othrayte/infra
1
0
Fork 0
Code Issues 1 Pull Requests 7 Actions Packages Projects Releases Wiki Activity

Compare commits

base: othrayte:renovate/mcr.microsoft.com-k8s-csi-smb-csi-1.x
Branches Tags
othrayte:main othrayte:phase-2-image-pull-validation othrayte:renovate/mcr.microsoft.com-k8s-csi-smb-csi-1.x othrayte:renovate/ghcr.io-richardr1126-openreader-2.x othrayte:renovate/null-3.x othrayte:renovate/libvirt-0.x othrayte:renovate/cloudflare-5.x othrayte:renovate/litestream-litestream-0.x
..
compare: othrayte:a13f2cef255e2a754e83f44f535e4c3783a749c2
Branches Tags
othrayte:phase-2-image-pull-validation othrayte:renovate/mcr.microsoft.com-k8s-csi-smb-csi-1.x othrayte:renovate/ghcr.io-richardr1126-openreader-2.x othrayte:renovate/null-3.x othrayte:renovate/libvirt-0.x othrayte:renovate/cloudflare-5.x othrayte:main othrayte:renovate/litestream-litestream-0.x

1 Commits
renovate/m ... a13f2cef25

Author SHA1 Message Date
Adrian Cowan
a13f2cef25 Add Gitea act-runner and test actions for the repo
All checks were successful
CI / Terraform fmt + validate (push) Successful in 34s
Details
2026-04-18 18:12:39 +10:00
5 changed files with 5 additions and 30 deletions
Expand all files Collapse all files

23
.gitea/workflows/ci.yml
View File

@@ -29,26 +29,3 @@ jobs:
terraform init -backend=false
terraform validate
working-directory: 2-nomad-config
nomad-validate:
name: Nomad job spec validate
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Nomad CLI
run: |
curl -fsSL https://apt.releases.hashicorp.com/gpg | gpg --dearmor -o /usr/share/keyrings/hashicorp.gpg
. /etc/os-release
echo "deb [signed-by=/usr/share/keyrings/hashicorp.gpg] https://apt.releases.hashicorp.com ${VERSION_CODENAME} main" | tee /etc/apt/sources.list.d/hashicorp.list
apt-get update && apt-get install -y nomad
- name: Validate all job specs
env:
NOMAD_ADDR: http://jaglan-beta-m20.lan:4646
run: |
find 2-nomad-config -name '*.nomad.hcl' | while read f; do
echo "==> $f"
nomad job validate "$f"
done

2
2-nomad-config/1-data/csi-smb.nomad.hcl
View File

@@ -6,7 +6,7 @@ job "csi-smb" {
driver = "docker"
config {
image = "mcr.microsoft.com/k8s/csi/smb-csi:v1.17.0"
image = "mcr.microsoft.com/k8s/csi/smb-csi:v1.7.0"
args = [
"--v=5",
"--nodeid=${attr.unique.hostname}",

2
2-nomad-config/act-runner.nomad.hcl
View File

@@ -28,7 +28,7 @@ job "act-runner" {
}
env = {
GITEA_INSTANCE_URL = "https://gitea-1ef0bea6b75a4fd3e9393a9f7f7e4b02.othrayte.one"
GITEA_INSTANCE_URL = "http://localhost:3000"
CONFIG_FILE = "/secrets/runner-config.yml"
}

2
2-nomad-config/gitea.nomad.hcl
View File

@@ -27,8 +27,6 @@ job "gitea" {
tags = [
"traefik.enable=true",
"traefik.http.routers.gitea.middlewares=auth@file",
# Token subdomain — no auth middleware — used by act_runner step containers for git checkout
"traefik.http.routers.gitea-token.rule=Host(`gitea-1ef0bea6b75a4fd3e9393a9f7f7e4b02.othrayte.one`)",
]
check {

6
cicd-plan.md
View File

@@ -293,9 +293,9 @@ exit 1
## Implementation Order
- [x] **Phase 1a**: Create `act-runner.nomad.hcl` + Terraform wrapper, register runner token in Gitea, get a hello-world workflow green
- [x] **Phase 1b**: Add `terraform fmt` + `terraform validate -backend=false` workflow — no secrets needed
- [x] **Phase 1c**: Add Nomad validate step — add `NOMAD_ADDR` + read-only `NOMAD_TOKEN` to Gitea secrets
- [ ] **Phase 1a**: Create `act-runner.nomad.hcl` + Terraform wrapper, register runner token in Gitea, get a hello-world workflow green
- [ ] **Phase 1b**: Add `terraform fmt` + `terraform validate -backend=false` workflow — no secrets needed
- [ ] **Phase 1c**: Add Nomad validate step — add `NOMAD_ADDR` + read-only `NOMAD_TOKEN` to Gitea secrets
- [ ] **Phase 2**: Add image pull validation step to the workflow
- [ ] **Phase 3a**: Add `update` stanzas to ntfy and glance (simplest, no volume conflict)
- [ ] **Phase 3b**: Add rolling `update` stanzas to remaining service jobs (jellyfin, sonarr, etc.)