Fix docker iptables workaround

* ipv6 may be unavailable, so we'll ignore errors * log the host ips and routes
canonical · Jan 10, 2025 · 6ebcec8 · 6ebcec8
1 parent 92088b2
commit 6ebcec8
Showing 1 changed file with 11 additions and 6 deletions.
diff --git a/.github/actions/install-lxd/action.yaml b/.github/actions/install-lxd/action.yaml
@@ -32,11 +32,16 @@ runs:
     - name: Apply Docker iptables workaround
       shell: bash
       run: |
+        set -x
+        ip a
+        ip r
+
         bridges=('lxdbr0' 'dualstack-br0' 'ipv6-br0')
-        for i in $bridges
-        do
-            sudo iptables  -I DOCKER-USER -i $i -j ACCEPT
-            sudo ip6tables -I DOCKER-USER -i $i -j ACCEPT
-            sudo iptables  -I DOCKER-USER -o $i -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-            sudo ip6tables -I DOCKER-USER -o $i -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
+        for i in ${bridges[@]}; do
+          set +e
+          sudo iptables  -I DOCKER-USER -i $i -j ACCEPT
+          sudo ip6tables -I DOCKER-USER -i $i -j ACCEPT
+          sudo iptables  -I DOCKER-USER -o $i -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
+          sudo ip6tables -I DOCKER-USER -o $i -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
+          set -e
         done