mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-12-07 09:56:41 +00:00
Kevin Veen-Birkenbach
91d5ba35d1
- Introduce global IS_CONTAINER flag based on ansible_virtualization facts - Skip systemd-based handlers and tasks when running inside containers - Extend EXCLUDED_ROLES list in GitHub Actions test-deploy workflow - Ensure docker.sock is mounted for all CI deploy stages - Improve sys-svc-docker by suppressing service restarts inside containers - Add meta: flush_handlers to properly trigger delayed docker restarts - Update sys-service handlers with container guards - Update sys-timer tasks to avoid systemctl inside CI containers - Enhance drv-non-free role with Manjaro detection and mhwd fallback warning - Skip swapfile generation in containers - Minor service template fixes and cleanup in proxy.conf.j2 Details and discussion: https://chatgpt.com/share/6930a4ca-56f4-800f-9b3d-4791f040a03b
106 lines
3.4 KiB
YAML
106 lines
3.4 KiB
YAML
name: Build & Test Infinito.Nexus CLI in Docker Container
|
||
|
||
on:
|
||
push:
|
||
branches:
|
||
- master
|
||
- main
|
||
pull_request:
|
||
|
||
jobs:
|
||
test-deploy:
|
||
runs-on: ubuntu-latest
|
||
timeout-minutes: 240
|
||
|
||
env:
|
||
# The following roles will be ignored in the tests
|
||
EXCLUDED_ROLES: >
|
||
drv-lid-switch,
|
||
svc-net-wireguard-core,
|
||
svc-net-wireguard-firewalled,
|
||
svc-net-wireguard-plain,
|
||
svc-opt-keyboard-color,
|
||
svc-opt-ssd-hdd,
|
||
web-app-bridgy-fed,
|
||
web-app-oauth2-proxy,
|
||
web-app-postmarks,
|
||
web-app-socialhome,
|
||
web-svc-xmpp,
|
||
steps:
|
||
- name: Checkout repository
|
||
uses: actions/checkout@v4
|
||
|
||
- name: Build Docker image
|
||
run: |
|
||
docker build --network=host --pull -t infinito:latest .
|
||
|
||
# 1) First deploy: normal + debug
|
||
- name: First deploy (normal + debug)
|
||
run: |
|
||
docker run --network=host --rm \
|
||
-v /var/run/docker.sock:/var/run/docker.sock \
|
||
-e EXCLUDED_ROLES="$EXCLUDED_ROLES" \
|
||
infinito:latest \
|
||
/bin/sh -lc '
|
||
set -e
|
||
cd /opt/infinito-src
|
||
|
||
# Create inventory (also creates inventories/github-ci/.password if missing)
|
||
infinito create inventory inventories/github-ci \
|
||
--host localhost \
|
||
--exclude "$EXCLUDED_ROLES" \
|
||
--ssl-disabled
|
||
|
||
INVENTORY_PATH="inventories/github-ci/servers.yml"
|
||
VAULT_FILE="inventories/github-ci/.password"
|
||
|
||
# First deploy with debug
|
||
infinito deploy "$INVENTORY_PATH" -T server -p "$VAULT_FILE" --debug --skip-tests
|
||
'
|
||
|
||
# 2) Second deploy: reset + debug
|
||
- name: Second deploy (--reset --debug)
|
||
run: |
|
||
docker run --network=host --rm \
|
||
-v /var/run/docker.sock:/var/run/docker.sock \
|
||
-e EXCLUDED_ROLES="$EXCLUDED_ROLES" \
|
||
infinito:latest \
|
||
/bin/sh -lc '
|
||
set -e
|
||
cd /opt/infinito-src
|
||
|
||
# Rebuild inventory; .password will be reused if present
|
||
infinito create inventory inventories/github-ci \
|
||
--host localhost \
|
||
--exclude "$EXCLUDED_ROLES" \
|
||
--ssl-disabled
|
||
|
||
INVENTORY_PATH="inventories/github-ci/servers.yml"
|
||
VAULT_FILE="inventories/github-ci/.password"
|
||
|
||
infinito deploy "$INVENTORY_PATH" -T server -p "$VAULT_FILE" --skip-tests --reset --debug
|
||
'
|
||
|
||
# 3) Third deploy: async (no debug)
|
||
- name: Third deploy (async deploy – no debug)
|
||
run: |
|
||
docker run --network=host --rm \
|
||
-v /var/run/docker.sock:/var/run/docker.sock \
|
||
-e EXCLUDED_ROLES="$EXCLUDED_ROLES" \
|
||
infinito:latest \
|
||
/bin/sh -lc '
|
||
set -e
|
||
cd /opt/infinito-src
|
||
|
||
infinito create inventory inventories/github-ci \
|
||
--host localhost \
|
||
--exclude "$EXCLUDED_ROLES" \
|
||
--ssl-disabled
|
||
|
||
INVENTORY_PATH="inventories/github-ci/servers.yml"
|
||
VAULT_FILE="inventories/github-ci/.password"
|
||
|
||
# Async-style deploy: no --debug, so some processes run in parallel
|
||
infinito deploy "$INVENTORY_PATH" -T server -p "$VAULT_FILE" --skip-tests
|
||
'
|