firezone/.github/workflows/ci.yml

name: CI
on:
  - push
defaults:
  run:
    shell: bash

jobs:
  unit-integration-test:
    runs-on: ubuntu-18.04
    env:
      MIX_ENV: test
      POSTGRES_HOST: localhost
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    services:
      postgres:
        image: postgres:13
        ports:
          - 5432:5432
        env:
          POSTGRES_USER: fireguard
          POSTGRES_PASSWORD: postgres
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
    steps:
      - uses: actions/checkout@v2
      - name: Install Runtimes
        uses: actions/setup-elixir@v1
        with:
          elixir-version: "1.11.2"
          otp-version: "23.1.2"
      - name: Install Dependencies
        run: mix deps.get --only test
      - name: Setup Database
        run: |
          mix ecto.create
          mix ecto.migrate

      - name: Run Tests and Upload Coverage Report
        run: mix coveralls.github --umbrella

  build:
    needs: unit-integration-test
    runs-on: ubuntu-18.04
    steps:
      - uses: actions/checkout@v2
      - name: Build packages
        run: |
          docker build -t fireguard:latest -f pkg/Dockerfile .
      - name: Rename Built Artifacts
        run: |
          version="${{ steps.version.outputs.version }}"
          cid=$(docker create fireguard:latest)
          filename="fireguard_${{ github.sha }}-1_amd64.deb"
          echo "Extracting built debian package from container ${cid} to filename ${filename}"
          docker cp ${cid}:/build/pkg/debian.deb ./${filename}
      - uses: actions/upload-artifact@v2
        with:
          name: fireguard-deb
          path: "fireguard*.deb"

  functional-test:
    needs: build
    runs-on: ubuntu-20.04
    steps:
      - uses: actions/download-artifact@v2
        with:
          name: fireguard-deb
      - name: Test Install package
        env:
          DEBIAN_FRONTEND: noninteractive
        run: |
          sudo apt-get update
          sudo apt-get install -y postgresql \
            wireguard iptables net-tools curl ca-certificates
          sudo systemctl start postgresql
          sudo dpkg -i fireguard*.deb

          # Wait for app to start
          sleep 10

          echo "Checking FireGuard service status"
          sudo systemctl status fireguard

          echo "Checking if FireGuard service is active"
          sudo systemctl is-active fireguard

          echo "Connecting with openssl"
          openssl s_client -connect localhost:8800 -showcerts -prexit -debug

          echo "Trying to load homepage..."
          curl -i -vvv -k https://localhost:8800

  publish:
    needs: build
    runs-on: ubuntu-18.04
    if: github.event_name == 'push' && contains(github.ref, 'refs/tags/')
    steps:
      - name: Create Release
        id: create_release
        uses: actions/create-release@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          tag_name: ${{ github.ref }}
          release_name: Release ${{ github.ref }}
          draft: false
          prerelease: true
      - uses: actions/download-artifact@v2
        with:
          name: fireguard-deb
      - name: Upload Release Asset
        id: upload-release-asset
        uses: actions/upload-release-asset@v1
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: ./fireguard_${{ github.sha }}-1_amd64.deb
          asset_name: fireguard_amd64.deb
          asset_content_type: application/vnd.debian.binary-package