Add Github Actions CI and Docker test functionality

ArrayBolt3 · ArrayBolt3 · commit 295d9768d54f · 2026-03-07T22:22:02.000-05:00
diff --git a/.github/workflows/autopkgtest.yaml b/.github/workflows/autopkgtest.yaml
@@ -0,0 +1,15 @@
+name: autopkgtest
+on:
+  push
+
+concurrency:
+  group: "${{ github.workflow }}-${{ github.ref }}"
+  cancel-in-progress: true
+
+jobs:
+  test-debian:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+      - run: ./docker_run_autopkgtest
+        name: "Test privleap on Debian trixie"
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,17 @@
+## Copyright (C) 2026 - 2026 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
+## See the file COPYING for copying conditions.
+
+## Note that this file is in the root directory of the privleap source code
+## because 'docker build' needs to be able to copy the whole source directory
+## into the image, but it appears 'docker build' prevents directory traversal.
+
+FROM debian:13
+RUN apt-get update
+RUN apt-get install -y debhelper debhelper-compat python3 python3-pam python3-sdnotify autopkgtest mmdebstrap debian-archive-keyring sudo zstd
+RUN useradd -m user
+RUN adduser user sudo
+RUN passwd -d user
+COPY . /home/user/privleap
+RUN chown -R user:user /home/user/privleap
+#LABEL org.opencontainers.image.title="privleap-test-docker"
+ENTRYPOINT ["/bin/bash", "-l", "-c"]
diff --git a/docker_run_autopkgtest b/docker_run_autopkgtest
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+## Copyright (C) 2026 - 2026 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
+## See the file COPYING for copying conditions.
+
+set -x
+set -o errexit
+set -o nounset
+set -o errtrace
+set -o pipefail
+
+run-docker-autopkgtest() {
+  docker build --tag "privleap-test-docker:latest" .
+  docker run -i --rm --privileged privleap-test-docker:latest 'setpriv --reuid $(id -u user) --regid $(id -g user) --init-groups --reset-env -- /home/user/privleap/run_autopkgtest'
+  docker rmi privleap-test-docker:latest
+}
+
+run-docker-autopkgtest
diff --git a/run_autopkgtest b/run_autopkgtest
@@ -57,24 +57,27 @@ Options:
 }
 
 run_autopkgtest() {
-  local arg
-  arg="${1:-}"
-  if [ "${arg}" = '--help' ] || [ "${arg}" = '-h' ] || [ "${arg}" = '-?' ]; then
-    print_usage
-    exit 0
-  fi
-
   if [ "$(id -u)" = '0' ]; then
     1>&2 echo 'Do not run this script as root!'
     exit 1
   fi
 
-  if [ "${arg}" = '--reset-tarball' ]; then
-    rm -f "${autopkgtest_tarball_path}"
-  elif [ -n "${arg}" ]; then
-    1>&2 echo "Unrecognized argument: '${arg}'. Try 'run_autopkgtest --help' for usage info."
-    exit 1
-  fi
+  while [ -n "${1:-}" ]; do
+    case "$1" in
+      --help|-h|-?)
+        print_usage
+        exit 0
+        ;;
+      --reset-tarball)
+        rm -f "${autopkgtest_tarball_path}"
+        shift
+        ;;
+      *)
+        1>&2 echo "Unrecognized argument: '$1'. Try 'run_autopkgtest --help' for usage info."
+        exit 1
+        ;;
+    esac
+  done
 
   ## Dependency checks
   if ! [ -x '/usr/bin/unshare' ]; then
