|
11 | 11 | runs-on: ubuntu-latest |
12 | 12 | steps: |
13 | 13 |
|
| 14 | + - name: Get machine's IPv4 addresses for eth0 and docker0 |
| 15 | + id: ip |
| 16 | + run: | |
| 17 | + echo ::set-output name=ETHER::$(sudo ip addr show dev eth0 | egrep "^(\ )+inet\ " | head -1 | tr -s " " | cut -d " " -f 3 | cut -d "/" -f 1) |
| 18 | + echo ::set-output name=DOCKER::$(sudo ip addr show dev docker0 | egrep "^(\ )+inet\ " | head -1 | tr -s " " | cut -d " " -f 3 | cut -d "/" -f 1) |
| 19 | +
|
| 20 | + - name: Show the IPs via vars |
| 21 | + run: | |
| 22 | + echo "Ethernet IPv4 is: ${{ steps.ip.outputs.ETHER }}" |
| 23 | + echo "Docker IPv4 is: ${{ steps.branch_name.outputs.DOCKER }}" |
| 24 | +
|
14 | 25 | - name: Checkout |
15 | 26 | uses: actions/checkout@v2 |
16 | 27 |
|
@@ -40,22 +51,108 @@ jobs: |
40 | 51 | push: false |
41 | 52 | load: true |
42 | 53 | cache-from: type=local,src=/tmp/.buildx-cache/release |
43 | | - cache-to: type=local,mode=max,dest=/tmp/.buildx-cache/release |
| 54 | + # this only reads from the cache |
44 | 55 |
|
45 | 56 | - name: Experiment - elevated systemd action |
46 | 57 | run: | |
47 | 58 | sudo systemctl status docker.service |
48 | 59 |
|
49 | | - - name: Experiment - get ip addresses of machine |
| 60 | + - name: Start proxy instance in docker |
50 | 61 | run: | |
51 | | - sudo ip addr show |
| 62 | + docker run -d --rm --name docker_registry_proxy \ |
| 63 | + -p 0.0.0.0:3128:3128 \ |
| 64 | + -v $(pwd)/docker_mirror_cache:/docker_mirror_cache \ |
| 65 | + -v $(pwd)/docker_mirror_certs:/ca \ |
| 66 | + sanity-check/docker-registry-proxy:latest |
52 | 67 |
|
53 | | - - name: Start proxy instance in docker |
| 68 | + - name: Wait for container to be up |
| 69 | + timeout-minutes: 1 |
| 70 | + run: | |
| 71 | + declare -i IS_UP=0 |
| 72 | + while [[ $IS_UP -lt 1 ]]; do |
| 73 | + echo "Waiting for docker-mirror to be available at ${{ steps.ip.outputs.ETHER }} ..." |
| 74 | + curl --silent -I http://${{ steps.ip.outputs.ETHER }}:3128/ && IS_UP=1 || true |
| 75 | + sleep 1 |
| 76 | + done |
| 77 | + echo "Container is up..." |
| 78 | +
|
| 79 | + - name: Grab the CA cert from running container via curl |
| 80 | + run: | |
| 81 | + curl http://${{ steps.ip.outputs.ETHER }}:3128/ca.crt | sudo tee /usr/share/ca-certificates/docker_registry_proxy.crt |
| 82 | +
|
| 83 | + - name: Stop proxy instance in docker |
| 84 | + timeout-minutes: 1 |
| 85 | + run: | |
| 86 | + timeout 58 docker stop docker_registry_proxy |
| 87 | +
|
| 88 | + - name: Refresh system-wide CA store |
| 89 | + run: | |
| 90 | + echo "docker_registry_proxy.crt" | sudo tee -a /etc/ca-certificates.conf |
| 91 | + sudo update-ca-certificates --fresh |
| 92 | +
|
| 93 | + - name: Configure dockerd via systemd to use the proxy |
| 94 | + run: | |
| 95 | + sudo mkdir -p /etc/systemd/system/docker.service.d |
| 96 | + cat << EOD | sudo tee /etc/systemd/system/docker.service.d/http-proxy.conf |
| 97 | + [Service] |
| 98 | + Environment="HTTP_PROXY=http://${{ steps.ip.outputs.ETHER }}:3128/" |
| 99 | + Environment="HTTPS_PROXY=http://${{ steps.ip.outputs.ETHER }}:3128/" |
| 100 | + EOD |
| 101 | +
|
| 102 | + - name: Reload systemd from disk |
| 103 | + run: | |
| 104 | + sudo systemctl daemon-reload |
| 105 | +
|
| 106 | + - name: Restart dockerd via systemd |
| 107 | + run: | |
| 108 | + sudo systemctl restart docker.service |
| 109 | +
|
| 110 | + - name: Start proxy instance in docker again |
54 | 111 | run: | |
55 | 112 | docker run -d --rm --name docker_registry_proxy \ |
56 | 113 | -p 0.0.0.0:3128:3128 \ |
57 | 114 | -v $(pwd)/docker_mirror_cache:/docker_mirror_cache \ |
58 | 115 | -v $(pwd)/docker_mirror_certs:/ca \ |
59 | 116 | sanity-check/docker-registry-proxy:latest |
60 | 117 |
|
| 118 | + - name: Wait for container to be up again |
| 119 | + timeout-minutes: 1 |
| 120 | + run: | |
| 121 | + declare -i IS_UP=0 |
| 122 | + while [[ $IS_UP -lt 1 ]]; do |
| 123 | + echo "Waiting for docker-mirror to be available again at ${{ steps.ip.outputs.ETHER }} ..." |
| 124 | + curl --silent -I http://${{ steps.ip.outputs.ETHER }}:3128/ && IS_UP=1 || true |
| 125 | + sleep 1 |
| 126 | + done |
| 127 | + echo "Container is up again..." |
| 128 | +
|
| 129 | + - name: First round of pulls |
| 130 | + timeout-minutes: 2 |
| 131 | + run: | |
| 132 | + docker pull alpine:latest |
| 133 | + docker pull k8s.gcr.io/pause:3.3 |
| 134 | +
|
| 135 | + - name: Complete docker purge |
| 136 | + timeout-minutes: 2 |
| 137 | + run: | |
| 138 | + docker system prune -a -f |
61 | 139 |
|
| 140 | + - name: Second round of pulls |
| 141 | + timeout-minutes: 2 |
| 142 | + run: | |
| 143 | + docker pull alpine:latest |
| 144 | + docker pull k8s.gcr.io/pause:3.3 |
| 145 | +
|
| 146 | + - name: Get the docker logs for the container into a file |
| 147 | + run: | |
| 148 | + docker logs docker_registry_proxy > logs.txt |
| 149 | +
|
| 150 | + - uses: actions/upload-artifact@v2 |
| 151 | + with: |
| 152 | + name: logs |
| 153 | + path: logs.txt |
| 154 | + |
| 155 | + - name: Finally stop proxy instance in docker |
| 156 | + timeout-minutes: 1 |
| 157 | + run: | |
| 158 | + timeout 58 docker stop docker_registry_proxy |
0 commit comments