# Unit tests first, then end-to-end tests against a real Garage
# container via testcontainers-go. Merged into one job so the Go
# install + module cache are shared and a unit-test failure
# short-circuits before paying the ~150 MB Garage image pull.
#
# Order: install_cacher → cacher_init → install_go → cache_gomod →
# test → docker_start → cache_garage_image → test_e2e.
#
# Dogfoods the published cacher binary (from pages.sr.ht) to cache:
# * The Go tarball, via `cacher download --url` fallback.
# * ~/go/pkg/mod, keyed on sha256(go.sum) — biggest win, the docker
# SDK transitives pulled in by testcontainers are heavy.
# * The Garage docker image, via `cacher docker {exists,download,
# upload}`. Switch to `cacher docker download --pull` after the
# next release; the single-command form lives on master but
# isn't in v0.1.0.
image: ubuntu/noble
packages:
- curl
- ca-certificates
- docker.io
secrets:
- 7dde4219-0783-4581-a67d-c94749de3600 # ~/.s3-cache-key-id
- 0e5b3530-6f19-4f30-9b73-9339dd382e46 # ~/.s3-cache-key-secret
sources:
- https://git.srht.bigb.es/~bigbes/ci-cacher
environment:
GO_VERSION: "1.26.3"
PATH: /home/build/.local/go/bin:/home/build/.local/bin:/usr/local/bin:/usr/bin:/bin
PAGES_DOMAIN: bigbes.pages.srht.bigb.es
PAGES_SUBPATH: /ci-cacher
# Keep in sync with internal/testutil/garage/container.go const Image.
GARAGE_IMAGE: "dxflrs/garage:v2.3.0"
# No Ryuk reaper — the VM is torn down at job end, so the reaper
# container only adds startup logs we don't need.
TESTCONTAINERS_RYUK_DISABLED: "true"
submitter:
git.sr.ht:
enabled: true
allow-refs:
- refs/heads/master
- "refs/tags/*"
tasks:
- install_cacher: |
mkdir -p ~/.local/bin
curl -sSL "https://${PAGES_DOMAIN}${PAGES_SUBPATH}/cacher-linux-amd64" \
-o ~/.local/bin/cacher
chmod +x ~/.local/bin/cacher
cacher version
- cacher_init: |
cacher init \
--endpoint https://s3.bigb.es \
--region garage \
--bucket docker-cache \
--prefix ci-cacher/deps \
--key-file ~/.s3-cache-key-id \
--secret-file ~/.s3-cache-key-secret
- install_go: |
GO_TARBALL="go${GO_VERSION}.linux-amd64.tar.gz"
mkdir -p ~/.local
cacher download "golang/${GO_TARBALL}" "/tmp/${GO_TARBALL}" \
--url "https://go.dev/dl/${GO_TARBALL}"
tar -xz -C ~/.local -f "/tmp/${GO_TARBALL}"
rm "/tmp/${GO_TARBALL}"
go version
- cache_gomod: |
# Cache ~/go/pkg/mod keyed by sha256(go.sum). A go.sum change
# invalidates automatically; otherwise both `go test` and the e2e
# variant (testcontainers + docker SDK transitives) hit the cache
# and skip proxy.golang.org entirely.
GOSUM_HASH=$(sha256sum ci-cacher/go.sum | cut -c1-16)
KEY="gomod/${GOSUM_HASH}.tar.gz"
if cacher download "$KEY" /tmp/gomod.tar.gz; then
mkdir -p ~/go
tar -xzf /tmp/gomod.tar.gz -C ~/go
else
cd ci-cacher && go mod download && cd ..
tar -czf /tmp/gomod.tar.gz -C ~/go pkg/mod
cacher upload "$KEY" /tmp/gomod.tar.gz
fi
rm -f /tmp/gomod.tar.gz
- test: |
cd ci-cacher
go test ./...
- docker_start: |
sudo systemctl start docker
sudo usermod -aG docker build
sudo chmod 666 /var/run/docker.sock
docker version
- cache_garage_image: |
# Key derived from the image ref so a version bump invalidates
# the cache automatically: dxflrs/garage:v2.3.0 → dxflrs-garage-v2.3.0
# stderr swallowed on `exists` because v0.1.0 still dumps the
# cobra Usage block on a miss (SilenceUsage lands in the next
# release).
KEY="docker/$(echo "$GARAGE_IMAGE" | tr '/:' '-').tar.zst"
if cacher docker exists "$KEY" >/dev/null 2>&1; then
cacher docker download "$KEY" "$GARAGE_IMAGE"
else
docker pull "$GARAGE_IMAGE"
cacher docker upload "$KEY" "$GARAGE_IMAGE"
fi
docker images "$GARAGE_IMAGE"
- test_e2e: |
cd ci-cacher
go test -tags=e2e -timeout=10m ./...