Skip to content

deploy-docker

deploy-docker #312

Workflow file for this run

---
# This is a basic workflow to help you get started with Actions
name: "deploy-docker"
# Controls when the action will run.
on:
# Triggers the workflow on push or pull request events
push:
pull_request:
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
deploy_docker:
# The type of runner that the job will run on
runs-on: "ubuntu-24.04"
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- name: Checkout $GITHUB_WORKSPACE
uses: actions/checkout@v4
- name: Update and install stuff
run: |
sudo rm -f /opt/pipx_bin/ansible*
sudo apt -q update
sudo apt -y install ansible bridge-utils apparmor-utils wget \
python3-pip python3-setuptools python3-wheel \
python3-venv yamllint python3-jinja2 python3-yaml \
python3-selenium python3-requests python3-bs4
sudo pip3 install --break-system-packages webdriver-manager
git clone https://github.com/dw/mitogen.git ~/mitogen
wget --quiet https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
sudo apt install ./google-chrome-stable_current_amd64.deb
- name: Fix docker crap
run: |
cat docker/hosts | sudo tee -a /etc/hosts
#sudo docker system prune -f
sudo systemctl stop docker
sudo mv /var/lib/docker /var/lib/docker.old # faster than removing
sudo mkdir -p /mnt/docker
sudo ln -s /mnt/docker /var/lib
sudo systemctl start docker
# See https://github.com/actions/cache/blob/main/tips-and-workarounds.md#update-a-cache
- name: Setup cache
id: cache-docker
uses: actions/cache@v4
with:
path: ~/docker-save
key: docker-save-${{ github.run_id }}
restore-keys: docker-save-
# Useful for debugging
- name: Show versions
run: |
python3 --version
ansible --version
# apparmor is by default enabled for binaries _in_ the containers and is restricting
# mysql from reading tls keys
- name: Disable apparmor
run: |
sudo aa-status --json | jq '
.profiles | to_entries
| map( select( (.key | startswith("/") ) and .value=="enforce") | .key )
| .[]
' | grep -vE 'totem|pidgin|passt' | \
while read -r profile; do
sudo aa-complain "$profile" || true
done
# Install Ansible modules
- name: Install Ansible modules
run: |
ansible-galaxy role install -r requirements.yml
ansible-galaxy collection install -r requirements.yml
# Restore docker cache
- name: Restore docker cache
run: docker load -i ~/docker-save/scz-base-cache.tar || true
# Get scz-base-cache ImageID
- name: Get scz-base-cache ImageID
id: scz-base-cache-id
run: >
ID=$(docker image list scz-base-cache -q)
echo "ID=$ID" >> $GITHUB_OUTPUT
# Start containers without deploy
- name: Start containers
shell: bash
env:
SKIP_ANSIBLE: 1
run: "./start-vm --container"
# Get scz-base ImageID
- name: Get scz-base ImageID
id: scz-base-id
run: >
ID=$(docker image list scz-base -q) &&
echo "ID=$ID" >> $GITHUB_OUTPUT
# Save newly created containers to docker cache
- name: Save docker cache
run: >
mkdir -p ~/docker-save &&
docker tag scz-base scz-base-cache &&
docker save scz-base-cache -o ~/docker-save/scz-base-cache.tar &&
ls -lh ~/docker-save || true
if: steps.scz-base-cache-id.outputs.ID != steps.scz-base-id.outputs.ID
# Deploy components
- name: Run start-vm
shell: bash
run: "./start-vm --container"
# Deploy components again for idempotency
- name: Run start-vm
env:
REEANTRANT: 1
run: "./start-vm --container --diff --tags=common"
- name: Run idempotency check...
run: /usr/bin/python3 ./scripts/check-idempotency-status
# Run SBS logintest
- name: Run SBS logintest
run: /usr/bin/python3 ./scripts/sbs-login.py
- name: Save screenshot of error
uses: actions/upload-artifact@v4
with:
name: "sbs-logintest"
path: |
screenshot.png
page.html
console.txt
if: failure()
- name: Show docker status
run: |
ansible -v -i environments/docker/inventory --become "container_infra" \
-m command -a "/usr/bin/docker ps -a"
if: failure()
- name: Show docker logs
run: |
docker exec -t docker-docker1-1 /bin/sh -c '
for c in $(docker ps -q); do
name=$(docker inspect --format "{{.Name}} ({{.Id}})" $c);
echo -e "\n\n========\n== $name\n==========\n";
docker logs -n 10 $c 2>/dev/null;
done
'
docker exec -t docker-docker2-1 /bin/sh -c '
for c in $(docker ps -q); do
name=$(docker inspect --format "{{.Name}} ({{.Id}})" $c);
echo -e "\n\n========\n== $name\n==========\n";
docker logs -n 10 $c 2>/dev/null;
done
'
if: failure()
- name: Show sbs logs
run: |
ansible -v -i environments/docker/inventory --become "container_apps" \
-m command -a "/bin/sh -c '
if test -e /opt/sram/sbs/log/sbs.log; then
echo ===sbs log===;
cat /opt/sram/sbs/log/sbs.log;
else
echo ===no sbs log===;
fi
'"
if: failure()
# Setup tmate session
- name: Setup tmate session
uses: mxschmitt/action-tmate@v3
with:
limit-access-to-actor: true
timeout-minutes: 60
if: failure()
# env:
# ACTIONS_STEP_DEBUG: ${{ secrets.ACTIONS_STEP_DEBUG }}
# if: ${{ failure() && env.ACTIONS_STEP_DEBUG == 'true' }}