Skip to content

Commit

Permalink
Merge branch 'main' into bug/copy-out
Browse files Browse the repository at this point in the history
  • Loading branch information
jonmattgray committed Mar 22, 2024
2 parents 8737167 + 67315ab commit 1fc2964
Show file tree
Hide file tree
Showing 18 changed files with 74 additions and 41 deletions.
24 changes: 24 additions & 0 deletions .github/workflows/lint.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
name: lint

on: [push]

jobs:
lint:
name: Run ShellCheck
runs-on: ubuntu-latest

steps:
- name: Check out code
uses: actions/checkout@v4

- name: Install ShellCheck
run: sudo apt-get install shellcheck

- name: Find shell scripts with \#!/bin/sh and run ShellCheck
run: |
files=$(find . -type f ! -path '*/\.*' -exec grep -lE '^#!(/usr)?/bin/sh' {} +)
if [ -n "$files" ]; then
shellcheck -a -S warning -s sh $files
else
echo "No shell scripts with #!/bin/sh shebang found."
fi
1 change: 1 addition & 0 deletions .shellcheckrc
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
disable=SC1090
5 changes: 3 additions & 2 deletions check-envs.sh
100644 → 100755
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,10 @@ if [ ! "${POT_MOUNT_BASE}" ] ; then
POT_MOUNT_BASE=/opt/pot
echo POT_MOUNT_BASE not set, using ${POT_MOUNT_BASE}
fi
CHERIBSD_BUILD_ID=$(echo ${CHERIBSD_BUILD_ID} | sed 's/\\s/_/g')
RUNNER_NAME=$(echo ${RUNNER_NAME} | sed 's/\\s/_/g; s/[$*?]//g')
POT_MOUNT_BASE=$(echo ${POT_MOUNT_BASE} | sed 's/\\s/_/g; s/[$*?]//g')
# Set the pot name to use underscores in place of dots (the one character pot
# names are apparently not allowed).
# FIXME: We shouldn't be allowing anything that isn't allowed in a path
# component here either.
POTNAME=$(echo ${RUNNER_NAME} | sed 's/\./_/g')
RUNNER_CONFIG_DIRECTORY=`pwd`/runners/${POTNAME}
10 changes: 5 additions & 5 deletions check-pots.sh
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
#!/bin/sh
set -euo pipefail
set -eu

# Debug any running pots by performing a basic healthcheck

check_tree() {
if [ -e $1 ]; then
if [ $(ls $1 | wc -l) = 0 ]; then
if [ "$(ls $1 | wc -l)" -eq 0 ]; then
echo "[debug] $1 for $pot is empty"
fi
else
Expand All @@ -16,13 +16,13 @@ check_tree() {
check_pot() {
# Are needed rcvars enabled for the pot?
rcvar=$(pot exec -p $pot sysrc sshd_enable)
if [ $(echo $rcvar | grep -o NO ) ]; then
if [ "$(echo $rcvar | grep -o NO )" ]; then
echo "[warning] sshd is disabled on $pot"
fi

# Is the pot configured to use pkg?
for pkg in pkg64 pkg64c pk64cb; do
if [ -z $(pot exec -p $pot which $pkg) ]; then
if [ -z "$(pot exec -p $pot which $pkg)" ]; then
echo "[warning] $pkg on $pot was not found"
fi

Expand All @@ -40,7 +40,7 @@ check_pot() {

echo "[debug] attempting healthchecks on all pots currently active"
pots=$(pot ps | grep -v '===' | wc -l)
if [ $(echo $pots) > 0 ]; then
if [ "$(echo $pots)" -gt 0 ]; then
for pot in $pots; do
echo "[debug] checking $pot"
check_pot
Expand Down
10 changes: 6 additions & 4 deletions config.sh
Original file line number Diff line number Diff line change
@@ -1,15 +1,17 @@
#!/bin/sh
set -eo pipefail
SCRIPTDIR=$(realpath $(dirname $0))
set -e
SCRIPTDIR=$(realpath "$(dirname $0)")

if [ "$1" != '--url' -o "$3" != '--token' ] ; then
if [ "$1" != '--url' ] || [ "$3" != '--token' ]; then
# shellcheck disable=all
echo usage ./config.sh --url https://github.com/{account}/{repo} --token {token}
echo Copy this command from the GitHub actions runner setup page
exit 1
fi

# Generate a random string for the runner name, if using config.sh without variables
export RANDOM=$(LC_ALL=C tr -dc 'a-zA-Z0-9' < /dev/urandom | head -c 8)
RANDOM="$(LC_ALL=C tr -dc 'a-zA-Z0-9' < /dev/urandom | head -c 8)"
export RANDOM
. ${SCRIPTDIR}/check-envs.sh

mkdir -p ${RUNNER_CONFIG_DIRECTORY}
Expand Down
4 changes: 2 additions & 2 deletions create-base.sh
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
#!/bin/sh
set -eo pipefail
set -e
if [ ! "${CHERIBSD_BUILD_ID}" ]; then
mkdir -p /usr/local/share/freebsd/MANIFESTS/
ARCH=$(curl -s \
Expand All @@ -14,7 +14,7 @@ if [ ! "${CHERIBSD_BUILD_ID}" ]; then
CHERIBSD_BUILD_ID=$(echo $ARCH | awk -F " " '{print $NF}')
fi

if [ ! $(pot ls -b | grep -o ${CHERIBSD_BUILD_ID}) ]; then
if [ ! "$(pot ls -b | grep -o "${CHERIBSD_BUILD_ID}")" ]; then
echo Creating base pot for $CHERIBSD_BUILD_ID

pot create-base -r $CHERIBSD_BUILD_ID
Expand Down
2 changes: 1 addition & 1 deletion create-runner.sh
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
#!/bin/sh
set -eo pipefail
set -e

EXTRA_FLAVOURS=
if [ "${RUNNER_FLAVOURS}" ] ; then
Expand Down
2 changes: 1 addition & 1 deletion flavours/github-act-configure.sh
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ ARCH=$(curl -s \
grep -Eo "\w{1,}\.\w{1,}" | sort -u)
CHERIBSD_BUILD_ID=$(echo ${ARCH} | awk -F " " '{print $NF}')
# Configure the runner
cd /root/runner
cd /root/runner || return 1
GODEBUG="asyncpreemptoff=1" /usr/local64/bin/github-act-runner configure \
--url "${GITHUB_URL}" \
--token "${GITHUB_TOKEN}" \
Expand Down
17 changes: 10 additions & 7 deletions flavours/github-act.sh
Original file line number Diff line number Diff line change
@@ -1,15 +1,18 @@
#!/bin/sh
export PAGER=/bin/cat

# Source os-release to get the OS name
. /etc/os-release

# Update to the latest stable release
case $( . /etc/os-release; echo $NAME ) in
FreeBSD)
if [ "$NAME" = "FreeBSD" ]; then
freebsd-update --not-running-from-cron fetch install
;&
CheriBSD)
echo skipped freebsd-update for CheriBSD
;;
esac
echo "FreeBSD update completed."
fi

if [ "$NAME" = "CheriBSD" ]; then
echo "skipped freebsd-update for $NAME"
fi

pkg64 install -y git node bash

Expand Down
2 changes: 1 addition & 1 deletion get_token.sh
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
#!/bin/sh
set -eo pipefail
set -e

# Ensure GITHUB_PAT and GITHUB_ORG environment variables are set
if [ -z "$GITHUB_PAT" ] || [ -z "$GITHUB_ORG" ]; then
Expand Down
14 changes: 8 additions & 6 deletions gh_actions
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@
# BEFORE: securelevel
# KEYWORD: shutdown

# shellcheck disable=SC2034

. /etc/rc.subr

PATH=$PATH:/usr/local64/bin
Expand All @@ -22,8 +24,8 @@ gh_actions_running=/var/run/github-runners

gh_actions_start()
{
local POT
touch /var/run/github-runners
# shellcheck disable=SC2154
for RUNNER_NAME in ${gh_actions_pots} ; do
export RUNNER_NAME
run-actions-runner.sh > /dev/null 2> /dev/null &
Expand All @@ -46,7 +48,7 @@ gh_actions_stop()
sleep 1
# FIXME: This is racy.
if [ -f /var/run/github-runners.${RUNNER_NAME} ]; then
kill `cat /var/run/github-runners.${RUNNER_NAME}`
kill "$(cat "/var/run/github-runners.${RUNNER_NAME}")"
fi
fi
fi
Expand All @@ -61,7 +63,7 @@ gh_actions_stop()
while [ -f /var/run/github-runners.${RUNNER_NAME} ]; do
sleep 1
COUNT=$(expr $COUNT + 1)
if [ $(expr $COUNT % 10) -eq 0 ] ; then
if [ "$(expr $COUNT % 10)" -eq 0 ] ; then
echo Waiting for ${RUNNER_NAME} to exit...
fi
done
Expand All @@ -77,11 +79,11 @@ gh_actions_status()
for RUNNER_NAME in ${gh_actions_pots} ; do
pot info -qr -p ${RUNNER_NAME}-ephemeral > /dev/null 2>&1
if [ $? -eq 0 ] ; then
echo -n ${RUNNER_NAME} pot running
printf "%s" "${RUNNER_NAME} pot running"
if [ -f /var/run/github-runners.${RUNNER_NAME} ]; then
echo " managed by process $(cat /var/run/github-runners.${RUNNER_NAME})"
printf " managed by process %s\n" "$(cat /var/run/github-runners.${RUNNER_NAME})"
else
echo " but appears to be orphaned"
printf " but appears to be orphaned\n"
fi
fi
done
Expand Down
4 changes: 2 additions & 2 deletions install.sh
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
#!/bin/sh
set -euo pipefail
set -eu
POT=$(which pot)
FLAVOURS=$(dirname ${POT})/../etc/pot/flavours
if [ ! -d ${FLAVOURS} ]; then
echo "Can't locate pot install"
exit 1
fi

echo Installing flavours to $(realpath ${FLAVOURS})
echo Installing flavours to "$(realpath ${FLAVOURS})"
install -m 644 flavours/github-act flavours/github-act-configured ${FLAVOURS}
install flavours/bootstrap ${FLAVOURS}
install flavours/github-act ${FLAVOURS}
Expand Down
2 changes: 1 addition & 1 deletion jobs/clean-pots.sh
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
#!/bin/sh
set -euo pipefail
set -eu

# Remove any misconfigured jails

Expand Down
4 changes: 2 additions & 2 deletions jobs/count-pots.sh
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
#!/bin/sh
set -euo pipefail
set -eu

# Print health status

pots=$(pot ls -p -q | wc -l)
runners=$(sysrc gh_actions_pots | wc -l)
if [ "$(echo $pots)" > 0 ] || [ "$(echo $runners)" > 0 ]; then
if [ "$(echo $pots)" -gt 0 ] || [ "$(echo $runners)" -gt 0 ]; then
echo "Runner health check: $(date -R)
$pots pot(s) found
$runners runner(s) configured to start automatically"
Expand Down
4 changes: 2 additions & 2 deletions jobs/restart-actions.sh
Original file line number Diff line number Diff line change
Expand Up @@ -4,15 +4,15 @@

old_set=$(sysrc -n -q gh_actions_pots)
new_set=$(pot ls -p -q | grep -i "cheribsd" | grep -v "-ephemeral")
if [ ! "$(echo $old_set)" == "$(echo $new_set)" ]; then
if [ ! "$(echo $old_set)" = "$(echo $new_set)" ]; then
echo "Adding new runners to rc.conf:" $new_set
sysrc -q -x gh_actions_pots
echo gh_actions_pots=\"$new_set\" >> /etc/rc.conf
fi

# Restart the host's GitHub Actions service

if [ "$(sysrc -n gh_actions_enable)" == "YES" ]; then
if [ "$(sysrc -n gh_actions_enable)" = "YES" ]; then
echo "Starting all available runners"
service gh_actions start
fi
4 changes: 2 additions & 2 deletions jobs/scrub-pool.sh
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
#!/bin/sh
set -euo pipefail
set -eu

# Perform consistency checks on ZFS pools

if [ $(zpool status | grep -c ONLINE) > 0 ]; then
if [ "$(zpool status | grep -c ONLINE)" -gt 0 ]; then
for pool in $(zpool list -o name | tail -n 1); do
/sbin/zpool scrub $pool
done
Expand Down
4 changes: 2 additions & 2 deletions recreate-runner.sh
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#!/bin/sh
set -eo pipefail
SCRIPTDIR=$(realpath $(dirname $0))
set -e
SCRIPTDIR=$(realpath "$(dirname $0)")
. ${SCRIPTDIR}/check-envs.sh

# We are going to reinject the configuration from a prior config directory,
Expand Down
2 changes: 1 addition & 1 deletion run-actions-runner.sh
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
#!/bin/sh
set -euo pipefail
set -eu
if [ -f /var/run/github-runners.${RUNNER_NAME} ]; then
echo ${RUNNER_NAME} already running.
echo Please delete /var/run/github-runners.${RUNNER_NAME} if the system did not gracefully shut down.
Expand Down

0 comments on commit 1fc2964

Please sign in to comment.