Fix build hangs: add apt-get network timeout and job timeout

apt-get has no default network timeout, so an unresponsive Debian mirror can block a build stage indefinitely. Add Acquire::http::Timeout=30 to both update and install calls in all apt-get invocations so mirror hangs fail fast rather than running until GitHub's 6-hour job limit. Also add timeout-minutes: 60 to the build job so a runaway step fails within an hour rather than silently consuming the full 6-hour default.
2026-03-26 21:35:58 +00:00 · 2026-02-25 06:29:20 -06:00 · 2026-02-25 06:29:20 -06:00 · f0b5e083ff
commit f0b5e083ff
parent 506ff0e66f
2 changed files with 4 additions and 3 deletions
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@ -75,6 +75,7 @@ jobs:

  build:
    runs-on: ubuntu-latest
+    timeout-minutes: 60
    if: (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref == 'refs/heads/master'
    strategy:
      fail-fast: false
--- a/build/Dockerfile
+++ b/build/Dockerfile
@ -9,7 +9,7 @@ FROM debian:sid-slim AS build
 ARG version

 # Install build dependencies
-RUN apt-get update && apt-get install -y golang build-essential libsecret-1-dev libfido2-dev libcbor-dev
+RUN apt-get -o Acquire::http::Timeout=30 update && apt-get -o Acquire::http::Timeout=30 install -y golang build-essential libsecret-1-dev libfido2-dev libcbor-dev

 # Build
 ADD https://github.com/ProtonMail/proton-bridge.git#${version} /build/
@ -27,8 +27,8 @@ HEALTHCHECK --interval=30s --timeout=10s --retries=3 --start-period=60s \
  CMD bash -c "pgrep -f proton-bridge || exit 1"

 # Install runtime dependencies
-RUN apt-get update \
-    && apt-get install -y --no-install-recommends socat pass libsecret-1-0 libfido2-1 ca-certificates \
+RUN apt-get -o Acquire::http::Timeout=30 update \
+    && apt-get -o Acquire::http::Timeout=30 install -y --no-install-recommends socat pass libsecret-1-0 libfido2-1 ca-certificates \
    && rm -rf /var/lib/apt/lists/*

 # Copy bash scripts