Skip to content
box

GitHub Action

Install Localias

v1 Latest version

Install Localias

box

Install Localias

Install and run localias as a daemon, enabling https domains to be used for CI tests

Installation

Copy and paste the following snippet into your .yml file.

 
              
- name: Install Localias

              
  uses: iloveitaly/github-action-localias@v1
Learn more about this action in iloveitaly/github-action-localias

Choose a version

Localias on GitHub Actions

This GitHub Action installs and configures Localias to enable HTTPS domains for CI tests. It handles certificate installation and system configuration to ensure proper HTTPS functionality in testing environments.

This was extracted from this python repo, if you are looking for an example of how to integrate this into your project.

Features

  • Installs and runs Localias as a daemon
  • Configures system CA certificates
  • Sets up NSS database for Chrome/Chromium compatibility (for playright, cypress, etc)
  • Validates HTTPS functionality with curl tests based on a domain in .localias.yml

Usage

steps:
  - uses: iloveitaly/github-action-localias@master

What it does

  1. Installs Localias if not present
  2. Starts Localias daemon
  3. Waits for self-signed certificate generation
  4. Refreshes system CA certificates
  5. Creates and configures NSS database for Chrome/Chromium
  6. Validates HTTPS setup with curl tests across all domains in .localias.yml

Development Notes

Getting this working was challenging:

  • You'll see an error message (with a typo) not NSS security databases found even if the NSS DB exists. This occurs even under sudo -E and it really shouldn't because the directory it references definitely exists.
  • curl will succeed if retried multiple times. I have no idea why this is happening. There must be some CA store refresh process which runs async. Rather than trying to understand what is going on, we just retry a handful of times.
    • Note that this happens on each unique domain. So it's not related to the cert cache globally, there's some per-host cert system that needs to be warmed up. This is why we iterate over each domain.
  • Installing libnss3-tools does not initialize the NSS DB. You must do this manually.
  • curl does not use the NSS DB but Chromium does.
  • sudo localias debug cert --print | sudo tee -a /etc/ssl/certs/ca-certificates.crt executes correctly with caddy, this is not necessary.

Helpful links