guettli/sharedinbox
1
0
Fork 0
Code Issues 21 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

refactor(ci): replace dual DAGGER_STUNNEL_URL1/2 with single DAGGER_STUNNEL_URL

Browse Source 
The engine is stable; no fallback needed.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Thomas SharedInbox
2026-05-20 15:48:38 +02:00
co-authored by Claude Sonnet 4.6
parent e60459ea2e
commit a078122d28
2 changed files with 17 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.forgejo/workflows/ci.yml
+4 -8
View File
@@ -26,8 +26,7 @@ jobs:
- name: Setup Dagger Remote Engine (via stunnel)
env:
DAGGER_STUNNEL_URL1: ${{ secrets.DAGGER_STUNNEL_URL1 }}
DAGGER_STUNNEL_URL2: ${{ secrets.DAGGER_STUNNEL_URL2 }}
DAGGER_STUNNEL_URL: ${{ secrets.DAGGER_STUNNEL_URL }}
DAGGER_CA_CERT: ${{ secrets.DAGGER_CA_CERT }}
DAGGER_CLIENT_CERT: ${{ secrets.DAGGER_CLIENT_CERT }}
DAGGER_CLIENT_KEY: ${{ secrets.DAGGER_CLIENT_KEY }}
@@ -60,8 +59,7 @@ jobs:
- name: Setup Dagger Remote Engine (via stunnel)
env:
DAGGER_STUNNEL_URL1: ${{ secrets.DAGGER_STUNNEL_URL1 }}
DAGGER_STUNNEL_URL2: ${{ secrets.DAGGER_STUNNEL_URL2 }}
DAGGER_STUNNEL_URL: ${{ secrets.DAGGER_STUNNEL_URL }}
DAGGER_CA_CERT: ${{ secrets.DAGGER_CA_CERT }}
DAGGER_CLIENT_CERT: ${{ secrets.DAGGER_CLIENT_CERT }}
DAGGER_CLIENT_KEY: ${{ secrets.DAGGER_CLIENT_KEY }}
@@ -98,8 +96,7 @@ jobs:
- name: Setup Dagger Remote Engine (via stunnel)
env:
DAGGER_STUNNEL_URL1: ${{ secrets.DAGGER_STUNNEL_URL1 }}
DAGGER_STUNNEL_URL2: ${{ secrets.DAGGER_STUNNEL_URL2 }}
DAGGER_STUNNEL_URL: ${{ secrets.DAGGER_STUNNEL_URL }}
DAGGER_CA_CERT: ${{ secrets.DAGGER_CA_CERT }}
DAGGER_CLIENT_CERT: ${{ secrets.DAGGER_CLIENT_CERT }}
DAGGER_CLIENT_KEY: ${{ secrets.DAGGER_CLIENT_KEY }}
@@ -149,8 +146,7 @@ jobs:
- name: Setup Dagger Remote Engine (via stunnel)
env:
DAGGER_STUNNEL_URL1: ${{ secrets.DAGGER_STUNNEL_URL1 }}
DAGGER_STUNNEL_URL2: ${{ secrets.DAGGER_STUNNEL_URL2 }}
DAGGER_STUNNEL_URL: ${{ secrets.DAGGER_STUNNEL_URL }}
DAGGER_CA_CERT: ${{ secrets.DAGGER_CA_CERT }}
DAGGER_CLIENT_CERT: ${{ secrets.DAGGER_CLIENT_CERT }}
DAGGER_CLIENT_KEY: ${{ secrets.DAGGER_CLIENT_KEY }}
scripts/setup_dagger_remote.sh
+13 -26
View File
@@ -1,38 +1,25 @@
#!/usr/bin/env bash
# Establishes a secure tunnel to a remote Dagger Engine via stunnel.
# Probes DAGGER_STUNNEL_URL1 and DAGGER_STUNNEL_URL2 to find the active server.
set -euo pipefail
if [ -z "${DAGGER_STUNNEL_URL1:-}" ] || [ -z "${DAGGER_STUNNEL_URL2:-}" ]; then
echo "Error: DAGGER_STUNNEL_URL1 and DAGGER_STUNNEL_URL2 must be set."
if [ -z "${DAGGER_STUNNEL_URL:-}" ]; then
echo "Error: DAGGER_STUNNEL_URL must be set."
exit 1
fi
ACTIVE_HOST=""
ACTIVE_PORT=""
# Parse host and port (e.g., example.com:8774 or just example.com)
host=$(echo "$DAGGER_STUNNEL_URL" | cut -d: -f1)
port=$(echo "$DAGGER_STUNNEL_URL" | cut -d: -f2)
if [ "$host" == "$port" ]; then
port="8774"
fi
for url in "$DAGGER_STUNNEL_URL1" "$DAGGER_STUNNEL_URL2"; do
# Parse host and port (e.g., example.com:8774 or just example.com)
host=$(echo "$url" | cut -d: -f1)
port=$(echo "$url" | cut -d: -f2)
# Default port if not provided
if [ "$host" == "$port" ]; then
port="8774"
fi
echo "Probing $host:$port..."
if nc -zw 3 "$host" "$port" 2>/dev/null; then
echo "Found active Dagger server on $host:$port"
ACTIVE_HOST="$host"
ACTIVE_PORT="$port"
break
fi
done
if [ -z "$ACTIVE_HOST" ]; then
echo "Error: No Dagger server responded on $DAGGER_STUNNEL_URL1 or $DAGGER_STUNNEL_URL2"
echo "Probing $host:$port..."
if ! nc -zw 3 "$host" "$port" 2>/dev/null; then
echo "Error: No Dagger server responded on $host:$port"
exit 1
fi
echo "Found active Dagger server on $host:$port"
# 2. Setup TLS credentials (passed as env vars from secrets)
mkdir -p /tmp/dagger-tls
@@ -50,7 +37,7 @@ pid = /tmp/stunnel.pid
[dagger]
accept = 127.0.0.1:1774
connect = $ACTIVE_HOST:$ACTIVE_PORT
connect = $host:$port
CAfile = /tmp/dagger-tls/ca.crt
cert = /tmp/dagger-tls/client.crt
key = /tmp/dagger-tls/client.key