Skip to content

Build

Build #570

Workflow file for this run

name: Build
on:
workflow_dispatch:
pull_request:
branches:
- "master"
# Ensure only one build job runs at a time
concurrency: build
# Commit SHAs may differ when trigger via pull request vs workflow_dispatch, ensure the correct commit is referenced.
env:
COMMIT_ID: "${{ github.event.pull_request.head.sha || github.sha }}"
BUILD_VERSION: "0.0_0-dev-${{ github.event.pull_request.head.sha || github.sha }}"
jobs:
build_pkg:
runs-on: self-hosted
strategy:
matrix:
include:
- FREEBSD_VERSION: FreeBSD-14.0-CURRENT
FREEBSD_ID: freebsd14
- FREEBSD_VERSION: FreeBSD-15.0-CURRENT
FREEBSD_ID: freebsd15
steps:
- uses: actions/checkout@v4
- name: Setup FreeBSD build VM
run: |
/usr/local/bin/VBoxManage controlvm ${{ matrix.FREEBSD_VERSION }} poweroff || true
/usr/local/bin/VBoxManage snapshot ${{ matrix.FREEBSD_VERSION }} restore initial
/usr/local/bin/VBoxManage startvm ${{ matrix.FREEBSD_VERSION }} --type headless
sleep 5
- name: Build pfSense-pkg-RESTAPI on FreeBSD
run: |
/usr/bin/ssh -o StrictHostKeyChecking=no -o LogLevel=quiet ${{ matrix.FREEBSD_VERSION }}.jaredhendrickson.com 'sudo pkill ntpd || true && sudo ntpdate pool.ntp.org || true'
/usr/local/bin/python3 tools/make_package.py --host ${{ matrix.FREEBSD_VERSION }}.jaredhendrickson.com --branch ${{ env.COMMIT_ID }} --tag ${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}
- name: Teardown FreeBSD build VM
if: "${{ always() }}"
run: |
/usr/local/bin/VBoxManage controlvm ${{ matrix.FREEBSD_VERSION }} poweroff || true
/usr/local/bin/VBoxManage snapshot ${{matrix.FREEBSD_VERSION}} restore initial
- uses: actions/upload-artifact@v4
with:
name: pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg
path: pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg
build_openapi:
runs-on: self-hosted
needs: [build_pkg]
strategy:
matrix:
include:
- PFSENSE_VERSION: pfSense-2.7.2-RELEASE
FREEBSD_ID: freebsd14
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg
path: pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg
- name: Setup pfSense VM
run: |
/usr/local/bin/VBoxManage controlvm ${{ matrix.PFSENSE_VERSION }} poweroff || true
/usr/local/bin/VBoxManage snapshot ${{ matrix.PFSENSE_VERSION }} restore initial
/usr/local/bin/VBoxManage startvm ${{ matrix.PFSENSE_VERSION }} --type headless
sleep 5
# This is only necessary until GitHub Actions allows an easier way to get a URL to download the artifact within pfSense
- name: Copy pfSense-pkg-RESTAPI build to pfSense
run: |
pfsense-vshell --host ${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com -u admin -p pfsense -c 'pfSsh.php playback enablesshd' -k
pfsense-vshell --host ${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com -u admin -p pfsense -c "mkdir /root/.ssh/ && echo $(cat ~/.ssh/id_rsa.pub) > /root/.ssh/authorized_keys" -k
scp -o StrictHostKeyChecking=no pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg/pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg admin@${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com:/tmp/
- name: Install pfSense-pkg-RESTAPI on pfSense
run: |
ssh -o StrictHostKeyChecking=no -o LogLevel=quiet admin@${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com "pkg -C /dev/null add /tmp/pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg"
sleep 5
- name: Fetch OpenAPI schema from pfSense
run: curl -s -k -u admin:pfsense -X GET https://${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com/api/v2/schema/openapi > openapi-${{ matrix.PFSENSE_VERSION }}.json
- name: Teardown pfSense VM
if: "${{ always() }}"
run: |
/usr/local/bin/VBoxManage controlvm ${{ matrix.PFSENSE_VERSION }} poweroff || true
/usr/local/bin/VBoxManage snapshot ${{ matrix.PFSENSE_VERSION }} restore initial
- uses: actions/upload-artifact@v4
with:
name: openapi-${{ matrix.PFSENSE_VERSION }}.json
path: openapi-${{ matrix.PFSENSE_VERSION }}.json
check_openapi:
runs-on: ubuntu-latest
needs: [build_openapi]
strategy:
matrix:
include:
- PFSENSE_VERSION: pfSense-2.7.2-RELEASE
FREEBSD_ID: freebsd14
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: openapi-${{ matrix.PFSENSE_VERSION }}.json
path: openapi-${{ matrix.PFSENSE_VERSION }}.json
- name: Install Node.js
uses: actions/setup-node@v4
with:
node-version: "20"
- name: Install npm dependencies
run: npm i
- name: Validate OpenAPI schema
run: ./node_modules/.bin/spectral lint openapi-${{ matrix.PFSENSE_VERSION }}.json/openapi-${{ matrix.PFSENSE_VERSION }}.json --fail-severity warn
check_tests:
runs-on: self-hosted
needs: [build_openapi]
strategy:
matrix:
include:
- PFSENSE_VERSION: pfSense-2.7.2-RELEASE
FREEBSD_ID: freebsd14
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg
path: pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg
- name: Setup pfSense VM
run: |
/usr/local/bin/VBoxManage controlvm ${{ matrix.PFSENSE_VERSION }} poweroff || true
/usr/local/bin/VBoxManage snapshot ${{ matrix.PFSENSE_VERSION }} restore initial
/usr/local/bin/VBoxManage startvm ${{ matrix.PFSENSE_VERSION }} --type headless
sleep 5
# This is only necessary until GitHub Actions allows an easier way to get a URL to download the artifact within pfSense
- name: Copy pfSense-pkg-RESTAPI build to pfSense
run: |
pfsense-vshell --host ${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com -u admin -p pfsense -c 'pfSsh.php playback enablesshd' -k
pfsense-vshell --host ${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com -u admin -p pfsense -c "mkdir /root/.ssh/ && echo $(cat ~/.ssh/id_rsa.pub) > /root/.ssh/authorized_keys" -k
scp -o StrictHostKeyChecking=no pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg/pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg admin@${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com:/tmp/
- name: Install pfSense-pkg-RESTAPI on pfSense
run: |
ssh -o StrictHostKeyChecking=no -o LogLevel=quiet admin@${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com "pkg -C /dev/null add /tmp/pfSense-pkg-RESTAPI-${{ env.BUILD_VERSION }}-${{ matrix.FREEBSD_ID }}.pkg"
sleep 5
- name: Run pfSense-pkg-RESTAPI tests
run: |
ssh -o StrictHostKeyChecking=no -o LogLevel=quiet admin@${{ matrix.PFSENSE_VERSION }}.jaredhendrickson.com 'pfsense-restapi runtests'
- name: Teardown pfSense VM
if: "${{ always() }}"
run: |
/usr/local/bin/VBoxManage controlvm ${{ matrix.PFSENSE_VERSION }} poweroff || true
/usr/local/bin/VBoxManage snapshot ${{ matrix.PFSENSE_VERSION }} restore initial