Conversation
spoonincode
commented
Jan 27, 2023
spoonincode
commented
- systemd units for network & runner really should be "oneshot" (I'm not a little uncertain how it worked previously with "simple")
- wait for network interface to indicate "up" before using the network
- simplify selection of runner release to use (just use "latest")
- don't pipe the runner download directly to tar: hopefully it can be retried more reliably that way
* systemd units for network & runner really should be "oneshot" * wait for network interface to indicate "up" before using the network * simplify selection of runner release to use (just use "latest") * don't pipe the runner download directly to tar: hopefully it can be retried more reliably that way
| RUNNER_RELEASE_URL=$(${CURL} https://api.github.com/repos/actions/runner/releases/latest | \ | ||
| jq -e -r '.assets[] | if .name | test("actions-runner-linux-x64-[0-9.]+.tar") then .browser_download_url else empty end') | ||
| ${CURL} -O "${RUNNER_RELEASE_URL}" |
There was a problem hiding this comment.
The jq -e flag is a new trick for me, nice.
Should we quote these variable assignments to protect against BASH code injection?
RUNNER_RELEASE_URL=$(...)...would become:
RUNNER_RELEASE_URL="$(...)"As a point of interest, I believe the jq query if-then snippet...
if .name | test("actions-runner-linux-x64-[0-9.]+.tar") then .browser_download_url else empty end
...could be simplified to this.
.name | test("actions-runner-linux-x64-[0-9.]+.tar") | .browser_download_url // empty
I haven't tried it, not certain.
There was a problem hiding this comment.
Should we quote these variable assignments to protect against BASH code injection
Yeah, probably prudent to do so just for best practices purposes.
Not sure if I exactly understand your suggestion. It's easy enough to try -- no token needed or anything. If you find a more concise way I'd certainly be interested.
$ curl -s https://api.github.com/repos/actions/runner/releases/latest | jq -e -r '.assets[] | .name | test("actions-runner-linux-x64-[0-9.]+.tar") | .browser_download_url'
jq: error (at <stdin>:1242): Cannot index boolean with string "browser_download_url"
There was a problem hiding this comment.
Nevermind on the jq thing, I see the if...else block behaves slightly different than I had thought when I wrote that comment. My mistake.
| tries=100 | ||
| until eval '(( $(< /sys/class/net/eth0/carrier) ))'; do | ||
| (( tries-- > 0 )) || exit 1 | ||
| sleep 0.1 | ||
| done | ||
|
|
There was a problem hiding this comment.
This loop only verifies that an Ethernet cable is connected...not that the network interface is actually functional. Here are two suggestions from ChatGPT to check that a network interface is functional in a BASH script, both of which I tried in my terminal.
The first starts a service dependent on network-online.target from the NetworkManager-wait-online.service. It waits until this target is reached, then returns.
systemd-run --wait --quiet --service-type=oneshot --property="After=network-online.target" /bin/trueThis second example is simpler, it reads a file like the one that you have.
cat /sys/class/net/eth0/operstate
We would want this command to return up.
From ChatGPT:
/sys/class/net/eth0/operstateis a sysfs file that shows the operational state of the network interfaceeth0. The possible values for this file areunknown,notpresent,down,lowerlayerdown,testing,dormant,up. Theoperstatefile reflects the current state of the network interface based on various factors, including the physical state of the interface, the state of the underlying protocol stack, and the administrative state of the interface.
/sys/class/net/eth0/carrieris another sysfs file that indicates the physical state of the network interfaceeth0. This file shows whether the link is up or down and is used to determine if the network cable is connected to the interface. The possible values for this file are0and1, where0indicates that the link is down and1indicates that the link is up.In summary,
operstatereflects the overall state of the network interface, whilecarrierindicates the physical state of the link.
2 participants
