k3s/.github/actions/vagrant-setup/action.yaml

name: 'Setup Vagrant and Libvirt'
description: 'A composite action that installs latest versions of vagrant and libvirt for use on ubuntu based runners'
runs:
  using: 'composite'
  steps:
    - name: Add vagrant to apt-get sources
      shell: bash
      run: |
        curl -fsSL https://apt.releases.hashicorp.com/gpg -o /tmp/hashicorp.asc
        FINGERPRINT="798AEC654E5C15428C8E42EEAA16FCBCA621E701"
        # Verify the GPG key fingerprint before adding it to the keyring
        DOWNLOADED_FPR=$(gpg --show-keys --with-colons /tmp/hashicorp.asc | awk -F: '$1=="fpr"{print $10; exit}')
        if [ "$DOWNLOADED_FPR" != "$FINGERPRINT" ]; then
          echo "SECURITY ERROR: HashiCorp GPG key fingerprint mismatch!"
          exit 1
        fi
        cat /tmp/hashicorp.asc | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
        echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
        rm /tmp/hashicorp.asc        
    - name: Install vagrant and libvirt
      shell: bash
      run: |
        sudo apt-get update
        sudo apt-get install -y libvirt-daemon libvirt-daemon-system vagrant=2.4.1-1 ruby-libvirt
        sudo systemctl enable --now libvirtd        
    - name: Install vagrant dependencies
      shell: bash
      run: |
        sudo apt-get install -y --no-install-recommends libxslt-dev libxml2-dev libvirt-dev ruby-bundler ruby-dev zlib1g-dev        
    # This is a workaround for the libvirt group not being available in the current shell
    # https://github.com/actions/runner-images/issues/7670#issuecomment-1900711711
    - name: Make the libvirt socket rw accessible to everyone
      shell: bash
      run: |
        sudo chmod a+rw /var/run/libvirt/libvirt-sock        
    - name: Install vagrant-libvirt plugin
      shell: bash
      run: vagrant plugin install vagrant-libvirt