fix(cd): schedule bounded 110 harbor repair
Some checks failed
CD Pipeline / workflow-shape (push) Successful in 0s
CD Pipeline / cancel-stale-cd (push) Has been skipped
CD Pipeline / build-and-deploy (push) Has been cancelled
CD Pipeline / post-deploy-checks (push) Has been cancelled
CD Pipeline / tests (push) Has been cancelled
AWOOOI Harbor 110 Local Repair / workflow-shape (push) Successful in 0s
AWOOOI Harbor 110 Local Repair / harbor-110-local-repair (push) Has been cancelled
Some checks failed
CD Pipeline / workflow-shape (push) Successful in 0s
CD Pipeline / cancel-stale-cd (push) Has been skipped
CD Pipeline / build-and-deploy (push) Has been cancelled
CD Pipeline / post-deploy-checks (push) Has been cancelled
CD Pipeline / tests (push) Has been cancelled
AWOOOI Harbor 110 Local Repair / workflow-shape (push) Successful in 0s
AWOOOI Harbor 110 Local Repair / harbor-110-local-repair (push) Has been cancelled
This commit is contained in:
@@ -1,7 +1,8 @@
|
||||
# AWOOOI Harbor 110 Local Repair
|
||||
#
|
||||
# Controlled runtime:
|
||||
# - workflow_dispatch only; no push / pull_request / pull_request_target trigger
|
||||
# - workflow_dispatch + low-frequency schedule only
|
||||
# - no push / pull_request / pull_request_target trigger
|
||||
# - runs only on the 110-local awoooi-host lane
|
||||
# - no secret read, no Docker daemon restart, no reboot, no node drain
|
||||
# - runs the existing bounded recovery script, then verifies local and public /v2/
|
||||
@@ -10,10 +11,13 @@ name: AWOOOI Harbor 110 Local Repair
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
schedule:
|
||||
- cron: "*/10 * * * *"
|
||||
|
||||
env:
|
||||
AWOOOI_HARBOR_110_LOCAL_REPAIR_ENABLED: "1"
|
||||
AWOOOI_110_EXPECTED_HOST_IP: 192.168.0.110
|
||||
AWOOOI_HARBOR_110_LOCAL_REPAIR_TRIGGER: ${{ github.event_name }}
|
||||
|
||||
jobs:
|
||||
workflow-shape:
|
||||
@@ -58,25 +62,35 @@ jobs:
|
||||
chmod +x scripts/reboot-recovery/harbor-watchdog.sh
|
||||
chmod +x scripts/reboot-recovery/recover-110-control-path-and-harbor-local.sh
|
||||
|
||||
run_recovery() {
|
||||
sudo -n env \
|
||||
TARGET_USER=wooo \
|
||||
RELOAD_SSH=0 \
|
||||
AWOOOI_110_EXPECTED_HOST_IP="${AWOOOI_110_EXPECTED_HOST_IP}" \
|
||||
AWOOOI_110_SSH_REPAIR_SCRIPT="${PWD}/scripts/reboot-recovery/repair-110-ssh-publickey-auth-local.sh" \
|
||||
AWOOOI_HARBOR_WATCHDOG_SCRIPT="${PWD}/scripts/reboot-recovery/harbor-watchdog.sh" \
|
||||
"${PWD}/scripts/reboot-recovery/recover-110-control-path-and-harbor-local.sh" \
|
||||
"$@"
|
||||
}
|
||||
|
||||
echo "harbor_110_local_repair_check_start=1"
|
||||
sudo -n env \
|
||||
TARGET_USER=wooo \
|
||||
RELOAD_SSH=0 \
|
||||
AWOOOI_110_EXPECTED_HOST_IP="${AWOOOI_110_EXPECTED_HOST_IP}" \
|
||||
AWOOOI_110_SSH_REPAIR_SCRIPT="${PWD}/scripts/reboot-recovery/repair-110-ssh-publickey-auth-local.sh" \
|
||||
AWOOOI_HARBOR_WATCHDOG_SCRIPT="${PWD}/scripts/reboot-recovery/harbor-watchdog.sh" \
|
||||
"${PWD}/scripts/reboot-recovery/recover-110-control-path-and-harbor-local.sh" \
|
||||
--check
|
||||
set +e
|
||||
check_output="$(run_recovery --check 2>&1)"
|
||||
check_rc=$?
|
||||
set -e
|
||||
printf '%s\n' "${check_output}"
|
||||
echo "harbor_110_local_repair_check_rc=${check_rc}"
|
||||
|
||||
trigger="${GITHUB_EVENT_NAME:-${AWOOOI_HARBOR_110_LOCAL_REPAIR_TRIGGER:-unknown}}"
|
||||
echo "harbor_110_local_repair_trigger=${trigger}"
|
||||
if [ "${trigger}" != "workflow_dispatch" ] \
|
||||
&& printf '%s\n' "${check_output}" | grep -q "harbor_ready=true"; then
|
||||
echo "harbor_110_local_repair_skipped=already_ready"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo "harbor_110_local_repair_apply_all_start=1"
|
||||
sudo -n env \
|
||||
TARGET_USER=wooo \
|
||||
RELOAD_SSH=0 \
|
||||
AWOOOI_110_EXPECTED_HOST_IP="${AWOOOI_110_EXPECTED_HOST_IP}" \
|
||||
AWOOOI_110_SSH_REPAIR_SCRIPT="${PWD}/scripts/reboot-recovery/repair-110-ssh-publickey-auth-local.sh" \
|
||||
AWOOOI_HARBOR_WATCHDOG_SCRIPT="${PWD}/scripts/reboot-recovery/harbor-watchdog.sh" \
|
||||
"${PWD}/scripts/reboot-recovery/recover-110-control-path-and-harbor-local.sh" \
|
||||
--apply-all
|
||||
run_recovery --apply-all
|
||||
|
||||
- name: Verify Harbor registry routes after local repair
|
||||
run: |
|
||||
|
||||
@@ -109,6 +109,8 @@ def test_harbor_110_local_repair_workflow_is_dispatch_only_and_bounded() -> None
|
||||
text = HARBOR_110_REPAIR_WORKFLOW.read_text(encoding="utf-8")
|
||||
|
||||
assert "workflow_dispatch:" in text
|
||||
assert "schedule:" in text
|
||||
assert 'cron: "*/10 * * * *"' in text
|
||||
assert "push:" not in text
|
||||
assert "pull_request:" not in text
|
||||
assert "pull_request_target:" not in text
|
||||
@@ -119,6 +121,8 @@ def test_harbor_110_local_repair_workflow_is_dispatch_only_and_bounded() -> None
|
||||
assert "--check" in text
|
||||
assert "--apply-all" in text
|
||||
assert "sudo -n env" in text
|
||||
assert "GITHUB_EVENT_NAME" in text
|
||||
assert "harbor_110_local_repair_skipped=already_ready" in text
|
||||
assert "192.168.0.110" in text
|
||||
assert "http://127.0.0.1:5000/v2/" in text
|
||||
assert "https://registry.wooo.work/v2/" in text
|
||||
|
||||
Reference in New Issue
Block a user