Joakim Persson
23894bc19f
Validate / docs-check (push) Successful in 22s
Validate / validate-base (push) Successful in 18m10s
Validate / validate-omos (push) Failing after 25m54s
Publish Docker Image / smoke-base (push) Successful in 11m50s
Publish Docker Image / build-base (linux/amd64) (push) Failing after 38s
Publish Docker Image / build-base (linux/arm64) (push) Failing after 21s
Publish Docker Image / merge-base (push) Has been skipped
Publish Docker Image / smoke-omos (push) Failing after 19m18s
Publish Docker Image / build-omos (linux/amd64) (push) Has been skipped
Publish Docker Image / build-omos (linux/arm64) (push) Has been skipped
Publish Docker Image / merge-omos (push) Has been skipped
Publish Docker Image / update-description (push) Has been skipped
v1.14.31 publish and validate both hit 'No space left on device' on single-arch amd64 smoke/validate builds. The image has crossed ~3 GB and the runner's ~40 GB overlay starts ~70% full, so 'load: true' peak disk (tarball + unpacked image + buildx cache) no longer fits. Add a 'Reclaim runner disk' step to validate-base, validate-omos, smoke-base, smoke-omos. Strips catthehacker-resident toolchains we never use (hosted-tool-cache, dotnet, android, powershell, swift, ghc, jvm, microsoft, chromium, boost), then runs 'docker system prune -af --volumes' + 'docker builder prune -af' against the runner's dockerd before setup-buildx-action. Expected reclaim is 6-12 GB depending on what's resident. Deliberately NOT in the per-arch matrix build jobs — push-by-digest doesn't need it and pruning in parallel jobs risks one job nuking another's in-flight buildx cache. Also add workflow-level concurrency on docker-publish.yml so concurrent tag pushes serialize cleanly.
150 lines
4.3 KiB
YAML
150 lines
4.3 KiB
YAML
name: Validate
|
|
|
|
# Lightweight validation on pushes to main. Builds single-arch (amd64),
|
|
# runs the smoke test, and checks image size — without pushing anything
|
|
# to Docker Hub. Tag pushes are handled by docker-publish.yml which
|
|
# does the full multi-arch build-and-push.
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
paths-ignore:
|
|
- 'CHANGELOG.md'
|
|
- 'README.md'
|
|
- 'DOCKER_HUB.md'
|
|
- 'deploy/**'
|
|
- '.gitleaks.toml'
|
|
pull_request:
|
|
branches:
|
|
- main
|
|
|
|
jobs:
|
|
docs-check:
|
|
# Fails if DOCKER_HUB.md is out of sync with what generate-dockerhub-md.py
|
|
# would produce from README.md. Keeps the two docs from drifting.
|
|
runs-on: ubuntu-latest
|
|
container:
|
|
image: catthehacker/ubuntu:act-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Check DOCKER_HUB.md is in sync with README.md
|
|
run: |
|
|
python3 scripts/generate-dockerhub-md.py --check
|
|
|
|
validate-base:
|
|
runs-on: ubuntu-latest
|
|
container:
|
|
image: catthehacker/ubuntu:act-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Force IPv4 for Docker Hub
|
|
run: |
|
|
echo 'precedence ::ffff:0:0/96 100' >> /etc/gai.conf
|
|
|
|
# The runner's overlay disk starts ~70% full. `load: true` peak disk
|
|
# is tarball + unpacked image + buildx cache, which tips it over
|
|
# once the image crosses ~3 GB. Strip catthehacker-resident
|
|
# toolchains we never use and any stale docker state up front.
|
|
- name: Reclaim runner disk
|
|
run: |
|
|
set -x
|
|
df -h / || true
|
|
rm -rf \
|
|
/opt/hostedtoolcache \
|
|
/opt/microsoft \
|
|
/opt/az \
|
|
/opt/ghc \
|
|
/usr/local/.ghcup \
|
|
/usr/share/dotnet \
|
|
/usr/share/swift \
|
|
/usr/local/lib/android \
|
|
/usr/local/share/powershell \
|
|
/usr/local/share/chromium \
|
|
/usr/local/share/boost \
|
|
/usr/lib/jvm 2>/dev/null || true
|
|
apt-get clean || true
|
|
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* || true
|
|
docker system df || true
|
|
docker system prune -af --volumes || true
|
|
docker builder prune -af || true
|
|
df -h / || true
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v4
|
|
with:
|
|
driver-opts: network=host
|
|
|
|
- name: Build base image (amd64, load to local daemon)
|
|
uses: docker/build-push-action@v7
|
|
with:
|
|
context: .
|
|
platforms: linux/amd64
|
|
push: false
|
|
load: true
|
|
tags: opencode-devbox:ci-base
|
|
|
|
- name: Smoke test
|
|
run: |
|
|
bash scripts/smoke-test.sh opencode-devbox:ci-base --variant base
|
|
|
|
validate-omos:
|
|
runs-on: ubuntu-latest
|
|
container:
|
|
image: catthehacker/ubuntu:act-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Force IPv4 for Docker Hub
|
|
run: |
|
|
echo 'precedence ::ffff:0:0/96 100' >> /etc/gai.conf
|
|
|
|
- name: Reclaim runner disk
|
|
run: |
|
|
set -x
|
|
df -h / || true
|
|
rm -rf \
|
|
/opt/hostedtoolcache \
|
|
/opt/microsoft \
|
|
/opt/az \
|
|
/opt/ghc \
|
|
/usr/local/.ghcup \
|
|
/usr/share/dotnet \
|
|
/usr/share/swift \
|
|
/usr/local/lib/android \
|
|
/usr/local/share/powershell \
|
|
/usr/local/share/chromium \
|
|
/usr/local/share/boost \
|
|
/usr/lib/jvm 2>/dev/null || true
|
|
apt-get clean || true
|
|
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* || true
|
|
docker system df || true
|
|
docker system prune -af --volumes || true
|
|
docker builder prune -af || true
|
|
df -h / || true
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v4
|
|
with:
|
|
driver-opts: network=host
|
|
|
|
- name: Build omos image (amd64, load to local daemon)
|
|
uses: docker/build-push-action@v7
|
|
with:
|
|
context: .
|
|
platforms: linux/amd64
|
|
push: false
|
|
load: true
|
|
build-args: |
|
|
INSTALL_OMOS=true
|
|
tags: opencode-devbox:ci-omos
|
|
|
|
- name: Smoke test
|
|
run: |
|
|
bash scripts/smoke-test.sh opencode-devbox:ci-omos --variant omos
|