mirror of https://code.forgejo.org/forgejo/runner
Fix for using docker inside runner's container (#175)
#153 Co-authored-by: zwanto <antoine.hamon@protonmail.com> Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/175 Reviewed-by: earl-warren <earl-warren@noreply.code.forgejo.org> Co-authored-by: zwanto <zwanto@noreply.code.forgejo.org> Co-committed-by: zwanto <zwanto@noreply.code.forgejo.org>wip-config
parent
eb89a98c6a
commit
6980165781
|
@ -39,7 +39,7 @@ Creating docker-compose_docker-in-docker_1 ... done
|
|||
Creating docker-compose_forgejo_1 ... done
|
||||
Creating docker-compose_runner-register_1 ... done
|
||||
...
|
||||
docker-in-docker_1 | time="2023-08-24T10:22:15.023338461Z" level=warning msg="WARNING: API is accessible on http://0.0.0.0:2375
|
||||
docker-in-docker_1 | time="2023-08-24T10:22:15.023338461Z" level=warning msg="WARNING: API is accessible on http://0.0.0.0:2376
|
||||
...
|
||||
forgejo_1 | 2023/08/24 10:22:14 ...s/graceful/server.go:75:func1() [D] Starting server on tcp:0.0.0.0:3000 (PID: 19)
|
||||
...
|
||||
|
@ -58,12 +58,14 @@ To login the Forgejo instance:
|
|||
|
||||
## Tests workflow
|
||||
|
||||
The `compose-demo-workflow.yml` compose file runs a demo workflow to
|
||||
verify the `Forgejo runner` can pick up a task from the Forgejo instance
|
||||
The `compose-demo-workflow.yml` compose file runs two demo workflows:
|
||||
* one to verify the `Forgejo runner` can pick up a task from the Forgejo instance
|
||||
and run it to completion.
|
||||
* one to verify docker can be run inside the `Forgejo runner` container.
|
||||
|
||||
A new repository is created in root/test with the following workflow
|
||||
in `.forgejo/workflows/demo.yml`:
|
||||
A new repository is created in root/test with the following workflows:
|
||||
|
||||
#### `.forgejo/workflows/demo.yml`:
|
||||
|
||||
```yaml
|
||||
on: [push]
|
||||
|
@ -74,6 +76,17 @@ jobs:
|
|||
- run: echo All Good
|
||||
```
|
||||
|
||||
#### `.forgejo/workflows/demo_docker.yml`
|
||||
|
||||
```yaml
|
||||
on: [push]
|
||||
jobs:
|
||||
test_docker:
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- run: docker info
|
||||
```
|
||||
|
||||
A wait loop expects the status of the check associated with the
|
||||
commit in Forgejo to show "success" to assert the workflow was run.
|
||||
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
# Copyright 2023 The Forgejo Authors.
|
||||
# SPDX-License-Identifier: MIT
|
||||
|
||||
version: "3"
|
||||
|
||||
services:
|
||||
|
||||
demo-workflow:
|
||||
|
@ -20,6 +18,7 @@ services:
|
|||
git init --initial-branch=main ;
|
||||
mkdir -p .forgejo/workflows ;
|
||||
echo "{ on: [push], jobs: { test: { runs-on: docker, steps: [ {uses: actions/checkout@v4}, { run: echo All Good } ] } } }" > .forgejo/workflows/demo.yml ;
|
||||
echo "{ on: [push], jobs: { test_docker: { runs-on: ubuntu-22.04, steps: [ { run: docker info } ] } } }" > .forgejo/workflows/demo_docker.yml ;
|
||||
git add . ;
|
||||
git config user.email root@example.com ;
|
||||
git config user.name username ;
|
||||
|
|
|
@ -14,14 +14,20 @@
|
|||
# Replace {ROOT_PASSWORD} with a secure password
|
||||
#
|
||||
|
||||
version: "3"
|
||||
volumes:
|
||||
docker_certs:
|
||||
|
||||
services:
|
||||
|
||||
docker-in-docker:
|
||||
image: docker:dind
|
||||
hostname: docker # Must set hostname as TLS certificates are only valid for docker or localhost
|
||||
privileged: true
|
||||
command: [ "dockerd", "-H", "tcp://0.0.0.0:2375", "--tls=false" ]
|
||||
environment:
|
||||
DOCKER_TLS_CERTDIR: /certs
|
||||
DOCKER_HOST: docker-in-docker
|
||||
volumes:
|
||||
- docker_certs:/certs
|
||||
|
||||
forgejo:
|
||||
image: codeberg.org/forgejo/forgejo:1.21
|
||||
|
@ -29,7 +35,7 @@ services:
|
|||
bash -c '
|
||||
/bin/s6-svscan /etc/s6 &
|
||||
sleep 10 ;
|
||||
su -c "forgejo forgejo-cli actions register --secret {SHARED_SECRET} --labels docker --version 3.3.0" git ;
|
||||
su -c "forgejo forgejo-cli actions register --secret {SHARED_SECRET} --labels docker,ubuntu-22.04 --version 3.3.0" git ;
|
||||
su -c "forgejo admin user create --admin --username root --password {ROOT_PASSWORD} --email root@example.com" git ;
|
||||
sleep infinity
|
||||
'
|
||||
|
@ -50,7 +56,7 @@ services:
|
|||
- docker-in-docker
|
||||
- forgejo
|
||||
environment:
|
||||
DOCKER_HOST: tcp://docker-in-docker:2375
|
||||
DOCKER_HOST: tcp://docker-in-docker:2376
|
||||
volumes:
|
||||
- /srv/runner-data:/data
|
||||
user: 0:0
|
||||
|
@ -60,9 +66,12 @@ services:
|
|||
forgejo-runner create-runner-file --connect --instance http://forgejo:3000 --name runner --secret {SHARED_SECRET} && break ;
|
||||
sleep 1 ;
|
||||
done ;
|
||||
sed -i -e "s|\"labels\": null|\"labels\": [\"docker:docker://node:16-bullseye\", \"ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04\"]|" .runner ;
|
||||
forgejo-runner generate-config > config.yml ;
|
||||
sed -i -e "s|network: .*|network: host|" config.yml ;
|
||||
sed -i -e "s|labels: \[\]|labels: \[\"docker:docker://alpine:3.18\"\]|" config.yml ;
|
||||
sed -i -e "s|^ envs:$$| envs:\n DOCKER_HOST: tcp://docker:2376\n DOCKER_TLS_VERIFY: 1\n DOCKER_CERT_PATH: /certs/client|" config.yml ;
|
||||
sed -i -e "s|^ options:| options: -v /certs/client:/certs/client|" config.yml ;
|
||||
sed -i -e "s| valid_volumes: \[\]$$| valid_volumes:\n - /certs/client|" config.yml ;
|
||||
chown -R 1000:1000 /data
|
||||
'
|
||||
|
||||
|
@ -72,10 +81,13 @@ services:
|
|||
- docker-in-docker
|
||||
- forgejo
|
||||
environment:
|
||||
DOCKER_HOST: tcp://docker-in-docker:2375
|
||||
DOCKER_HOST: tcp://docker:2376
|
||||
DOCKER_CERT_PATH: /certs/client
|
||||
DOCKER_TLS_VERIFY: "1"
|
||||
depends_on:
|
||||
runner-register:
|
||||
condition: service_completed_successfully
|
||||
volumes:
|
||||
- /srv/runner-data:/data
|
||||
- docker_certs:/certs
|
||||
command: "forgejo-runner --config config.yml daemon"
|
||||
|
|
Loading…
Reference in New Issue