Someone else tried to use CI/CD (gitlab,github) with LXD container ?
I’m trying to setup it to deploy my code instead of SFTP.
If I understand I have to “SSH Jump (lxd host)” to container by setup SSH server inside it. I have doubt about security by multiply SSH server (extending surface attack ?)
[INTERNET] --> [LXD HOST] --> [(ssh?) (no public ip) CONTAINER]
How guys do you deal with LXD+CI/CD ?
Can we consider LXD host like a kind of SSH Bastion for containers ?
What about “lxc exec” for CI/CD instead of SSH ?
It’s so curious we don’t see tutorial about Pipeline with LXD.
First I can say, using the lxd host as SSH Bastion is not prefer way to go.
Setup a dedicated container on the lxd host as Bastion is much better.
it is not clear where the version control system is hosted and
what functions do You need in your CI/CD pipeline.
Example: gitlab can be self hosted
gitlab_runner can run on same machine or self hosted on a different
or only a service in cloud
runner for docker or ssh possible
and so on.
VCS installed locally (wordpress container) on homelab.
Now I’m going to use GitHub Actions (cool marketplace) and use Continous Deploy.
For the Runner I use the free tiers offer by github on the cloud (ubuntu-vm)
My question : How can I reach the target LXD Container PROD from Github Actions Runner Cloud ?
I was using at my last workplace, gitlab runners with juju… those were running on VMWare hosts but you could just pull the charm and try it on your LXD deployment via juju