CI: fix TLS test Docker volume mounts #678
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| paths: | |
| - ".github/workflows/ci.yaml" | |
| - ".config/nextest.toml" | |
| - "src/**" | |
| - "tests/**" | |
| - "Cargo.toml" | |
| - "Cargo.lock" | |
| pull_request: {} | |
| env: | |
| RUSTFLAGS: -D warnings | |
| CARGO_TERM_COLOR: always | |
| TEST_STATS_DELAY: 5000 | |
| jobs: | |
| lint: | |
| name: Lint | |
| strategy: | |
| matrix: | |
| runner: | |
| - "ubuntu-22.04" | |
| - "ubuntu-24.04" | |
| runs-on: ${{ matrix.runner }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: dtolnay/rust-toolchain@stable | |
| with: | |
| components: rustfmt, clippy | |
| - name: Lint (clippy) | |
| run: cargo clippy | |
| - name: Lint (rustfmt) | |
| run: cargo fmt --all --check | |
| build: | |
| name: Non-TLS tests | |
| strategy: | |
| matrix: | |
| rabbitmq-series: | |
| - "4.0" | |
| - "4.1" | |
| - "4.2" | |
| rust-version: | |
| - stable | |
| - beta | |
| runner: | |
| - "ubuntu-22.04" | |
| - "ubuntu-24.04" | |
| # - "ubuntu-24.04-arm" | |
| runs-on: ${{ matrix.runner }} | |
| services: | |
| rabbitmq: | |
| image: rabbitmq:${{ matrix.rabbitmq-series }}-management | |
| ports: | |
| - 15672:15672 | |
| - 5672:5672 | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Setup Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| toolchain: ${{ matrix.rust-version }} | |
| - uses: taiki-e/install-action@nextest | |
| - name: Wait for node to start booting | |
| run: sleep 15 | |
| - name: Configure broker | |
| run: RUST_HTTP_API_CLIENT_RABBITMQCTL=DOCKER:${{job.services.rabbitmq.id}} bin/ci/before_build.sh | |
| - name: Run tests | |
| run: RUST_BACKTRACE=1 NEXTEST_RETRIES=2 cargo nextest run --workspace --no-fail-fast --all-features | |
| tls-tests: | |
| name: TLS tests | |
| strategy: | |
| matrix: | |
| rabbitmq-series: | |
| - "4.0" | |
| - "4.1" | |
| - "4.2" | |
| rust-version: | |
| - stable | |
| runner: | |
| - "ubuntu-22.04" | |
| - "ubuntu-24.04" | |
| - "ubuntu-24.04-arm" | |
| runs-on: ${{ matrix.runner }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Setup Rust | |
| uses: dtolnay/rust-toolchain@stable | |
| with: | |
| toolchain: ${{ matrix.rust-version }} | |
| - uses: taiki-e/install-action@nextest | |
| - name: Clone tls-gen | |
| run: git clone --depth 1 https://github.com/rabbitmq/tls-gen.git target/tls-gen | |
| - name: Generate TLS certificates | |
| run: | | |
| cd target/tls-gen/basic | |
| make CN=localhost | |
| - name: Create certs directory | |
| run: mkdir -p tests/tls/certs | |
| - name: Copy certificates | |
| run: | | |
| cp target/tls-gen/basic/result/ca_certificate.pem tests/tls/certs/ | |
| cp target/tls-gen/basic/result/server_localhost_certificate.pem tests/tls/certs/server_certificate.pem | |
| cp target/tls-gen/basic/result/server_localhost_key.pem tests/tls/certs/server_key.pem | |
| cp target/tls-gen/basic/result/client_localhost_certificate.pem tests/tls/certs/client_certificate.pem | |
| cp target/tls-gen/basic/result/client_localhost_key.pem tests/tls/certs/client_key.pem | |
| chmod o+r tests/tls/certs/* | |
| chmod g+r tests/tls/certs/* | |
| - name: Create RabbitMQ TLS configuration | |
| run: | | |
| cat > tests/tls/certs/rabbitmq.conf << 'EOF' | |
| management.ssl.port = 15671 | |
| management.ssl.cacertfile = /certs/ca_certificate.pem | |
| management.ssl.certfile = /certs/server_certificate.pem | |
| management.ssl.keyfile = /certs/server_key.pem | |
| management.tcp.port = 15672 | |
| loopback_users = none | |
| EOF | |
| sed -i 's/^[[:space:]]*//' tests/tls/certs/rabbitmq.conf | |
| echo "Generated config:" | |
| cat tests/tls/certs/rabbitmq.conf | |
| - name: Start RabbitMQ with TLS | |
| run: | | |
| docker run -d --name rabbitmq-tls \ | |
| -p 15671:15671 \ | |
| -p 15672:15672 \ | |
| -p 5672:5672 \ | |
| -v ${{ github.workspace }}/tests/tls/certs:/certs:ro \ | |
| -v ${{ github.workspace }}/tests/tls/certs/rabbitmq.conf:/etc/rabbitmq/rabbitmq.conf:ro \ | |
| rabbitmq:${{ matrix.rabbitmq-series }}-management | |
| - name: Wait for RabbitMQ to start | |
| run: | | |
| echo "Waiting for RabbitMQ to start..." | |
| for i in $(seq 1 30); do | |
| if docker exec rabbitmq-tls rabbitmqctl status > /dev/null 2>&1; then | |
| echo "RabbitMQ is ready" | |
| exit 0 | |
| fi | |
| echo "Waiting... ($i/30)" | |
| sleep 2 | |
| done | |
| echo "RabbitMQ failed to start. Container logs:" | |
| docker logs rabbitmq-tls | |
| exit 1 | |
| - name: Verify TLS listener | |
| run: | | |
| docker exec rabbitmq-tls rabbitmq-diagnostics listeners | |
| echo "Checking if TLS port 15671 is listening..." | |
| docker exec rabbitmq-tls rabbitmq-diagnostics listeners | grep -E "15671|ssl" || echo "Note: TLS listener output" | |
| - name: Configure broker | |
| run: | | |
| docker exec rabbitmq-tls rabbitmq-plugins enable rabbitmq_management | |
| sleep 3 | |
| docker exec rabbitmq-tls rabbitmqctl add_vhost / || true | |
| docker exec rabbitmq-tls rabbitmqctl add_user guest guest || true | |
| docker exec rabbitmq-tls rabbitmqctl set_permissions -p / guest ".*" ".*" ".*" | |
| - name: Run TLS tests | |
| run: | | |
| TLS_CERTS_DIR=${{ github.workspace }}/tests/tls/certs \ | |
| RUST_BACKTRACE=1 \ | |
| cargo nextest run -E 'binary(tls_tests)' --run-ignored=only --no-fail-fast | |
| - name: Stop RabbitMQ container | |
| if: always() | |
| run: docker stop rabbitmq-tls && docker rm rabbitmq-tls || true |