Skip to content
Test GitHub2Gerrit 🧪

Fix: Add DNS validation, G2G_NO_GERRIT #519

Sign in to view logs

Fix: Add DNS validation, G2G_NO_GERRIT

Fix: Add DNS validation, G2G_NO_GERRIT #519

Workflow file for this run

.github/workflows/testing.yaml at 1e4afac
---
# SPDX-License-Identifier: Apache-2.0
# SPDX-FileCopyrightText: 2025 The Linux Foundation
name: 'Test GitHub2Gerrit 🧪'
# yamllint disable-line rule:truthy
on:
workflow_dispatch:
push:
branches: ['main']
pull_request:
branches: ['main']
concurrency:
group: "${{ github.workflow }}-${{ github.ref }}"
cancel-in-progress: true
permissions: {}
jobs:
### Test the GitHub Action in this Repository (PR context only) ###
tests:
name: 'Test GitHub Action'
runs-on: 'ubuntu-latest'
permissions:
contents: read
timeout-minutes: 10 # Increase this timeout value as needed
# Only run on pull requests - action needs PR context
if: ${{ github.event_name == 'pull_request' }}
steps:
- name: 'Checkout repository'
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: "Running local action: ${{ github.repository }}"
uses: ./
with:
GERRIT_KNOWN_HOSTS: 'dummy-host ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC...'
GERRIT_SSH_PRIVKEY_G2G: 'dummy-key'
CI_TEST_MODE: 'true'
AUTOMATION_ONLY: 'false'
# yamllint disable-line rule:line-length
- name: "Running local action: ${{ github.repository }} [Failure]"
uses: ./
id: failure
continue-on-error: true
env:
G2G_DRYRUN_DISABLE_NETWORK: 'true'
G2G_ENABLE_DERIVATION: 'false'
with:
GERRIT_KNOWN_HOSTS: "dummy-host ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC..."
GERRIT_SSH_PRIVKEY_G2G: ""
DRY_RUN: 'true'
AUTOMATION_ONLY: 'false'
# Failure testing is also important
- name: "Error if step above did NOT fail"
if: steps.failure.outcome == 'success'
shell: bash
run: |
# Error if step above did NOT fail
echo "Error: previous test step did NOT fail ❌"
exit 1
cli-integration-test:
name: 'CLI Integration Test'
runs-on: 'ubuntu-latest'
permissions:
contents: read
timeout-minutes: 15
# Only run on workflow_dispatch or push to main - tests CLI not action
# yamllint disable-line rule:line-length
if: ${{ github.event_name == 'workflow_dispatch' || (github.event_name == 'push' && github.ref == 'refs/heads/main') }}
steps:
# yamllint disable-line rule:line-length
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: 'Setup Python'
# yamllint disable-line rule:line-length
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
with:
python-version-file: 'pyproject.toml'
- name: "Install uv"
# yamllint disable-line rule:line-length
uses: astral-sh/setup-uv@e06108dd0aef18192324c70427afc47652e63a82 # v7.5.0
- name: 'Test CLI integration with Gerrit [Dry Run]'
shell: bash
env:
# GitHub variables passed to CLI
# Note: Using READ_ONLY_GITHUB_TOKEN for cross-repository access to lfit/sandbox
# The default github.token only has permissions for the current repository
GITHUB_TOKEN: "${{ secrets.READ_ONLY_GITHUB_TOKEN }}"
GITHUB_EVENT_NAME: 'workflow_dispatch'
GITHUB_REPOSITORY: "${{ github.repository }}"
GITHUB_REPOSITORY_OWNER: "${{ github.repository_owner }}"
GITHUB_SERVER_URL: "${{ github.server_url }}"
GITHUB_RUN_ID: "${{ github.run_id }}"
GITHUB_SHA: "${{ github.sha }}"
# Gerrit configuration
GERRIT_KNOWN_HOSTS: "${{ vars.GERRIT_KNOWN_HOSTS }}"
GERRIT_SSH_PRIVKEY_G2G: "${{ secrets.GERRIT_SSH_PRIVKEY_G2G }}"
GERRIT_SSH_USER_G2G: 'modesevenindustrialsolutions'
GERRIT_SSH_USER_G2G_EMAIL: '[email protected]'
GERRIT_SERVER: 'gerrit.linuxfoundation.org'
GERRIT_PROJECT: 'sandbox'
GERRIT_SERVER_PORT: '29418'
DRY_RUN: 'true'
G2G_ENABLE_DERIVATION: 'false'
ALLOW_DUPLICATES: 'true'
PRESERVE_GITHUB_PRS: 'true'
G2G_VERBOSE: 'true'
FETCH_DEPTH: '50'
USE_PR_AS_COMMIT: 'true'
# lfit/sandbox has correct .gitreview pointing to LF Gerrit
run: |
echo "Testing GitHub2Gerrit CLI integration with LF Gerrit server..."
echo "Target PR: ${{ vars.DEPENDABOT_PR_URL_1 }}"
# Install current code in development mode and test CLI directly
echo "Installing current code: uv pip install --system -e ."
uv pip install --system -e .
echo "Running: python -m github2gerrit.cli ${{ vars.DEPENDABOT_PR_URL_1 }}"
python -m github2gerrit.cli "${{ vars.DEPENDABOT_PR_URL_1 }}"
echo "✅ Dry-run CLI integration test completed successfully"
{
echo "CLI Integration test summary:"
echo "- Tested with external PR: ${{ vars.DEPENDABOT_PR_URL_1 }}"
echo "- Target Gerrit: gerrit.linuxfoundation.org"
echo "- Target Project: sandbox"
echo "- Mode: DRY_RUN (validation only)"
} >> "$GITHUB_STEP_SUMMARY"
- name: 'Test CLI Error Handling (Expected Failure)'
id: expected-failure
continue-on-error: true
shell: bash
env:
# Use invalid token to force GitHub API failure
GITHUB_TOKEN: "invalid_token_12345"
GITHUB_EVENT_NAME: 'workflow_dispatch'
GITHUB_REPOSITORY: "${{ github.repository }}"
GITHUB_REPOSITORY_OWNER: "${{ github.repository_owner }}"
GITHUB_SERVER_URL: "${{ github.server_url }}"
GITHUB_RUN_ID: "${{ github.run_id }}"
GITHUB_SHA: "${{ github.sha }}"
GERRIT_KNOWN_HOSTS: "${{ vars.GERRIT_KNOWN_HOSTS }}"
GERRIT_SSH_PRIVKEY_G2G: "${{ secrets.GERRIT_SSH_PRIVKEY_G2G }}"
DRY_RUN: 'true'
run: |
echo "Testing GitHub API error handling with invalid token..."
echo "Target PR: ${{ vars.DEPENDABOT_PR_URL_1 }}"
# Capture exit code
EXIT_CODE=0
python -m github2gerrit.cli "${{ vars.DEPENDABOT_PR_URL_1 }}" || EXIT_CODE=$?
echo "EXIT_CODE=$EXIT_CODE" >> "$GITHUB_ENV"
# Should fail with exit code 4 (GITHUB_API_ERROR)
if [ "$EXIT_CODE" -eq 4 ]; then
echo "✅ CLI failed with correct exit code: $EXIT_CODE"
else
echo "❌ Expected exit code 4, got: $EXIT_CODE"
exit 1
fi
- name: 'Verify Error Handling'
shell: bash
run: |
EXIT_CODE="${{ env.EXIT_CODE }}"
if [ "${EXIT_CODE}" -eq 4 ] 2>/dev/null; then
echo "✅ GitHub API error handling working correctly"
echo "## Error Handling Test ✅" >> "$GITHUB_STEP_SUMMARY"
echo "- CLI properly handles GitHub API errors with exit code 4" >> "$GITHUB_STEP_SUMMARY"
else
echo "❌ Error handling failed (exit code: ${EXIT_CODE})"
exit 1
fi
- name: "Test CLI integration with Gerrit"
shell: bash
env:
# GitHub context (needed for CLI operation)
# Note: Using READ_ONLY_GITHUB_TOKEN for cross-repository access to lfit/sandbox
# The default github.token only has permissions for the current repository
GITHUB_TOKEN: "${{ secrets.READ_ONLY_GITHUB_TOKEN }}"
GITHUB_EVENT_NAME: 'workflow_dispatch'
GITHUB_REPOSITORY: "${{ github.repository }}"
GITHUB_REPOSITORY_OWNER: "${{ github.repository_owner }}"
GITHUB_SERVER_URL: "${{ github.server_url }}"
GITHUB_RUN_ID: "${{ github.run_id }}"
GITHUB_SHA: "${{ github.sha }}"
# Gerrit configuration - force override of .gitreview
GERRIT_KNOWN_HOSTS: "${{ vars.GERRIT_KNOWN_HOSTS }}"
GERRIT_SSH_PRIVKEY_G2G: "${{ secrets.GERRIT_SSH_PRIVKEY_G2G }}"
GERRIT_SSH_USER_G2G: 'modesevenindustrialsolutions'
GERRIT_SSH_USER_G2G_EMAIL: '[email protected]'
GERRIT_SERVER: 'gerrit.linuxfoundation.org'
GERRIT_PROJECT: 'sandbox'
GERRIT_SERVER_PORT: '29418'
DRY_RUN: 'false'
G2G_ENABLE_DERIVATION: 'false'
ALLOW_DUPLICATES: 'true'
PRESERVE_GITHUB_PRS: 'true'
G2G_VERBOSE: 'true'
FETCH_DEPTH: '50'
USE_PR_AS_COMMIT: 'true'
# lfit/sandbox has correct .gitreview pointing to LF Gerrit
# Force derivation to be disabled so our overrides take precedence
run: |
echo '🚀 Integration Test Summary'
echo "Target PR: https://github.com/lfit/sandbox/pull/6"
# Configure git with your identity
# Gerrit private SSH key is linked to this account
git config --global user.name "$GERRIT_SSH_USER_G2G"
git config --global user.email "$GERRIT_SSH_USER_G2G_EMAIL"
# Push to Gerrit
echo "Pushing change to Gerrit..."
python -m github2gerrit.cli "${{ vars.DEPENDABOT_PR_URL_2 }}"
action-integration-test:
name: 'Action Integration Test'
runs-on: 'ubuntu-latest'
permissions:
contents: read
timeout-minutes: 15
# Only run on workflow_dispatch or push to main
# yamllint disable-line rule:line-length
if: ${{ github.event_name == 'workflow_dispatch' || (github.event_name == 'push' && github.ref == 'refs/heads/main') }}
steps:
# yamllint disable-line rule:line-length
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: 'Setup Python'
# yamllint disable-line rule:line-length
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
with:
python-version-file: 'pyproject.toml'
- name: "Install uv"
# yamllint disable-line rule:line-length
uses: astral-sh/setup-uv@e06108dd0aef18192324c70427afc47652e63a82 # v7.5.0
- name: 'Test Action integration with Gerrit [Dry Run]'
shell: bash
env:
# GitHub variables passed to action
# Note: Using READ_ONLY_GITHUB_TOKEN for cross-repository access to lfit/sandbox
# The default github.token only has permissions for the current repository
GITHUB_TOKEN: "${{ secrets.READ_ONLY_GITHUB_TOKEN }}"
GITHUB_EVENT_NAME: 'workflow_dispatch'
GITHUB_REPOSITORY: "${{ github.repository }}"
GITHUB_REPOSITORY_OWNER: "${{ github.repository_owner }}"
GITHUB_SERVER_URL: "${{ github.server_url }}"
GITHUB_RUN_ID: "${{ github.run_id }}"
GITHUB_SHA: "${{ github.sha }}"
# Gerrit configuration
GERRIT_KNOWN_HOSTS: "${{ vars.GERRIT_KNOWN_HOSTS }}"
GERRIT_SSH_PRIVKEY_G2G: "${{ secrets.GERRIT_SSH_PRIVKEY_G2G }}"
GERRIT_SERVER: 'gerrit.linuxfoundation.org'
GERRIT_PROJECT: 'sandbox'
DRY_RUN: 'true'
G2G_ENABLE_DERIVATION: 'false'
ALLOW_DUPLICATES: 'true'
PRESERVE_GITHUB_PRS: 'true'
G2G_VERBOSE: 'true'
# lfit/sandbox has correct .gitreview pointing to LF Gerrit
run: |
echo "Testing GitHub2Gerrit CLI integration with LF Gerrit server..."
echo "Target PR: ${{ vars.DEPENDABOT_PR_URL_1 }}"
# Install current code in development mode and test CLI directly
echo "Installing current code: uv pip install --system -e ."
uv pip install --system -e .
echo "Running: python -m github2gerrit.cli ${{ vars.DEPENDABOT_PR_URL_1 }}"
python -m github2gerrit.cli "${{ vars.DEPENDABOT_PR_URL_1 }}"
echo "✅ Dry-run CLI integration test completed successfully"
{
echo "CLI Integration test summary:"
echo "- Tested with external PR: ${{ vars.DEPENDABOT_PR_URL_1 }}"
echo "- Target Gerrit: gerrit.linuxfoundation.org"
echo "- Target Project: sandbox"
echo "- Mode: DRY_RUN (validation only)"
} >> "$GITHUB_STEP_SUMMARY"
- name: "Test Action integration with Gerrit"
shell: bash
env:
# GitHub context (needed for action operation)
# Note: Using READ_ONLY_GITHUB_TOKEN for cross-repository access to lfit/sandbox
# The default github.token only has permissions for the current repository
GITHUB_TOKEN: "${{ secrets.READ_ONLY_GITHUB_TOKEN }}"
GITHUB_EVENT_NAME: 'workflow_dispatch'
GITHUB_REPOSITORY: "${{ github.repository }}"
GITHUB_REPOSITORY_OWNER: "${{ github.repository_owner }}"
GITHUB_SERVER_URL: "${{ github.server_url }}"
GITHUB_RUN_ID: "${{ github.run_id }}"
GITHUB_SHA: "${{ github.sha }}"
# Gerrit configuration - force override of .gitreview
GERRIT_KNOWN_HOSTS: "${{ vars.GERRIT_KNOWN_HOSTS }}"
GERRIT_SSH_PRIVKEY_G2G: "${{ secrets.GERRIT_SSH_PRIVKEY_G2G }}"
GERRIT_SSH_USER_G2G: 'modesevenindustrialsolutions'
GERRIT_SSH_USER_G2G_EMAIL: '[email protected]'
GERRIT_SERVER: 'gerrit.linuxfoundation.org'
GERRIT_PROJECT: 'sandbox'
GERRIT_SERVER_PORT: '29418'
DRY_RUN: 'false'
G2G_ENABLE_DERIVATION: 'false'
ALLOW_DUPLICATES: 'true'
PRESERVE_GITHUB_PRS: 'true'
G2G_VERBOSE: 'true'
FETCH_DEPTH: '50'
USE_PR_AS_COMMIT: 'true'
# lfit/sandbox has correct .gitreview pointing to LF Gerrit
# Force derivation to be disabled so our overrides take precedence
run: |
echo '🚀 Action Integration Test Summary'
echo "Target PR: ${{ vars.DEPENDABOT_PR_URL_2 }}"
# Configure git with your identity
# Gerrit private SSH key is linked to this account
git config --global user.name "$GERRIT_SSH_USER_G2G"
git config --global user.email "$GERRIT_SSH_USER_G2G_EMAIL"
# Push to Gerrit
echo "Pushing change to Gerrit..."
python -m github2gerrit.cli "${{ vars.DEPENDABOT_PR_URL_2 }}"