Add APT proxy and document use case #501
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: pi-gen-action-integration-test | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| enable-noobs: | |
| description: Enable NOOBS | |
| default: true | |
| required: false | |
| type: boolean | |
| compression-level: | |
| description: Image compression level | |
| default: 1 | |
| required: false | |
| type: number | |
| increase-runner-disk: | |
| description: Increase runner root disk size | |
| required: false | |
| default: true | |
| type: boolean | |
| full-image: | |
| description: Build all stages | |
| default: false | |
| required: false | |
| type: boolean | |
| push: | |
| paths-ignore: | |
| - '**.md' | |
| - 'renovate.json' | |
| branches: | |
| - master | |
| pull_request: | |
| types: [ labeled, opened, synchronize, reopened ] | |
| schedule: | |
| # Run integration tests every other week to get notified on incompatible pi-gen changes | |
| - cron: '0 0 1,15 * *' | |
| env: | |
| MOUNT_DIR: /mnt | |
| ROOTFS_DIR: /mnt/root | |
| CONFIG_TIMEZONE: Europe/Berlin | |
| CONFIG_LOCALE: de_DE.UTF-8 | |
| CONFIG_USERNAME: pi-gen | |
| CONFIG_HOSTNAME: pi-gen-test | |
| CONFIG_PUBLIC_KEY: ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAoK4bf7Tj47S67Mf3aCsRPOcYU2F91xLBJ4U4n9jqgsAf75NWFX5UfoRQhWsGVsCYfA84ZTYIrIHMw57CLA2gM= [email protected] | |
| jobs: | |
| integration-test: | |
| runs-on: ubuntu-latest | |
| if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'test') | |
| steps: | |
| - name: Check out repository | |
| uses: actions/checkout@v4 | |
| - uses: actions/setup-node@v4 | |
| with: | |
| node-version: 20 | |
| cache: npm | |
| - name: Compile action code before test | |
| run: npm ci && npm run package | |
| - name: Select Debian package mirror | |
| id: select-mirror | |
| # This is just to demonstrate that you could determine the mirror to use | |
| # however you fancy. | |
| run: echo "mirror=debian-archive.trafficmanager.net" >> $GITHUB_OUTPUT | |
| - name: Setup APT proxy on runner | |
| run: | | |
| sudo bash -c 'cat > /etc/nginx/sites-enabled/default <<-"EOF" | |
| server { | |
| listen 9999; | |
| access_log /var/log/nginx/cache-access.log; | |
| error_log /var/log/nginx/cache-error.log; | |
| allow all; | |
| resolver 8.8.8.8; | |
| location / { | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| if ($host ~* ^deb\.debian\.org) { | |
| proxy_pass $scheme://${{ steps.select-mirror.outputs.mirror }}$request_uri; | |
| break; | |
| } | |
| proxy_pass $scheme://$host$request_uri; | |
| } | |
| } | |
| EOF' | |
| sudo service nginx restart | |
| - name: Run pi-gen build | |
| uses: ./ | |
| id: build | |
| with: | |
| image-name: integration-test | |
| stage-list: stage0 stage1 stage2 ./__test__/it-test-stage ${{ inputs.full-image && 'stage3 stage4 stage5' }} | |
| verbose-output: true | |
| enable-noobs: ${{ github.event_name != 'workflow_dispatch' || inputs.enable-noobs }} | |
| compression: xz | |
| compression-level: ${{ github.event_name == 'workflow_dispatch' && inputs.compression-level || 1 }} | |
| locale: ${{ env.CONFIG_LOCALE }} | |
| hostname: ${{ env.CONFIG_HOSTNAME }} | |
| keyboard-keymap: de | |
| keyboard-layout: German - no dead keys | |
| username: ${{ env.CONFIG_USERNAME }} | |
| wpa-essid: foo | |
| wpa-password: '1234567890' | |
| timezone: ${{ env.CONFIG_TIMEZONE }} | |
| pubkey-ssh-first-user: ${{ env.CONFIG_PUBLIC_KEY }} | |
| increase-runner-disk-size: ${{ github.event_name != 'workflow_dispatch' || inputs.increase-runner-disk }} | |
| docker-opts: --add-host=host.docker.internal:host-gateway | |
| apt-proxy: http://host.docker.internal:9999 | |
| - name: List working directory | |
| run: tree | |
| - name: Uncompress image and mount loopback device | |
| run: | | |
| set -ex | |
| xz -d ${{ steps.build.outputs.image-path }} | |
| file_name="${{ steps.build.outputs.image-path }}" | |
| ./__test__/mount-pi-gen-image.sh "${file_name/.xz/}" $MOUNT_DIR | |
| - name: Test configuration values | |
| run: | | |
| set -ex | |
| test -x ${ROOTFS_DIR}/usr/bin/node | |
| test "$(cat ${ROOTFS_DIR}/etc/hostname)" = "$CONFIG_HOSTNAME" | |
| grep $CONFIG_USERNAME ${ROOTFS_DIR}/etc/passwd | |
| source ${ROOTFS_DIR}/etc/default/locale | |
| test "$LANG" = "$CONFIG_LOCALE" | |
| test "$(cat ${ROOTFS_DIR}/etc/timezone)" = "$CONFIG_TIMEZONE" | |
| test "$(sudo cat ${ROOTFS_DIR}/home/${CONFIG_USERNAME}/.ssh/authorized_keys)" = "$CONFIG_PUBLIC_KEY" | |
| - run: df -h | |
| if: always() | |
| - name: Remove test label from PR (if set) | |
| uses: actions-ecosystem/action-remove-labels@v1 | |
| if: ${{ github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'test') }} | |
| with: | |
| labels: test | |
| - name: Debug APT proxy | |
| if: always() | |
| run: | | |
| sudo tail -n 100 /etc/nginx/sites-enabled/default | |
| sudo service nginx status | |
| sudo tail -n 200 /var/log/syslog /var/log/nginx/* | |