations run: uv run alembic upgrade head - name: Run unit tests run: uv run pytest tests/ --ignore=tests/e2e --ignore=tests/integration -v --tb=short # E2E tests disabled in CI — pass locally but fail in container # environment (stale DB reads, Playwright DNS issues). See TODO.md. # - name: Install Playwright browsers # run: uv run playwright install --with-deps chromium # - name: Run E2E tests # run: uv run pytest tests/e2e/ -v --tb=short docker: needs: test runs-on: docker container: image: catthehacker/ubuntu:act-latest options: --privileged steps: - name: Checkout repository run: | git clone ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git -b dev . git fetch origin main --tags - name: Build and push pre-release image shell: bash env: REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }} run: | # Derive version from latest tag on main: v1.2.3 -> 1.2.3.dev0, .dev1, etc. LATEST_TAG=$(git describe --tags --abbrev=0 origin/main 2>/dev/null || echo "v0.0.0") BASE_VERSION="${LATEST_TAG#v}" # Count commits on dev since that tag DEV_N=$(git rev-list --count "${LATEST_TAG}..HEAD" 2>/dev/null || echo "0") VERSION="${BASE_VERSION}.dev${DEV_N}" REGISTRY=$(echo "${{ github.server_url }}" | sed 's|https://||; s|http://||') IMAGE="${REGISTRY}/${{ github.repository_owner }}/wiregui" echo "Building ${IMAGE}:v${VERSION}" echo "${REGISTRY_TOKEN}" | docker login "${REGISTRY}" \ -u "${{ github.repository_owner }}" --password-stdin docker build --no-cache \ --build-arg "VERSION=${VERSION}" \ -t "${IMAGE}:v${VERSION}" \ -t "${IMAGE}:dev" \ . docker push "${IMAGE}:v${VERSION}" docker push "${IMAGE}:dev" echo "Pushed ${IMAGE}:v${VERSION}, ${IMAGE}:dev"