add env test files

.forgejo/workflows/example-docker-compose-envs.yml

@@ -0,0 +1,66 @@
+# SPDX-License-Identifier: MIT
+on:
+  push:
+    branches:
+      - 'main'
+  pull_request:
+
+jobs:
+  example-docker-compose:
+    if: github.repository_owner != 'forgejo-integration' && github.repository_owner != 'forgejo-experimental' && github.repository_owner != 'forgejo-release'
+    runs-on: lxc-bookworm
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install docker
+        run: |
+          apt-get update -qq
+          export DEBIAN_FRONTEND=noninteractive
+          apt-get install -qq -y ca-certificates curl gnupg
+          install -m 0755 -d /etc/apt/keyrings
+          curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
+          echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian "$([ -n "$VERSION_CODENAME" ] && echo "$VERSION_CODENAME")" stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+          apt-get update -qq
+          apt-get install -qq -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+          docker version
+          docker compose version
+
+      - name: Test Environment Example
+        run: |
+          set -x
+          cd examples/docker-compose
+          secret=$(openssl rand -hex 20)
+          sed -i -e "s/{SHARED_SECRET}/$secret/" compose-forgejo-and-runner-with-envs.yml
+          cli="docker compose --progress quiet -f compose-forgejo-and-runner-with-envs.yml"
+          # Launch Forgejo & the runner
+          #
+          $cli up -d
+          for delay in $(seq 60) ; do test -f /srv/runner-data/.runner && break ; sleep 30 ; done
+          test -f /srv/runner-data/.runner
+          #
+          # Run the demo workflow
+          #
+          cli="$cli -f compose-demo-workflow.yml"
+          $cli up -d demo-workflow
+          #
+          # Wait for the demo workflow to complete
+          #
+          success='DEMO WORKFLOW SUCCESS'
+          failure='DEMO WORKFLOW FAILURE'
+          for delay in $(seq 60) ; do
+            $cli logs demo-workflow > /tmp/out
+            grep --quiet "$success" /tmp/out && break
+            grep --quiet "$failure" /tmp/out && break
+            $cli ps --all
+            $cli logs --tail=20 runner-daemon demo-workflow
+            sleep 30
+          done
+          grep --quiet "$success" /tmp/out
+          $cli logs runner-daemon > /tmp/runner.log
+          grep --quiet 'Start image=code.forgejo.org/oci/node:20-bookworm' /tmp/runner.log
+
+      - name: full docker compose logs
+        if: always()
+        run: |
+          cd examples/docker-compose
+          docker compose -f compose-forgejo-and-runner.yml -f compose-demo-workflow.yml logs

examples/docker-compose/compose-forgejo-and-runner-with-envs.yml

@@ -0,0 +1,100 @@
+# Copyright 2024 The Forgejo Authors.
+# SPDX-License-Identifier: MIT
+
+#
+# Create a secret with:
+#
+#   openssl rand -hex 20
+#
+# Replace all occurences of {SHARED_SECRET} below with the output.
+#
+# NOTE: a token obtained from the Forgejo web interface cannot be used
+#       as a shared secret.
+#
+# Replace {ROOT_PASSWORD} with a secure password
+#
+
+volumes:
+  docker_certs:
+
+services:
+
+  docker-in-docker:
+    image: code.forgejo.org/oci/docker:dind
+    hostname: docker  # Must set hostname as TLS certificates are only valid for docker or localhost
+    privileged: true
+    environment:
+      DOCKER_TLS_CERTDIR: /certs
+      DOCKER_HOST: docker-in-docker
+    volumes:
+      - docker_certs:/certs
+
+  forgejo:
+    image: codeberg.org/forgejo/forgejo:1.21
+    command: >-
+      bash -c '
+      /bin/s6-svscan /etc/s6 &
+      sleep 10 ;
+      su -c "forgejo forgejo-cli actions register --secret {SHARED_SECRET}" git ;
+      su -c "forgejo admin user create --admin --username root --password {ROOT_PASSWORD} --email root@example.com" git ;
+      sleep infinity
+      '
+    environment:
+      FORGEJO__security__INSTALL_LOCK: "true"
+      FORGEJO__log__LEVEL: "debug"
+      FORGEJO__repository__ENABLE_PUSH_CREATE_USER: "true"
+      FORGEJO__repository__DEFAULT_PUSH_CREATE_PRIVATE: "false"
+      FORGEJO__repository__DEFAULT_REPO_UNITS: "repo.code,repo.actions"
+    volumes:
+      - /srv/forgejo-data:/data
+    ports:
+      - 8080:3000
+
+  runner-register:
+    image: code.forgejo.org/forgejo/runner:3.4.1
+    links:
+      - docker-in-docker
+      - forgejo
+    environment:
+      DOCKER_HOST: tcp://docker-in-docker:2376
+    volumes:
+      - /srv/runner-data:/data
+    user: 0:0
+    command: >-
+      bash -ec '
+      while : ; do
+        forgejo-runner create-runner-file --connect --instance http://forgejo:3000 --name runner --secret {SHARED_SECRET} && break ;
+        sleep 1 ;
+      done ;
+      sed -i -e "s|\"labels\": null|\"labels\": [\"docker:docker://code.forgejo.org/oci/node:20-bookworm\", \"ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04\"]|" .runner ;
+      forgejo-runner generate-config > config.yml ;
+      chown -R 1000:1000 /data
+      '
+
+  runner-daemon-envs:
+    image: code.forgejo.org/forgejo/runner:3.4.1
+    links:
+      - docker-in-docker
+      - forgejo
+    environment:
+      DOCKER_HOST: tcp://docker:2376
+      DOCKER_CERT_PATH: /certs/client
+      DOCKER_TLS_VERIFY: "1"
+      RUNNER__runner__ENVS: |
+        DOCKER_HOST=tcp://docker:2376
+        DOCKER_TLS_VERIFY=1
+        DOCKER_CERT_PATH=/certs/client
+      RUNNER__runner__LABELS: |
+        docker:docker://code.forgejo.org/oci/node:20-bookworm
+        ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04
+      RUNNER__container__NETWORK: host
+      RUNNER__container__OPTIONS: -v /certs/client:/certs/client
+      RUNNER__container__VALID_VOLUMES: |
+        /certs/client
+    volumes:
+      - /srv/runner-data:/data
+      - docker_certs:/certs
+    command: >-
+      bash -c '
+      while : ; do test -w .runner && forgejo-runner --config config.yml daemon ; sleep 1 ; done
+      '