-
Notifications
You must be signed in to change notification settings - Fork 0
117 lines (114 loc) · 5 KB
/
runner_recreate.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
##
## Copyright (c) 2019 Matthias Tafelmeier.
##
## This file is part of godon
##
## godon is free software: you can redistribute it and/or modify
## it under the terms of the GNU Affero General Public License as
## published by the Free Software Foundation, either version 3 of the
## License, or (at your option) any later version.
##
## godon is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
## GNU Affero General Public License for more details.
##
## You should have received a copy of the GNU Affero General Public License
## along with this godon. If not, see <http://www.gnu.org/licenses/>.
##
#
on:
pull_request:
types: [ labeled ]
env:
RUNNER_BASE_IMAGE: "Fedora 30"
INSTANCE_NAME: "ci_runner"
OS_AUTH_URL: https://oprod-controller1.osuosl.org:5000/v3
OS_PROJECT_NAME: "godon"
OS_USER_DOMAIN_NAME: "Default"
OS_PROJECT_DOMAIN_ID: "default"
OS_REGION_NAME: "RegionOne"
OS_IDENTITY_API_VERSION: 3
OS_INTERFACE: public
OS_USERNAME: ${{ secrets.osuosl_openstack_user }}
OS_PASSWORD: ${{ secrets.osuosl_openstack_pw }}
GH_ACTIONS_TOKEN: ${{ secrets.gh_runner_token }}
jobs:
ci_runner_recreate:
if: ${{ contains(github.event.pull_request.labels.*.name, 'ci_runner') && contains(github.pull_request.labels.*.name, 'recreate') }}
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
with:
submodules: 'true'
- name: install os client
run: >
echo "${{ toJSON(github.event.pull_request.labels.*.name) }}"
# - name: install os client
# run: >
# sudo apt-get update;
# sudo apt-get install
# ansible
# python3-openstackclient
# jq;
# - name: deplete obsoleted runner
# run: >
# openstack server delete --wait "${INSTANCE_NAME}" || exit 0
# - name: create runner instance
# run: >
# openstack server create --wait
# --key-name "ci_runner"
# --image "${RUNNER_BASE_IMAGE}"
# --flavor "m1.xxlarge"
# --network "general_servers1"
# --security-group "godon"
# "${INSTANCE_NAME}"
# - name: stage private access key
# # since openstack_inventory.py appears broken
# run: >
# echo "${access_key}" > ./access_key_file;
# chmod 0600 ./access_key_file;
# env: # Set the secret as an input
# access_key: ${{ secrets.osuosl_openstack_instance_key }}
# - name: improvise inventory
# # since openstack_inventory.py appears broken
# run: >
# openstack server show -f json "${INSTANCE_NAME}" |
# jq -r '.addresses' |
# awk -F= '{ print $2 }' > ./instance_address
# - name: infect with nixos
# run: >
# sleep 60;
# ansible "$(cat ./instance_address)"
# -i "$(cat ./instance_address),"
# --private-key ./access_key_file
# --ssh-extra-args="-o StrictHostKeyChecking=accept-new"
# -u fedora
# --become
# -T 120
# -m raw -a "hostnamectl set-hostname ci_runner;
# curl ${NIXOS_INFECT_SCRIPT_URL} | NO_REBOOT=true NO_SWAP=true NIX_CHANNEL=nixos-21.11 bash -x;"
# ssh-keygen -R "$(cat ./instance_address)";
# env:
# NIXOS_INFECT_SCRIPT_URL: "https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect"
# - name: reboot runner
# run: >
# openstack server reboot "${INSTANCE_NAME}"
# - name: rebuild with actual runner config
# run: >
# TARGET_HOST="$(cat ./instance_address)";
# sleep 40;
# scp -i ./access_key_file -o ConnectTimeout=120 -o StrictHostKeyChecking=accept-new
# .github/nix_config/ci-runner/configuration.nix root@"${TARGET_HOST}":"/etc/nixos/configuration.nix";
# sleep 5;
# echo -n "${GH_ACTIONS_TOKEN}" > ./gh_actions_token;
# scp -i ./access_key_file -o ConnectTimeout=120 -o StrictHostKeyChecking=accept-new
# ./gh_actions_token root@"${TARGET_HOST}":"/srv/gh_runner.token";
# sleep 5;
# ssh -i ./access_key_file -o ConnectTimeout=120 -o StrictHostKeyChecking=accept-new
# root@"${TARGET_HOST}"
# bash -c "rm -r /old_root/; nixos-rebuild build; nixos-rebuild boot;";
# - name: stop runner
# run: >
# openstack server stop "${INSTANCE_NAME}"
#