update entrypoint and dockerfile, fix test workflow

update dockerfile,

rework entrypoint execution,

update compose and test

entrypoint.sh

@@ -2,11 +2,15 @@
 
 set -e
 
-# Check if the script is run as root
-if [ "$EUID" -ne 0 ]; then
-  echo "This script must be run as root"
-  exit 1
-fi
+run_command() {
+  local cmd="$1"
+  echo "Running $cmd as $(id -u)"
+  if [[ "$ISROOT" == true ]]; then
+    su -c "$cmd" forgejo-runner
+  else
+    eval "$cmd"
+  fi
+}
 
 # Initial setup
 if [[ ! -d /data ]]; then
@@ -16,38 +20,48 @@ cd /data
 
 RUNNER_USERID="${RUNNER_USERID:-1000}"
 
-# Setup User
-if id "forgejo-runner" &>/dev/null; then
-  if [[ ! -z "${RUNNER_USERID}" ]]; then
-    echo "Changing UID of forgejo-runner to ${RUNNER_USERID}"
-    sed -i "s/^forgejo-runner:[^:]*:[^:]*:/forgejo-runner:x:${RUNNER_USERID}:/" /etc/passwd
-  fi
-else
-  echo "Creating user forgejo-runner with UID ${RUNNER_USERID}"
-  adduser --uid "${RUNNER_USERID}" --home /home/forgejo-runner --disabled-password --gecos "" forgejo-runner
+# Check if the script is running as root
+if [[ $(id -u) -eq 0 ]]; then
+  ISROOT=true
 fi
 
-# Ensure /data is owned by the runner user
-chown -R forgejo-runner:forgejo-runner /data
+if [[ "$ISROOT" == true ]]; then
+  # Check if the forgejo-runner user exists
+  if id "forgejo-runner" &>/dev/null; then
+    echo "forgejo-runner user exists."
+
+    # Change the user ID if needed
+    CURRENT_UID=$(id -u forgejo-runner)
+    if [[ "${CURRENT_UID}" -ne "${RUNNER_USERID}" ]]; then
+      echo "Changing UID of forgejo-runner to ${RUNNER_USERID}"
+      sed -i "s/^forgejo-runner:[^:]*:[^:]*:/forgejo-runner:x:${RUNNER_USERID}:/" /etc/passwd
+    fi
+  else
+    echo "Creating user forgejo-runner with UID ${RUNNER_USERID}"
+    adduser --uid "${RUNNER_USERID}" --home /home/forgejo-runner --disabled-password --gecos "" forgejo-runner
+  fi
+
+  # Ensure /data is owned by the runner user
+  chown -R forgejo-runner:forgejo-runner /data
+fi
 
 # Handle and alter the config file
 if [[ -z "${CONFIG_FILE}" ]]; then
+  echo "CONFIG_FILE is not set"
   CONFIG_FILE="/data/config.yml"
 fi
 CONFIG_ARG="--config ${CONFIG_FILE}"
 
 DOCKER_HOST=${DOCKER_HOST:-docker}
-echo "DOCKER_HOST: ${DOCKER_HOST}"
 if [[ ! -f "${CONFIG_FILE}" ]]; then
-  su -c "forgejo-runner generate-config > ${CONFIG_FILE}" forgejo-runner
+  run_command "forgejo-runner generate-config > ${CONFIG_FILE}" forgejo-runner
 
   # Remove test environment variables if they exist in the config file
   sed -i "/^    A_TEST_ENV_NAME_1:/d" ${CONFIG_FILE}
   sed -i "/^    A_TEST_ENV_NAME_2:/d" ${CONFIG_FILE}
 
   # Apply default values for docker
-  sed -i "/\"labels\":/c\  \"labels\": [\"docker:docker://code.forgejo.org/oci/node:20-bookworm\", \"ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04\"]" ${CONFIG_FILE}
-
+  sed -i "/^  labels:/c\  \"labels\": [\"docker:docker://code.forgejo.org/oci/node:20-bookworm\", \"ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04\"]" ${CONFIG_FILE}
   sed -i "/^  network:/c\  network: host" ${CONFIG_FILE}
   sed -i "/^  privileged:/c\  privileged: true" ${CONFIG_FILE}
   sed -i "/^  options:/c\  options: -v /certs/client:/certs/client" ${CONFIG_FILE}
@@ -63,7 +77,7 @@ fi
 
 if [[ ! -f "${ENV_FILE}" ]]; then
   echo "Creating ${ENV_FILE} and populating with default values"
-  cat <<EOF > ${ENV_FILE}
+  cat <<EOF >${ENV_FILE}
   DOCKER_TLS_VERIFY: 1
   DOCKER_CERT_PATH: /certs/client
 EOF
@@ -76,7 +90,7 @@ fi
 
 # Set the runner file
 if [[ -z "${RUNNER_FILE}" ]]; then
-  RUNNER_FILE=".runner.json"  # use json so editors know how to highlight
+  RUNNER_FILE=".runner.json" # use json so editors know how to highlight
 fi
 sed -i "/^  file:/c\  file: ${RUNNER_FILE}" ${CONFIG_FILE}
 
@@ -84,9 +98,15 @@ if [[ ! -s "${RUNNER_FILE}" ]]; then
   touch ${RUNNER_FILE}
   try=$((try + 1))
   success=0
-  if [[ -z "${RUNNER_TOKEN}" ]]; then
-    echo "RUNNER_TOKEN is not set"
-    exit 1
+
+  if [[ ! -z "${FORGEJO_SECRET}" ]]; then
+    EXTRA_ARGS="${EXTRA_ARGS} --secret ${FORGEJO_SECRET}"
+  else
+    if [[ -z "${RUNNER_TOKEN}" ]]; then
+      echo "RUNNER_TOKEN is not set"
+      exit 1
+    fi
+    EXTRA_ARGS="${EXTRA_ARGS} --token ${RUNNER_TOKEN}"
   fi
 
   # The point of this loop is to make it simple, when running both forgejo-runner and gitea in docker,
@@ -94,13 +114,18 @@ if [[ ! -s "${RUNNER_FILE}" ]]; then
   # the context of a single docker-compose, something similar could be done via healthchecks, but
   # this is more flexible.
   while [[ $success -eq 0 ]] && [[ $try -lt ${MAX_REG_ATTEMPTS:-10} ]]; do
-    su -c "forgejo-runner register \
-      --instance \"${FORGEJO_URL:-http://forgejo:3000}\" \
-      --token \"${RUNNER_TOKEN}\" \
-      --name \"${RUNNER_NAME:-$(hostname)}\" \
-      ${CONFIG_ARG} ${EXTRA_ARGS} --no-interactive 2>&1 | tee /tmp/reg.log" forgejo-runner
+    # run_command "forgejo-runner register \
+    #   --instance \"${FORGEJO_URL:-http://forgejo:3000}\" \
+    #   --name \"${RUNNER_NAME:-$(hostname)}\" \
+    #   ${CONFIG_ARG} ${EXTRA_ARGS} --no-interactive 2>&1 | tee /tmp/reg.log"
 
-    cat /tmp/reg.log | grep 'Runner registered successfully' >/dev/null
+    run_command "forgejo-runner create-runner-file --connect \
+    --instance \"${FORGEJO_URL:-http://forgejo:3000}\" \
+    --name \"${RUNNER_NAME:-$(hostname)}\" \
+    ${CONFIG_ARG} ${EXTRA_ARGS} 2>&1 | tee /tmp/reg.log"
+
+
+    cat /tmp/reg.log | grep 'connection successful' >/dev/null
     if [[ $? -eq 0 ]]; then
       echo "SUCCESS"
       success=1
@@ -114,4 +139,4 @@ fi
 # Prevent reading the token from the forgejo-runner process
 unset RUNNER_TOKEN
 
-su -c "forgejo-runner daemon ${CONFIG_ARG}" forgejo-runner
+run_command "forgejo-runner daemon ${CONFIG_ARG}"