Skip to content
Test Examples

build(deps): bump google.golang.org/api from 0.273.1 to 0.274.0 #753

Sign in to view logs

build(deps): bump google.golang.org/api from 0.273.1 to 0.274.0

build(deps): bump google.golang.org/api from 0.273.1 to 0.274.0 #753

Workflow file for this run

.github/workflows/examples-test.yaml at 4007762
name: Test Examples
on:
pull_request:
branches: [ "main" ]
push:
branches: [ "main" ]
workflow_dispatch:
permissions:
contents: read
jobs:
test-on-top-of-base:
name: Test on_top_of_base example (${{ matrix.arch }})
runs-on: ubuntu-latest
permissions:
contents: read
strategy:
fail-fast: false
matrix:
arch: [x86_64, aarch64]
steps:
- uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
with:
egress-policy: block
allowed-endpoints: >
*.blob.core.windows.net:443
*.githubapp.com:443
9236a389bd48b984df91adc1bc924620.r2.cloudflarestorage.com:443
api.github.com:443
auth.docker.io:443
cgr.dev:443
dl.google.com:443
github.com:443
go.dev:443
objects.githubusercontent.com:443
packages.wolfi.dev:443
production.cloudflare.docker.com:443
proxy.golang.org:443
registry-1.docker.io:443
release-assets.githubusercontent.com:443
storage.googleapis.com:443
sum.golang.org:443
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
with:
go-version-file: 'go.mod'
check-latest: true
- name: Setup QEMU
uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0
- name: Install crane
uses: imjasonh/setup-crane@6da1ae018866400525525ce74ff892880c099987 # v0.5
- name: Build apko
run: make apko
- name: Test on_top_of_base example - usr-merge base image handling
run: |
set -euxo pipefail
# Test with busybox base image (has usr-merge layout with /lib -> /usr/lib symlink)
# This verifies that apko correctly handles building on top of base images with usr-merge layout
BASE_IMAGE="cgr.dev/chainguard/busybox:latest"
OUTPUT_TAR="test-output-${{ matrix.arch }}.tar"
echo "Testing on_top_of_base example with ${{ matrix.arch }} architecture..."
# Build image on top of base using the parameterized build.sh script
./examples/on_top_of_base/build.sh \
./apko \
"$BASE_IMAGE" \
"$OUTPUT_TAR" \
"${{ matrix.arch }}"
# Load the built image
docker load -i "$OUTPUT_TAR"
# Determine the correct image tag based on architecture
if [ "${{ matrix.arch }}" = "x86_64" ]; then
IMAGE_TAG="base_image:latest-amd64"
else
IMAGE_TAG="base_image:latest-arm64"
fi
# Test that shell works (verifies /lib symlink is preserved correctly)
echo "Testing shell execution on ${{ matrix.arch }}..."
if docker run --rm --platform linux/${{ matrix.arch == 'x86_64' && 'amd64' || 'arm64' }} \
--entrypoint /bin/sh "$IMAGE_TAG" \
-c "echo 'Shell works on ${{ matrix.arch }}'" | grep -q "Shell works"; then
echo "Shell executes correctly on ${{ matrix.arch }}"
else
echo "FAILED: Shell failed to execute on ${{ matrix.arch }} (indicates broken /lib symlink)"
exit 1
fi
# Test another binary to be thorough
echo "Testing busybox execution on ${{ matrix.arch }}..."
if docker run --rm --platform linux/${{ matrix.arch == 'x86_64' && 'amd64' || 'arm64' }} \
--entrypoint /bin/busybox "$IMAGE_TAG" echo "Busybox works" | grep -q "Busybox works"; then
echo "Busybox executes correctly on ${{ matrix.arch }}"
else
echo "FAILED: Busybox failed to execute on ${{ matrix.arch }}"
exit 1
fi
echo "PASSED: on_top_of_base example test for ${{ matrix.arch }}"
- name: Clean up
if: always()
run: |
# Clean up docker images
docker rmi base_image:latest-amd64 2>/dev/null || true
docker rmi base_image:latest-arm64 2>/dev/null || true
# Clean up build artifacts
rm -rf ./examples/on_top_of_base/{base_image,apkindexes,fs_dump,top_image,*.lock.json,*.tar}