-
Notifications
You must be signed in to change notification settings - Fork 171
183 lines (153 loc) · 6 KB
/
test.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
name: test
on:
workflow_dispatch:
pull_request:
branches:
- master
jobs:
sanity-check:
runs-on: ubuntu-latest
steps:
- name: Get machine's first IPv4 address for eth0
id: ip
run: |
echo ::set-output name=ETHER::$(sudo ip addr show dev eth0 | egrep "^(\ )+inet\ " | head -1 | tr -s " " | cut -d " " -f 3 | cut -d "/" -f 1)
- name: Show the IPs via vars
run: |
echo "Ethernet IPv4 is: ${{ steps.ip.outputs.ETHER }}"
- name: Checkout
uses: actions/checkout@v2
# We use buildx instead of regular build so we can take advantage of Docker layer cache via Github Actions' cache
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
# Setup the Github Actions cache.
- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildxarch-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildxarch-
- name: Build amd64 release image locally to Docker
uses: docker/build-push-action@v2
with:
build-args: |
DEBUG_BUILD=0
BASE_IMAGE_SUFFIX=
builder: ${{ steps.buildx.outputs.name }}
context: .
file: ./Dockerfile
platforms: linux/amd64
tags: sanity-check/docker-registry-proxy:latest
push: false
load: true
cache-from: type=local,src=/tmp/.buildx-cache/release
# this only reads from the cache
- name: Start proxy instance in docker (ENABLE_MANIFEST_CACHE=false)
run: |
docker run -d --rm --name docker_registry_proxy \
-p 0.0.0.0:3128:3128 -e ENABLE_MANIFEST_CACHE=false \
-v $(pwd)/docker_mirror_cache:/docker_mirror_cache \
-v $(pwd)/docker_mirror_certs:/ca \
sanity-check/docker-registry-proxy:latest
- name: Get the initial logs for the container into a file after 10s
run: |
echo "Sleeping 10s..."
sleep 10
docker logs docker_registry_proxy > initial_logs.txt
- name: Upload artifact initial_logs
uses: actions/upload-artifact@v2
with:
name: initial_logs
path: initial_logs.txt
- name: Wait for container to be up
timeout-minutes: 1
run: |
declare -i IS_UP=0
while [[ $IS_UP -lt 1 ]]; do
echo "Waiting for docker-mirror to be available at ${{ steps.ip.outputs.ETHER }} ..."
curl --silent -I http://${{ steps.ip.outputs.ETHER }}:3128/ && IS_UP=1 || true
sleep 1
done
echo "Container is up..."
- name: Grab the CA cert from running container via curl
run: |
curl http://${{ steps.ip.outputs.ETHER }}:3128/ca.crt | sudo tee /usr/share/ca-certificates/docker_registry_proxy.crt
- name: Stop proxy instance in docker
timeout-minutes: 1
run: |
timeout 58 docker stop docker_registry_proxy
- name: Refresh system-wide CA store
run: |
echo "docker_registry_proxy.crt" | sudo tee -a /etc/ca-certificates.conf
sudo update-ca-certificates --fresh
- name: Configure dockerd via systemd to use the proxy
run: |
sudo mkdir -p /etc/systemd/system/docker.service.d
cat << EOD | sudo tee /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTP_PROXY=http://${{ steps.ip.outputs.ETHER }}:3128/"
Environment="HTTPS_PROXY=http://${{ steps.ip.outputs.ETHER }}:3128/"
EOD
- name: Reload systemd from disk
run: |
sudo systemctl daemon-reload
- name: Restart dockerd via systemd
run: |
sudo systemctl restart docker.service
- name: Start proxy instance in docker again (ENABLE_MANIFEST_CACHE=true)
run: |
docker run -d --rm --name docker_registry_proxy \
-p 0.0.0.0:3128:3128 -e ENABLE_MANIFEST_CACHE=true \
-v $(pwd)/docker_mirror_cache:/docker_mirror_cache \
-v $(pwd)/docker_mirror_certs:/ca \
sanity-check/docker-registry-proxy:latest
- name: Wait for container to be up again
timeout-minutes: 1
run: |
declare -i IS_UP=0
while [[ $IS_UP -lt 1 ]]; do
echo "Waiting for docker-mirror to be available again at ${{ steps.ip.outputs.ETHER }} ..."
curl --silent -I http://${{ steps.ip.outputs.ETHER }}:3128/ && IS_UP=1 || true
sleep 1
done
echo "Container is up again..."
# This can be quite slow, since Github Actions runner Docker comes preloaded with a lot of images.
- name: Initial prune of all unused images from docker cache (slow)
timeout-minutes: 2
run: |
docker image prune --all --force
- name: First round of pulls
timeout-minutes: 2
run: |
docker pull alpine:3.6
docker pull k8s.gcr.io/pause:3.3
- name: Get the cold cache logs for the container into a file
run: |
docker logs docker_registry_proxy > cold_cache.txt
- name: Upload artifact cold_cache
uses: actions/upload-artifact@v2
with:
name: cold_cache
path: cold_cache.txt
- name: prune all unused images from docker cache again
timeout-minutes: 1
run: |
docker image prune --all --force
- name: sleep 2s to allow cache to stale a bit
run: |
sleep 2
- name: Second round of pulls
timeout-minutes: 2
run: |
docker pull alpine:3.6
docker pull k8s.gcr.io/pause:3.3
- name: Get the warm cache docker logs for the container into a file
run: |
docker logs docker_registry_proxy > warm_cache.txt
- name: Upload artifact warm_cache
uses: actions/upload-artifact@v2
with:
name: warm_cache
path: warm_cache.txt