Daniel Maksymilian Syrnicki
d499907613
Some checks failed
Build ISO / smoke-vm (push) Blocked by required conditions
Build ISO / build-iso (push) Successful in 24m28s
CI / test (push) Successful in 3m1s
CI / validate-json (push) Successful in 55s
CI / markdown-links (push) Successful in 37s
CI / lint (push) Failing after 13m19s
After build-iso, a new smoke-vm job uploads the freshly built ISO to the test Proxmox at 192.168.178.165 via PVE API token, boots it in a fresh VM (VMID range 9000-9099, MAC derived from commit SHA so the runner can find the DHCP IP by scanning the LAN), and curls :5000 to confirm the webinstaller answers HTTP 200. Last 5 smoke VMs + their ISOs are kept for post-mortem; older ones are purged. continue-on-error on the smoke job so a VM-side flake doesn't mark the ISO build red. Shortens the feedback loop on ISO regressions from "next manual VM test session" (days) to "next push" (minutes) — the 2026-04-15/16 VM sessions each found real boot-time bugs that unit tests missed. Docs at docs/smoke-vm.md. Requires Forgejo secrets PVE_TEST_HOST and PVE_TEST_TOKEN (dedicated smoke@pve!ci PVE token, privilege-separated). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
83 lines
2.7 KiB
YAML
83 lines
2.7 KiB
YAML
name: Build ISO
|
|
|
|
# Full ISO build is ~5-7 min. Only run on push-to-main and manual
|
|
# dispatch so feature-branch iteration stays fast. Docs-only changes
|
|
# skip the build — the `paths-ignore` list below covers *.md files,
|
|
# docs/, and the website (Hugo source). Anything that touches code,
|
|
# the ISO overlay, or the workflow itself still triggers a rebuild.
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
paths-ignore:
|
|
- '**/*.md'
|
|
- 'docs/**'
|
|
- 'website/**'
|
|
- 'CHANGELOG.md'
|
|
- 'RELEASING.md'
|
|
workflow_dispatch:
|
|
|
|
concurrency:
|
|
group: build-iso-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
build-iso:
|
|
# Run directly on the runner host, not inside a job container.
|
|
# `build.sh` does `docker run -v $REPO_ROOT:/work archlinux:latest`,
|
|
# and host docker interprets the volume source as a host path — so
|
|
# $REPO_ROOT has to be a path on the host, which it only is when
|
|
# we skip the job-container wrapping. The runner VM has git + docker.
|
|
runs-on: self-hosted
|
|
timeout-minutes: 30
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Build ISO
|
|
run: ./iso/build.sh
|
|
|
|
- name: Report ISO hash
|
|
run: |
|
|
iso=$(ls iso/out/*.iso | head -1)
|
|
echo "ISO: $iso"
|
|
sha256sum "$iso"
|
|
|
|
- name: Upload ISO artifact
|
|
# v4+ isn't supported on Forgejo yet (uses newer @actions/artifact
|
|
# protocol that Forgejo's GHES-compatible API doesn't implement).
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: furtka-iso
|
|
path: iso/out/*.iso
|
|
retention-days: 14
|
|
if-no-files-found: error
|
|
|
|
smoke-vm:
|
|
# Boot the freshly built ISO in a VM on the .165 Proxmox test host and
|
|
# check the webinstaller responds on :5000. Shares the runner workspace
|
|
# with build-iso via `needs:` so we skip the artifact round-trip.
|
|
# `continue-on-error: true` so a VM-side flake doesn't mark the ISO
|
|
# build red — the ISO itself is still valid and uploaded.
|
|
needs: build-iso
|
|
runs-on: self-hosted
|
|
continue-on-error: true
|
|
timeout-minutes: 10
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- name: Re-download ISO into iso/out
|
|
# `needs:` doesn't preserve the workspace across jobs on Forgejo
|
|
# host-mode runners, so pull the artifact we just uploaded.
|
|
uses: actions/download-artifact@v3
|
|
with:
|
|
name: furtka-iso
|
|
path: iso/out
|
|
|
|
- name: Smoke-test ISO on Proxmox test host
|
|
env:
|
|
PVE_TEST_HOST: ${{ secrets.PVE_TEST_HOST }}
|
|
PVE_TEST_TOKEN: ${{ secrets.PVE_TEST_TOKEN }}
|
|
SMOKE_SHA: ${{ github.sha }}
|
|
run: |
|
|
iso=$(ls iso/out/*.iso | head -1)
|
|
echo "Smoking $iso"
|
|
./scripts/smoke-vm.sh "$iso"
|