Compare commits

..

16 commits

Author SHA1 Message Date
9308fe37c6 remove useless sudo 2? 2024-09-27 23:15:40 -07:00
be3d0891f1 remove needless sudo? 2024-09-27 23:14:32 -07:00
c8382f44a8 update tests file new container 2024-09-27 22:56:38 -07:00
890778d33a resolve tag Kind/Breaks
Docker treats "command" as an agument to an entrypoint if it exists, now the entrypoint runs arguments as if they were a command
2024-09-27 11:08:56 -07:00
Merith
95fb2cafff fix Kind/Breaking tag 2024-09-27 10:46:35 -07:00
Merith
42078da550 dont use root-user by default 2024-09-27 10:38:59 -07:00
00584cc415 I guess it works now
sorry for the unprofessional commit message, I have been working on this effectively non-stop since the previous commit, and have been fighting docker networking being inconsistent as well as filepermisson issues,

end me
2024-09-26 19:00:54 -07:00
f9ff5dce17 echo, not secho 2024-09-26 15:16:51 -07:00
Merith
ea96696f10 remove rootless dockerfile, updatedate entrypoint, update docker compose
Removed the rootless dockerfile as upon further investigation into how a `rootless` container works, the entrypoint that has been written fully accomodates that

to reflect this the compose file has had the rootless config removed from it as it is no longer needed to test a seperate container image,

added a debug echo function `decho` to the entrypoint, when `DEBUG=true` it will print "[entrypoint] message content"

added a 10 second wait to the entrypoint to allow other services such as docker-in-docker and forgejo to finish launching before the runner is launched, this is bypassable by `SKIP_WAIT=true`

applied several modifications requested by viceice,
2024-09-26 15:08:31 -07:00
Merith
2c4a1d43be revert changes to workflow 2024-09-26 07:28:00 -07:00
Merith
1e6e1cb3c2 disabled TLS in example,
not needed for a closed docker network
2024-09-25 17:10:50 -07:00
Merith
c1654806c5 update entrypoint and dockerfile, fix test workflow
update dockerfile,

rework entrypoint execution,

update compose and test
2024-09-25 16:05:56 -07:00
Merith
3c5ba1c1d2 push example docker-compose for runner and forgejo 2024-09-25 14:07:09 -07:00
Merith
16e18662a0 add a root-user check, clean up some formatting 2024-09-25 13:34:18 -07:00
Merith
190607cf35 address dockerfile feedback, further work on entrypoint 2024-09-25 13:00:54 -07:00
5a0579f03a basic entrypoint, automatic registration of runner works 2024-09-25 09:46:06 -07:00
26 changed files with 267 additions and 400 deletions

View file

@ -1,84 +0,0 @@
name: 🐛 Bug Report
description: Found something you weren't expecting? Report it here!
title: "bug: "
labels: ["Kind/Bug"]
body:
- type: markdown
attributes:
value: |
**NOTE: If your issue is a security concern, please email <security@forgejo.org> (GPG: `A4676E79`) instead of opening a public issue.**
- type: markdown
attributes:
value: |
- Please speak English, as this is the language all maintainers can speak and write.
- Be as clear and concise as possible. A very verbose report is harder to interpret in a concrete way.
- Be civil, and follow the [Forgejo Code of Conduct](https://codeberg.org/forgejo/code-of-conduct).
- Take a moment to [check that your issue hasn't been reported before](https://code.forgejo.org/forgejo/runner/issues?q=&type=all&labels=19).
- type: dropdown
id: can-reproduce
attributes:
label: Can you reproduce the bug on the Forgejo test instance?
description: |
Please try reproducing your issue at https://dev.next.forgejo.org.
It is running the latest development branch and will confirm the problem is not already fixed.
If you can reproduce it, provide a URL in the description.
options:
- "Yes"
- "No"
validations:
required: true
- type: textarea
id: description
attributes:
label: Description
description: |
Please provide a description of your issue here, with a URL if you were able to reproduce the issue (see above).
validations:
required: true
- type: input
id: forgejo-ver
attributes:
label: Forgejo Version
description: Forgejo version (or commit reference) of your instance
- type: input
id: runner-ver
attributes:
label: Runner Version
description: Runner version (or commit reference) of the runner on your instance
- type: textarea
id: forgejo-run-info
attributes:
label: How are you running Forgejo?
description: |
Please include information on whether you built Forgejo yourself, used one of our downloads, or are using some other package.
Please also tell us how you are running Forgejo, e.g. if it is being run from a container, a command-line, systemd etc.
If you are using a package or systemd tell us what distribution you are using.
validations:
required: true
- type: textarea
id: runner-run-info
attributes:
label: How are you running the Runner?
description: |
Please include information on whether you built the Runner yourself, used one of our downloads, or are using some other package.
Please also tell us how you are running it, e.g. if it is being run from a container, a command-line, systemd etc.
If you are using a package or systemd tell us what distribution you are using.
validations:
required: true
- type: textarea
id: logs
attributes:
label: Logs
description: |
It's really important to provide pertinent logs. You must give us `DEBUG` level logs.
Please read https://forgejo.org/docs/latest/admin/logging-documentation/.
Please copy and paste your logs here, with any sensitive information (e.g. API keys) removed/hidden.
You can wrap your logs in `<details>...</details>` tags so it doesn't take up too much space in the issue.
- type: textarea
id: workflow
attributes:
label: Workflow file
description: |
If the bug occurs in a specific workflow, please provide an example workflow file.
If you have linked to a reproduction repository this won't be necessary.

View file

@ -1,26 +0,0 @@
name: 💡 Feature Request
description: Got an idea for an improvement to the Forgejo Runner? Suggest it here!
title: "feat: "
labels: ["Kind/Enhancement"]
body:
- type: markdown
attributes:
value: |
- Please speak English, as this is the language all maintainers can speak and write.
- Be as clear and concise as possible. A very verbose request is harder to interpret in a concrete way.
- Be civil, and follow the [Forgejo Code of Conduct](https://codeberg.org/forgejo/code-of-conduct).
- Please make sure you are using the latest release of the runner and take a moment to [check that your feature hasn't already been suggested](https://code.forgejo.org/forgejo/runner/issues?q=&type=all).
- type: textarea
id: needs-benefits
attributes:
label: Needs and benefits
description: As concisely as possible, describe the benefits your feature request will provide or the problems it will try to solve.
validations:
required: true
- type: textarea
id: description
attributes:
label: Feature Description
description: As concisely as possible, describe the feature you would like to see added or the changes you would like to see made to Forgejo.
validations:
required: true

View file

@ -7,8 +7,6 @@ on:
- Dockerfile
- .forgejo/workflows/build-release.yml
- .forgejo/workflows/build-release-integration.yml
branches-ignore:
- renovate/** # they are build via PR
pull_request:
paths:
- go.mod
@ -18,13 +16,13 @@ on:
jobs:
release-simulation:
runs-on: lxc-bookworm
runs-on: self-hosted
if: github.repository_owner != 'forgejo-integration' && github.repository_owner != 'forgejo-release'
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v3
- id: forgejo
uses: https://code.forgejo.org/actions/setup-forgejo@v2.0.4
uses: https://code.forgejo.org/actions/setup-forgejo@v1
with:
user: root
password: admin1234

View file

@ -12,16 +12,15 @@ name: Build release
on:
push:
tags:
- 'v*'
tags: 'v*'
jobs:
release:
runs-on: lxc-bookworm
runs-on: self-hosted
# root is used for testing, allow it
if: secrets.ROLE == 'forgejo-integration' || github.repository_owner == 'root'
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v3
- name: Increase the verbosity when there are no secrets
id: verbose

View file

@ -8,11 +8,9 @@ on:
jobs:
cascade:
runs-on: docker
container:
image: 'code.forgejo.org/oci/node:20-bookworm'
if: vars.CASCADE != 'no'
steps:
- uses: https://code.forgejo.org/actions/cascading-pr@v2.2.0
- uses: actions/cascading-pr@v1
with:
origin-url: ${{ env.GITHUB_SERVER_URL }}
origin-repo: forgejo/runner

View file

@ -7,8 +7,7 @@ on:
jobs:
example-docker-compose:
if: github.repository_owner != 'forgejo-integration' && github.repository_owner != 'forgejo-experimental' && github.repository_owner != 'forgejo-release'
runs-on: lxc-bookworm
runs-on: self-hosted
steps:
- uses: actions/checkout@v4
@ -18,11 +17,15 @@ jobs:
export DEBIAN_FRONTEND=noninteractive
apt-get install -qq -y ca-certificates curl gnupg
install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get update -qq
apt-get install -qq -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
apt-get install -qq -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin=2.20.2-1~debian.11~bullseye
docker version
#
# docker compose is prone to non backward compatible changes, pin it
#
apt-get install -qq -y docker-compose-plugin=2.20.2-1~debian.11~bullseye
docker compose version
- name: run the example
@ -32,6 +35,7 @@ jobs:
secret=$(openssl rand -hex 20)
sed -i -e "s/{SHARED_SECRET}/$secret/" compose-forgejo-and-runner.yml
cli="docker compose --progress quiet -f compose-forgejo-and-runner.yml"
chown -R 1000:1000 /srv
#
# Launch Forgejo & the runner
#

View file

@ -17,31 +17,26 @@ name: publish
on:
push:
tags:
- 'v*'
tags: 'v*'
jobs:
publish:
runs-on: lxc-bookworm
runs-on: self-hosted
if: secrets.DOER != '' && secrets.FORGEJO != '' && secrets.TO_OWNER != '' && secrets.FROM_OWNER != '' && secrets.TOKEN != ''
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v3
- name: copy & sign
uses: https://code.forgejo.org/forgejo/forgejo-build-publish/publish@v5.2.1
uses: https://code.forgejo.org/forgejo/forgejo-build-publish/publish@v1
with:
from-forgejo: ${{ secrets.FORGEJO }}
to-forgejo: ${{ secrets.FORGEJO }}
forgejo: ${{ secrets.FORGEJO }}
from-owner: ${{ secrets.FROM_OWNER }}
to-owner: ${{ secrets.TO_OWNER }}
repo: "runner"
release-notes: "See https://code.forgejo.org/forgejo/runner/src/branch/main/RELEASE-NOTES.md#{ANCHOR}"
ref-name: ${{ github.ref_name }}
sha: ${{ github.sha }}
container-suffixes: " "
from-token: ${{ secrets.TOKEN }}
to-doer: ${{ secrets.DOER }}
to-token: ${{ secrets.TOKEN }}
doer: ${{ secrets.DOER }}
token: ${{ secrets.TOKEN }}
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }}
verbose: ${{ secrets.VERBOSE }}

View file

@ -19,12 +19,10 @@ jobs:
name: build and test
if: github.repository_owner != 'forgejo-integration' && github.repository_owner != 'forgejo-experimental' && github.repository_owner != 'forgejo-release'
runs-on: docker
container:
image: 'code.forgejo.org/oci/ci:1'
services:
forgejo:
image: codeberg.org/forgejo/forgejo:9
image: codeberg.org/forgejo/forgejo:1.21
env:
FORGEJO__security__INSTALL_LOCK: "true"
FORGEJO__log__LEVEL: "debug"
@ -38,21 +36,11 @@ jobs:
- ${{ env.FORGEJO_SCRIPT }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v3
with:
go-version-file: go.mod
go-version: '1.21'
- name: validate go version
run: |
set -ex
toolchain=$(grep -oP '(?<=toolchain ).+' go.mod)
version=$(go version | cut -d' ' -f3)
if [ "$toolchain" != "$version" ]; then
echo "go version mismatch: $toolchain <> $version"
exit 1
fi
- uses: actions/checkout@v4
- run: make vet
@ -65,9 +53,9 @@ jobs:
- name: check the forgejo server is responding
run: |
sleep 10 # matches the sleep 10 in the bootstrap of the Forgejo instance
# in case of a slow machine, give it time to bootstrap
retry --delay=10 --times=6 bash -c 'test $FORGEJO_ADMIN_USER = $(curl -sS http://$FORGEJO_ADMIN_USER:$FORGEJO_ADMIN_PASSWORD@$FORGEJO_HOST_PORT/api/v1/user | jq --raw-output .login)'
apt-get update -qq
apt-get install -y -qq jq curl
test $FORGEJO_ADMIN_USER = $(curl -sS http://$FORGEJO_ADMIN_USER:$FORGEJO_ADMIN_PASSWORD@$FORGEJO_HOST_PORT/api/v1/user | jq --raw-output .login)
- run: make FORGEJO_URL=http://$FORGEJO_HOST_PORT test
@ -75,7 +63,7 @@ jobs:
needs: [build-and-tests]
name: runner exec tests
if: github.repository_owner != 'forgejo-integration' && github.repository_owner != 'forgejo-experimental' && github.repository_owner != 'forgejo-release'
runs-on: lxc-bookworm
runs-on: self-hosted
steps:

View file

@ -1,50 +0,0 @@
# This workflow will build a Windows binary for each architecture and upload it as an artifact.
# If the push is a tag, it will create a release with the binaries attached.
# This build is currently supported on https://github.com/Crown0815/forgejo-runner-windows
name: Build release
on:
push:
tags: 'v*'
jobs:
build:
name: Build ${{matrix.architecture}}
runs-on: ubuntu-latest
strategy:
matrix:
architecture: ['386', amd64, arm, arm64]
steps:
- uses: actions/checkout@v4
- name: Build for ${{matrix.architecture}}
run: |
env GOOS=windows GOARCH=${{matrix.architecture}} \
go build \
-ldflags "-s -w -X gitea.com/gitea/act_runner/internal/pkg/ver.version=${{ github.ref_name }}" \
-o forgejo-runner-windows-${{matrix.architecture}}.exe
- uses: actions/upload-artifact@v4
with:
name: forgejo-runner-windows-${{matrix.architecture}}
path: forgejo-runner-windows-${{matrix.architecture}}.exe
release:
runs-on: ubuntu-latest
needs: build
if: github.event_name == 'push' && github.ref_type == 'tag'
steps:
- uses: actions/download-artifact@v4
with:
path: .
- name: Create Release
uses: softprops/action-gh-release@v2
with:
tag_name: ${{ github.ref_name }}
files: forgejo-runner-windows-*/forgejo-runner-windows-*.exe
draft: false
prerelease: ${{ contains(github.ref, 'beta') || contains(github.ref, 'alpha') }}
token: ${{ secrets.RELEASE_TOKEN }}
fail_on_unmatched_files: true
body: See [original release notes](https://code.forgejo.org/forgejo/runner/releases/tag/${{ github.ref_name }}).

3
.gitignore vendored
View file

@ -12,6 +12,3 @@ coverage.txt
__debug_bin
# gorelease binary folder
dist
# Jetbrains IDE
.idea

View file

@ -1,6 +1,6 @@
FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/tonistiigi/xx AS xx
FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/golang:1.23-alpine3.20 AS build-env
FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/golang:1.21-alpine3.19 AS build-env
#
# Transparently cross compile for the target platform
@ -19,7 +19,7 @@ WORKDIR /srv
RUN make clean && make build
FROM code.forgejo.org/oci/alpine:3.20
FROM code.forgejo.org/oci/alpine:3.19
ARG RELEASE_VERSION
RUN apk add --no-cache git bash
@ -40,8 +40,10 @@ ENV HOME=/data
USER 1000:1000
COPY --chmod=555 entrypoint.sh /entrypoint.sh
WORKDIR /data
VOLUME ["/data"]
CMD ["/bin/forgejo-runner"]
ENTRYPOINT ["/entrypoint.sh"]

View file

@ -1,39 +1,7 @@
# Release Notes
## 6.0.0
## 3.5.2
* Security: the container options a job is allowed to specify are limited to a [predefined allow list](https://forgejo.org/docs/next/user/actions/#jobsjob_idcontaineroptions).
## 5.0.4
* Define FORGEJO_TOKEN as an alias to GITHUB_TOKEN
## 5.0.3
* [Fixes a regression](https://code.forgejo.org/forgejo/runner/pulls/354) that was introduced in version 5.0.0 by which it was no longer possible to mount the docker socket in each container by specifying `[container].docker_host = ""`. This is now implemented when `[container].docker_host = "automount"` is specified.
## 5.0.2
* Fixes a regression that was introduced in version 5.0.0 by which [skipped jobs were marked as failed instead](https://code.forgejo.org/forgejo/act/pulls/67). The workaround is to change the job log level to debug `[log].job_level: debug`.
## 5.0.1
* Security: the `/opt/hostedtoolcache` directory is now unique to each job instead of being shared to avoid a risk of corruption. It is still advertised in the `RUNNER_TOOL_CACHE` environment variable. Custom container images can be built to pre-populate this directory with frequently used tools and some actions (such as `setup-go`) will benefit from that.
## 5.0.0
* Breaking change: the default configuration for `docker_host` is changed to [not mounting the docker server socket](https://code.forgejo.org/forgejo/runner/pulls/305) even when no configuration file is provided.
* [Add job_level logging option to config](https://code.forgejo.org/forgejo/runner/pulls/299) to make the logging level of jobs configurable. Change default from "trace" to "info".
* [Don't log job output when debug logging is not enabled](https://code.forgejo.org/forgejo/runner/pulls/303). This reduces the default amount of log output of the runner.
## 4.0.1
* Do not panic when [the number of arguments of a function evaluated in an expression is incorect](https://code.forgejo.org/forgejo/act/pulls/59/files).
## 4.0.0
* Breaking change: fix the default configuration for `docker_host` is changed to [not mounting the docker server socket](https://code.forgejo.org/forgejo/runner/pulls/305).
* [Remove debug information from the setup of a workflow](https://code.forgejo.org/forgejo/runner/pulls/297).
* Fix [crash in some cases when the YAML structure is not as expected](https://code.forgejo.org/forgejo/runner/issues/267).
## 3.5.1

132
entrypoint.sh Executable file
View file

@ -0,0 +1,132 @@
#!/usr/bin/env bash
set -e
# Technically not nessecary but it cleans up the logs from having token/secret values
run_command() {
local cmd="$@"
# Replace any --token <value> or --secret <value> with [REDACTED]
local safe_cmd=$(echo "$cmd" | sed -E 's/--(token|secret) [^ ]+/--\1 [REDACTED]/g')
decho "Running command: $safe_cmd"
eval $cmd
}
decho() {
if [[ "${DEBUG}" == "true" ]]; then
echo "[entrypoint] $@"
fi
}
decho $PWD
# Check if the script is running as root
if [[ $(id -u) -eq 0 ]]; then
ISROOT=true
decho "[WARNING] Running as root user"
fi
# Handle if `command` is passed, as command appends arguments to the entrypoint
if [ "$#" -gt 0 ]; then
run_command $@
exit
fi
# Handle and alter the config file
if [[ -z "${CONFIG_FILE}" ]]; then
echo "CONFIG_FILE is not set"
CONFIG_FILE="/data/config.yml"
fi
CONFIG_ARG="--config ${CONFIG_FILE}"
decho "CONFIG: ${CONFIG_ARG}"
DOCKER_HOST=${DOCKER_HOST:-"tcp://docker:2367"}
DOCKER_CERT_PATH=${DOCKER_CERT_PATH:-"/certs/client"}
DOCKER_TLS_VERIFY=${DOCKER_TLS_VERIFY:-1}
decho "DOCKER_HOST: ${DOCKER_HOST}"
decho "DOCKER_CERT_PATH: ${DOCKER_CERT_PATH}"
decho "DOCKER_TLS_VERIFY: ${DOCKER_TLS_VERIFY}"
if [[ ! -f "${CONFIG_FILE}" ]]; then
echo "Creating ${CONFIG_FILE}"
run_command "forgejo-runner generate-config > ${CONFIG_FILE}"
# Remove test environment variables if they exist in the config file
sed -i "/^ A_TEST_ENV_NAME_1:/d" ${CONFIG_FILE}
sed -i "/^ A_TEST_ENV_NAME_2:/d" ${CONFIG_FILE}
# Apply default values for docker
sed -i "/^ labels:/c\ labels: [\"docker:docker://code.forgejo.org/oci/node:20-bookworm\", \"ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04\"]" ${CONFIG_FILE}
sed -i "/^ network:/c\ network: host" ${CONFIG_FILE}
fi
ENV_FILE=${ENV_FILE:-"/data/.env"}
decho "ENV_FILE: ${ENV_FILE}"
sed -i "/^ env_file:/c\ env_file: ${ENV_FILE}" ${CONFIG_FILE}
if [[ ! -f "${ENV_FILE}" ]]; then
echo "Creating ${ENV_FILE}"
touch ${ENV_FILE}
echo "DOCKER_HOST=${DOCKER_HOST}" >> ${ENV_FILE}
echo "DOCKER_TLS_VERIFY=${DOCKER_TLS_VERIFY}" >> ${ENV_FILE}
echo "DOCKER_CERT_PATH=${DOCKER_CERT_PATH}" >> ${ENV_FILE}
fi
EXTRA_ARGS=""
if [[ ! -z "${RUNNER_LABELS}" ]]; then
EXTRA_ARGS="${EXTRA_ARGS} --labels ${RUNNER_LABELS}"
fi
decho "EXTRA_ARGS: ${EXTRA_ARGS}"
# Set the runner file
RUNNER_FILE=${RUNNER_FILE:-"runner.json"} # use json so editors know how to highlight
decho "RUNNER_FILE: ${RUNNER_FILE}"
sed -i "/^ file:/c\ file: ${RUNNER_FILE}" ${CONFIG_FILE}
if [[ "${SKIP_WAIT}" != "true" ]]; then
echo "Waiting 10s to allow other services to start up..."
sleep 10
fi
if [[ ! -s "${RUNNER_FILE}" ]]; then
touch ${RUNNER_FILE}
try=$((try + 1))
success=0
decho "try: ${try}, success: ${success}"
# The point of this loop is to make it simple, when running both forgejo-runner and gitea in docker,
# for the forgejo-runner to wait a moment for gitea to become available before erroring out. Within
# the context of a single docker-compose, something similar could be done via healthchecks, but
# this is more flexible.
while [[ $success -eq 0 ]] && [[ $try -lt ${MAX_REG_ATTEMPTS:-10} ]]; do
if [[ ! -z "${FORGEJO_SECRET}" ]]; then
run_command forgejo-runner create-runner-file --connect \
--instance "${FORGEJO_URL:-http://forgejo:3000}" \
--name "${RUNNER_NAME:-$(hostname)}" \
--secret "${FORGEJO_SECRET}" \
${CONFIG_ARG}\
${EXTRA_ARGS} 2>&1 | tee /tmp/reg.log
else
run_command forgejo-runner register \
--instance "${FORGEJO_URL:-http://forgejo:3000}" \
--name "${RUNNER_NAME:-$(hostname)}" \
--token "${RUNNER_TOKEN}" \
--no-interactive \
${CONFIG_ARG}\
${EXTRA_ARGS} 2>&1 | tee /tmp/reg.log
fi
cat /tmp/reg.log | grep -E 'connection successful|registered successfully' >/dev/null
if [[ $? -eq 0 ]]; then
echo "SUCCESS"
success=1
else
echo "Waiting to retry ..."
sleep 5
fi
decho "try: ${try}, success: ${success}"
done
fi
# Prevent reading the token from the forgejo-runner process
unset RUNNER_TOKEN
unset FORGEJO_SECRET
run_command forgejo-runner daemon ${CONFIG_ARG}

1
examples/docker-compose/.gitignore vendored Normal file
View file

@ -0,0 +1 @@
srv

View file

@ -11,83 +11,82 @@
# NOTE: a token obtained from the Forgejo web interface cannot be used
# as a shared secret.
#
# Replace {ROOT_PASSWORD} with a secure password
# Replace ${RUNNER_TOKEN} with the token obtained from the Forgejo web interface.
#
# Replace ROOT_PASSWORD with a secure password.
#
networks:
forgejo:
volumes:
docker_certs:
services:
docker-in-docker:
image: code.forgejo.org/oci/docker:dind
hostname: docker # Must set hostname as TLS certificates are only valid for docker or localhost
hostname: docker # Must set hostname for both internal DNS and TLS to work as certs are only valid for docker and localhost
restart: unless-stopped
privileged: true
networks:
- forgejo
environment:
DOCKER_TLS_CERTDIR: /certs
DOCKER_HOST: docker-in-docker
DOCKER_TLS_CERTDIR: "/certs" # set to "" to disable the use of TLS, also manually update existing runner configs to use port 2375
DOCKER_HOST: "docker" # remove aswell to disable TLS
volumes:
- docker_certs:/certs
forgejo:
image: codeberg.org/forgejo/forgejo:1.21
command: >-
bash -c '
/bin/s6-svscan /etc/s6 &
sleep 10 ;
su -c "forgejo forgejo-cli actions register --secret {SHARED_SECRET}" git ;
su -c "forgejo admin user create --admin --username root --password {ROOT_PASSWORD} --email root@example.com" git ;
sleep infinity
'
environment:
FORGEJO__security__INSTALL_LOCK: "true"
FORGEJO__log__LEVEL: "debug"
FORGEJO__repository__ENABLE_PUSH_CREATE_USER: "true"
FORGEJO__repository__DEFAULT_PUSH_CREATE_PRIVATE: "false"
FORGEJO__repository__DEFAULT_REPO_UNITS: "repo.code,repo.actions"
hostname: forgejo
networks:
- forgejo
volumes:
- /srv/forgejo-data:/data
ports:
- 8080:3000
runner-register:
image: code.forgejo.org/forgejo/runner:3.4.1
links:
- docker-in-docker
- forgejo
environment:
DOCKER_HOST: tcp://docker-in-docker:2376
volumes:
- /srv/runner-data:/data
user: 0:0
FORGEJO__security__INSTALL_LOCK: "true" # remove in production
command: >-
bash -ec '
while : ; do
forgejo-runner create-runner-file --connect --instance http://forgejo:3000 --name runner --secret {SHARED_SECRET} && break ;
sleep 1 ;
done ;
sed -i -e "s|\"labels\": null|\"labels\": [\"docker:docker://code.forgejo.org/oci/node:20-bookworm\", \"ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04\"]|" .runner ;
forgejo-runner generate-config > config.yml ;
sed -i -e "s|network: .*|network: host|" config.yml ;
sed -i -e "s|^ envs:$$| envs:\n DOCKER_HOST: tcp://docker:2376\n DOCKER_TLS_VERIFY: 1\n DOCKER_CERT_PATH: /certs/client|" config.yml ;
sed -i -e "s|^ options:| options: -v /certs/client:/certs/client|" config.yml ;
sed -i -e "s| valid_volumes: \[\]$$| valid_volumes:\n - /certs/client|" config.yml ;
chown -R 1000:1000 /data
bash -c '
/bin/s6-svscan /etc/s6 &
sleep 10 ;
su -c "forgejo admin user create --admin --username root --password ROOT_PASSWORD --email root@example.com" git ;
su -c "forgejo forgejo-cli actions register --secret {SHARED_SECRET}" git ;
sleep infinity
'
# all values that have defaults listed are optional
# only FORGEJO_SECRET or RUNNER_TOKEN is required, the secret will be prioritized
# FORGEJO_URL is required if forgejo is not in this compose file or docker network
runner-daemon:
image: code.forgejo.org/forgejo/runner:3.4.1
links:
- docker-in-docker
- forgejo
environment:
DOCKER_HOST: tcp://docker:2376
DOCKER_CERT_PATH: /certs/client
DOCKER_TLS_VERIFY: "1"
## TODO: Update image to the the release
## made from this PR: https://code.forgejo.org/forgejo/runner/pulls/283
# image: code.forgejo.org/forgejo/runner:3.4.1
build: ../../
user: "1000" # defaults to 1000,
restart: unless-stopped # needed for fixing file ownership on restart
volumes:
- /srv/runner-data:/data
- docker_certs:/certs
command: >-
bash -c '
while : ; do test -w .runner && forgejo-runner --config config.yml daemon ; sleep 1 ; done
'
networks:
- forgejo
depends_on:
- docker-in-docker
- forgejo
environment:
CONFIG_FILE: config.yml # defaults to /data/config.yml
DOCKER_HOST: "tcp://docker:2376" # defaults to tcp://docker:2376
DOCKER_CERT_PATH: "/certs/client" # defaults to /certs/client
DOCKER_TLS_VERIFY: "1" # defaults to 1
FORGEJO_URL: ${FORGEJO_URL} # defaults to http://forgejo:3000
FORGEJO_SECRET: "{SHARED_SECRET}" # shared secret, must match Forgejo's, overrides RUNNER_TOKEN
RUNNER_FILE: .runner # defaults to /data/runner.json
RUNNER_NAME: runner-daemon # defaults to forgejo-runner, used for registration
RUNNER_TOKEN: ${RUNNER_TOKEN} # token obtained from Forgejo web interface
DEBUG: "true" # defaults to false, set to true to enable debug logging
SKIP_WAIT: "false" # defaults to false, set to true to skip the 10 second wait to allow for forgejo and docker-in-docker to start

18
go.mod
View file

@ -1,25 +1,25 @@
module gitea.com/gitea/act_runner
go 1.23
go 1.21.13
toolchain go1.23.4
toolchain go1.23.1
require (
code.gitea.io/actions-proto-go v0.4.0
code.gitea.io/gitea-vet v0.2.3
connectrpc.com/connect v1.17.0
github.com/avast/retry-go/v4 v4.6.0
github.com/docker/docker v25.0.7+incompatible
github.com/docker/docker v25.0.6+incompatible
github.com/google/uuid v1.6.0
github.com/joho/godotenv v1.5.1
github.com/mattn/go-isatty v0.0.20
github.com/nektos/act v0.2.49
github.com/sirupsen/logrus v1.9.3
github.com/spf13/cobra v1.8.1
github.com/stretchr/testify v1.10.0
golang.org/x/term v0.26.0
golang.org/x/time v0.8.0
google.golang.org/protobuf v1.36.1
github.com/stretchr/testify v1.9.0
golang.org/x/term v0.24.0
golang.org/x/time v0.6.0
google.golang.org/protobuf v1.34.2
gopkg.in/yaml.v3 v3.0.1
gotest.tools/v3 v3.5.1
)
@ -96,10 +96,10 @@ require (
golang.org/x/mod v0.13.0 // indirect
golang.org/x/net v0.23.0 // indirect
golang.org/x/sync v0.6.0 // indirect
golang.org/x/sys v0.27.0 // indirect
golang.org/x/sys v0.25.0 // indirect
golang.org/x/tools v0.14.0 // indirect
gopkg.in/warnings.v0 v0.1.2 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
)
replace github.com/nektos/act => code.forgejo.org/forgejo/act v1.22.2
replace github.com/nektos/act => code.forgejo.org/forgejo/act v1.21.3

28
go.sum
View file

@ -1,5 +1,5 @@
code.forgejo.org/forgejo/act v1.22.2 h1:gcHugOaLCtZvLnw070MiCjwVLKoSTVomd8waGsYQHKg=
code.forgejo.org/forgejo/act v1.22.2/go.mod h1:+PcvJ9iv+NTFeJSh79ra9Jbk9l0vvyA9D9me5/dbxYM=
code.forgejo.org/forgejo/act v1.21.3 h1:EeJbrz0aar2QhIcBlOW5gjK1rjrQxcAvQSPpG/R1h5w=
code.forgejo.org/forgejo/act v1.21.3/go.mod h1:+PcvJ9iv+NTFeJSh79ra9Jbk9l0vvyA9D9me5/dbxYM=
code.gitea.io/actions-proto-go v0.4.0 h1:OsPBPhodXuQnsspG1sQ4eRE1PeoZyofd7+i73zCwnsU=
code.gitea.io/actions-proto-go v0.4.0/go.mod h1:mn7Wkqz6JbnTOHQpot3yDeHx+O5C9EGhMEE+htvHBas=
code.gitea.io/gitea-vet v0.2.3 h1:gdFmm6WOTM65rE8FUBTRzeQZYzXePKSSB1+r574hWwI=
@ -51,8 +51,8 @@ github.com/docker/cli v25.0.3+incompatible h1:KLeNs7zws74oFuVhgZQ5ONGZiXUUdgsdy6
github.com/docker/cli v25.0.3+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
github.com/docker/docker v25.0.7+incompatible h1:PQhcun5/OF7p0mZlDu3ud9APyyJi01R6/7hrBymWhhQ=
github.com/docker/docker v25.0.7+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
github.com/docker/docker v25.0.6+incompatible h1:5cPwbwriIcsua2REJe8HqQV+6WlWc1byg2QSXzBxBGg=
github.com/docker/docker v25.0.6+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
github.com/docker/docker-credential-helpers v0.8.0 h1:YQFtbBQb4VrpoPxhFuzEBPQ9E16qz5SpHLS+uswaCp8=
github.com/docker/docker-credential-helpers v0.8.0/go.mod h1:UGFXcuoQ5TxPiB54nHOZ32AWRqQdECoh/Mg0AlEYb40=
github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c=
@ -186,8 +186,8 @@ github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXf
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
github.com/timshannon/bolthold v0.0.0-20210913165410-232392fc8a6a h1:oIi7H/bwFUYKYhzKbHc+3MvHRWqhQwXVB4LweLMiVy0=
github.com/timshannon/bolthold v0.0.0-20210913165410-232392fc8a6a/go.mod h1:iSvujNDmpZ6eQX+bg/0X3lF7LEmZ8N77g2a/J/+Zt2U=
github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM=
@ -274,15 +274,15 @@ golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34=
golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc=
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
golang.org/x/term v0.26.0 h1:WEQa6V3Gja/BhNxg540hBip/kkaYtRg3cxg4oXSw4AU=
golang.org/x/term v0.26.0/go.mod h1:Si5m1o57C5nBNQo5z1iq+XDijt21BDBDp2bK0QI8e3E=
golang.org/x/term v0.24.0 h1:Mh5cbb+Zk2hqqXNO7S1iTjEphVL+jb8ZWaqh/g+JWkM=
golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
@ -292,8 +292,8 @@ golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/time v0.8.0 h1:9i3RxcPv3PZnitoVGMPDKZSq1xW1gK1Xy3ArNOGZfEg=
golang.org/x/time v0.8.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U=
golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20200325010219-a49f79bcc224/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8=
@ -314,8 +314,8 @@ google.golang.org/genproto/googleapis/rpc v0.0.0-20231016165738-49dd2c1f3d0b h1:
google.golang.org/genproto/googleapis/rpc v0.0.0-20231016165738-49dd2c1f3d0b/go.mod h1:swOH3j0KzcDDgGUWr+SNpyTen5YrXjS3eyPzFYKc6lc=
google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk=
google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98=
google.golang.org/protobuf v1.36.1 h1:yBPeRvTftaleIgM3PZ/WBIZ7XM/eEYAaEyCwvyjq/gk=
google.golang.org/protobuf v1.36.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=

View file

@ -73,8 +73,11 @@ func runDaemon(ctx context.Context, configFile *string) func(cmd *cobra.Command,
if err := envcheck.CheckIfDockerRunning(ctx, dockerSocketPath); err != nil {
return err
}
// if dockerSocketPath passes the check, override DOCKER_HOST with dockerSocketPath
os.Setenv("DOCKER_HOST", dockerSocketPath)
if cfg.Container.DockerHost == "automount" {
// empty cfg.Container.DockerHost means act_runner need to find an available docker host automatically
// and assign the path to cfg.Container.DockerHost
if cfg.Container.DockerHost == "" {
cfg.Container.DockerHost = dockerSocketPath
}
// check the scheme, if the scheme is not npipe or unix
@ -183,7 +186,7 @@ var commonSocketPaths = []string{
func getDockerSocketPath(configDockerHost string) (string, error) {
// a `-` means don't mount the docker socket to job containers
if configDockerHost != "automount" && configDockerHost != "-" {
if configDockerHost != "" && configDockerHost != "-" {
return configDockerHost, nil
}

View file

@ -418,9 +418,7 @@ func runExec(ctx context.Context, execArgs *executeArgs) func(cmd *cobra.Command
config.Env["ACT_EXEC"] = "true"
if t := config.Secrets["FORGEJO_TOKEN"]; t != "" {
config.Token = t
} else if t := config.Secrets["GITEA_TOKEN"]; t != "" {
if t := config.Secrets["GITEA_TOKEN"]; t != "" {
config.Token = t
} else if t := config.Secrets["GITHUB_TOKEN"]; t != "" {
config.Token = t

View file

@ -1,24 +0,0 @@
// Copyright 2024 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package run
import (
"io"
log "github.com/sirupsen/logrus"
)
// NullLogger is used to create a new JobLogger to discard logs. This
// will prevent these logs from being logged to the stdout, but
// forward them to the Reporter via its hook.
type NullLogger struct{}
// WithJobLogger creates a new logrus.Logger that will discard all logs.
func (n NullLogger) WithJobLogger() *log.Logger {
logger := log.New()
logger.SetOutput(io.Discard)
logger.SetLevel(log.TraceLevel)
return logger
}

View file

@ -168,9 +168,7 @@ func (r *Runner) run(ctx context.Context, task *runnerv1.Task, reporter *report.
RepositoryOwner: taskContext["repository_owner"].GetStringValue(),
RetentionDays: taskContext["retention_days"].GetStringValue(),
}
if t := task.Secrets["FORGEJO_TOKEN"]; t != "" {
preset.Token = t
} else if t := task.Secrets["GITEA_TOKEN"]; t != "" {
if t := task.Secrets["GITEA_TOKEN"]; t != "" {
preset.Token = t
} else if t := task.Secrets["GITHUB_TOKEN"]; t != "" {
preset.Token = t
@ -219,7 +217,7 @@ func (r *Runner) run(ctx context.Context, task *runnerv1.Task, reporter *report.
NoSkipCheckout: true,
PresetGitHubContext: preset,
EventJSON: string(eventJSON),
ContainerNamePrefix: fmt.Sprintf("FORGEJO-ACTIONS-TASK-%d", task.Id),
ContainerNamePrefix: fmt.Sprintf("GITEA-ACTIONS-TASK-%d", task.Id),
ContainerMaxLifetime: maxLifetime,
ContainerNetworkMode: container.NetworkMode(r.cfg.Container.Network),
ContainerNetworkEnableIPv6: r.cfg.Container.EnableIPv6,
@ -234,15 +232,6 @@ func (r *Runner) run(ctx context.Context, task *runnerv1.Task, reporter *report.
Inputs: inputs,
}
if r.cfg.Log.JobLevel != "" {
level, err := log.ParseLevel(r.cfg.Log.JobLevel)
if err != nil {
return err
}
runnerConfig.JobLoggerLevel = &level
}
rr, err := runner.New(runnerConfig)
if err != nil {
return err
@ -254,10 +243,6 @@ func (r *Runner) run(ctx context.Context, task *runnerv1.Task, reporter *report.
// add logger recorders
ctx = common.WithLoggerHook(ctx, reporter)
if !log.IsLevelEnabled(log.DebugLevel) {
ctx = runner.WithJobLoggerFactory(ctx, NullLogger{})
}
execErr := executor(ctx)
reporter.SetOutputs(job.Outputs)
return execErr

View file

@ -1,13 +1,11 @@
# Example configuration file, it's safe to copy this as the default config file without any modification.
# You don't have to copy this file to your instance,
# just run `forgejo-runner generate-config > config.yaml` to generate a config file.
# just run `./act_runner generate-config > config.yaml` to generate a config file.
log:
# The level of logging, can be trace, debug, info, warn, error, fatal
level: info
# The level of logging for jobs, can be trace, debug, info, earn, error, fatal
job_level: info
runner:
# Where to store the registration result.
@ -42,7 +40,7 @@ runner:
# The labels of a runner are used to determine which jobs the runner can run, and how to run them.
# Like: ["macos-arm64:host", "ubuntu-latest:docker://node:20-bookworm", "ubuntu-22.04:docker://node:20-bookworm"]
# If it's empty when registering, it will ask for inputting labels.
# If it's empty when executing the `daemon`, it will use labels in the `.runner` file.
# If it's empty when execute `deamon`, will use labels in `.runner` file.
labels: []
cache:
@ -59,8 +57,8 @@ cache:
# 0 means to use a random available port.
port: 0
# The external cache server URL. Valid only when enable is true.
# If it's specified, it will be used to set the ACTIONS_CACHE_URL environment variable. The URL should generally end with "/".
# Otherwise it will be set to the the URL of the internal cache server.
# If it's specified, act_runner will use this URL as the ACTIONS_CACHE_URL rather than start a server by itself.
# The URL should generally end with "/".
external_server: ""
container:
@ -89,10 +87,10 @@ container:
# - '**'
valid_volumes: []
# overrides the docker client host with the specified one.
# If "-" or "", an available docker host will automatically be found.
# If "automount", an available docker host will automatically be found and mounted in the job container (e.g. /var/run/docker.sock).
# Otherwise the specified docker host will be used and an error will be returned if it doesn't work.
docker_host: "-"
# If it's empty, act_runner will find an available docker host automatically.
# If it's "-", act_runner will find an available docker host automatically, but the docker host won't be mounted to the job containers and service containers.
# If it's not empty or "-", the specified docker host will be used. An error will be returned if it doesn't work.
docker_host: ""
# Pull docker image(s) even if already present
force_pull: false

View file

@ -17,7 +17,6 @@ import (
// Log represents the configuration for logging.
type Log struct {
Level string `yaml:"level"` // Level indicates the logging level.
JobLevel string `yaml:"job_level"` // JobLevel indicates the job logging level.
}
// Runner represents the configuration for the runner.
@ -114,9 +113,6 @@ func LoadDefault(file string) (*Config, error) {
if cfg.Log.Level == "" {
cfg.Log.Level = "info"
}
if cfg.Log.JobLevel == "" {
cfg.Log.JobLevel = "info"
}
if cfg.Runner.File == "" {
cfg.Runner.File = ".runner"
}
@ -153,10 +149,6 @@ func LoadDefault(file string) (*Config, error) {
cfg.Runner.ReportInterval = time.Second
}
if cfg.Container.DockerHost == "" {
cfg.Container.DockerHost = "-"
}
// although `container.network_mode` will be deprecated, but we have to be compatible with it for now.
if cfg.Container.NetworkMode != "" && cfg.Container.Network == "" {
log.Warn("You are trying to use deprecated configuration item of `container.network_mode`, please use `container.network` instead.")

View file

@ -35,11 +35,3 @@ func TestConfigTune(t *testing.T) {
assert.EqualValues(t, 2*time.Second, c.Runner.FetchInterval)
})
}
func TestDefaultSettings(t *testing.T) {
config, err := LoadDefault("")
assert.NoError(t, err)
assert.EqualValues(t, config.Container.DockerHost, "-")
assert.EqualValues(t, config.Log.JobLevel, "info")
}

View file

@ -13,7 +13,10 @@ import (
func CheckIfDockerRunning(ctx context.Context, configDockerHost string) error {
opts := []client.Opt{
client.FromEnv,
client.WithHost(configDockerHost),
}
if configDockerHost != "" {
opts = append(opts, client.WithHost(configDockerHost))
}
cli, err := client.NewClientWithOpts(opts...)

View file

@ -1,7 +1,6 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": ["local>forgejo/renovate-config"],
"prConcurrentLimit": 1,
"packageRules": [
{
"description": "Disable nektos/act, it's replaced",