diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 8027ae27..efc535e4 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -8,6 +8,7 @@ on: - '.github/workflows/release.yaml' - '.releaserc.js' - 'package.json' + - 'templates/**' workflow_dispatch: inputs: test_publish: @@ -179,16 +180,18 @@ jobs: if echo $TEMPLATE_VERSION | grep -E '[0-9]+\.[0-9]+\.[0-9]+'; then export TEMPLATE_NAME="$(echo ${TEMPLATE_DIR} | cut -d/ -f3)" export RELEASE_MSG="[Release Notes](https://github.com/${{ github.repository }}/releases/tag/${TEMPLATE_VERSION})" + export TEST_MODE=false else export TEMPLATE_NAME="$(echo ${TEMPLATE_DIR} | cut -d/ -f3)-test" export RELEASE_MSG="[Changes](https://github.com/${{ github.repository }}/commit/${TEMPLATE_VERSION})" + export TEST_MODE=true fi echo "Publishing template ${TEMPLATE_DIR} as ${TEMPLATE_NAME}..." set -x coder template push \ --directory ${TEMPLATE_DIR} \ --var workspace_image=${WORKSPACE_IMAGE} \ - --var test_mode=false \ + --var test_mode=${TEST_MODE} \ --name ${TEMPLATE_VERSION} \ --message "${RELEASE_MSG}" \ --yes \ diff --git a/templates/kubernetes/homelab-workspace/coder-agent.tf b/templates/kubernetes/homelab-workspace/coder-agent.tf index 86aa10d2..577a6cdc 100644 --- a/templates/kubernetes/homelab-workspace/coder-agent.tf +++ b/templates/kubernetes/homelab-workspace/coder-agent.tf @@ -1,7 +1,7 @@ resource "coder_agent" "main" { arch = "amd64" os = "linux" - startup_script = var.test_mode ? "/bin/bash --noprofile --norc" : "/bin/bash --noprofile --norc /usr/local/bin/agent-startup.sh" + startup_script = "/bin/bash --noprofile --norc /usr/local/bin/agent-startup.sh" startup_script_behavior = "blocking" env = { diff --git a/templates/kubernetes/homelab-workspace/deployment.tf b/templates/kubernetes/homelab-workspace/deployment.tf index 1653ec44..d5fb5d9d 100644 --- a/templates/kubernetes/homelab-workspace/deployment.tf +++ b/templates/kubernetes/homelab-workspace/deployment.tf @@ -1,16 +1,3 @@ -locals { - requested_resources = { - requests = { - "cpu" = "250m" - "memory" = "1024Mi" - } - limits = { - "cpu" = data.coder_parameter.resources_cpu.value - "memory" = "${data.coder_parameter.resources_memory.value}Gi" - } - } -} - resource "kubernetes_deployment" "deployment" { count = data.coder_workspace.me.start_count @@ -39,20 +26,42 @@ resource "kubernetes_deployment" "deployment" { } spec { automount_service_account_token = false + init_container { + name = "apt-cache-init" + image = var.workspace_image + command = ["/bin/bash", "-c", "apt-get update && apt-file update"] + volume_mount { + name = "apt-cache" + mount_path = "/var/lib/apt" + } + volume_mount { + name = "apt-cache" + mount_path = "/var/cache/apt" + } + volume_mount { + name = "apt-cache" + mount_path = "/var/cache/debconf" + } + security_context { + run_as_user = 0 + } + } container { - name = "workspace" - command = ["/bin/bash", "/usr/local/bin/agent-init.sh"] - image = var.workspace_image - image_pull_policy = "IfNotPresent" + name = "workspace" + command = ["/bin/bash", "/usr/local/bin/agent-init.sh"] + image = var.workspace_image env { name = "CODER_AGENT_TOKEN" value = coder_agent.main.token } - dynamic "resources" { - for_each = var.test_mode ? {} : { values = local.requested_resources } - content { - requests = resources.value["requests"] - limits = resources.value["limits"] + resources { + requests = { + "cpu" = "250m" + "memory" = "1024Mi" + } + limits = { + "cpu" = data.coder_parameter.resources_cpu.value + "memory" = "${data.coder_parameter.resources_memory.value}Gi" } } security_context { @@ -63,13 +72,9 @@ resource "kubernetes_deployment" "deployment" { run_as_group = 10001 run_as_non_root = true } - dynamic "volume_mount" { - for_each = var.test_mode ? [] : toset([local.home_directory]) - content { - name = "home" - mount_path = volume_mount.key - read_only = false - } + volume_mount { + mount_path = local.home_directory + name = "home" } dynamic "volume_mount" { for_each = var.test_mode ? {} : local.workspace_secrets @@ -90,6 +95,18 @@ resource "kubernetes_deployment" "deployment" { name = "coder-scripts" sub_path = "agent_init_script" } + volume_mount { + name = "apt-cache" + mount_path = "/var/lib/apt" + } + volume_mount { + name = "apt-cache" + mount_path = "/var/cache/apt" + } + volume_mount { + name = "apt-cache" + mount_path = "/var/cache/debconf" + } } enable_service_links = false hostname = lower(replace(data.coder_workspace.me.name, "/[^a-zA-Z0-9]/", "-")) @@ -114,6 +131,15 @@ resource "kubernetes_deployment" "deployment" { } } } + dynamic "volume" { + for_each = var.test_mode ? toset(["home"]) : [] + content { + name = "home" + empty_dir { + size_limit = "10Gi" + } + } + } dynamic "volume" { for_each = var.test_mode ? [] : toset(["coder-workspace-secrets"]) content { @@ -132,6 +158,12 @@ resource "kubernetes_deployment" "deployment" { default_mode = "0750" } } + volume { + name = "apt-cache" + empty_dir { + size_limit = "5Gi" + } + } } } } diff --git a/templates/kubernetes/homelab-workspace/script-agent-startup.sh b/templates/kubernetes/homelab-workspace/script-agent-startup.sh index 21dbbe2c..017aeb33 100755 --- a/templates/kubernetes/homelab-workspace/script-agent-startup.sh +++ b/templates/kubernetes/homelab-workspace/script-agent-startup.sh @@ -6,12 +6,15 @@ fetch_dotfiles() { local dotfiles_repo="$1" mkdir -p $HOME/code - echo "fetch:dotfiles | Configuring env for git..." unset GIT_ASKPASS unset GIT_SSH_COMMAND local git_ssh_key="$HOME/.ssh/id_ed25519" if [[ -e "$git_ssh_key" ]]; then + echo "fetch:dotfiles | Configuring env for git..." export GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i ${git_ssh_key}" + else + echo "fetch:dotfiles | No git ssh key found, skipping dotfiles fetch!" >&2 + return fi if [[ ! -d $HOME/code/dotfiles ]]; then @@ -44,6 +47,8 @@ main() { if [[ -e "$HOME/code/dotfiles/install.sh" ]]; then cd $HOME/code/dotfiles ./install.sh + else + echo "fetch:dotfiles | No dotfiles to install (see above)!" >&2 fi }