From 30aae5a1a86d7589eb1289eb1c253558db9d84b1 Mon Sep 17 00:00:00 2001 From: Jesse Hallett Date: Fri, 17 Jan 2025 16:04:50 -0800 Subject: [PATCH 1/5] enable user namespace remapping --- .github/workflows/deploy.yml | 19 +++++++++++++------ .github/workflows/test.yml | 2 +- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index f5e939aa..8a7ecaa2 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -9,7 +9,7 @@ on: jobs: binary: name: deploy::binary - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - name: Checkout 🛎️ uses: actions/checkout@v3 @@ -42,7 +42,7 @@ jobs: docker: name: deploy::docker needs: binary - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - name: Checkout 🛎️ uses: actions/checkout@v3 @@ -63,6 +63,13 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + # This setting is necessary as of the ubuntu-24.04 runner. + # See https://github.com/actions/runner-images/issues/10443 + - name: Enable user namespace remapping + run: | + echo "kernel.unprivileged_userns_clone=1" | sudo tee /etc/sysctl.conf + sudo sysctl -p + - name: Deploy 🚀 run: nix run .#publish-docker-image ${{ github.ref }} @@ -70,7 +77,7 @@ jobs: # For now, only run on tagged releases because main builds generate a Docker image tag name that # is not easily accessible here if: ${{ startsWith(github.ref, 'refs/tags/v') }} - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - uses: actions/checkout@v4 @@ -93,11 +100,11 @@ jobs: strategy: matrix: include: - - runner: ubuntu-latest + - runner: ubuntu-24.04 target: x86_64-unknown-linux-musl rustflags: -C target-feature=+crt-static linux-packages: musl-tools - - runner: ubuntu-latest + - runner: ubuntu-24.04 target: aarch64-unknown-linux-musl rustflags: -C target-feature=+crt-static linux-packages: gcc-aarch64-linux-gnu musl-tools @@ -185,7 +192,7 @@ jobs: - docker - connector-definition - build-cli-binaries - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 if: ${{ startsWith(github.ref, 'refs/tags/v') }} steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3dae8c45..834776ce 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -10,7 +10,7 @@ on: jobs: tests: name: Tests - runs-on: ubuntu-latest + runs-on: ubuntu-24.04 steps: - name: Checkout 🛎️ uses: actions/checkout@v3 From ced6a409e093d62e774219d09c3b629660280732 Mon Sep 17 00:00:00 2001 From: Jesse Hallett Date: Fri, 17 Jan 2025 16:05:19 -0800 Subject: [PATCH 2/5] run deploy action on this branch --- .github/workflows/deploy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 8a7ecaa2..3b68f7d3 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -3,6 +3,7 @@ on: push: branches: - main + - jessehallett/fix-deploy-automation # for testing changes tags: - 'v*' From 0befda9f8bc3bc120db806619965634703734af7 Mon Sep 17 00:00:00 2001 From: Jesse Hallett Date: Fri, 17 Jan 2025 16:11:35 -0800 Subject: [PATCH 3/5] downgrade deploy::docker job to ubuntu-22.04 runner --- .github/workflows/deploy.yml | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 3b68f7d3..edc7cb8a 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -43,7 +43,10 @@ jobs: docker: name: deploy::docker needs: binary - runs-on: ubuntu-24.04 + + # This job doesn't work as written on ubuntu-24.04. The problem is described + # in this issue: https://github.com/actions/runner-images/issues/10443 + runs-on: ubuntu-22.04 steps: - name: Checkout 🛎️ uses: actions/checkout@v3 @@ -64,13 +67,6 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - # This setting is necessary as of the ubuntu-24.04 runner. - # See https://github.com/actions/runner-images/issues/10443 - - name: Enable user namespace remapping - run: | - echo "kernel.unprivileged_userns_clone=1" | sudo tee /etc/sysctl.conf - sudo sysctl -p - - name: Deploy 🚀 run: nix run .#publish-docker-image ${{ github.ref }} From 31af2260d52e4443db8e204d1d1d65ebe969c465 Mon Sep 17 00:00:00 2001 From: Jesse Hallett Date: Fri, 17 Jan 2025 16:24:51 -0800 Subject: [PATCH 4/5] switch to branch name without a slash --- .github/workflows/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index edc7cb8a..66883449 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -3,7 +3,7 @@ on: push: branches: - main - - jessehallett/fix-deploy-automation # for testing changes + - fix-deploy-automation # for testing changes tags: - 'v*' From 01795f9e23c7c123cbc6e013872a1fed0408fcae Mon Sep 17 00:00:00 2001 From: Jesse Hallett Date: Fri, 17 Jan 2025 16:28:08 -0800 Subject: [PATCH 5/5] remove test branch from triggers for deploy workflow --- .github/workflows/deploy.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 66883449..b8bec2e5 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -3,7 +3,6 @@ on: push: branches: - main - - fix-deploy-automation # for testing changes tags: - 'v*'