From 4063d4c9e0467935926fd0470464c765c7ab0407 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Wed, 29 Apr 2026 12:06:47 +1000 Subject: [PATCH 1/3] Use shared GitHub Actions workflow --- .github/workflows/build_and_test.yml | 248 +-------------------------- 1 file changed, 8 insertions(+), 240 deletions(-) diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml index 2d4c1b7..f61be32 100644 --- a/.github/workflows/build_and_test.yml +++ b/.github/workflows/build_and_test.yml @@ -12,243 +12,11 @@ on: - 'main' jobs: - docker: - runs-on: ubuntu-latest - steps: - - - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - - - name: Docker meta - id: meta - uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6 - with: - # list of Docker images to use as base name for tags - images: | - ${{ github.repository_owner }}/ssh-agent - ghcr.io/${{ github.repository_owner }}/ssh-agent - labels: | - org.opencontainers.image.authors=the pygmy stack, Will Maier (original Docker image) - org.opencontainers.image.description=dnsmasq DNS proxy, configured for use with the pygmy stack - - - name: Set up QEMU - uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4 - - - name: Login to DockerHub - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Login to GHCR - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Build and push - uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7 - with: - context: . - platforms: linux/amd64,linux/arm64 - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - - test: - needs: docker - runs-on: ubuntu-latest - steps: - - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - # Establish some SSH keys. - - - name: Setup SSH - run: | - eval $(ssh-agent); - ssh-keygen -t rsa -q -f "$HOME/.ssh/id_rsa" -N ""; - ssh-keygen -t rsa -q -f "$HOME/.ssh/id_pwd" -N "passphrase"; - ssh-add; - ssh-add -l; - - - name: Docker meta - id: meta - uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6 - with: - # list of Docker images to use as base name for tags - images: | - ghcr.io/${{ github.repository_owner }}/ssh-agent - flavor: | - latest=false - - - name: Set single image tag - id: single_tag - run: | - echo "tag=$(echo '${{ steps.meta.outputs.tags }}' | head -n1)" >> "$GITHUB_OUTPUT" - - - name: Find and Replace - env: - IMAGE_TAG: ${{ steps.single_tag.outputs.tag }} - run: | - find examples/ -type f -exec sed -i.bak "s|ghcr.io/pygmystack/ssh-agent:main|${IMAGE_TAG}|g" {} \; - find examples/ -name "*.bak" -delete - grep -Fn ghcr examples/* - - - name: Set up Homebrew - uses: Homebrew/actions/setup-homebrew@83bdac2a10b90af5036d2905fd5c2831fefd42bd # main - - - name: Install homebrew packages - env: - HOMEBREW_NO_AUTO_UPDATE: 1 - HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK: 1 - HOMEBREW_NO_ENV_HINTS: 1 - run: | - brew install bats-core; - brew install dockerize; - brew install pygmystack/pygmy/pygmy; - pygmy version; - - - name: Pull image for tests - run: docker pull ${{ steps.single_tag.outputs.tag }} - - - name: Run BATS tests - env: - IMAGE_NAME: ${{ steps.single_tag.outputs.tag }} - run: | - bats --tap tests/image_structure.bats - bats --tap tests/runtime.bats - - - name: Switch pygmy configs from vanilla to basic - run: | - pygmy status; - pygmy clean; - pygmy --config examples/pygmy.basic.yml pull; - pygmy --config examples/pygmy.basic.yml up; - sleep 10; - pygmy --config examples/pygmy.basic.yml status; - - - name: Show pygmy image versions - run: | - docker ps -a --filter "label=pygmy.name" - - - name: Export and show configuration - pygmy.basic.yml - run: | - pygmy --config examples/pygmy.basic.yml export -o ./exported-config.yml - cat ./exported-config.yml - echo "Checking image references in started containers..."; - docker container inspect amazeeio-ssh-agent | jq '.[].Config.Image' | grep -F '${{ steps.single_tag.outputs.tag }}'; - - - name: Resolv file test - run: | - stat /usr/lib/systemd/resolved.conf.d/docker.amazee.io.conf; - grep "127.0.0.1" /usr/lib/systemd/resolved.conf.d/docker.amazee.io.conf; - grep "docker.amazee.io" /usr/lib/systemd/resolved.conf.d/docker.amazee.io.conf; - - - name: haproxy test - run: | - curl http://docker.amazee.io/stats | grep 'class=px' | grep 'mailhog.docker.amazee.io'; - curl http://docker.amazee.io/stats | grep 'HAProxy version'; - - - name: mailhog test - run: | - curl http://mailhog.docker.amazee.io | grep 'mailhog/MailHog'; - - - name: dnsmasq version - run: | - docker exec amazeeio-dnsmasq sh -c 'dnsmasq -v' | grep 'Dnsmasq version' - - - name: ssh version - run: | - docker exec amazeeio-ssh-agent sh -c 'ssh -V' - - - name: Test the amazeeio-network for expected results - run: | - docker network inspect amazeeio-network | jq '.[].Name' | grep "amazeeio-network"; - docker network inspect amazeeio-network | jq '.[].Containers' | jq '.[].Name' | grep "amazeeio-haproxy"; - docker network inspect amazeeio-network | jq '.[].Containers' | jq '.[].Name' | grep "amazeeio-mailhog"; - docker network inspect amazeeio-network | jq '.[].Containers' | jq '.[].IPv4Address'; - docker network inspect amazeeio-network | jq '.[].Containers' | jq '.[].IPv4Address' | grep "10.99.99."; - - - name: Test for configured container tags. - run: | - docker inspect amazeeio-dnsmasq | jq '.[].Config.Labels["pygmy.hocuspocus"]' | grep "42"; - docker inspect amazeeio-dnsmasq | jq '.[].Config.Labels["pygmy.abracadabra"]' | grep "1"; - docker inspect amazeeio-dnsmasq | jq '.[].Config.Labels["pygmy.opensesame"]' | grep "correct"; - docker inspect amazeeio-haproxy | jq '.[].Config.Labels["pygmy.hocuspocus"]' | grep "42"; - docker inspect amazeeio-haproxy | jq '.[].Config.Labels["pygmy.abracadabra"]' | grep "1"; - docker inspect amazeeio-haproxy | jq '.[].Config.Labels["pygmy.opensesame"]' | grep "correct"; - docker inspect amazeeio-ssh-agent | jq '.[].Config.Labels["pygmy.hocuspocus"]' | grep "42"; - docker inspect amazeeio-ssh-agent | jq '.[].Config.Labels["pygmy.abracadabra"]' | grep "1"; - docker inspect amazeeio-ssh-agent | jq '.[].Config.Labels["pygmy.opensesame"]' | grep "correct"; - docker inspect amazeeio-mailhog | jq '.[].Config.Labels["pygmy.hocuspocus"]' | grep "42"; - docker inspect amazeeio-mailhog | jq '.[].Config.Labels["pygmy.abracadabra"]' | grep "1"; - docker inspect amazeeio-mailhog | jq '.[].Config.Labels["pygmy.opensesame"]' | grep "correct"; - - - name: Switch pygmy configs from basic to vanilla - run: | - pygmy --config examples/pygmy.basic.yml status; - pygmy --config examples/pygmy.basic.yml clean; - pygmy --config examples/pygmy.yml pull; - pygmy --config examples/pygmy.yml up; - sleep 10; - pygmy --config examples/pygmy.yml status; - - - name: Export and show configuration - pygmy.yml - run: | - pygmy --config examples/pygmy.yml export -o ./exported-config-2.yml - cat ./exported-config-2.yml - echo "Checking image references in started containers..."; - docker container inspect amazeeio-ssh-agent | jq '.[].Config.Image' | grep -F '${{ steps.single_tag.outputs.tag }}'; - - - name: SSH Key test - run: | - pygmy --config examples/pygmy.yml addkey /home/runner/.ssh/id_rsa; - pygmy --config examples/pygmy.yml status; - pygmy --config examples/pygmy.yml status | grep 'RSA'; - docker run --rm -i --volumes-from amazeeio-ssh-agent ${{ steps.single_tag.outputs.tag }} /usr/bin/ssh-add -l | grep 'RSA'; - - - name: Clone the official examples - run: | - git clone --recurse-submodules https://github.com/uselagoon/lagoon-examples.git - - - name: "[Example] Drupal Base" - run: | - cd lagoon-examples/drupal-base; - docker compose -p drupal-base up -d; - docker compose -p drupal-base exec -T cli composer install; - dockerize -wait http://drupal-base.docker.amazee.io:80 -timeout 10s; - curl --HEAD http://drupal-base.docker.amazee.io; - curl --HEAD http://drupal-base.docker.amazee.io | grep -i "x-lagoon"; - pygmy --config examples/pygmy.yml status | grep '\- http://drupal-base.docker.amazee.io'; - docker compose -p drupal-base down; - docker compose -p drupal-base rm; - cd ../../; - - - name: Test the stop command - run: | - pygmy --config examples/pygmy.yml down | grep 'Successfully removed amazeeio'; - pygmy --config examples/pygmy.yml status | grep '\[ \] amazeeio-' | grep 'is not running'; - pygmy --config examples/pygmy.yml status | grep 'Running as container amazeeio-' && false || true; - pygmy --config examples/pygmy.yml up; - pygmy --config examples/pygmy.yml status | grep 'Running as container amazeeio-' && true || false; - - - name: Test the down command - run: | - pygmy --config examples/pygmy.yml stop | grep 'Successfully stopped amazeeio'; - pygmy --config examples/pygmy.yml status | grep '\[ \] amazeeio-' | grep 'is not running'; - pygmy --config examples/pygmy.yml status | grep 'Running as container amazeeio-' && false || true; - pygmy --config examples/pygmy.yml up; - pygmy --config examples/pygmy.yml status | grep 'Running as container amazeeio-' && true || false; - - - name: Cleanup pygmy - run: | - pygmy --config examples/pygmy.yml clean; - - - name: Cleanup after tests. - run: | - docker system prune --all --force - docker volume prune --force + ci: + uses: pygmystack/.github/workflows/container-build-test-publish.yml@main + with: + image_name: ssh-agent + replace_source: ghcr.io/pygmystack/ssh-agent:main + oc_authors: the pygmy stack, Will Maier (original Docker image) + oc_description: SSH agent service, configured for use with the pygmy stack + secrets: inherit From 551b69814c89397de1532b17246e3e0a093ef253 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Wed, 29 Apr 2026 12:08:29 +1000 Subject: [PATCH 2/3] Fix shared workflow path --- .github/workflows/build_and_test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml index f61be32..1a8e967 100644 --- a/.github/workflows/build_and_test.yml +++ b/.github/workflows/build_and_test.yml @@ -13,7 +13,7 @@ on: jobs: ci: - uses: pygmystack/.github/workflows/container-build-test-publish.yml@main + uses: pygmystack/.github/.github/workflows/container-build-test-publish.yml@main with: image_name: ssh-agent replace_source: ghcr.io/pygmystack/ssh-agent:main From cac22e161835f85d2a64951d9ba5f25008cd65f6 Mon Sep 17 00:00:00 2001 From: Toby Bellwood Date: Wed, 29 Apr 2026 12:16:55 +1000 Subject: [PATCH 3/3] Remove GitHub Actions Renovate packageRules --- renovate.json | 35 +---------------------------------- 1 file changed, 1 insertion(+), 34 deletions(-) diff --git a/renovate.json b/renovate.json index 64016e0..bb517bb 100644 --- a/renovate.json +++ b/renovate.json @@ -13,38 +13,5 @@ ], "dependencyDashboard": true, "separateMajorMinor": true, - "prHourlyLimit": 0, - "packageRules": [ - { - "matchManagers": [ - "github-actions" - ], - "matchBaseBranches": [ - "main" - ], - "groupName": "GitHub actions monthly minor/patch", - "matchUpdateTypes": [ - "minor", - "patch", - "digest" - ], - "schedule": ["on the first day of the month"], - "automerge": true, - "automergeType": "pr" - }, - { - "matchManagers": [ - "github-actions" - ], - "matchBaseBranches": [ - "main" - ], - "groupName": "GitHub actions major", - "matchUpdateTypes": [ - "major" - ], - "automerge": true, - "automergeType": "pr" - } - ] + "prHourlyLimit": 0 }