From 190607cf35712c0e79b2385b240d9bdc3d194b33 Mon Sep 17 00:00:00 2001 From: Merith Date: Wed, 25 Sep 2024 13:00:54 -0700 Subject: [PATCH] address dockerfile feedback, further work on entrypoint --- Dockerfile | 3 +-- entrypoint.sh | 71 ++++++++++++++++++++++++++++++++++++--------------- 2 files changed, 51 insertions(+), 23 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6843a3a..c40304b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -38,8 +38,7 @@ LABEL maintainer="contact@forgejo.org" \ ENV HOME=/data -COPY entrypoint.sh /entrypoint.sh -RUN chmod +x /entrypoint.sh +COPY --chmod=555 entrypoint.sh /entrypoint.sh WORKDIR /data diff --git a/entrypoint.sh b/entrypoint.sh index 4fd5ae8..a11508c 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -8,36 +8,71 @@ if [[ ! -d /data ]]; then fi cd /data -if [[ -z "${RUNNER_FILE}" ]]; then - RUNNER_FILE="/data/.runner" -fi +RUNNER_USERID="${RUNNER_USERID:-1000}" -if [[ ! -f "${RUNNER_FILE}" ]]; then - touch "${RUNNER_FILE}" +## Setup User +if id "forgejo-runner" &>/dev/null; then + if [[ ! -z "${RUNNER_USERID}" ]]; then + echo "Changing UID of forgejo-runner to ${RUNNER_USERID}" + sed -i "s/^forgejo-runner:[^:]*:[^:]*:/forgejo-runner:x:${RUNNER_USERID}:/" /etc/passwd + fi +else + echo "Creating user forgejo-runner with UID ${RUNNER_USERID}" + adduser --uid "${RUNNER_USERID}" --home /home/forgejo-runner --disabled-password --gecos "" forgejo-runner fi +chown -R forgejo-runner:forgejo-runner /data +## Handle and alter the config file if [[ -z "${CONFIG_FILE}" ]]; then CONFIG_FILE="/data/config.yml" fi CONFIG_ARG="--config ${CONFIG_FILE}" +DOCKER_HOST=${DOCKER_HOST:-docker} +echo "DOCKER_HOST: ${DOCKER_HOST}" if [[ ! -f "${CONFIG_FILE}" ]]; then - forgejo-runner generate-config > ${CONFIG_FILE} + su -c "forgejo-runner generate-config > ${CONFIG_FILE}" forgejo-runner + + # Remove test environment variables if they exist in the config file + sed -i "/^ A_TEST_ENV_NAME_1:/d" ${CONFIG_FILE} + sed -i "/^ A_TEST_ENV_NAME_2:/d" ${CONFIG_FILE} + + # apply default values for docker + sed -i "/\"labels\":/c\ \"labels\": [\"docker:docker://code.forgejo.org/oci/node:20-bookworm\", \"ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04\"]" ${CONFIG_FILE} + + sed -i "/^ network:/c\ network: host" config.yml + sed -i "/^ privileged:/c\ privileged: true" ${CONFIG_FILE} + sed -i "/^ options:/c\ options: -v /certs/client:/certs/client" config.yml + sed -i "/^ docker_host:/c\ docker_host: tcp://${DOCKER_HOST}:2376" ${CONFIG_FILE} fi +if [[ ! -z "${ENV_FILE}" ]]; then + sed -i "/^ env_file:/c\ env_file: ${ENV_FILE}" ${CONFIG_FILE} +else + ENV_FILE="/data/.env" +fi +if [[ ! -f "${ENV_FILE}" ]]; then + echo "Creating ${ENV_FILE} and populating with default values" + cat < ${ENV_FILE} + DOCKER_TLS_VERIFY: 1 + DOCKER_CERT_PATH: /certs/client +EOF +fi + + EXTRA_ARGS="" if [[ ! -z "${RUNNER_LABELS}" ]]; then EXTRA_ARGS="${EXTRA_ARGS} --labels ${RUNNER_LABELS}" fi -# For simplicity sake, I am not using the same ENV variable names as the original script - +# Set the runner file if [[ -z "${RUNNER_FILE}" ]]; then - RUNNER_FILE=".runner" + RUNNER_FILE=".runner.json" # use json so editors know how to highlight fi sed -i "/^ file:/c\ file: ${RUNNER_FILE}" ${CONFIG_FILE} if [[ ! -s "${RUNNER_FILE}" ]]; then + touch ${RUNNER_FILE} try=$((try + 1)) success=0 if [[ -z "${RUNNER_TOKEN}" ]]; then @@ -45,22 +80,16 @@ if [[ ! -s "${RUNNER_FILE}" ]]; then exit 1 fi - if [[ -z "${FORGEJO_URL}" ]]; then - echo "FORGEJO_URL is not set" - echo "Defaulting to http://forgejo:8080" - fi - - # The point of this loop is to make it simple, when running both forgejo-runner and gitea in docker, # for the forgejo-runner to wait a moment for gitea to become available before erroring out. Within # the context of a single docker-compose, something similar could be done via healthchecks, but # this is more flexible. while [[ $success -eq 0 ]] && [[ $try -lt ${MAX_REG_ATTEMPTS:-10} ]]; do - forgejo-runner register \ - --instance "${FORGEJO_URL:-http://forgejo:8080}" \ - --token "${RUNNER_TOKEN}" \ - --name "${RUNNER_NAME:-$(hostname)}" \ - ${CONFIG_ARG} ${EXTRA_ARGS} --no-interactive 2>&1 | tee /tmp/reg.log + su -c "forgejo-runner register \ + --instance \"${FORGEJO_URL:-http://forgejo:3000}\" \ + --token \"${RUNNER_TOKEN}\" \ + --name \"${RUNNER_NAME:-$(hostname)}\" \ + ${CONFIG_ARG} ${EXTRA_ARGS} --no-interactive 2>&1 | tee /tmp/reg.log" forgejo-runner cat /tmp/reg.log | grep 'Runner registered successfully' >/dev/null if [[ $? -eq 0 ]]; then @@ -75,4 +104,4 @@ fi # Prevent reading the token from the forgejo-runner process unset RUNNER_TOKEN -forgejo-runner daemon ${CONFIG_ARG} +su -c "forgejo-runner daemon ${CONFIG_ARG}" forgejo-runner