name: VyOS ISO integration Test

on:
  pull_request_target:
    branches:
      - current
    paths:
      - '**'
      - '!.github/**'
      - '!**/*.md'

permissions:
  pull-requests: write
  contents: read

env:
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed for PR comments
  BUILD_BY: autobuild@vyos.net
  DEBIAN_MIRROR: http://deb.debian.org/debian/
  VYOS_MIRROR: https://packages.vyos.net/repositories/current/

jobs:
  build_iso:
    runs-on: ubuntu-24.04
    timeout-minutes: 45
    container:
      image: vyos/vyos-build:current
      options: --sysctl net.ipv6.conf.lo.disable_ipv6=0 --privileged
    outputs:
      build_version: ${{ steps.version.outputs.build_version }}
    steps:
      - name: Clone vyos-build source code
        uses: actions/checkout@v4
        with:
          repository: vyos/vyos-build
      - name: Clone vyos-1x source code
        uses: actions/checkout@v4
        with:
          path: packages/vyos-1x
          fetch-depth: 0
          ref: ${{ github.event.pull_request.head.sha }}
          repository: ${{ github.event.pull_request.head.repo.full_name }}
      - name: Build vyos-1x package
        run: |
          cd packages/vyos-1x; dpkg-buildpackage -uc -us -tc -b
      - name: Generate ISO version string
        id: version
        run: |
          echo "build_version=1.5-integration-$(date -u +%Y%m%d%H%M)" >> $GITHUB_OUTPUT
      - name: Build custom ISO image
        shell: bash
        run: |
          sudo --preserve-env ./build-vyos-image \
          --architecture amd64 \
          --build-by $BUILD_BY \
          --build-type release \
          --custom-package vyos-1x-smoketest \
          --debian-mirror $DEBIAN_MIRROR \
          --version ${{ steps.version.outputs.build_version }} \
          --vyos-mirror $VYOS_MIRROR \
          generic
      - uses: actions/upload-artifact@v4
        with:
          name: vyos-${{ steps.version.outputs.build_version }}
          path: build/live-image-amd64.hybrid.iso

  test_smoketest_cli:
    needs: build_iso
    runs-on: ubuntu-24.04
    timeout-minutes: 180
    container:
      image: vyos/vyos-build:current
      options: --sysctl net.ipv6.conf.lo.disable_ipv6=0 --privileged
    outputs:
      exit_code: ${{ steps.test.outputs.exit_code }}
    steps:
      # We need the test script from vyos-build repo
      - name: Clone vyos-build source code
        uses: actions/checkout@v4
        with:
          repository: vyos/vyos-build
      - uses: actions/download-artifact@v4
        with:
          name: vyos-${{ needs.build_iso.outputs.build_version }}
          path: build
      - name: VyOS CLI smoketests
        id: test
        shell: bash
        run: |
          set -e
          sudo make test
          if [[ $? == 0 ]]; then
            echo "exit_code=success" >> $GITHUB_OUTPUT
          else
            echo "exit_code=fail" >> $GITHUB_OUTPUT
          fi

  test_config_load:
    needs: build_iso
    runs-on: ubuntu-24.04
    timeout-minutes: 90
    container:
      image: vyos/vyos-build:current
      options: --sysctl net.ipv6.conf.lo.disable_ipv6=0 --privileged
    outputs:
      exit_code: ${{ steps.test.outputs.exit_code }}
    steps:
      # We need the test script from vyos-build repo
      - name: Clone vyos-build source code
        uses: actions/checkout@v4
        with:
          repository: vyos/vyos-build
      - uses: actions/download-artifact@v4
        with:
          name: vyos-${{ needs.build_iso.outputs.build_version }}
          path: build
      - name: VyOS config load tests
        id: test
        shell: bash
        run: |
          set -e
          sudo make testc
          if [[ $? == 0 ]]; then
            echo "exit_code=success" >> $GITHUB_OUTPUT
          else
            echo "exit_code=fail" >> $GITHUB_OUTPUT
          fi

  test_raid1_install:
    needs: build_iso
    runs-on: ubuntu-24.04
    timeout-minutes: 20
    container:
      image: vyos/vyos-build:current
      options: --sysctl net.ipv6.conf.lo.disable_ipv6=0 --privileged
    outputs:
      exit_code: ${{ steps.test.outputs.exit_code }}
    steps:
      # We need the test script from vyos-build repo
      - name: Clone vyos-build source code
        uses: actions/checkout@v4
        with:
          repository: vyos/vyos-build
      - uses: actions/download-artifact@v4
        with:
          name: vyos-${{ needs.build_iso.outputs.build_version }}
          path: build
      - name: VyOS RAID1 installation tests
        id: test
        shell: bash
        run: |
          set -e
          sudo make testraid
          if [[ $? == 0 ]]; then
            echo "exit_code=success" >> $GITHUB_OUTPUT
          else
            echo "exit_code=fail" >> $GITHUB_OUTPUT
          fi

  test_encrypted_config_tpm:
    needs: build_iso
    runs-on: ubuntu-24.04
    timeout-minutes: 30
    container:
      image: vyos/vyos-build:current
      options: --sysctl net.ipv6.conf.lo.disable_ipv6=0 --privileged
    outputs:
      exit_code: ${{ steps.test.outputs.exit_code }}
    steps:
      # We need the test script from vyos-build repo
      - name: Clone vyos-build source code
        uses: actions/checkout@v4
        with:
          repository: vyos/vyos-build
      - uses: actions/download-artifact@v4
        with:
          name: vyos-${{ needs.build_iso.outputs.build_version }}
          path: build
      - name: VyOS TPM encryption tests
        id: test
        shell: bash
        run: |
          set -e
          sudo make testtpm
          if [[ $? == 0 ]]; then
            echo "exit_code=success" >> $GITHUB_OUTPUT
          else
            echo "exit_code=fail" >> $GITHUB_OUTPUT
          fi

  result:
    needs:
      - test_smoketest_cli
      - test_config_load
      - test_raid1_install
      - test_encrypted_config_tpm
    runs-on: ubuntu-24.04
    timeout-minutes: 5
    if: always()
    steps:
      - name: Add PR comment
        if: always()
        uses: mshick/add-pr-comment@v2
        with:
          message: |
            CI integration ${{ needs.test_smoketest_cli.outputs.exit_code == 'success' && needs.test_config_load.outputs.exit_code == 'success' && needs.test_raid1_install.outputs.exit_code == 'success' && '👍 passed!' || '❌ failed!' }}

            ### Details

            [CI logs](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})

            * CLI Smoketests ${{ needs.test_smoketest_cli.outputs.exit_code == 'success' && '👍 passed' || '❌ failed' }}
            * Config tests ${{ needs.test_config_load.outputs.exit_code == 'success' && '👍 passed' || '❌ failed' }}
            * RAID1 tests ${{ needs.test_raid1_install.outputs.exit_code == 'success' && '👍 passed' || '❌ failed' }}
            * TPM tests ${{ needs.test_encrypted_config_tpm.outputs.exit_code == 'success' && '👍 passed' || '❌ failed' }}

          message-id: "SMOKETEST_RESULTS"
          allow-repeats: false
          refresh-message-position: true