Skip to content
Multi-Server CI Tests

rlm_kafka: accept a key as the middle xlat argument #215

Sign in to view logs

rlm_kafka: accept a key as the middle xlat argument

rlm_kafka: accept a key as the middle xlat argument #215

Workflow file for this run

.github/workflows/ci-multi-server-tests.yml at 30867b7
name: Multi-Server CI Tests
on:
push:
branches-ignore:
- coverity_scan
- run-fuzzer**
- debug-fuzzer-**
pull_request:
paths:
- '.github/workflows/ci-multi-server-tests.yml'
- 'src/tests/multi-server/**'
schedule:
# Daily at 2pm EST (7pm UTC) — runs all tests, not just CI subset
- cron: '0 19 * * *'
workflow_dispatch:
jobs:
multi-server-tests:
runs-on: self-hosted
if: github.repository_owner == 'FreeRADIUS'
services:
dind:
image: docker:dind
options: --privileged
env:
DOCKER_TLS_CERTDIR: ""
# Bypass the squid proxy for internal registry access.
NO_PROXY: "*.networkradius.com,127.0.0.1"
# Fix the network pool so TEST_SUBNET is predictable.
DOCKER_OPTS: "--default-address-pool base=172.16.0.0/12,size=24"
# Mount the host's internal CA so dind trusts
# docker.internal.networkradius.com for image pulls.
#
# Share the runner's workspace with dind so that docker
# compose bind-mounts (radiusd.conf, env-setup.sh, listener
# dirs, etc.) resolve to real files inside the dind daemon.
#
# github.workspace is the HOST path to the workspace.
# The runner mounts it into the job container at a
# different path (/__w/...), so we use a fixed mount
# point (/workspace) that both containers agree on.
volumes:
- /usr/local/share/ca-certificates/networkradius.com.crt:/etc/docker/certs.d/docker.internal.networkradius.com/ca.crt:ro
- ${{ github.workspace }}:/workspace
container:
image: docker.internal.networkradius.com/self-hosted
# "privileged" is needed for Samba install
# "memory-swap -1" enables full use of host swap and may help
# with containers randomly quitting with "The operation was
# canceled"
options: >-
--privileged
--memory-swap -1
env:
DOCKER_HOST: tcp://dind:2375
NO_PROXY: dind,*.networkradius.com,127.0.0.1
# Shared workspace — see dind volumes comment above.
volumes:
- /usr/local/share/ca-certificates/networkradius.com.crt:/usr/local/share/ca-certificates/networkradius.com.crt:ro
- ${{ github.workspace }}:/workspace
defaults:
run:
working-directory: /workspace
steps:
- name: Update CA Certificates
run: |
/usr/sbin/update-ca-certificates
- name: Install extra packages
run: |
apt-get update && apt-get install -y --no-install-recommends docker.io docker-buildx docker-compose-v2 python3-venv
- uses: actions/checkout@v6
with:
lfs: false
# Authenticate to the internal registry via the dind daemon.
# The host Docker daemon is logged in via the runner's
# job-started hook, but dind is a separate daemon with no
# auth config.
- name: Login to internal Docker registry
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_REPO_USERNAME }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_REPO_PASSWORD }}
run: |
echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin https://docker.internal.networkradius.com/
- name: Wait for Docker to be ready
run: |
timeout 60 sh -c "while ! docker image ls; do sleep 2 ; done"
- name: Build Docker image from source
run: |
make docker.ubuntu24.build
docker tag freeradius4/ubuntu24:latest freeradius-build:latest
- name: Run multi-server tests
run: |
if [ "${{ github.event_name }}" = "schedule" ]; then
make -j$(nproc) test.multi-server
else
make -j$(nproc) test.multi-server.ci
fi
#
# If the CI has failed and the branch is ci-debug
# then start a tmate session for interactive debugging.
#
- name: "Debug: Start tmate"
uses: mxschmitt/action-tmate@v3
with:
limit-access-to-actor: true
if: ${{ github.ref == 'refs/heads/ci-debug' && failure() }}