Add APT proxy and document use case

usimd · Nov 4, 2024 · a664d26 · a664d26
1 parent afb6cdd
commit a664d26
Show file tree

Hide file tree

Showing 5 changed files with 92 additions and 1 deletion.
diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml
@@ -61,6 +61,27 @@ jobs:
       - name: Compile action code before test
         run: npm ci && npm run package
 
+      - name: Select Debian package mirror
+        id: select-mirror
+        # This is just to demonstrate that you could determine the mirror to use
+        # however you fancy.
+        run: echo "mirror=debian-archive.trafficmanager.net" >> $GITHUB_OUTPUT
+
+      - name: Setup APT proxy on runner
+        run: |
+          sudo apt install -y squid-deb-proxy
+          sudo bash -c 'cat > /etc/squid-deb-proxy/rewrite.sh <<-EOF
+          #!/bin/bash
+          cat "${1:-/dev/stdin}" | sed 's#deb.debian.org#${{ steps.select-mirror.outputs.mirror }}#g'
+          EOF'
+          sudo chmod +x /etc/squid-deb-proxy/rewrite.sh
+          sudo bash -c 'cat >> /etc/squid-deb-proxy/squid-deb-proxy.conf <<-EOF
+          http_port 9999
+          maximum_object_size 128 MB
+          url_rewrite_program /etc/squid-deb-proxy/rewrite.sh
+          EOF'
+          sudo service squid restart
+
       - name: Run pi-gen build
         uses: ./
         id: build
@@ -81,6 +102,8 @@ jobs:
           timezone: ${{ env.CONFIG_TIMEZONE }}
           pubkey-ssh-first-user: ${{ env.CONFIG_PUBLIC_KEY }}
           increase-runner-disk-size: ${{ github.event_name != 'workflow_dispatch' || inputs.increase-runner-disk }}
+          docker-opts: --add-host=host.docker.internal:host-gateway
+          apt-proxy: http://host.docker.internal:9999
 
       - name: List working directory
         run: tree 
@@ -112,4 +135,11 @@ jobs:
         with:
           labels: test
 
+      - name: Debug APT proxy
+        if: always()
+        run: |
+          sudo tail -n 100 /etc/squid-deb-proxy/squid-deb-proxy.conf
+          sudo service squid status
+          sudo tail -n 200 /var/log/syslog /var/log/squid/* /var/log/squid-deb-proxy/* 
+
           
diff --git a/README.md b/README.md
@@ -314,6 +314,50 @@ jobs:
           increase-runner-disk-size: true
 ```
 
+### Use fast APT proxy for `pi-gen`
+
+If you want to speed up your build by improving the package download speed, you can setup
+a local APT proxy and let `pi-gen` use it during the build. The proxy should point to a
+fast mirror, on GitHub Actions runners this will _very_ likely be `debian-archive.trafficmanager.net`
+hosted on Azure. Make sure, though, that the selected mirror contains your targeted
+architecture (`debian-archive.trafficmanager.net` does **not** include `armhf`):
+
+```
+jobs:
+  pi-gen-with-fast-apt-proxy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Select Debian package mirror
+        id: select-mirror
+        # This is just to demonstrate that you could determine the mirror to use
+        # however you fancy.
+        run: echo "mirror=debian-archive.trafficmanager.net" >> $GITHUB_OUTPUT
+
+      - name: Setup APT proxy on runner
+        run: |
+          sudo apt install -y squid-deb-proxy
+          sudo bash -c 'cat > /etc/squid-deb-proxy/rewrite.sh <<-EOF
+          #!/bin/bash
+          cat "${1:-/dev/stdin}" | sed 's#deb.debian.org#${{ steps.select-mirror.outputs.mirror }}#g'
+          EOF'
+          sudo chmod +x /etc/squid-deb-proxy/rewrite.sh
+          sudo bash -c 'cat >> /etc/squid-deb-proxy/squid-deb-proxy.conf <<-EOF
+          http_port 9999
+          maximum_object_size 128 MB
+          url_rewrite_program /etc/squid-deb-proxy/rewrite.sh
+          EOF'
+          sudo service squid restart
+
+      - uses: usimd/pi-gen-action@v1
+        with:
+          image-name: test
+          stage-list: stage0 stage1 stage2 custom-stage
+          pi-gen-dir: ${{ inputs.custom-pi-gen-dir }}
+          # This is important: make the host service available to the pi-gen container
+          docker-opts: --add-host=host.docker.internal:host-gateway
+          apt-proxy: http://host.docker.internal:9999
+```
+
 ## License
 
 The scripts and documentation in this project are released under the [MIT License](LICENSE)
diff --git a/action.yml b/action.yml
@@ -4,7 +4,12 @@ author: Simon Domke
 
 inputs:
   # pi-gen variables
-
+  apt-proxy:
+    description: |
+      If you require the use of an apt proxy, set it here. This proxy setting will not be included in the image,
+      making it safe to use an apt-cacher or similar package for development.
+    required: false
+    default: ''
   image-name:
     description: Final image name.
     required: true

diff --git a/src/configure.ts b/src/configure.ts
@@ -56,6 +56,7 @@ export async function configure(): Promise<PiGenConfig> {
     userConfig.setfcap = core.getInput('setfcap') || DEFAULT_CONFIG.setfcap
     userConfig.piGenRelease =
       core.getInput('pi-gen-release') || DEFAULT_CONFIG.piGenRelease
+    userConfig.aptProxy = core.getInput('apt-proxy') || DEFAULT_CONFIG.aptProxy
 
     await validateConfig(userConfig)
 

diff --git a/src/pi-gen-config.ts b/src/pi-gen-config.ts
@@ -6,6 +6,7 @@ import * as exec from '@actions/exec'
 import * as io from '@actions/io'
 
 export interface PiGenConfig {
+  aptProxy?: string
   imgName: string
   piGenRelease: string
   release: string
@@ -220,6 +221,16 @@ export async function validateConfig(config: PiGenConfig): Promise<void> {
       }
     }
   }
+
+  if (config.aptProxy) {
+    try {
+      new URL(config.aptProxy)
+    } catch (error) {
+      throw new Error(
+        'apt-proxy is not a valid URL. Make it point to a correct http/https address.'
+      )
+    }
+  }
 }
 
 function camelCaseToSnakeCase(label: string): string {