mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-12-07 09:56:41 +00:00
Kevin Veen-Birkenbach
c0980e91c0
Includes: - Rewrite of test-deploy workflow to use isolated inner dockerd with privileged mode. - Switch logging drivers to 'json-file' when IS_CONTAINER=true for compatibility with non-systemd CI runners. - Adjust Dockerfile to install docker CLI and simplify package setup. - Improve inventory creation and deploy steps for CI stability. - Fully compatible with Ansible 2.20 variable handling. Conversation reference: https://chatgpt.com/share/6930e285-9604-800f-aad8-7a81c928548c
190 lines
6.6 KiB
YAML
190 lines
6.6 KiB
YAML
name: Build & Test Infinito.Nexus CLI in Docker Container
|
||
|
||
on:
|
||
push:
|
||
branches:
|
||
- main
|
||
- master
|
||
- develop
|
||
- "*"
|
||
pull_request:
|
||
|
||
jobs:
|
||
test-deploy:
|
||
runs-on: ubuntu-latest
|
||
timeout-minutes: 240
|
||
|
||
env:
|
||
# The following roles will be ignored in the tests
|
||
EXCLUDED_ROLES: >
|
||
drv-lid-switch,
|
||
svc-net-wireguard-core,
|
||
svc-net-wireguard-firewalled,
|
||
svc-net-wireguard-plain,
|
||
svc-opt-keyboard-color,
|
||
svc-opt-ssd-hdd,
|
||
web-app-bridgy-fed,
|
||
web-app-oauth2-proxy,
|
||
web-app-postmarks,
|
||
web-app-socialhome,
|
||
web-svc-xmpp,
|
||
|
||
steps:
|
||
- name: Main Checkout repository
|
||
uses: actions/checkout@v4
|
||
|
||
- name: Show Docker version
|
||
run: docker version
|
||
|
||
- name: Build Docker image
|
||
run: |
|
||
docker build --network=host --pull -t infinito:latest .
|
||
|
||
# 1) First deploy: normal + debug (inner dockerd with vfs)
|
||
- name: First deploy (normal + debug)
|
||
run: |
|
||
docker run --network=host --rm --privileged \
|
||
-e EXCLUDED_ROLES="$EXCLUDED_ROLES" \
|
||
infinito:latest \
|
||
/bin/sh -lc '
|
||
set -e
|
||
|
||
echo ">>> Starting inner dockerd..."
|
||
dockerd --debug --host=unix:///var/run/docker.sock --storage-driver=vfs \
|
||
>/var/log/dockerd.log 2>&1 &
|
||
|
||
echo ">>> Waiting for inner Docker daemon..."
|
||
for i in $(seq 1 60); do
|
||
if docker info >/dev/null 2>&1; then
|
||
echo ">>> Inner Docker daemon is up."
|
||
break
|
||
fi
|
||
sleep 1
|
||
done
|
||
|
||
if ! docker info >/dev/null 2>&1; then
|
||
echo "ERROR: Inner Docker daemon did not start in time." >&2
|
||
echo "----------- dockerd.log (inside infinito) -----------" >&2
|
||
if [ -f /var/log/dockerd.log ]; then
|
||
sed -n "1,200p" /var/log/dockerd.log >&2
|
||
else
|
||
echo "dockerd.log not found" >&2
|
||
fi
|
||
echo "-----------------------------------------------------" >&2
|
||
exit 1
|
||
fi
|
||
|
||
echo ">>> Inner Docker daemon is up, proceeding with deploy."
|
||
cd /opt/infinito-src
|
||
|
||
echo ">>> Create CI inventory (normal + debug)..."
|
||
infinito create inventory inventories/github-ci \
|
||
--host localhost \
|
||
--exclude "$EXCLUDED_ROLES" \
|
||
--ssl-disabled
|
||
|
||
INVENTORY_PATH="inventories/github-ci/servers.yml"
|
||
VAULT_FILE="inventories/github-ci/.password"
|
||
|
||
echo ">>> First deploy (normal + debug)..."
|
||
infinito deploy "$INVENTORY_PATH" -T server -p "$VAULT_FILE" --debug --skip-tests
|
||
'
|
||
|
||
# 2) Second deploy: reset + debug (same inner dockerd pattern, also vfs)
|
||
- name: Second deploy (--reset --debug)
|
||
run: |
|
||
docker run --network=host --rm --privileged \
|
||
-e EXCLUDED_ROLES="$EXCLUDED_ROLES" \
|
||
infinito:latest \
|
||
/bin/sh -lc '
|
||
set -e
|
||
|
||
echo ">>> Starting inner dockerd..."
|
||
dockerd --debug --host=unix:///var/run/docker.sock --storage-driver=vfs \
|
||
>/var/log/dockerd.log 2>&1 &
|
||
|
||
echo ">>> Waiting for inner Docker daemon..."
|
||
for i in $(seq 1 60); do
|
||
if docker info >/dev/null 2>&1; then
|
||
echo ">>> Inner Docker daemon is up."
|
||
break
|
||
fi
|
||
sleep 1
|
||
done
|
||
|
||
if ! docker info >/dev/null 2>&1; then
|
||
echo "ERROR: Inner Docker daemon did not start in time." >&2
|
||
echo "----------- dockerd.log (inside infinito) -----------" >&2
|
||
if [ -f /var/log/dockerd.log ]; then
|
||
sed -n "1,200p" /var/log/dockerd.log >&2
|
||
else
|
||
echo "dockerd.log not found" >&2
|
||
fi
|
||
echo "-----------------------------------------------------" >&2
|
||
exit 1
|
||
fi
|
||
|
||
cd /opt/infinito-src
|
||
|
||
echo ">>> Recreate CI inventory (reset run)..."
|
||
infinito create inventory inventories/github-ci \
|
||
--host localhost \
|
||
--exclude "$EXCLUDED_ROLES" \
|
||
--ssl-disabled
|
||
|
||
INVENTORY_PATH="inventories/github-ci/servers.yml"
|
||
VAULT_FILE="inventories/github-ci/.password"
|
||
|
||
echo ">>> Second deploy (--reset --debug)..."
|
||
infinito deploy "$INVENTORY_PATH" -T server -p "$VAULT_FILE" --skip-tests --reset --debug
|
||
'
|
||
|
||
# 3) Third deploy: async (no debug, same inner dockerd, also vfs)
|
||
- name: Third deploy (async deploy – no debug)
|
||
run: |
|
||
docker run --network=host --rm --privileged \
|
||
-e EXCLUDED_ROLES="$EXCLUDED_ROLES" \
|
||
infinito:latest \
|
||
/bin/sh -lc '
|
||
set -e
|
||
|
||
echo ">>> Starting inner dockerd..."
|
||
dockerd --debug --host=unix:///var/run/docker.sock --storage-driver=vfs \
|
||
>/var/log/dockerd.log 2>&1 &
|
||
|
||
echo ">>> Waiting for inner Docker daemon..."
|
||
for i in $(seq 1 60); do
|
||
if docker info >/dev/null 2>&1; then
|
||
echo ">>> Inner Docker daemon is up."
|
||
break
|
||
fi
|
||
sleep 1
|
||
done
|
||
|
||
if ! docker info >/dev/null 2>&1; then
|
||
echo "ERROR: Inner Docker daemon did not start in time." >&2
|
||
echo "----------- dockerd.log (inside infinito) -----------" >&2
|
||
if [ -f /var/log/dockerd.log ]; then
|
||
sed -n "1,200p" /var/log/dockerd.log >&2
|
||
else
|
||
echo "dockerd.log not found" >&2
|
||
fi
|
||
echo "-----------------------------------------------------" >&2
|
||
exit 1
|
||
fi
|
||
|
||
cd /opt/infinito-src
|
||
|
||
echo ">>> Create/update inventory for async deploy..."
|
||
infinito create inventory inventories/github-ci \
|
||
--host localhost \
|
||
--exclude "$EXCLUDED_ROLES" \
|
||
--ssl-disabled
|
||
|
||
INVENTORY_PATH="inventories/github-ci/servers.yml"
|
||
VAULT_FILE="inventories/github-ci/.password"
|
||
|
||
echo ">>> Third deploy (async, no debug)..."
|
||
infinito deploy "$INVENTORY_PATH" -T server -p "$VAULT_FILE" --skip-tests --async
|
||
'
|