From 81318d15d3b7ecf5edd561f932a7275fb665dc90 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:11:14 +0000 Subject: [PATCH 01/36] Update workflow --- .github/workflows/update-custom-runner.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index ec7f485529..eefa7afd1c 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -23,11 +23,11 @@ jobs: update_custom_runners: name: update-custom-runner-${{ matrix.runner_hostname }} runs-on: [self-hosted, '${{ matrix.runner_hostname }}' ] - if: ${{ github.event.input.runner_list }} + if: ${{ github.event.input.runner_list != '' }} strategy: matrix: - runner_hostname: ${{ github.event.input.runner_list }} + runner_hostname: [ ${{ github.event.input.runner_list }} ] steps: - name: Update tools From 48866d5e629851457e50808962e3218c7d2aefc2 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:13:02 +0000 Subject: [PATCH 02/36] Use JSON --- .github/workflows/update-custom-runner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index eefa7afd1c..6f78e48f8e 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -27,7 +27,7 @@ jobs: strategy: matrix: - runner_hostname: [ ${{ github.event.input.runner_list }} ] + runner_hostname: fromJSON('[' + ${{ github.event.input.runner_list }} + ']') steps: - name: Update tools From b68b5454ccd78c78523a555d9eb17fbcc58d555f Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:14:16 +0000 Subject: [PATCH 03/36] Hard code hostname as a test --- .github/workflows/update-custom-runner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 6f78e48f8e..423173cd95 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -27,7 +27,7 @@ jobs: strategy: matrix: - runner_hostname: fromJSON('[' + ${{ github.event.input.runner_list }} + ']') + runner_hostname: [ 'fplmac1' ] #fromJSON('[' + ${{ github.event.input.runner_list }} + ']') steps: - name: Update tools From 1cc5f2919c4db719a35b1cf55dea762c4dbc18af Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:15:10 +0000 Subject: [PATCH 04/36] Fix if statement --- .github/workflows/update-custom-runner.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 423173cd95..7b99d25c29 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -23,11 +23,11 @@ jobs: update_custom_runners: name: update-custom-runner-${{ matrix.runner_hostname }} runs-on: [self-hosted, '${{ matrix.runner_hostname }}' ] - if: ${{ github.event.input.runner_list != '' }} + if: github.event.input.runner_list != '' strategy: matrix: - runner_hostname: [ 'fplmac1' ] #fromJSON('[' + ${{ github.event.input.runner_list }} + ']') + runner_hostname: fromJSON('[' + ${{ github.event.input.runner_list }} + ']') steps: - name: Update tools From 45d12962576269831688cdf5d10487319fb658f1 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:16:47 +0000 Subject: [PATCH 05/36] Fix inputs. --- .github/workflows/update-custom-runner.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 7b99d25c29..31b8b4a9fd 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -23,11 +23,11 @@ jobs: update_custom_runners: name: update-custom-runner-${{ matrix.runner_hostname }} runs-on: [self-hosted, '${{ matrix.runner_hostname }}' ] - if: github.event.input.runner_list != '' + if: github.event.inputs.runner_list != '' strategy: matrix: - runner_hostname: fromJSON('[' + ${{ github.event.input.runner_list }} + ']') + runner_hostname: fromJSON('[' + ${{ github.event.inputs.runner_list }} + ']') steps: - name: Update tools From c2508ae6da3cd355ee42482765e15366ea2dd362 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:17:45 +0000 Subject: [PATCH 06/36] Fix matrix. --- .github/workflows/update-custom-runner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 31b8b4a9fd..0fce27a26c 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -27,7 +27,7 @@ jobs: strategy: matrix: - runner_hostname: fromJSON('[' + ${{ github.event.inputs.runner_list }} + ']') + runner_hostname: ${{ fromJson('[' + github.event.inputs.runner_list + ']') }} steps: - name: Update tools From 5ffbe24edd02174a290bacbd84fda4b5e7f05f6f Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:19:01 +0000 Subject: [PATCH 07/36] Update matrix again --- .github/workflows/update-custom-runner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 0fce27a26c..543816c1aa 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -27,7 +27,7 @@ jobs: strategy: matrix: - runner_hostname: ${{ fromJson('[' + github.event.inputs.runner_list + ']') }} + runner_hostname: ${{ github.event.inputs.runner_list }} steps: - name: Update tools From 4781859641b635e2cad6347179e94da8cec6ded6 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:27:38 +0000 Subject: [PATCH 08/36] Matrix JSON list --- .github/workflows/update-custom-runner.yml | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 543816c1aa..64bf881295 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -20,14 +20,30 @@ env: GITHUB_TOKEN: ${{ github.token }} jobs: + prepare: + name: prepare + runs-on: ubuntu-20.04 + if: github.event.inputs.runner_list != '' + outputs: + runner_hostnames: ${{ steps.prepare_inputs.outputs.runner_hostnames }} + steps: + - name: Prepare inputs + id: prepare_inputs + shell: bash + run: | + csv='${{github.event.inputs.runner_hostnames}}' + json="['$(echo ${csv} | sed s/,/\',\'/g)']" + echo "runner_hostnames=${csv}" >> $GITHUB_OUTPUT + update_custom_runners: name: update-custom-runner-${{ matrix.runner_hostname }} + needs: [ prepare ] runs-on: [self-hosted, '${{ matrix.runner_hostname }}' ] if: github.event.inputs.runner_list != '' strategy: matrix: - runner_hostname: ${{ github.event.inputs.runner_list }} + runner_hostname: ${{ fromJson(needs.prepare.outputs.runner_hostnames) }} steps: - name: Update tools From 90d7c59252c3afc61d2905011e60f2946895b21e Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:29:16 +0000 Subject: [PATCH 09/36] Fix input --- .github/workflows/update-custom-runner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 64bf881295..5466a21290 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -31,7 +31,7 @@ jobs: id: prepare_inputs shell: bash run: | - csv='${{github.event.inputs.runner_hostnames}}' + csv='${{github.event.inputs.runner_list}}' json="['$(echo ${csv} | sed s/,/\',\'/g)']" echo "runner_hostnames=${csv}" >> $GITHUB_OUTPUT From 173b4b5beef023e8868a7e2bffcd1678d528530b Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:30:39 +0000 Subject: [PATCH 10/36] Fix output --- .github/workflows/update-custom-runner.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 5466a21290..db7f473bc7 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -33,7 +33,8 @@ jobs: run: | csv='${{github.event.inputs.runner_list}}' json="['$(echo ${csv} | sed s/,/\',\'/g)']" - echo "runner_hostnames=${csv}" >> $GITHUB_OUTPUT + echo "runner_hostnames=${json}" + echo "runner_hostnames=${json}" >> $GITHUB_OUTPUT update_custom_runners: name: update-custom-runner-${{ matrix.runner_hostname }} From a4a717db63589f8b9c1f4ff8f9e2cd833a5278f3 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:31:38 +0000 Subject: [PATCH 11/36] Fix bash script. --- .github/workflows/update-custom-runner.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index db7f473bc7..2fe2aad6bc 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -61,6 +61,7 @@ jobs: echo "::warning ::No OS updates available." else echo "softwareupdate -l -r | tr '\n' '|' | sed 's/|/%0A/g' | sed " + fi - name: Update OS if: ${{ github.event.inputs.update_os }} From 7b48979af74c1f8a1b3aa43e29fc59c49758be7a Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:32:14 +0000 Subject: [PATCH 12/36] Error checking. --- .github/workflows/update-custom-runner.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 2fe2aad6bc..96b7c9a932 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -51,6 +51,7 @@ jobs: if: ${{ github.event.inputs.update_tools }} shell: bash run: | + set -ex echo "npm install -g firebase-tools" - name: Check for OS updates @@ -67,4 +68,5 @@ jobs: if: ${{ github.event.inputs.update_os }} shell: bash run: | + set -ex echo "softwareupdate -i -r -f" From aee8099a62cbbae9d52b084648c83b34ecbb2be5 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:37:18 +0000 Subject: [PATCH 13/36] Fix logging. --- .github/workflows/update-custom-runner.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 96b7c9a932..8ad3dc1944 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -4,7 +4,7 @@ on: workflow_dispatch: inputs: runner_list: - description: 'Runner hostname to update (comma-separated)' + description: 'Runner hostnames (comma-separated)' default: 'fplmac1,fplmac2' required: true update_tools: @@ -52,16 +52,16 @@ jobs: shell: bash run: | set -ex - echo "npm install -g firebase-tools" + npm install -g firebase-tools - name: Check for OS updates shell: bash run: | if softwareupdate -l -r | grep -q 'No new software available' then - echo "::warning ::No OS updates available." + echo "::warning ::Host ${{matrix.runner_hostname}} has no OS updates available." else - echo "softwareupdate -l -r | tr '\n' '|' | sed 's/|/%0A/g' | sed " + softwareupdate -l -r | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::Host ${{matrix.runner_hostname}} has OS updates:%0A/' fi - name: Update OS From 355a0b7b4d1fc3eade4c64e87ae71c290eb0264b Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:41:42 +0000 Subject: [PATCH 14/36] Print OS updates correctly. --- .github/workflows/update-custom-runner.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 8ad3dc1944..82fab6d23b 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -59,9 +59,9 @@ jobs: run: | if softwareupdate -l -r | grep -q 'No new software available' then - echo "::warning ::Host ${{matrix.runner_hostname}} has no OS updates available." + echo "No OS updates available." else - softwareupdate -l -r | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::Host ${{matrix.runner_hostname}} has OS updates:%0A/' + softwareupdate -l -r | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::Host ${{matrix.runner_hostname}} has OS updates:%0A/' fi - name: Update OS @@ -69,4 +69,4 @@ jobs: shell: bash run: | set -ex - echo "softwareupdate -i -r -f" + softwareupdate -i -r -f From 6054439f1bd225c5e5cb5c341112ec74b4d09102 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:42:12 +0000 Subject: [PATCH 15/36] msg --- .github/workflows/update-custom-runner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 82fab6d23b..a89cc076d4 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -61,7 +61,7 @@ jobs: then echo "No OS updates available." else - softwareupdate -l -r | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::Host ${{matrix.runner_hostname}} has OS updates:%0A/' + softwareupdate -l -r | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::OS updates available:%0A/' fi - name: Update OS From ebd526ae3b29115947801b16fbada8d7f42e4fe7 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:44:15 +0000 Subject: [PATCH 16/36] Always print OS update output. --- .github/workflows/update-custom-runner.yml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index a89cc076d4..f8202622c9 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -57,12 +57,7 @@ jobs: - name: Check for OS updates shell: bash run: | - if softwareupdate -l -r | grep -q 'No new software available' - then - echo "No OS updates available." - else - softwareupdate -l -r | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::OS updates available:%0A/' - fi + softwareupdate -l -r | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::/' - name: Update OS if: ${{ github.event.inputs.update_os }} From f501f32c728f78099bfdf5f6504c9a4ca766e256 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:47:46 +0000 Subject: [PATCH 17/36] Output normally as well. --- .github/workflows/update-custom-runner.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index f8202622c9..64573c70b6 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -57,7 +57,8 @@ jobs: - name: Check for OS updates shell: bash run: | - softwareupdate -l -r | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::/' + softwareupdate -l -r + softwareupdate -l -r 2>&1 | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::/' - name: Update OS if: ${{ github.event.inputs.update_os }} From f3b40fe3effed48bb761e021663ed5c04c2b817b Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:49:49 +0000 Subject: [PATCH 18/36] Fix output. --- .github/workflows/update-custom-runner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 64573c70b6..de2269f950 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -57,7 +57,7 @@ jobs: - name: Check for OS updates shell: bash run: | - softwareupdate -l -r + softwareupdate -l -r 2>&1 softwareupdate -l -r 2>&1 | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::/' - name: Update OS From 0c5eceabba48deefc5c21cf25642272463253b34 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 20:55:31 +0000 Subject: [PATCH 19/36] Fix update --- .github/workflows/update-custom-runner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index de2269f950..3ea56aa519 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -65,4 +65,4 @@ jobs: shell: bash run: | set -ex - softwareupdate -i -r -f + softwareupdate -i -r -R -f From f26c98228e5732be21e27559b51c790fcca3f947 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 21:18:07 +0000 Subject: [PATCH 20/36] Enable sudo for update script. --- .github/workflows/update-custom-runner.yml | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 3ea56aa519..85cf1ff5c7 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -64,5 +64,16 @@ jobs: if: ${{ github.event.inputs.update_os }} shell: bash run: | - set -ex - softwareupdate -i -r -R -f + # Need to use sudo to run the update with reboot. Set up a temporary + # script to provide the password. + tmpfile="$(mktemp)" + trap "rm -f \"${tmpfile}\"" EXIT HUP QUIT PIPE ALARM INT + cat > ${tmpfile} <&1 From bedbce77a16877fa959393637d1d6345e189b198 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 21:20:42 +0000 Subject: [PATCH 21/36] Fix trap --- .github/workflows/update-custom-runner.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 85cf1ff5c7..77bbe0ba2a 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -48,7 +48,7 @@ jobs: steps: - name: Update tools - if: ${{ github.event.inputs.update_tools }} + if: github.event.inputs.update_tools shell: bash run: | set -ex @@ -61,13 +61,13 @@ jobs: softwareupdate -l -r 2>&1 | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::/' - name: Update OS - if: ${{ github.event.inputs.update_os }} + if: github.event.inputs.update_os shell: bash run: | # Need to use sudo to run the update with reboot. Set up a temporary # script to provide the password. tmpfile="$(mktemp)" - trap "rm -f \"${tmpfile}\"" EXIT HUP QUIT PIPE ALARM INT + trap "rm -f \"${tmpfile}\"" EXIT HUP QUIT PIPE INT cat > ${tmpfile} < Date: Tue, 2 May 2023 21:22:35 +0000 Subject: [PATCH 22/36] Fix sudo. --- .github/workflows/update-custom-runner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 77bbe0ba2a..f4f268545b 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -76,4 +76,4 @@ jobs: END_OF_FILE EOF chmod u+x "${tmpfile}" - SUDO_ASKPASS="${tmpfile}" sudo softwareupdate -l -r -R -f 2>&1 + SUDO_ASKPASS="${tmpfile}" sudo -A softwareupdate -l -r -R -f 2>&1 From 06193e558923f026afc376b1873a83a7df5be1cb Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 21:23:16 +0000 Subject: [PATCH 23/36] Fix ifs, and sudo --- .github/workflows/update-custom-runner.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index f4f268545b..2e14477970 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -48,7 +48,7 @@ jobs: steps: - name: Update tools - if: github.event.inputs.update_tools + if: github.event.inputs.update_tools == 1 shell: bash run: | set -ex @@ -61,7 +61,7 @@ jobs: softwareupdate -l -r 2>&1 | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::/' - name: Update OS - if: github.event.inputs.update_os + if: github.event.inputs.update_os == 1 shell: bash run: | # Need to use sudo to run the update with reboot. Set up a temporary From 545d0ad44556e2128e711d98cc3c282e5ae7463d Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 21:35:53 +0000 Subject: [PATCH 24/36] Update sudo script for softwareupdate --- .github/workflows/update-custom-runner.yml | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 2e14477970..b2f3f75497 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -68,12 +68,25 @@ jobs: # script to provide the password. tmpfile="$(mktemp)" trap "rm -f \"${tmpfile}\"" EXIT HUP QUIT PIPE INT - cat > ${tmpfile} < "${tmpfile}" <> "${tmpfile}" <<'EOF' + cat <<'END_OF_FILE' ${{secrets.CUSTOM_RUNNER_PW}} END_OF_FILE EOF - chmod u+x "${tmpfile}" - SUDO_ASKPASS="${tmpfile}" sudo -A softwareupdate -l -r -R -f 2>&1 + + # sudo -A -k will force run the generated script, which will then + # immediately delete itself. + SUDO_ASKPASS="${tmpfile}" sudo -A -k softwareupdate -l -r -R -f 2>&1 + + # Just to be safe, delete the file again. + rm -f "${tmpfile}" From fe2b0df71422668a9920b7463726aead0b8d66df Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 21:38:12 +0000 Subject: [PATCH 25/36] Download updates first. --- .github/workflows/update-custom-runner.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index b2f3f75497..57ce5929b3 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -64,6 +64,9 @@ jobs: if: github.event.inputs.update_os == 1 shell: bash run: | + # First, download updates. + software-update -d -r + # Need to use sudo to run the update with reboot. Set up a temporary # script to provide the password. tmpfile="$(mktemp)" @@ -86,7 +89,7 @@ jobs: # sudo -A -k will force run the generated script, which will then # immediately delete itself. - SUDO_ASKPASS="${tmpfile}" sudo -A -k softwareupdate -l -r -R -f 2>&1 + SUDO_ASKPASS="${tmpfile}" sudo -A -k softwareupdate -l -r -R 2>&1 # Just to be safe, delete the file again. rm -f "${tmpfile}" From 7fc6a233458008db6f977d569f54905f4cd1b772 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 21:39:32 +0000 Subject: [PATCH 26/36] Typo --- .github/workflows/update-custom-runner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 57ce5929b3..0cd0fde6d9 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -65,7 +65,7 @@ jobs: shell: bash run: | # First, download updates. - software-update -d -r + softwareupdate -d -r # Need to use sudo to run the update with reboot. Set up a temporary # script to provide the password. From eda103e0fe13ec0f30c752d754ce56d9fef80cc2 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 21:44:55 +0000 Subject: [PATCH 27/36] Separate out download step. --- .github/workflows/update-custom-runner.yml | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 0cd0fde6d9..8ef41b1974 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -59,13 +59,22 @@ jobs: run: | softwareupdate -l -r 2>&1 softwareupdate -l -r 2>&1 | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::/' - - - name: Update OS + + - name: Download OS updates if: github.event.inputs.update_os == 1 shell: bash run: | - # First, download updates. + # Ignore errors + set +e + # Download updates in a separate step. softwareupdate -d -r + + - name: Install OS updates + if: github.event.inputs.update_os == 1 + shell: bash + run: | + # Ignore errors + set +e # Need to use sudo to run the update with reboot. Set up a temporary # script to provide the password. @@ -77,7 +86,7 @@ jobs: #!/usr/bin/env bash rm -f "${tmpfile}" EOF - + chmod u+x "${tmpfile}" # Continue without bash variable substitution: From 3deedf02b4b494f427ae8a30d1b5c690693e667b Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 21:47:32 +0000 Subject: [PATCH 28/36] Separate out download step --- .github/workflows/update-custom-runner.yml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 8ef41b1974..c8e883038d 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -66,7 +66,7 @@ jobs: run: | # Ignore errors set +e - # Download updates in a separate step. + # Download updates in a separate step, so if it's cancelled, they won't be installed. softwareupdate -d -r - name: Install OS updates @@ -76,12 +76,15 @@ jobs: # Ignore errors set +e + # Pause a minute before installing updates. + sleep 60 + # Need to use sudo to run the update with reboot. Set up a temporary - # script to provide the password. + # "askpass" script to provide sudo with the password. tmpfile="$(mktemp)" trap "rm -f \"${tmpfile}\"" EXIT HUP QUIT PIPE INT - # Generate a script for sudo to use. + # Generate a script for sudo to use, which immediately deletes itself. cat > "${tmpfile}" <> "${tmpfile}" <<'EOF' cat <<'END_OF_FILE' ${{secrets.CUSTOM_RUNNER_PW}} From a58c0afcaa6b7c390a3372e754b3c9ba34078f07 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 21:55:04 +0000 Subject: [PATCH 29/36] Simplify installation. --- .github/workflows/update-custom-runner.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index c8e883038d..806d592cd7 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -60,15 +60,6 @@ jobs: softwareupdate -l -r 2>&1 softwareupdate -l -r 2>&1 | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::/' - - name: Download OS updates - if: github.event.inputs.update_os == 1 - shell: bash - run: | - # Ignore errors - set +e - # Download updates in a separate step, so if it's cancelled, they won't be installed. - softwareupdate -d -r - - name: Install OS updates if: github.event.inputs.update_os == 1 shell: bash From 0fe9e6511c2e9a1e678d1c65e5f9a54ab3da78bd Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 22:00:07 +0000 Subject: [PATCH 30/36] Actually do the installation now. --- .github/workflows/update-custom-runner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 806d592cd7..3ab7c15e2d 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -92,7 +92,7 @@ jobs: # sudo -A -k will force run the generated script, which will then # immediately delete itself. - SUDO_ASKPASS="${tmpfile}" sudo -A -k softwareupdate -l -r -R 2>&1 + SUDO_ASKPASS="${tmpfile}" sudo -A -k softwareupdate -i -r -R 2>&1 # Just to be safe, delete the file again. rm -f "${tmpfile}" From ba0b38279f41d8bf5d2be406ac9657d5f9a1b082 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 22:11:04 +0000 Subject: [PATCH 31/36] Run the update in the background so the runner job can finish. --- .github/workflows/update-custom-runner.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 3ab7c15e2d..eb969d1994 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -92,7 +92,5 @@ jobs: # sudo -A -k will force run the generated script, which will then # immediately delete itself. - SUDO_ASKPASS="${tmpfile}" sudo -A -k softwareupdate -i -r -R 2>&1 - - # Just to be safe, delete the file again. - rm -f "${tmpfile}" + SUDO_ASKPASS="${tmpfile}" sudo -A -k softwareupdate -i -r -R --user fpluser --stdinpass ${{secrets.CUSTOM_RUNNER_PW}} 2>&1 & + sleep 15 From 19f673571f87cace8996d680cbe02dd0da51ae1d Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 22:19:31 +0000 Subject: [PATCH 32/36] Don't prompt for plaintext password. --- .github/workflows/update-custom-runner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index eb969d1994..92b3b466bb 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -92,5 +92,5 @@ jobs: # sudo -A -k will force run the generated script, which will then # immediately delete itself. - SUDO_ASKPASS="${tmpfile}" sudo -A -k softwareupdate -i -r -R --user fpluser --stdinpass ${{secrets.CUSTOM_RUNNER_PW}} 2>&1 & + SUDO_ASKPASS="${tmpfile}" sudo -A -k softwareupdate -i -r -R --user root --stdinpass '' 2>&1 & sleep 15 From 43c295a953950c1e48ad07419933895ade328d0e Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 22:23:35 +0000 Subject: [PATCH 33/36] Don't run in background after all. --- .github/workflows/update-custom-runner.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 92b3b466bb..6bcc021232 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -92,5 +92,4 @@ jobs: # sudo -A -k will force run the generated script, which will then # immediately delete itself. - SUDO_ASKPASS="${tmpfile}" sudo -A -k softwareupdate -i -r -R --user root --stdinpass '' 2>&1 & - sleep 15 + SUDO_ASKPASS="${tmpfile}" sudo -A -k softwareupdate -i -r -R --user root --stdinpass '' 2>&1 From cc5bceb1434c0afee478a4f5cc9e11dc8ef830de Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 22:33:45 +0000 Subject: [PATCH 34/36] Print update better. --- .github/workflows/update-custom-runner.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 6bcc021232..06668a3146 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -57,8 +57,9 @@ jobs: - name: Check for OS updates shell: bash run: | - softwareupdate -l -r 2>&1 - softwareupdate -l -r 2>&1 | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::/' + # If there is no new software, exit. + softwareupdate -l -r 2>&1 | grep -q 'No new software' || exit + softwareupdate -l -r | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::/' - name: Install OS updates if: github.event.inputs.update_os == 1 From 5b669da1a28d921be742fe170168c6ead152cc50 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 22:37:55 +0000 Subject: [PATCH 35/36] Fix script. --- .github/workflows/update-custom-runner.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 06668a3146..783297e464 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -58,7 +58,8 @@ jobs: shell: bash run: | # If there is no new software, exit. - softwareupdate -l -r 2>&1 | grep -q 'No new software' || exit + set +e + softwareupdate -l -r 2>&1 | grep -q 'No new software' && exit softwareupdate -l -r | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::/' - name: Install OS updates From 324e17168ab307b773643c1e3a97a8bb8ee228d8 Mon Sep 17 00:00:00 2001 From: Jon Simantov Date: Tue, 2 May 2023 22:39:34 +0000 Subject: [PATCH 36/36] Fix log. --- .github/workflows/update-custom-runner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/update-custom-runner.yml b/.github/workflows/update-custom-runner.yml index 783297e464..c0b23a7c36 100644 --- a/.github/workflows/update-custom-runner.yml +++ b/.github/workflows/update-custom-runner.yml @@ -57,7 +57,7 @@ jobs: - name: Check for OS updates shell: bash run: | - # If there is no new software, exit. + # If there is new software, print the list. set +e softwareupdate -l -r 2>&1 | grep -q 'No new software' && exit softwareupdate -l -r | tr '\n' '|' | sed 's/|/%0A/g' | sed 's/^/::warning ::/'