Skip to content
integration: docker rootless (vagrant)

chore(deps): update dependency konstruktoid.docker_rootless to v1.17.0 #43

Sign in to view logs

chore(deps): update dependency konstruktoid.docker_rootless to v1.17.0

chore(deps): update dependency konstruktoid.docker_rootless to v1.17.0 #43

Workflow file for this run

.github/workflows/vagrant-docker-rootless-test.yml at bf2d504
name: "integration: docker rootless (vagrant)"
on:
pull_request:
branches: [main]
paths:
- "install-docker-rootless.yml"
- "Vagrantfile"
- "requirements.txt"
- "requirements.yml"
- "testing/**"
- ".github/workflows/vagrant-docker-rootless-test.yml"
workflow_dispatch: {}
permissions:
contents: read
jobs:
vagrant-docker-rootless:
runs-on: ubuntu-24.04
timeout-minutes: 60
env:
VAGRANT_DIR: ~/.vagrant.d/boxes
TEST_PLAYBOOK: testing/e2e-hardened-then-install-docker-rootless.yml
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
with:
egress-policy: audit
- name: Checkout Repository
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Restore Vagrant box cache
uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5
with:
path: ${{ env.VAGRANT_DIR }}
key: ${{ runner.os }}-vagrant-${{ hashFiles('**/Vagrantfile') }}
restore-keys: |
${{ runner.os }}-vagrant-
- name: Install Vagrant + VirtualBox (official HashiCorp APT repo for Vagrant)
run: |
set -euxo pipefail
sudo apt update
sudo apt -y install apt-transport-https ca-certificates curl wget gnupg software-properties-common
wget -O- https://apt.releases.hashicorp.com/gpg | gpg --dearmor | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.gpg >/dev/null
codename="$(lsb_release -cs)"
sudo tee /etc/apt/sources.list.d/hashicorp.list >/dev/null <<EOF
deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $codename main
EOF
sudo apt-get update
sudo apt-get install -y virtualbox virtualbox-dkms vagrant python3-pip
# Patch until fix: https://github.com/hashicorp/vagrant/issues/13404#issuecomment-2490437792
git clone https://github.com/dheerapat/vagrant-vbguest.git
(cd vagrant-vbguest && gem build vagrant-vbguest.gemspec && vagrant plugin install vagrant-vbguest-0.32.1.gem)
vagrant plugin install vagrant-disksize
- name: Disable KVM to allow VirtualBox
run: |
set -euxo pipefail
# GitHub-hosted runners often have KVM modules loaded, which prevents VirtualBox from using VT-x/AMD-V.
if lsmod | grep -q '^kvm'; then
sudo modprobe -r kvm_intel 2>/dev/null || true
sudo modprobe -r kvm_amd 2>/dev/null || true
sudo modprobe -r kvm 2>/dev/null || true
fi
if lsmod | grep -q '^kvm'; then
echo "KVM modules still loaded; VirtualBox will fail to start VMs."
lsmod | grep '^kvm' || true
exit 1
fi
- name: Install Python + Ansible deps
run: |
set -euxo pipefail
pip install -r requirements.txt
ansible-galaxy install -r requirements.yml
ansible-galaxy install --no-deps -r testing/requirements.yml
- name: Run Vagrant integration test (Ubuntu Noble)
run: |
set -euxo pipefail
vagrant up noble
# Double-check rootless Docker works from inside the VM.
# Avoid quoting pitfalls: resolve uid/home first, then run as dockeruser with explicit env.
vagrant ssh noble -c 'set -euo pipefail
uid="$(id -u dockeruser)"
home="$(getent passwd dockeruser | cut -d: -f6)"
sudo -u dockeruser env \
HOME="$home" \
PATH="$home/bin:$home/.local/bin:$PATH" \
XDG_RUNTIME_DIR="/run/user/$uid" \
DOCKER_HOST="unix:///run/user/$uid/docker.sock" \
bash -lc "docker --version && docker info >/dev/null && docker run --rm hello-world >/dev/null"'
- name: Clean up Vagrant session
if: always()
run: |
vagrant halt noble || true
vagrant destroy -f noble || true