Fix for using docker inside runner's container (#175)

#153

Co-authored-by: zwanto <antoine.hamon@protonmail.com>
Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/175
Reviewed-by: earl-warren <earl-warren@noreply.code.forgejo.org>
Co-authored-by: zwanto <zwanto@noreply.code.forgejo.org>
Co-committed-by: zwanto <zwanto@noreply.code.forgejo.org>
This commit is contained in:
zwanto 2024-04-07 16:07:00 +00:00 committed by earl-warren
parent eb89a98c6a
commit 6980165781
3 changed files with 38 additions and 14 deletions

View file

@ -39,7 +39,7 @@ Creating docker-compose_docker-in-docker_1 ... done
Creating docker-compose_forgejo_1 ... done Creating docker-compose_forgejo_1 ... done
Creating docker-compose_runner-register_1 ... done Creating docker-compose_runner-register_1 ... done
... ...
docker-in-docker_1 | time="2023-08-24T10:22:15.023338461Z" level=warning msg="WARNING: API is accessible on http://0.0.0.0:2375 docker-in-docker_1 | time="2023-08-24T10:22:15.023338461Z" level=warning msg="WARNING: API is accessible on http://0.0.0.0:2376
... ...
forgejo_1 | 2023/08/24 10:22:14 ...s/graceful/server.go:75:func1() [D] Starting server on tcp:0.0.0.0:3000 (PID: 19) forgejo_1 | 2023/08/24 10:22:14 ...s/graceful/server.go:75:func1() [D] Starting server on tcp:0.0.0.0:3000 (PID: 19)
... ...
@ -58,12 +58,14 @@ To login the Forgejo instance:
## Tests workflow ## Tests workflow
The `compose-demo-workflow.yml` compose file runs a demo workflow to The `compose-demo-workflow.yml` compose file runs two demo workflows:
verify the `Forgejo runner` can pick up a task from the Forgejo instance * one to verify the `Forgejo runner` can pick up a task from the Forgejo instance
and run it to completion. and run it to completion.
* one to verify docker can be run inside the `Forgejo runner` container.
A new repository is created in root/test with the following workflow A new repository is created in root/test with the following workflows:
in `.forgejo/workflows/demo.yml`:
#### `.forgejo/workflows/demo.yml`:
```yaml ```yaml
on: [push] on: [push]
@ -74,6 +76,17 @@ jobs:
- run: echo All Good - run: echo All Good
``` ```
#### `.forgejo/workflows/demo_docker.yml`
```yaml
on: [push]
jobs:
test_docker:
runs-on: ubuntu-22.04
steps:
- run: docker info
```
A wait loop expects the status of the check associated with the A wait loop expects the status of the check associated with the
commit in Forgejo to show "success" to assert the workflow was run. commit in Forgejo to show "success" to assert the workflow was run.

View file

@ -1,8 +1,6 @@
# Copyright 2023 The Forgejo Authors. # Copyright 2023 The Forgejo Authors.
# SPDX-License-Identifier: MIT # SPDX-License-Identifier: MIT
version: "3"
services: services:
demo-workflow: demo-workflow:
@ -20,6 +18,7 @@ services:
git init --initial-branch=main ; git init --initial-branch=main ;
mkdir -p .forgejo/workflows ; mkdir -p .forgejo/workflows ;
echo "{ on: [push], jobs: { test: { runs-on: docker, steps: [ {uses: actions/checkout@v4}, { run: echo All Good } ] } } }" > .forgejo/workflows/demo.yml ; echo "{ on: [push], jobs: { test: { runs-on: docker, steps: [ {uses: actions/checkout@v4}, { run: echo All Good } ] } } }" > .forgejo/workflows/demo.yml ;
echo "{ on: [push], jobs: { test_docker: { runs-on: ubuntu-22.04, steps: [ { run: docker info } ] } } }" > .forgejo/workflows/demo_docker.yml ;
git add . ; git add . ;
git config user.email root@example.com ; git config user.email root@example.com ;
git config user.name username ; git config user.name username ;

View file

@ -14,14 +14,20 @@
# Replace {ROOT_PASSWORD} with a secure password # Replace {ROOT_PASSWORD} with a secure password
# #
version: "3" volumes:
docker_certs:
services: services:
docker-in-docker: docker-in-docker:
image: docker:dind image: docker:dind
privileged: true hostname: docker # Must set hostname as TLS certificates are only valid for docker or localhost
command: [ "dockerd", "-H", "tcp://0.0.0.0:2375", "--tls=false" ] privileged: true
environment:
DOCKER_TLS_CERTDIR: /certs
DOCKER_HOST: docker-in-docker
volumes:
- docker_certs:/certs
forgejo: forgejo:
image: codeberg.org/forgejo/forgejo:1.21 image: codeberg.org/forgejo/forgejo:1.21
@ -29,7 +35,7 @@ services:
bash -c ' bash -c '
/bin/s6-svscan /etc/s6 & /bin/s6-svscan /etc/s6 &
sleep 10 ; sleep 10 ;
su -c "forgejo forgejo-cli actions register --secret {SHARED_SECRET} --labels docker --version 3.3.0" git ; su -c "forgejo forgejo-cli actions register --secret {SHARED_SECRET} --labels docker,ubuntu-22.04 --version 3.3.0" git ;
su -c "forgejo admin user create --admin --username root --password {ROOT_PASSWORD} --email root@example.com" git ; su -c "forgejo admin user create --admin --username root --password {ROOT_PASSWORD} --email root@example.com" git ;
sleep infinity sleep infinity
' '
@ -50,7 +56,7 @@ services:
- docker-in-docker - docker-in-docker
- forgejo - forgejo
environment: environment:
DOCKER_HOST: tcp://docker-in-docker:2375 DOCKER_HOST: tcp://docker-in-docker:2376
volumes: volumes:
- /srv/runner-data:/data - /srv/runner-data:/data
user: 0:0 user: 0:0
@ -60,9 +66,12 @@ services:
forgejo-runner create-runner-file --connect --instance http://forgejo:3000 --name runner --secret {SHARED_SECRET} && break ; forgejo-runner create-runner-file --connect --instance http://forgejo:3000 --name runner --secret {SHARED_SECRET} && break ;
sleep 1 ; sleep 1 ;
done ; done ;
sed -i -e "s|\"labels\": null|\"labels\": [\"docker:docker://node:16-bullseye\", \"ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04\"]|" .runner ;
forgejo-runner generate-config > config.yml ; forgejo-runner generate-config > config.yml ;
sed -i -e "s|network: .*|network: host|" config.yml ; sed -i -e "s|network: .*|network: host|" config.yml ;
sed -i -e "s|labels: \[\]|labels: \[\"docker:docker://alpine:3.18\"\]|" config.yml ; sed -i -e "s|^ envs:$$| envs:\n DOCKER_HOST: tcp://docker:2376\n DOCKER_TLS_VERIFY: 1\n DOCKER_CERT_PATH: /certs/client|" config.yml ;
sed -i -e "s|^ options:| options: -v /certs/client:/certs/client|" config.yml ;
sed -i -e "s| valid_volumes: \[\]$$| valid_volumes:\n - /certs/client|" config.yml ;
chown -R 1000:1000 /data chown -R 1000:1000 /data
' '
@ -72,10 +81,13 @@ services:
- docker-in-docker - docker-in-docker
- forgejo - forgejo
environment: environment:
DOCKER_HOST: tcp://docker-in-docker:2375 DOCKER_HOST: tcp://docker:2376
DOCKER_CERT_PATH: /certs/client
DOCKER_TLS_VERIFY: "1"
depends_on: depends_on:
runner-register: runner-register:
condition: service_completed_successfully condition: service_completed_successfully
volumes: volumes:
- /srv/runner-data:/data - /srv/runner-data:/data
- docker_certs:/certs
command: "forgejo-runner --config config.yml daemon" command: "forgejo-runner --config config.yml daemon"