tests: add nightly workflow#16
Open
j4n wants to merge 15 commits into
Open
Conversation
missytake
reviewed
May 20, 2026
missytake
left a comment
missytake
left a comment
Contributor
There was a problem hiding this comment.
Looks good to me, but I guess others should look at this as well :)
I think there was also the idea to run https://github.com/chatmail/core/blob/main/.github/workflows/ci.yml against the four different deployment options? afaict you can only pass one CHATMAIL_DOMAIN to it, so it doesn't seem to be cross-server. Which should be enough, too :D
but maybe a cmlxc core-test command is out of scope for this PR, this is already a good start.
How do we get notified on failure?
Containers with Docker or other networking can expose IPs on multiple interfaces. _extract_ip() now accepts an optional subnet filter so wait_ready() and list_managed() only pick addresses on incusbr0.
Move the initialization check (DNS container running + base image present) from cli._check_init() into Incus.check_init() so that drivers can call it without depending on the CLI module.
…ure() Allows drivers to pass additional Incus config keys (e.g. security.nesting=true for Docker-in-LXC) when launching containers. Threaded through Container and RelayContainer.
…nd on_init_relay default Move the initenv.sh hook from CmdeployDriver.on_init_relay() into the Driver base class as the default implementation -- both cmdeploy and docker drivers used identical bodies. Extract run_cmdeploy_pytest() as a standalone function so that any driver sharing the cmdeploy test suite (currently CmdeployDriver and DockerDriver) can call it without duplicating the env_exports / pytest command construction.
When the source ref is a full 40-char SHA (e.g. from CI dispatch), the shallow git-main clone won't have it. Detect this case and fetch just that commit with --depth 1 before checkout.
When no explicit -v flags are passed and RUNNER_DEBUG=1 is set (GitHub Actions "Enable debug logging" rerun), auto-bump to -vvv.
The `git reset --hard origin/{ref}` is only useful for branch refs
(fast-forward to latest remote). For SHA refs it always fails silently
since there's no remote tracking branch. Only run it for branch refs.
…elease tags prep_builder() in driver_base.py did not pull tags, so a subsequent `git checkout <tag>` fails, needed for release builds.
…ript Both the cmdeploy and docker drivers need to generate chatmail.ini with relaxed rate limits for testing. Extract the overrides dict and the Python snippet builder into shared helpers.
Wrap bash(..., check=False)
1. driver_cmdeploy.py: CmdeployDriver.on_init_relay() was removed during the be9d325 refactor but was never moved to the base class as the commit message claimed. The method runs scripts/initenv.sh inside the builder to create the relay's venv. Without it, every subsequent step that calls `source .../venv/bin/activate` fails with "No such file or directory".
Add DockerDriver for deploying chatmail relays via Docker Compose inside LXC containers (Docker-in-LXC with security.nesting). Features: - Pull pre-built images from GHCR (--source ghcr:TAG) - Inject local builds - Healthcheck polling / log streaming - SSH forwarding into Docker containers (for test compatibility) - DNS zone extraction and PowerDNS loading - security.privileged fenced behind CI=true CLI subcommands: deploy, pull, logs, ps, shell
- Register DockerDriver in DRIVER_BY_NAME - test-cmdeploy: dispatch to driver class from container metadata - Fix _print_builder_repos to use driver REPO_NAME (avoids dupes)
- Add cmlxc_ref input to test feature branches - Disable AppArmor for Docker-in-LXC systemd support - Cache localchat-docker image (strip Docker images before export) - Split cache into restore/save for better failure handling - Per-service failure diagnostics (dovecot, postfix, failed units) - install incus-base instead of full incus package - trimmed=: normalise whitespace via xargs before eval so indented commands in the multiline cmlxc_commands input parse correctly and display cleanly in CI ::group:: labels - get_service_logs.sh: debug logging calls /usr/local/sbin/get-service-logs (installed via COPY in the Docker image) which dumps per-service journalctl output, failed units, dovecot config, and TLS cert paths
.github/workflows/nightly.yml: - Scheduled at 02:17 UTC daily (also workflow_dispatch for manual runs). - based on reusable workflow
hpk42
approved these changes
May 28, 2026
hpk42
left a comment
hpk42
left a comment
Contributor
There was a problem hiding this comment.
it's a bit weird this is living in cmlxc but i guess it's worth a try if this nightly approach reliably works.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
.github/workflows/nightly.yml: