Compare commits
3 Commits
a13f2cef25
...
renovate/m
| Author | SHA1 | Date | |
|---|---|---|---|
| 8b30257b65 | |||
| 1b73fda11f | |||
| 96ddfa6ec5 |
@@ -29,3 +29,26 @@ jobs:
|
|||||||
terraform init -backend=false
|
terraform init -backend=false
|
||||||
terraform validate
|
terraform validate
|
||||||
working-directory: 2-nomad-config
|
working-directory: 2-nomad-config
|
||||||
|
|
||||||
|
nomad-validate:
|
||||||
|
name: Nomad job spec validate
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Install Nomad CLI
|
||||||
|
run: |
|
||||||
|
curl -fsSL https://apt.releases.hashicorp.com/gpg | gpg --dearmor -o /usr/share/keyrings/hashicorp.gpg
|
||||||
|
. /etc/os-release
|
||||||
|
echo "deb [signed-by=/usr/share/keyrings/hashicorp.gpg] https://apt.releases.hashicorp.com ${VERSION_CODENAME} main" | tee /etc/apt/sources.list.d/hashicorp.list
|
||||||
|
apt-get update && apt-get install -y nomad
|
||||||
|
|
||||||
|
- name: Validate all job specs
|
||||||
|
env:
|
||||||
|
NOMAD_ADDR: http://jaglan-beta-m20.lan:4646
|
||||||
|
run: |
|
||||||
|
find 2-nomad-config -name '*.nomad.hcl' | while read f; do
|
||||||
|
echo "==> $f"
|
||||||
|
nomad job validate "$f"
|
||||||
|
done
|
||||||
|
|||||||
@@ -6,7 +6,7 @@ job "csi-smb" {
|
|||||||
driver = "docker"
|
driver = "docker"
|
||||||
|
|
||||||
config {
|
config {
|
||||||
image = "mcr.microsoft.com/k8s/csi/smb-csi:v1.7.0"
|
image = "mcr.microsoft.com/k8s/csi/smb-csi:v1.17.0"
|
||||||
args = [
|
args = [
|
||||||
"--v=5",
|
"--v=5",
|
||||||
"--nodeid=${attr.unique.hostname}",
|
"--nodeid=${attr.unique.hostname}",
|
||||||
|
|||||||
@@ -28,7 +28,7 @@ job "act-runner" {
|
|||||||
}
|
}
|
||||||
|
|
||||||
env = {
|
env = {
|
||||||
GITEA_INSTANCE_URL = "http://localhost:3000"
|
GITEA_INSTANCE_URL = "https://gitea-1ef0bea6b75a4fd3e9393a9f7f7e4b02.othrayte.one"
|
||||||
CONFIG_FILE = "/secrets/runner-config.yml"
|
CONFIG_FILE = "/secrets/runner-config.yml"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -27,6 +27,8 @@ job "gitea" {
|
|||||||
tags = [
|
tags = [
|
||||||
"traefik.enable=true",
|
"traefik.enable=true",
|
||||||
"traefik.http.routers.gitea.middlewares=auth@file",
|
"traefik.http.routers.gitea.middlewares=auth@file",
|
||||||
|
# Token subdomain — no auth middleware — used by act_runner step containers for git checkout
|
||||||
|
"traefik.http.routers.gitea-token.rule=Host(`gitea-1ef0bea6b75a4fd3e9393a9f7f7e4b02.othrayte.one`)",
|
||||||
]
|
]
|
||||||
|
|
||||||
check {
|
check {
|
||||||
|
|||||||
@@ -293,9 +293,9 @@ exit 1
|
|||||||
|
|
||||||
## Implementation Order
|
## Implementation Order
|
||||||
|
|
||||||
- [ ] **Phase 1a**: Create `act-runner.nomad.hcl` + Terraform wrapper, register runner token in Gitea, get a hello-world workflow green
|
- [x] **Phase 1a**: Create `act-runner.nomad.hcl` + Terraform wrapper, register runner token in Gitea, get a hello-world workflow green
|
||||||
- [ ] **Phase 1b**: Add `terraform fmt` + `terraform validate -backend=false` workflow — no secrets needed
|
- [x] **Phase 1b**: Add `terraform fmt` + `terraform validate -backend=false` workflow — no secrets needed
|
||||||
- [ ] **Phase 1c**: Add Nomad validate step — add `NOMAD_ADDR` + read-only `NOMAD_TOKEN` to Gitea secrets
|
- [x] **Phase 1c**: Add Nomad validate step — add `NOMAD_ADDR` + read-only `NOMAD_TOKEN` to Gitea secrets
|
||||||
- [ ] **Phase 2**: Add image pull validation step to the workflow
|
- [ ] **Phase 2**: Add image pull validation step to the workflow
|
||||||
- [ ] **Phase 3a**: Add `update` stanzas to ntfy and glance (simplest, no volume conflict)
|
- [ ] **Phase 3a**: Add `update` stanzas to ntfy and glance (simplest, no volume conflict)
|
||||||
- [ ] **Phase 3b**: Add rolling `update` stanzas to remaining service jobs (jellyfin, sonarr, etc.)
|
- [ ] **Phase 3b**: Add rolling `update` stanzas to remaining service jobs (jellyfin, sonarr, etc.)
|
||||||
|
|||||||
Reference in New Issue
Block a user