search

tailscale / github-action

A GitHub Action to connect your workflow to your Tailscale network.
BSD 3-Clause "New" or "Revised" License
551 stars 84 forks source link

Action fails to run #6

Closed shepherdjerred closed 3 years ago

shepherdjerred commented 3 years ago

An error occurs when using this action.

Workflow failure: https://github.com/shepherdjerred/ansible-playbook/runs/3354929715?check_suite_focus=true

Workflow .yml file:


name: Ansible Deploy

on: [push]

jobs:
  deploy:
    strategy:
      matrix:
        host:
          - "hades"
          - "nas"
    if: github.event_name == 'push' && github.ref == 'refs/heads/master'
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Setup Tailscale
        uses: tailscale/github-action@v1
        with:
          authkey: ${{ secrets.TAILSCALE_KEY }}
      - name: Run playbook
        uses: dawidd6/action-ansible-playbook@v2
        with:
          playbook: main.yml
          key: ${{secrets.SSH_PRIVATE_KEY}}
          vault_password: ${{secrets.VAULT_PASSWORD}}
          requirements: requirements.yml
          options: |
            --inventory production/inventory.yml
            -e@vars/vaulted_vars.yml
            --limit ${{ matrix.host }}

Action output:

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed

  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
 11 14.1M   11 1632k    0     0  2105k      0  0:00:06 --:--:--  0:00:06 2103k
100 14.1M  100 14.1M    0     0  13.4M      0  0:00:01  0:00:01 --:--:-- 13.4M
failed to connect to local tailscaled (which appears to be running). Got error: Get "http://local-tailscaled.sock/localapi/v0/status": dial unix /var/run/tailscale/tailscaled.sock: connect: no such file or directory
Success.

Despite failing, the action succeeds and prints "Success". I'm able to see GitHub action workers in my Tailscale console.

Screen Shot 2021-08-17 at 2 06 47 PM

The workflow then fails on the next step which relies on being able to connect to my Tailscale network.

DentonGentry commented 3 years ago

I believe you've set TAILSCALE_KEY to be an Ephemeral authkey, which is what we recommend for this kind of application because they clean themselves up shortly after the Github runner completes.

Ephemeral nodes only get an IPv6 address, the fd7a:115ca1e0efe3::... addresses seen in the admin panel.

Your workflow is trying to connect to san IPv4 address 100.76.222.102, which isn't going to work. You can find the IPv6 address of that node using tailscale ip -6 hostname and use that in the workflow, which should work.

shepherdjerred commented 3 years ago

Ah, that makes sense! Thanks for getting back to me. I'll try setting up a AAAA record for my domain and see if I can get Ansible to connect via IPv6 instead of IPv4.

shepherdjerred commented 3 years ago

That fixed it! I used tailscale ip -6 on the machine I was trying to connect to. I created a AAAA record pointing to the output of that command. GitHub actions was able to connect when I re-ran a failed workflow.

Thanks for the help! Tailscale is so easy to use.