diff --git a/.dockerignore b/.dockerignore index 7b6d2b2..6df0bc1 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,2 +1,3 @@ Dockerfile forgejo-runner +/examples/docker-compose/srv/ \ No newline at end of file diff --git a/entrypoint.sh b/entrypoint.sh index 4a3425f..b96da5c 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -31,38 +31,9 @@ if [ "$#" -gt 0 ]; then fi # Set default values (if needed) -DEFAULT_DOCKER_HOST="tcp://docker:2376" -DEFAULT_DOCKER_TLS_VERIFY="1" -DEFAULT_DOCKER_CERT_PATH="/certs/client" - -# Ensure the variables are not empty by using explicit checks -DOCKER_HOST="${RUNNER__DOCKER_HOST:-${DOCKER_HOST:-${DEFAULT_DOCKER_HOST}}}" -DOCKER_TLS_VERIFY="${RUNNER__DOCKER_TLS_VERIFY:-${DOCKER_TLS_VERIFY:-${DEFAULT_DOCKER_TLS_VERIFY}}}" -DOCKER_CERT_PATH="${DOCKER_CERT_PATH:-${DEFAULT_DOCKER_CERT_PATH}}" - -RUNNER__container__DOCKER_HOST="${RUNNER__DOCKER_HOST:-${DOCKER_HOST:-${DEFAULT_DOCKER_HOST}}}" -RUNNER__runner__INSECURE="${RUNNER__DOCKER_TLS_VERIFY:-${DOCKER_TLS_VERIFY:-${DEFAULT_DOCKER_TLS_VERIFY}}}" - -RUNNER__container__NETWORK="${RUNNER__container__NETWORK:-host}" -RUNNER__container__OPTIONS="${RUNNER__container__OPTIONS:-} -v ${DOCKER_CERT_PATH}:${DOCKER_CERT_PATH}:ro" -RUNNER__container__VALID_VOLUMES="${RUNNER__container__VALID_VOLUMES:-} ${DOCKER_CERT_PATH}" -RUNNER__container__PRIVILEGED="${RUNNER__container__PRIVILEGED:-true}" - RUNNER__runner__FILE="${RUNNER__runner__FILE:-/data/runner.json}" +RUNNER__CONFIG_FILE="${RUNNER__CONFIG_FILE:-/data/runner.yml}" -decho "DOCKER_HOST: ${DOCKER_HOST}" -decho "DOCKER_TLS_VERIFY: ${DOCKER_TLS_VERIFY}" -decho "DOCKER_CERT_PATH: ${DOCKER_CERT_PATH}" -decho "RUNNER__container__DOCKER_HOST: ${RUNNER__container__DOCKER_HOST}" -decho "RUNNER__runner__INSECURE: ${RUNNER__runner__INSECURE}" -decho "RUNNER__container__NETWORK: ${RUNNER__container__NETWORK}" -decho "RUNNER__container__OPTIONS: ${RUNNER__container__OPTIONS}" -decho "RUNNER__container__VALID_VOLUMES: ${RUNNER__container__VALID_VOLUMES}" -decho "RUNNER__container__PRIVILEGED: ${RUNNER__container__PRIVILEGED}" -decho "RUNNER__runner__FILE: ${RUNNER__runner__FILE}" - -# Use environment variables directly, with fallback defaults if not set -RUNNER__CONFIG_FILE="${RUNNER__CONFIG_FILE:-/data/config.yml}" ENV_FILE="${ENV_FILE:-/data/.env}" # Set config arguments CONFIG_ARG="--config ${RUNNER__CONFIG_FILE}" diff --git a/examples/docker-compose/compose-forgejo-and-runner.yml b/examples/docker-compose/compose-forgejo-and-runner.yml index 00a2c2f..20f38a5 100644 --- a/examples/docker-compose/compose-forgejo-and-runner.yml +++ b/examples/docker-compose/compose-forgejo-and-runner.yml @@ -6,7 +6,7 @@ # # openssl rand -hex 20 # -# Replace all occurences of 02f8e8ed1bd08d55338026d04b5513684ff23c1f below with the output. +# Replace all occurences of {SHARED_SECRET} below with the output. # # NOTE: a token obtained from the Forgejo web interface cannot be used # as a shared secret. @@ -49,7 +49,7 @@ services: /bin/s6-svscan /etc/s6 & sleep 10 ; su -c "forgejo admin user create --admin --username root --password ROOT_PASSWORD --email root@example.com" git ; - su -c "forgejo forgejo-cli actions register --secret 02f8e8ed1bd08d55338026d04b5513684ff23c1f" git ; + su -c "forgejo forgejo-cli actions register --secret {SHARED_SECRET}" git ; sleep infinity ' @@ -75,13 +75,15 @@ services: - docker-in-docker environment: FORGEJO_URL: ${FORGEJO_URL} # defaults to http://forgejo:3000 - FORGEJO_SECRET: "02f8e8ed1bd08d55338026d04b5513684ff23c1f" # shared secret, must match Forgejo's, overrides RUNNER_TOKEN + FORGEJO_SECRET: "{SHARED_SECRET}" # shared secret, must match Forgejo's, overrides RUNNER_TOKEN RUNNER_TOKEN: ${RUNNER_TOKEN} # token obtained from Forgejo web interface + # Docker Daemon Configs, needed for docker-in-docker DOCKER_HOST: tcp://docker:2376 DOCKER_TLS_VERIFY: 1 DOCKER_CERT_PATH: /certs/client + # Runner Configs RUNNER__log__LEVEL: "debug" RUNNER__container__PRIVILEGED: "true" RUNNER__runner__LABELS: | @@ -89,4 +91,3 @@ services: DEBUG: "true" SKIP_WAIT: "false" - SLEEP_DEBUG: "false" # toggles wether to sleep indefinitely after starting the runner