Tweaks for Sofatutor

.github/workflows/image.yml

@@ -0,0 +1,59 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+# GitHub recommends pinning actions to a commit SHA.
+# To get a newer version, you will need to update the SHA.
+# You can also reference a tag or branch, but the action may change without warning.
+---
+name: Create and publish a Container image
+
+on:
+  push:
+    branches:
+      - sofatutor
+    tags:
+      - "v*"
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.event.repository.owner.name }}/pullpreview
+
+jobs:
+  build-and-push-image:
+    runs-on: ubuntu-22.04
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Log in to the Container registry
+        uses: sofatutor/docker-login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: sofatutor/docker-metadata-action@57396166ad8aefe6098280995947635806a0e6ea
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+
+      - name: Build and push Docker image
+        uses: sofatutor/docker-build-push-action@c56af957549030174b10d6867f20e78cfd7debc5
+        with:
+          context: .
+          push: true
+          pull: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

.github/workflows/pullpreview.yml

@@ -11,7 +11,7 @@ on:
 jobs:
   deploy:
     runs-on: ubuntu-latest
-    if: github.event_name == 'schedule' || github.event_name == 'push' || github.event.label.name == 'pullpreview' || contains(github.event.pull_request.labels.*.name, 'pullpreview')
+    if: github.event_name == 'schedule' || github.event_name == 'push' || github.event.label.name == 'preview' || contains(github.event.pull_request.labels.*.name, 'preview')
     timeout-minutes: 30
     steps:
       - uses: actions/checkout@v2

CHANGELOG.md

@@ -1,5 +1,9 @@
 ## master
 
+- Add optional `PULLPREVIEW_SNAPSHOT_NAME` environment variable, which can be used to restore from a specific snapshot name rather than a snapshot for a specific instance name.
+- Add optional `PULLPREVIEW_ENV_VARS` environment variable, which can be passed through, to set any environment variables during launch/update.
+- Add optional `PULLPREVIEW_LAUNCH_COMMAND` environment variable, which can be passed through, to replace docker-compose launch/update commands.
+
 ## v5 - updated on 20230110
 
 - Switch to using amazon linux 2 since the old blueprint became unavailable (#34)

Dockerfile

@@ -1,6 +1,7 @@
 FROM ruby:2.7-slim
 
-RUN apt-get update -qq && apt-get install openssh-client git -y
+RUN apt-get update -qq && apt-get install openssh-client git -y \
+    && apt-get clean -y && rm -rf /var/lib/apt/lists/*
 WORKDIR /app
 COPY Gemfile .
 COPY Gemfile.lock .

Gemfile.lock

@@ -10,30 +10,30 @@ GEM
       aws-partitions (~> 1, >= 1.239.0)
       aws-sigv4 (~> 1.1)
       jmespath (~> 1.0)
-    aws-sdk-lightsail (1.30.0)
+    aws-sdk-lightsail (1.32.0)
       aws-sdk-core (~> 3, >= 3.71.0)
       aws-sigv4 (~> 1.1)
     aws-sigv4 (1.1.3)
       aws-eventstream (~> 1.0, >= 1.0.2)
-    coderay (1.1.2)
+    coderay (1.1.3)
     faraday (1.0.1)
       multipart-post (>= 1.2, < 3)
     jmespath (1.4.0)
     method_source (1.0.0)
     multipart-post (2.1.1)
-    octokit (4.18.0)
+    octokit (4.22.0)
       faraday (>= 0.9)
       sawyer (~> 0.8.0, >= 0.5.3)
-    pry (0.13.1)
+    pry (0.14.1)
       coderay (~> 1.1)
       method_source (~> 1.0)
     public_suffix (4.0.6)
     sawyer (0.8.2)
       addressable (>= 2.3.5)
       faraday (> 0.8, < 2.0)
-    slop (4.8.1)
-    terminal-table (1.8.0)
-      unicode-display_width (~> 1.1, >= 1.1.1)
+    slop (4.10.1)
+    terminal-table (3.0.2)
+      unicode-display_width (>= 1.1.1, < 3)
     unicode-display_width (1.7.0)
 
 PLATFORMS
@@ -47,4 +47,4 @@ DEPENDENCIES
   terminal-table
 
 BUNDLED WITH
-   2.1.4
+   2.4.22

action.yml

@@ -25,7 +25,7 @@ inputs:
   ports:
     description: "Ports to open for external access on the preview server (port 22 is always open), comma-separated"
     required: false
-    default: "80/tcp,443/tcp,1000-10000/tcp"
+    default: "80/tcp,443/tcp"
   cidrs:
     description: "The IP address, or range of IP addresses in CIDR notation, that are allowed to connect to the instance"
     required: false
@@ -46,6 +46,10 @@ inputs:
     description: "Names of private registries to authenticate against. E.g. docker://username:password@ghcr.io"
     required: false
     default: ""
+  deploy_key:
+    description: "Additional public SSH key used for authentication"
+    required: false
+    default: ""
 
 outputs:
   url:
@@ -57,7 +61,7 @@ outputs:
 
 runs:
   using: "docker"
-  image: "Dockerfile"
+  image: docker://ghcr.io/sofatutor/pullpreview:sofatutor
   args:
     - "github-sync"
     - "${{ inputs.app_path }}"

bin/pullpreview

@@ -29,12 +29,14 @@ up_opts = lambda do |o|
   o.array '--registries', 'URIs of docker registries to authenticate against, e.g. docker://username:password@ghcr.io', default: []
   o.string '--dns', 'Enable DNS support for pretty-looking URLs', default: "my.pullpreview.com"
   o.array '--ports', 'Ports to open for external access on the preview server', default: [
-    "80/tcp", "443/tcp", "1000-10000/tcp"
+    "80/tcp", "443/tcp"
   ]
   o.string '--instance-type', 'Instance type to use', default: 'small_2_0'
   o.string '--default-port', 'Default port to use when displaying the instance hostname', default: "80"
   o.array '--tags', 'Tags to add to the instance'
   o.array '--compose-files', 'Compose files to use when running docker-compose up', default: ["docker-compose.yml"]
+  o.string '--deploy-key', 'Additional public SSH key (optional)'
+  o.string '--subdomain', 'Instance subdomain (optional)'
 end
 
 begin

data/update_script.sh.erb

@@ -5,6 +5,8 @@ set -o pipefail
 
 APP_TARBALL="$1"
 APP_PATH="<%= locals.remote_app_path %>"
+PULLPREVIEW_LAUNCH_COMMAND="<%= locals.custom_launch_command %>"
+PULLPREVIEW_ENV_VARS="<%= locals.custom_env_vars %>"
 PULLPREVIEW_ENV_FILE="/etc/pullpreview/env"
 
 lock_file="/tmp/update.lock"
@@ -51,30 +53,36 @@ echo 'PULLPREVIEW_PUBLIC_IP=<%= locals.public_ip %>' >> $PULLPREVIEW_ENV_FILE
 echo 'PULLPREVIEW_URL=<%= locals.url %>' >> $PULLPREVIEW_ENV_FILE
 echo "PULLPREVIEW_FIRST_RUN=$PULLPREVIEW_FIRST_RUN" >> $PULLPREVIEW_ENV_FILE
 
+if [ -n "${PULLPREVIEW_ENV_VARS}" ] ; then
+while read -d, -r pair; do
+  IFS='=' read -r key val <<<"$pair"
+  echo "$key=$val" >> $PULLPREVIEW_ENV_FILE
+done <<<"$PULLPREVIEW_ENV_VARS,"
+fi
+
 set -o allexport
 source $PULLPREVIEW_ENV_FILE
 set +o allexport
 
 cd /
 
-sudo rm -rf "$APP_PATH"
-sudo mkdir -p "$APP_PATH"
-sudo chown -R ec2-user.ec2-user "$APP_PATH"
-tar xzf "$1" -C "$APP_PATH"
+sudo rm -rf "/tmp$APP_PATH"
+sudo mkdir -p "$APP_PATH" "/tmp$APP_PATH"
+sudo chown -R ec2-user.ec2-user "$APP_PATH" "/tmp$APP_PATH"
+tar xzf "$1" -C "/tmp$APP_PATH"
+rsync -auz "/tmp$APP_PATH" / --remove-source-files --delete
 
 cd "$APP_PATH"
 
-echo "Cleaning up..."
-docker volume prune -f || true
-
-echo "Updating dependencies..."
-yum update -y || true
-
 if ! /tmp/pre_script.sh ; then
   echo "Failed to run the pre-script"
   exit 1
 fi
 
+if [ -n "${PULLPREVIEW_LAUNCH_COMMAND}" ] ; then
+  echo "Command to be executed: $PULLPREVIEW_LAUNCH_COMMAND"
+  bash -c "$PULLPREVIEW_LAUNCH_COMMAND" ; exit $?
+fi
 
 pull() {
   docker-compose <%= locals.compose_files.map{|f| ["-f", f.inspect]}.flatten.join(" ") %> pull -q

lib/pull_preview/github_sync.rb

@@ -8,7 +8,7 @@ class GithubSync
     attr_reader :opts
     attr_reader :always_on
 
-    LABEL = "pullpreview"
+    LABEL = "preview"
 
     def self.run(app_path, opts)
       github_event_name = ENV.fetch("GITHUB_EVENT_NAME")
@@ -23,7 +23,20 @@ def self.run(app_path, opts)
       # https://help.github.com/en/actions/reference/events-that-trigger-workflows
       github_context = JSON.parse(File.read(github_event_path))
       PullPreview.logger.debug "github_context = #{github_context.inspect}"
-      self.new(github_context, app_path, opts).sync!
+      github_sync = new(github_context, app_path, opts)
+      begin
+        seconds ||= 0.2
+        github_sync.sync!
+      rescue => e
+        if seconds > 30
+          raise e
+          github_sync.update_github_status(:error)
+        end
+
+        sleep seconds
+        seconds *= 2
+        retry
+      end
     end
 
     # Go over closed pull requests that are still labelled as "pullpreview", and force the destroyal of the corresponding environments
@@ -116,9 +129,6 @@ def sync!
       else
         PullPreview.logger.info "Ignoring event #{pp_action.inspect}"
       end
-    rescue => e
-      update_github_status(:error)
-      raise e
     end
 
     def guess_action_from_event