Restrict users to their own messages & auto-persist w/ encrypted storage #81
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
pull_request: | |
jobs: | |
test-mosquitto: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v2 | |
# Ensure that the encrypted volume configuration files are not present | |
# in the project directory before starting the containers. This check | |
# ensures that the initialization and mounting process will be performed | |
# correctly during the container setup. | |
- name: Ensure encrypted configuration files are not present in project directory | |
run: | | |
if [ -f ./data/gocryptfs.conf ] || [ -f ./data/gocryptfs.diriv ]; then | |
echo "Encrypted volume configuration files should not be present in project directory" | |
exit 1 | |
else | |
echo "No encrypted volume configuration files found in project directory" | |
fi | |
- name: Set up Docker and Docker Compose | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y docker-compose | |
- name: Start Mosquitto service using Docker Compose | |
run: docker-compose up -d mosquitto | |
- name: Wait for Mosquitto to be healthy and publish message | |
run: | | |
for i in {1..20}; do | |
STATUS=$(docker inspect --format='{{.State.Health.Status}}' mosquitto) | |
echo "Current Mosquitto health status: $STATUS" | |
if [ "$STATUS" = "healthy" ]; then | |
echo "Mosquitto is healthy" | |
if docker exec mosquitto mosquitto_pub -t test/topic -m "Test message" -r; then | |
echo "Message published successfully" | |
exit 0 | |
else | |
echo "Failed to publish message, retrying..." | |
sleep 10 | |
fi | |
else | |
echo "Waiting for Mosquitto to be healthy..." | |
sleep 10 | |
fi | |
done | |
echo "Mosquitto did not become healthy in time" | |
docker logs mosquitto | |
exit 1 | |
- name: Stop Mosquitto service and capture logs | |
run: | | |
docker-compose logs mosquitto | |
docker-compose down | |
- name: Check encrypted data in container | |
run: | | |
docker run --rm -v $(pwd)/data:/encrypted alpine:latest /bin/sh -c ' | |
if [ -f /encrypted/gocryptfs.conf ] && [ -f /encrypted/gocryptfs.diriv ]; then | |
echo "Encrypted volume configuration files found"; | |
else | |
echo "Encrypted volume configuration files not found"; | |
exit 1; | |
fi | |
' | |
- name: Check encrypted data in project directory | |
run: | | |
if [ -f ./data/gocryptfs.conf ] && [ -f ./data/gocryptfs.diriv ]; then | |
echo "Encrypted volume configuration files found in project directory"; | |
else | |
echo "Encrypted volume configuration files not found in project directory"; | |
exit 1; | |
fi |