Skip to content
.github/workflows/runner_recreate.yml

Ci runner upsizing #42

Sign in to view logs

Ci runner upsizing

Ci runner upsizing #42

Workflow file for this run

.github/workflows/runner_recreate.yml at cc7364c
##
## Copyright (c) 2019 Matthias Tafelmeier.
##
## This file is part of godon
##
## godon is free software: you can redistribute it and/or modify
## it under the terms of the GNU Affero General Public License as
## published by the Free Software Foundation, either version 3 of the
## License, or (at your option) any later version.
##
## godon is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
## GNU Affero General Public License for more details.
##
## You should have received a copy of the GNU Affero General Public License
## along with this godon. If not, see <http://www.gnu.org/licenses/>.
##
#
on:
pull_request:
types: [ labeled ]
env:
RUNNER_BASE_IMAGE: "Fedora CoreOS 40"
INSTANCE_NAME: "ci_runner"
OS_AUTH_URL: "https://openstack.osuosl.org:5000/v3"
OS_PROJECT_NAME: "godon"
OS_USER_DOMAIN_NAME: "Default"
OS_PROJECT_DOMAIN_ID: "default"
OS_REGION_NAME: "RegionOne"
OS_IDENTITY_API_VERSION: 3
OS_INTERFACE: public
OS_USERNAME: ${{ secrets.osuosl_openstack_user }}
OS_PASSWORD: ${{ secrets.osuosl_openstack_pw }}
GH_ACTIONS_TOKEN: ${{ secrets.gh_runner_token }}
jobs:
ci_runner_recreate:
if: |
contains(github.event.pull_request.labels.*.name, 'ci_runner') &&
contains(github.event.pull_request.labels.*.name, 'recreate')
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
with:
submodules: 'true'
- name: install os client
run: >
sudo apt-get update;
sudo apt-get install
ansible
python3-openstackclient
jq;
- name: deplete obsoleted runner
run: >
openstack server delete --wait "${INSTANCE_NAME}" || exit 0
- name: create runner instance
run: >
openstack server create --wait
--key-name "ci_runner"
--image "${RUNNER_BASE_IMAGE}"
--flavor "m1.xxlarge"
--network "general_servers1"
--security-group "godon"
"${INSTANCE_NAME}"
- name: stage private access key
# since openstack_inventory.py appears broken
run: >
echo "${access_key}" > ./access_key_file;
chmod 0600 ./access_key_file;
env: # Set the secret as an input
access_key: ${{ secrets.osuosl_openstack_instance_key }}
- name: improvise inventory
# since openstack_inventory.py appears broken
run: >
openstack server show -f json "${INSTANCE_NAME}" |
jq -r '.addresses' |
awk -F= '{ print $2 }' > ./instance_address
- name: infect with nixos
run: >
sleep 120;
ansible "$(cat ./instance_address)"
-i "$(cat ./instance_address),"
--private-key ./access_key_file
--ssh-extra-args="-o StrictHostKeyChecking=accept-new"
-u core
--become
-T 120
-m raw -a "hostnamectl set-hostname ci_runner;
curl ${NIXOS_INFECT_SCRIPT_URL} | NO_REBOOT=true NO_SWAP=true NIX_CHANNEL=nixos-24.05 bash -x;"
ssh-keygen -R "$(cat ./instance_address)";
env:
NIXOS_INFECT_SCRIPT_URL: "https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect"
- name: reboot runner
run: >
openstack server reboot "${INSTANCE_NAME}"
- name: rebuild with actual runner config
run: >
TARGET_HOST="$(cat ./instance_address)";
sleep 40;
scp -i ./access_key_file -o ConnectTimeout=120 -o StrictHostKeyChecking=accept-new
.github/nix_config/ci-runner/configuration.nix root@"${TARGET_HOST}":"/etc/nixos/configuration.nix";
sleep 5;
echo -n "${GH_ACTIONS_TOKEN}" > ./gh_actions_token;
scp -i ./access_key_file -o ConnectTimeout=120 -o StrictHostKeyChecking=accept-new
./gh_actions_token root@"${TARGET_HOST}":"/srv/gh_runner.token";
sleep 5;
ssh -i ./access_key_file -o ConnectTimeout=120 -o StrictHostKeyChecking=accept-new
root@"${TARGET_HOST}"
bash -c "rm -r /old_root/; nixos-rebuild build; nixos-rebuild boot;";
- name: stop runner
run: >
openstack server stop "${INSTANCE_NAME}"