CalvinBackup/gstack
1
0
Fork 0
mirror of https://github.com/garrytan/gstack.git synced 2026-05-05 05:05:08 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix(ci): switch apt mirror to Hetzner to bypass Ubicloud → archive.ubuntu.com timeouts

Browse Source 
Both build attempts of `.github/docker/Dockerfile.ci` failed at
`apt-get update` with persistent connection timeouts to archive.ubuntu.com:80
and security.ubuntu.com:80 — 90+ seconds of "connection timed out" against
every Ubuntu IP. Not a transient blip; this PR doesn't touch the Dockerfile,
and a re-run reproduced the same failure across all 9 mirror IPs.

Root cause: Ubicloud runners (Hetzner FSN1-DC21 per runner output) have
unreliable HTTP-port-80 routing to Ubuntu's official archive endpoints.

Fix:
- Rewrite /etc/apt/sources.list.d/ubuntu.sources (deb822 format in 24.04)
  to use https://mirror.hetzner.com/ubuntu/packages instead. Hetzner's
  mirror is publicly accessible from any cloud (not Hetzner-only despite
  the name) and route-local for Ubicloud's actual host. Solves both
  reliability and latency.
- Add a 3-attempt retry loop around both `apt-get update` calls as
  belt-and-suspenders. Even Hetzner's mirror can have brief blips, and the
  retry costs nothing when the first attempt succeeds.

Verification: the workflow will rebuild on push. Local `docker build` not
practical for a 12-step image with bun + claude + playwright deps + a 10-min
cold install. Trusting CI.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Garry Tan
2026-04-17 14:42:29 +08:00
parent 922f3ba42b
commit 5b3588493d
1 changed files with 16 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/docker/Dockerfile.ci
+16 -3
View File
@@ -4,8 +4,20 @@ FROM ubuntu:24.04
ENV DEBIAN_FRONTEND=noninteractive
# System deps
RUN apt-get update && apt-get install -y --no-install-recommends \
# Switch apt sources to Hetzner's public mirror over HTTPS.
# Ubicloud runners (Hetzner FSN1-DC21) hit reliable connection timeouts to
# archive.ubuntu.com:80 — observed 90+ second outages on multiple builds.
# Hetzner's mirror is publicly accessible from any cloud and route-local for
# Ubicloud, so this fixes both reliability and latency. Ubuntu 24.04 uses
# the deb822 sources format at /etc/apt/sources.list.d/ubuntu.sources.
RUN sed -i \
-e 's|http://archive.ubuntu.com/ubuntu|https://mirror.hetzner.com/ubuntu/packages|g' \
-e 's|http://security.ubuntu.com/ubuntu|https://mirror.hetzner.com/ubuntu/packages|g' \
/etc/apt/sources.list.d/ubuntu.sources
# System deps (retry apt-get update — even Hetzner can blip occasionally)
RUN for i in 1 2 3; do apt-get update && break || sleep 5; done \
&& apt-get install -y --no-install-recommends \
git curl unzip ca-certificates jq bc gpg \
&& rm -rf /var/lib/apt/lists/*
@@ -14,7 +26,8 @@ RUN curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg \
| gpg --dearmor -o /usr/share/keyrings/githubcli-archive-keyring.gpg \
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" \
| tee /etc/apt/sources.list.d/github-cli.list > /dev/null \
&& apt-get update && apt-get install -y --no-install-recommends gh \
&& for i in 1 2 3; do apt-get update && break || sleep 5; done \
&& apt-get install -y --no-install-recommends gh \
&& rm -rf /var/lib/apt/lists/*
# Node.js 22 LTS (needed for claude CLI)