Docker Build #8
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker Build | |
| on: | |
| schedule: | |
| - cron: '0 9 * * 1' | |
| workflow_dispatch: | |
| env: | |
| REGISTRY: docker.io | |
| IMAGE_NAME: fbraz3/ansible-vault-tool | |
| jobs: | |
| test-image: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| test-passed: ${{ steps.test-results.outputs.passed }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build test image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./docker/Dockerfile | |
| load: true | |
| cache-from: type=gha | |
| tags: ansible-vault-tool:test | |
| - name: Test container functionality | |
| id: test-results | |
| run: | | |
| echo "Starting functionality tests..." | |
| # Install jq for JSON parsing | |
| sudo apt-get update && sudo apt-get install -y jq | |
| # Start container in background | |
| docker run -d --name test-container -p 3000:3000 ansible-vault-tool:test | |
| # Wait for container to be ready | |
| echo "Waiting for container to start..." | |
| timeout 30 bash -c 'until curl -sf http://localhost:3000 > /dev/null; do sleep 1; done' | |
| # Test 1: Index page accessibility and content | |
| echo "Testing index page..." | |
| response=$(curl -s http://localhost:3000/) | |
| if echo "$response" | grep -q "ANSIBLE_VAULT_TOOL_INDEX_PAGE"; then | |
| echo "✅ Index page test passed" | |
| else | |
| echo "❌ Index page test failed" | |
| exit 1 | |
| fi | |
| # Test 2: 404 error page functionality | |
| echo "Testing error page..." | |
| error_response=$(curl -s http://localhost:3000/nonexistent) | |
| if echo "$error_response" | grep -q "ANSIBLE_VAULT_TOOL_ERROR_PAGE"; then | |
| echo "✅ Error page test passed" | |
| else | |
| echo "❌ Error page test failed" | |
| exit 1 | |
| fi | |
| # Test 3: API functionality - encrypt | |
| echo "Testing API encrypt..." | |
| api_response=$(curl -s -X POST http://localhost:3000/api \ | |
| -d "action=encrypt&passphrase=testpass&content=hello world") | |
| echo "Encrypt response: $api_response" | |
| if echo "$api_response" | jq -e '.status == "success"' > /dev/null; then | |
| echo "✅ API encrypt test passed" | |
| else | |
| echo "❌ API encrypt test failed" | |
| echo "Response: $api_response" | |
| exit 1 | |
| fi | |
| # Test 4: API functionality - decrypt (using encrypted content from previous test) | |
| echo "Testing API decrypt..." | |
| encrypted_content=$(echo "$api_response" | jq -r '.result') | |
| if [ -n "$encrypted_content" ] && [ "$encrypted_content" != "null" ]; then | |
| echo "Encrypted content extracted: ${encrypted_content:0:50}..." | |
| decrypt_response=$(curl -s -X POST http://localhost:3000/api \ | |
| -d "action=decrypt" \ | |
| -d "passphrase=testpass" \ | |
| -d "content=$encrypted_content") | |
| echo "Decrypt response: $decrypt_response" | |
| # Check if decrypt was successful and returned original content | |
| if echo "$decrypt_response" | jq -e '.status == "success"' > /dev/null; then | |
| decrypted_content=$(echo "$decrypt_response" | jq -r '.result') | |
| if [ "$decrypted_content" = "hello world" ]; then | |
| echo "✅ API decrypt test passed" | |
| else | |
| echo "❌ API decrypt test failed - content mismatch" | |
| echo "Expected: 'hello world', Got: '$decrypted_content'" | |
| exit 1 | |
| fi | |
| else | |
| echo "❌ API decrypt test failed - bad status" | |
| echo "Response: $decrypt_response" | |
| exit 1 | |
| fi | |
| else | |
| echo "❌ Could not extract encrypted content for decrypt test" | |
| echo "Encrypted content: '$encrypted_content'" | |
| exit 1 | |
| fi | |
| # Test 5: API error handling | |
| echo "Testing API error handling..." | |
| error_api_response=$(curl -s -X POST http://localhost:3000/api \ | |
| -d "action=decrypt&passphrase=wrongpass&content=invalid") | |
| if echo "$error_api_response" | jq -e '.status == "fail"' > /dev/null; then | |
| echo "✅ API error handling test passed" | |
| else | |
| echo "❌ API error handling test failed" | |
| echo "Response: $error_api_response" | |
| exit 1 | |
| fi | |
| echo "All tests passed! ✅" | |
| echo "passed=true" >> $GITHUB_OUTPUT | |
| # Cleanup | |
| docker stop test-container | |
| docker rm test-container | |
| build-and-push: | |
| runs-on: ubuntu-latest | |
| needs: test-image | |
| if: needs.test-image.outputs.test-passed == 'true' | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Extract metadata | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| tags: | | |
| type=raw,value=latest | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| file: ./docker/Dockerfile | |
| platforms: linux/amd64,linux/arm64 | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Update Docker Hub description | |
| uses: peter-evans/dockerhub-description@v4 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| repository: ${{ env.IMAGE_NAME }} | |
| readme-filepath: ./README.md |