From 15c68c2861a5840b09308b69534acc5db2f149d3 Mon Sep 17 00:00:00 2001 From: Eran Kampf Date: Tue, 14 Jan 2025 13:45:03 -0800 Subject: [PATCH 01/13] add test action --- .github/workflows/test.yaml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 .github/workflows/test.yaml diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml new file mode 100644 index 0000000..79f1235 --- /dev/null +++ b/.github/workflows/test.yaml @@ -0,0 +1,27 @@ +name: test +on: + workflow_dispatch: + +jobs: + test: + runs-on: ubuntu-latest + steps: + - uses: twingate/github-action@v1 + with: + # The Twingate Service Key used to connect Twingate to the proper service + # Learn more about [Twingate Services](https://docs.twingate.com/docs/services) + # + # Required + service-key: ${{ secrets.SERVICE_KEY }} + + - name: (optional) Twingate status + run: twingate status + + - name: Access a secure resource + env: + TEST_URL: http://business.prod.beamreachinc.int/ + run: | + echo Calling $TEST_URL 🚀 + curl -v $TEST_URL + + - run: echo "SUCCESS!!! 🤩 This job's status is ${{ job.status }}." \ No newline at end of file From 08d7960de83b55500ac4c8e7d07ff702bb147dd4 Mon Sep 17 00:00:00 2001 From: Eran Kampf Date: Tue, 14 Jan 2025 14:17:43 -0800 Subject: [PATCH 02/13] apt update --- action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/action.yml b/action.yml index 9b5e391..5d81718 100644 --- a/action.yml +++ b/action.yml @@ -15,6 +15,7 @@ runs: run: | echo "deb [trusted=yes] https://packages.twingate.com/apt/ /" | sudo tee /etc/apt/sources.list.d/twingate.list sudo apt-get update -o Dir::Etc::sourcelist="sources.list.d/twingate.list" -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" + sudo apt update sudo apt install -yq twingate - name: Setup and start Twingate shell: bash From b91f6266a4bcddab81365e61931ebda6ffbc97f3 Mon Sep 17 00:00:00 2001 From: Eran Kampf Date: Tue, 14 Jan 2025 14:23:23 -0800 Subject: [PATCH 03/13] initial --- .github/workflows/test.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 79f1235..aeb323a 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -6,7 +6,7 @@ jobs: test: runs-on: ubuntu-latest steps: - - uses: twingate/github-action@v1 + - uses: twingate/github-action@main with: # The Twingate Service Key used to connect Twingate to the proper service # Learn more about [Twingate Services](https://docs.twingate.com/docs/services) From fdf1cf4b960b7a2be1db0c0acb5bbe9dae4f37de Mon Sep 17 00:00:00 2001 From: Eran Kampf Date: Tue, 14 Jan 2025 14:51:48 -0800 Subject: [PATCH 04/13] readme --- README.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/README.md b/README.md index 1a931ae..09e3027 100644 --- a/README.md +++ b/README.md @@ -18,3 +18,11 @@ There are two common use cases: # Required service-key: ${{ secrets.EXAMPLE_SERVICE_KEY_SECRET_NAME }} ``` + + +# Development + +To run action locally to debug you can use `act` (`brew install act`): +``` +act -j test -s SERVICE_KEY= +``` \ No newline at end of file From 64e9eee80773e07a339faad4a52b4779c72316fa Mon Sep 17 00:00:00 2001 From: Eran Kampf Date: Tue, 14 Jan 2025 15:16:59 -0800 Subject: [PATCH 05/13] add +e --- action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/action.yml b/action.yml index 5d81718..0edb0f1 100644 --- a/action.yml +++ b/action.yml @@ -27,6 +27,7 @@ runs: while [ $n -lt $MAX_RETRIES ]; do echo "Starting Twingate service..." + set +e sudo twingate start echo "Waiting $WAIT_TIME seconds for Twingate service to start..." From 54fdff4dde7dc3fe91f0d216fd89936f2834fdd9 Mon Sep 17 00:00:00 2001 From: Eran Kampf Date: Tue, 14 Jan 2025 15:18:46 -0800 Subject: [PATCH 06/13] now it works --- .github/workflows/test.yaml | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index aeb323a..bb4ba75 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -1,21 +1,37 @@ name: test on: workflow_dispatch: + pull_request: + push: + branches: + - 'main' jobs: test: runs-on: ubuntu-latest steps: - - uses: twingate/github-action@main + - uses: actions/checkout@v4 + + - name: Move local action to folder where it can be tested + shell: bash + run: | + mkdir -p .github/actions/test + cp action.yml .github/actions/test/action.yml + + - uses: ./.github/actions/test with: # The Twingate Service Key used to connect Twingate to the proper service # Learn more about [Twingate Services](https://docs.twingate.com/docs/services) # # Required service-key: ${{ secrets.SERVICE_KEY }} + + - name: (optional) Twingate logs + run: journalctl -u twingate - name: (optional) Twingate status run: twingate status + - name: Access a secure resource env: From 51741d87f4707d2db6a3b17929a649073dcfe948 Mon Sep 17 00:00:00 2001 From: Eran Kampf Date: Tue, 14 Jan 2025 15:19:00 -0800 Subject: [PATCH 07/13] unecessary --- .github/workflows/test.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index bb4ba75..09262d6 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -20,10 +20,6 @@ jobs: - uses: ./.github/actions/test with: - # The Twingate Service Key used to connect Twingate to the proper service - # Learn more about [Twingate Services](https://docs.twingate.com/docs/services) - # - # Required service-key: ${{ secrets.SERVICE_KEY }} - name: (optional) Twingate logs From 9ed75d51b7e1d051abb40040187d3d4237d7b103 Mon Sep 17 00:00:00 2001 From: Eran Kampf Date: Tue, 14 Jan 2025 15:21:49 -0800 Subject: [PATCH 08/13] README --- .github/workflows/test.yaml | 2 +- README.md | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 09262d6..23580aa 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -28,7 +28,7 @@ jobs: - name: (optional) Twingate status run: twingate status - + - name: Access a secure resource env: TEST_URL: http://business.prod.beamreachinc.int/ diff --git a/README.md b/README.md index 09e3027..3cb2c26 100644 --- a/README.md +++ b/README.md @@ -24,5 +24,7 @@ There are two common use cases: To run action locally to debug you can use `act` (`brew install act`): ``` -act -j test -s SERVICE_KEY= -``` \ No newline at end of file +act -j test -s SERVICE_KEY +``` + +It'll ask for `SERVICE_KEY` value interactively. \ No newline at end of file From 860d8991d7128ecd2bafec2a27eb51d006454681 Mon Sep 17 00:00:00 2001 From: Eran Kampf Date: Tue, 14 Jan 2025 15:22:31 -0800 Subject: [PATCH 09/13] Ignore .secrets file --- .gitignore | 1 + 1 file changed, 1 insertion(+) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..0ef6914 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +/.secrets From 71e54dedb41dd5aed22a24b39a0efe3215989a68 Mon Sep 17 00:00:00 2001 From: Alex Chupryna Date: Wed, 15 Jan 2025 13:33:18 +0100 Subject: [PATCH 10/13] attempt to polish --- .github/workflows/test.yaml | 5 ++--- README.md | 2 +- action.yml | 7 ++++++- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 23580aa..d19c407 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -17,17 +17,16 @@ jobs: run: | mkdir -p .github/actions/test cp action.yml .github/actions/test/action.yml - + - uses: ./.github/actions/test with: service-key: ${{ secrets.SERVICE_KEY }} - name: (optional) Twingate logs run: journalctl -u twingate - + - name: (optional) Twingate status run: twingate status - - name: Access a secure resource env: diff --git a/README.md b/README.md index 3cb2c26..fd1844e 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,7 @@ There are two common use cases: To run action locally to debug you can use `act` (`brew install act`): ``` -act -j test -s SERVICE_KEY +act -j test -s SERVICE_KEY --container-options "--cap-add NET_ADMIN --device /dev/net/tun" ``` It'll ask for `SERVICE_KEY` value interactively. \ No newline at end of file diff --git a/action.yml b/action.yml index 0edb0f1..e8c68e4 100644 --- a/action.yml +++ b/action.yml @@ -20,6 +20,7 @@ runs: - name: Setup and start Twingate shell: bash run: | + set -xe echo '${{ inputs.service-key }}' | sudo twingate setup --headless=- MAX_RETRIES=5 WAIT_TIME=5 @@ -27,7 +28,7 @@ runs: while [ $n -lt $MAX_RETRIES ]; do echo "Starting Twingate service..." - set +e + set +xe sudo twingate start echo "Waiting $WAIT_TIME seconds for Twingate service to start..." @@ -35,11 +36,15 @@ runs: status=$(sudo twingate status) + echo "Twingate service status: '$status'" + if [ "$status" = "online" ]; then echo "Twingate service is connected." + twingate resources break else sudo twingate stop + journalctl -u twingate --no-pager fi # Increment the retry counter and wait time From ef17b55cb6dc58a727f6331ebe1f35fea3cb4bd7 Mon Sep 17 00:00:00 2001 From: Eran Kampf Date: Wed, 15 Jan 2025 08:18:57 -0800 Subject: [PATCH 11/13] polish --- .github/workflows/test.yaml | 2 +- action.yml | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index d19c407..8472ddd 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -27,7 +27,7 @@ jobs: - name: (optional) Twingate status run: twingate status - + - name: Access a secure resource env: TEST_URL: http://business.prod.beamreachinc.int/ diff --git a/action.yml b/action.yml index e8c68e4..ea06ca9 100644 --- a/action.yml +++ b/action.yml @@ -13,15 +13,14 @@ runs: - name: Install Twingate shell: bash run: | + sudo apt update echo "deb [trusted=yes] https://packages.twingate.com/apt/ /" | sudo tee /etc/apt/sources.list.d/twingate.list sudo apt-get update -o Dir::Etc::sourcelist="sources.list.d/twingate.list" -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0" - sudo apt update sudo apt install -yq twingate - name: Setup and start Twingate shell: bash run: | - set -xe - echo '${{ inputs.service-key }}' | sudo twingate setup --headless=- + echo '${{ inputs.service-key }}' | sudo twingate setup --headless - MAX_RETRIES=5 WAIT_TIME=5 n=0 @@ -34,7 +33,8 @@ runs: echo "Waiting $WAIT_TIME seconds for Twingate service to start..." sleep $WAIT_TIME - status=$(sudo twingate status) + status=$(twingate status) + journalctl -u twingate --since "1 hour ago" echo "Twingate service status: '$status'" From 7e005cb9f9927c91a28e4b3e10e71a4d970d1db2 Mon Sep 17 00:00:00 2001 From: Eran Kampf Date: Wed, 15 Jan 2025 08:57:05 -0800 Subject: [PATCH 12/13] polish --- action.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/action.yml b/action.yml index ea06ca9..f8b2352 100644 --- a/action.yml +++ b/action.yml @@ -34,8 +34,6 @@ runs: sleep $WAIT_TIME status=$(twingate status) - journalctl -u twingate --since "1 hour ago" - echo "Twingate service status: '$status'" if [ "$status" = "online" ]; then From 303c50cae60e854d0c8df755d6d66f22b6198237 Mon Sep 17 00:00:00 2001 From: Eran Kampf Date: Wed, 15 Jan 2025 09:02:31 -0800 Subject: [PATCH 13/13] better name --- .github/workflows/{test.yaml => ci.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{test.yaml => ci.yaml} (100%) diff --git a/.github/workflows/test.yaml b/.github/workflows/ci.yaml similarity index 100% rename from .github/workflows/test.yaml rename to .github/workflows/ci.yaml