[docker-in-docker] - Move the iptables switching logic in the docker-init script and isolated tests for specific cases #3121
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "PR - Test Updated Features" | |
| on: | |
| pull_request: | |
| jobs: | |
| detect-changes: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| features: ${{ steps.filter.outputs.changes }} | |
| steps: | |
| - uses: dorny/paths-filter@v4 | |
| id: filter | |
| with: | |
| filters: | | |
| anaconda: ./**/anaconda/** | |
| aws-cli: ./**/aws-cli/** | |
| azure-cli: ./**/azure-cli/** | |
| common-utils: ./**/common-utils/** | |
| conda: ./**/conda/** | |
| copilot-cli: ./**/copilot-cli/** | |
| desktop-lite: ./**/desktop-lite/** | |
| docker-outside-of-docker: ./**/docker-outside-of-docker/** | |
| docker-in-docker: ./**/docker-in-docker/** | |
| dotnet: ./**/dotnet/** | |
| git: ./**/git/** | |
| git-lfs: ./**/git-lfs/** | |
| github-cli: ./**/github-cli/** | |
| go: ./**/go/** | |
| hugo: ./**/hugo/** | |
| java: ./**/java/** | |
| kubectl-helm-minikube: ./**/kubectl-helm-minikube/** | |
| node: ./**/node/** | |
| nvidia-cuda: ./**/nvidia-cuda/** | |
| oryx: ./**/oryx/** | |
| php: ./**/php/** | |
| powershell: ./**/powershell/** | |
| python: ./**/python/** | |
| ruby: ./**/ruby/** | |
| rust: ./**/rust/** | |
| sshd: ./**/sshd/** | |
| terraform: ./**/terraform/** | |
| nix: ./**/nix/** | |
| test: | |
| needs: [detect-changes] | |
| runs-on: ubuntu-latest | |
| continue-on-error: true | |
| strategy: | |
| matrix: | |
| features: ${{ fromJSON(needs.detect-changes.outputs.features) }} | |
| baseImage: | |
| [ | |
| "ubuntu:jammy", | |
| "debian:11", | |
| "debian:12", | |
| "mcr.microsoft.com/devcontainers/base:ubuntu", | |
| "mcr.microsoft.com/devcontainers/base:debian", | |
| "mcr.microsoft.com/devcontainers/base:noble" | |
| ] | |
| exclude: | |
| - features: oryx | |
| baseImage: ubuntu:jammy | |
| - features: oryx | |
| baseImage: mcr.microsoft.com/devcontainers/base:ubuntu | |
| - features: docker-in-docker | |
| baseImage: mcr.microsoft.com/devcontainers/base:debian | |
| - features: docker-outside-of-docker | |
| baseImage: mcr.microsoft.com/devcontainers/base:debian | |
| - features: docker-in-docker | |
| baseImage: mcr.microsoft.com/devcontainers/base:ubuntu | |
| - features: docker-outside-of-docker | |
| baseImage: mcr.microsoft.com/devcontainers/base:ubuntu | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: "Install latest devcontainer CLI" | |
| run: npm install -g @devcontainers/cli | |
| - name: "Generating tests for '${{ matrix.features }}' against '${{ matrix.baseImage }}'" | |
| run: devcontainer features test --skip-scenarios -f ${{ matrix.features }} -i ${{ matrix.baseImage }} . | |
| test-scenarios: | |
| needs: [detect-changes] | |
| runs-on: devcontainer-image-builder-ubuntu | |
| continue-on-error: true | |
| strategy: | |
| matrix: | |
| features: ${{ fromJSON(needs.detect-changes.outputs.features) }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: "Install latest devcontainer CLI" | |
| run: npm install -g @devcontainers/cli | |
| - name: "Exclude iptables-isolation scenarios from docker-in-docker" | |
| if: matrix.features == 'docker-in-docker' | |
| run: | | |
| sudo apt-get update && sudo apt-get install -y jq | |
| sed 's://.*$::' test/docker-in-docker/scenarios.json \ | |
| | jq 'del(.docker_without_iptables, .docker_without_iptables_ubuntu)' \ | |
| > test/docker-in-docker/scenarios.json.tmp | |
| mv test/docker-in-docker/scenarios.json.tmp test/docker-in-docker/scenarios.json | |
| - name: "Testing '${{ matrix.features }}' scenarios" | |
| run: devcontainer features test -f ${{ matrix.features }} --skip-autogenerated . | |
| iptables-isolation: | |
| needs: [detect-changes] | |
| if: contains(fromJSON(needs.detect-changes.outputs.features), 'docker-in-docker') | |
| runs-on: ubuntu-latest | |
| continue-on-error: true | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| scenario: | |
| - docker_without_iptables | |
| - docker_without_iptables_ubuntu | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: "Install latest devcontainer CLI" | |
| run: npm install -g @devcontainers/cli | |
| - name: "Isolate scenario '${{ matrix.scenario }}'" | |
| run: | | |
| sudo apt-get update && sudo apt-get install -y jq | |
| sed 's://.*$::' test/docker-in-docker/scenarios.json \ | |
| | jq '{ "${{ matrix.scenario }}": .["${{ matrix.scenario }}"] }' \ | |
| > test/docker-in-docker/scenarios.json.tmp | |
| mv test/docker-in-docker/scenarios.json.tmp test/docker-in-docker/scenarios.json | |
| - name: "Testing docker-in-docker scenario '${{ matrix.scenario }}'" | |
| run: devcontainer features test --features docker-in-docker --filter ${{ matrix.scenario }} --skip-autogenerated . |