CI: add AlmaLinux 8, CentOS Stream 9, and Fedora

AkihiroSuda · AkihiroSuda · commit 62e5b611c220 · 2025-02-25T16:14:17.000+09:00
Lima (http://lima-vm.io) is used to create VM of these distros. Close issue 220 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml
@@ -90,3 +90,65 @@ jobs:
 
       - name: test
         run: make TESTFLAGS="${{ matrix.race }}" test
+
+  vm:
+    name: "VM"
+    strategy:
+      fail-fast: false
+      matrix:
+        template:
+          - template://almalinux-8
+          - template://centos-stream-9
+          - template://fedora
+    runs-on: ubuntu-24.04
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: "Install QEMU"
+        run: |
+          set -eux
+          sudo apt-get update
+          sudo apt-get install -y --no-install-recommends ovmf qemu-system-x86 qemu-utils
+          sudo modprobe kvm
+          # `sudo usermod -aG kvm $(whoami)` does not take an effect on GHA
+          sudo chown $(whoami) /dev/kvm
+
+      - name: "Install Lima"
+        env:
+          GITHUB_TOKEN: ${{ github.token }}  # required by `gh attestation verify`
+        run: |
+          set -eux
+          LIMA_VERSION=$(curl -fsSL https://api.github.com/repos/lima-vm/lima/releases/latest | jq -r .tag_name)
+          FILE="lima-${LIMA_VERSION:1}-Linux-x86_64.tar.gz"
+          curl -fOSL https://github.com/lima-vm/lima/releases/download/${LIMA_VERSION}/${FILE}
+          gh attestation verify --owner=lima-vm "${FILE}"
+          sudo tar Cxzvf /usr/local "${FILE}"
+          rm -f "${FILE}"
+          # Export LIMA_VERSION For the GHA cache key
+          echo "LIMA_VERSION=${LIMA_VERSION}" >>$GITHUB_ENV
+
+      - name: "Cache ~/.cache/lima"
+        uses: actions/cache@v4
+        with:
+          path: ~/.cache/lima
+          key: lima-${{ env.LIMA_VERSION }}-${{ matrix.template }}
+
+      - name: "Start VM"
+        # --plain is set to disable file sharing, port forwarding, built-in containerd, etc.
+        run: limactl start --plain --name=default --cpus=1 --memory=1 ${{ matrix.template }}
+
+      - name: "Initialize VM"
+        # plain old rsync and ssh are used for the initialization of the guest,
+        # so that people who are not familiar with Lima can understand the initialization steps.
+        run: |
+          set -eux -o pipefail
+          # Initialize SSH
+          mkdir -p -m 0700 ~/.ssh
+          cat ~/.lima/default/ssh.config >> ~/.ssh/config
+          # Sync the current directory to /tmp/selinux in the guest
+          rsync -a -e ssh . lima-default:/tmp/selinux
+          # Install packages
+          ssh lima-default sudo dnf install -y git make golang
+
+      - name: "make test"
+        run: ssh lima-default make -C /tmp/selinux test
