mirror of
https://github.com/rcourtman/Pulse.git
synced 2026-04-28 11:30:15 +00:00
1490a6e6e3
Restored original license signing key from backup - key was never compromised (private repo). Removes unnecessary dual-key complexity: - Remove legacyPublicKey and SetLegacyPublicKey from license.go - Simplify signature verification to single key - Remove EmbeddedLegacyPublicKey from pubkey.go - Remove PULSE_LICENSE_LEGACY_PUBLIC_KEY from Dockerfile and workflows - Remove dual-key test - Simplify mock.env
108 lines
3.3 KiB
YAML
108 lines
3.3 KiB
YAML
name: Release Dry Run
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
note:
|
|
description: 'Optional note/reason for the dry run'
|
|
required: false
|
|
type: string
|
|
|
|
jobs:
|
|
dry-run:
|
|
name: Preflight Release Checks (No Publish)
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 90
|
|
permissions:
|
|
contents: read
|
|
packages: read
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Node.js
|
|
uses: actions/setup-node@v4
|
|
with:
|
|
node-version: '20'
|
|
cache: 'npm'
|
|
cache-dependency-path: 'frontend-modern/package-lock.json'
|
|
|
|
- name: Install frontend dependencies
|
|
run: npm --prefix frontend-modern ci
|
|
|
|
- name: Build frontend bundle for Go embed
|
|
run: |
|
|
npm --prefix frontend-modern run build
|
|
rm -rf internal/api/frontend-modern
|
|
mkdir -p internal/api/frontend-modern
|
|
cp -r frontend-modern/dist internal/api/frontend-modern/
|
|
|
|
- name: Lint frontend
|
|
run: npm --prefix frontend-modern run lint
|
|
|
|
- name: Install docker-compose
|
|
run: |
|
|
sudo apt-get update
|
|
sudo apt-get install -y docker-compose
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@v5
|
|
with:
|
|
go-version-file: go.mod
|
|
cache: true
|
|
|
|
- name: Run backend tests
|
|
run: go test ./...
|
|
|
|
- name: Prepare integration test dependencies
|
|
working-directory: tests/integration
|
|
run: |
|
|
npm ci
|
|
npx playwright install --with-deps chromium
|
|
|
|
- name: Build Pulse binaries for integration tests
|
|
run: make build
|
|
|
|
- name: Log in to GHCR for build cache
|
|
env:
|
|
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
run: |
|
|
if [ -z "${GH_TOKEN:-}" ]; then
|
|
echo "::error::GITHUB_TOKEN not available for GHCR login"
|
|
exit 1
|
|
fi
|
|
echo "$GH_TOKEN" | docker login ghcr.io -u "${{ github.actor }}" --password-stdin
|
|
|
|
- name: Build Docker images for integration tests
|
|
run: |
|
|
VERSION="v$(cat VERSION | tr -d '\n')"
|
|
docker build -t pulse-mock-github:test tests/integration/mock-github-server
|
|
env:
|
|
PULSE_LICENSE_PUBLIC_KEY: ${{ secrets.PULSE_LICENSE_PUBLIC_KEY }}
|
|
|
|
- name: Run integration diagnostics
|
|
working-directory: tests/integration
|
|
env:
|
|
MOCK_CHECKSUM_ERROR: "false"
|
|
MOCK_NETWORK_ERROR: "false"
|
|
MOCK_RATE_LIMIT: "false"
|
|
MOCK_STALE_RELEASE: "false"
|
|
run: |
|
|
docker compose -f docker-compose.test.yml up -d --wait
|
|
|
|
echo "Verifying Pulse API is reachable..."
|
|
timeout 60 sh -c 'until curl -fsS http://localhost:7655/api/health > /dev/null; do sleep 2; done'
|
|
|
|
echo "Running Playwright diagnostics..."
|
|
npx playwright test tests/00-diagnostic.spec.ts --reporter=list
|
|
|
|
echo "Running API-level update integration test..."
|
|
UPDATE_API_BASE_URL=http://localhost:7655 go test ../../tests/integration/api -run TestUpdateFlowIntegration -count=1
|
|
|
|
docker compose -f docker-compose.test.yml down -v
|
|
|
|
- name: Cleanup integration environment
|
|
if: always()
|
|
working-directory: tests/integration
|
|
run: docker compose -f docker-compose.test.yml down -v || true
|