ci: Use new docker-supporting backend workflows

.config/starte2e.sh

@@ -6,18 +6,38 @@ set -eu
 # lack docker
 export PATH="${PATH}:/usr/bin"
 
+# If we're running in CI, we are in a docker container, so containers
+# launched by us do not bind-mount into local directories. Instead, we
+# copy the test environment to the host, so that we can bind-mount
+# from there.
+
+ENV_PATH="$(dirname "$0")/../tests/environment"
+
+if [ "$NEXTEST_PROFILE" = "ci" ]; then
+	cp -r tests/environment "$RUNNER_TEMP/test-env"
+	ENV_PATH="$RUNNER_TEMP/test-env"
+fi
+
+export ENV_PATH
+
 # Make sure the containers can write some files that need to be shared
-touch tests/environment/zitadel/service-user.json
-chmod a+rw tests/environment/zitadel/service-user.json
+touch "$ENV_PATH/zitadel/service-user.json"
+chmod a+rw "$ENV_PATH/zitadel/service-user.json"
 
 # We only take down ldap if the certs are too old and need regeneration
 ldap_down=""
-file_creation=$(date -r ./tests/environment/certs/ca.crt +%s || echo 0)
+file_creation=$(date -r "$ENV_PATH/certs/ca.crt" +%s || echo 0)
 if [ $(($(date +%s) - file_creation)) -gt $((25 * 24 * 60 * 60)) ]; then
 	ldap_down="-v ldap"
 fi
 
+ls -l "$ENV_PATH"
+ls -l "$ENV_PATH/certs"
+ls -l "$ENV_PATH/certs/generate-certs.sh"
+
+docker run -it -v "$ENV_PATH:/certs" --entrypoint /bin/sh alpine/openssl:3.3.2 -c "ls /certs"
+
 # Shut down any still running test-setup first
-docker compose --project-directory ./tests/environment down -v test-setup "$ldap_down" || true
-docker compose --project-directory ./tests/environment up --wait \
-	|| (docker compose --project-directory ./tests/environment logs test-setup; exit 1)
+docker compose --project-directory "$ENV_PATH" down -v test-setup "$ldap_down" || true
+docker compose --project-directory "$ENV_PATH" up --wait \
+	|| (docker compose --project-directory "$ENV_PATH" logs test-setup; exit 1)

.github/workflows/rust-workflow.yml

@@ -8,101 +8,13 @@ on:
   pull_request:
     branches: [ "*" ]
 
-env:
-  CARGO_TERM_COLOR: always
-
 # Make sure there is no pipeline running uselessly.
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
 # Defined CI jobs.
 jobs:
-  simple-checks:
-    container: docker-oss.nexus.famedly.de/rust-container:nightly
-    runs-on: ubuntu-latest
-    steps:
-    - name: Checkout current repository
-      uses: actions/checkout@v4
-
-    - uses: famedly/backend-build-workflows/.github/actions/rust-prepare@main
-      with:
-        gitlab_ssh: ${{ secrets.CI_SSH_PRIVATE_KEY}}
-        gitlab_user: ${{ secrets.GITLAB_USER }}
-        gitlab_pass: ${{ secrets.GITLAB_PASS }}
-
-    - name: Caching
-      uses: Swatinem/rust-cache@68b3cb7503c78e67dae8373749990a220eb65352
-      with:
-        cache-on-failure: true
-        cache-all-crates: true
-
-    - name: Rustfmt
-      shell: bash
-      run: cargo +${NIGHTLY_VERSION} fmt -- --check
-
-    - name: Clippy
-      shell: bash
-      run: cargo +${NIGHTLY_VERSION} clippy --workspace --all-targets -- -D warnings
-
-    - name: Doc-test
-      shell: bash
-      run: cargo +${NIGHTLY_VERSION} test --doc --workspace --verbose
-
-    - name: Udeps
-      shell: bash
-      run: cargo +${NIGHTLY_VERSION} udeps
-
-    - name: Typos
-      shell: bash
-      run: typos --exclude '*.key' --exclude '*.crt' --exclude '*.csr' --exclude '*.srl'
-
   tests:
-    runs-on: ubuntu-latest
-    steps:
-    - name: Checkout current repository
-      uses: actions/checkout@v4
-
-    - uses: famedly/backend-build-workflows/.github/actions/rust-prepare@main
-      with:
-        gitlab_ssh: ${{ secrets.CI_SSH_PRIVATE_KEY}}
-        gitlab_user: ${{ secrets.GITLAB_USER }}
-        gitlab_pass: ${{ secrets.GITLAB_PASS }}
-
-    - name: Add llvm-tools rust component
-      run: rustup component add llvm-tools-preview --toolchain stable-x86_64-unknown-linux-gnu
-
-    - name: Caching
-      uses: Swatinem/rust-cache@68b3cb7503c78e67dae8373749990a220eb65352
-      with:
-        cache-on-failure: true
-        cache-all-crates: true
-
-    - name: Install additional cargo tooling
-      shell: bash
-      run: cargo install cargo-nextest cargo-llvm-cov --locked
-
-    - name: Test
-      timeout-minutes: 20
-      shell: bash
-      run: |
-        docker compose --project-directory ./tests/environment down -v
-        cargo llvm-cov nextest --profile ci --workspace --lcov --output-path lcov.info
-
-    - name: Get docker logs on failure
-      shell: bash
-      if: failure()
-      run: |
-        docker compose --project-directory ./tests/environment logs
-
-    - name: Codecov - Upload coverage
-      uses: codecov/codecov-action@v4
-      with:
-        token: ${{secrets.CODECOV_TOKEN}}
-        files: lcov.info
-
-    - name: Codecov - Upload test results
-      uses: codecov/test-results-action@v1
-      with:
-        token: ${{secrets.CODECOV_TOKEN}}
-
+    uses: famedly/backend-build-workflows/.github/workflows/rust-workflow.yml@8fa286305f20cc2aaa1898b931f7188d3e19eeb6
+    secrets: inherit

tests/environment/docker-compose.yaml

@@ -3,7 +3,7 @@ services:
     image: alpine/openssl:3.3.2
     volumes:
       - type: bind
-        source: ./certs
+        source: ${ENV_PATH}/certs
         target: /certs
     entrypoint: /certs/generate-certs.sh
 
@@ -20,7 +20,7 @@ services:
       - LDAP_TLS_VERIFY_CLIENTS=try
     volumes:
       - type: bind
-        source: ./certs
+        source: ${ENV_PATH}/certs
         target: /certs
         read_only: true
     depends_on:
@@ -34,10 +34,10 @@ services:
     entrypoint: /environment/test-setup.sh
     volumes:
       - type: bind
-        source: ./
+        source: ${ENV_PATH}/
         target: /environment
       - type: bind
-        source: ./config.template.yaml
+        source: ${ENV_PATH}/config.template.yaml
         target: /config.template.yaml
         read_only: true
     healthcheck:
@@ -59,7 +59,7 @@ services:
       - 8080:8080
     volumes:
       - type: bind
-        source: ./zitadel/
+        source: ${ENV_PATH}/zitadel/
         target: /zitadel-config/
     depends_on:
       db: