runner/examples/docker-compose
Merith ea96696f10 remove rootless dockerfile, updatedate entrypoint, update docker compose
Removed the rootless dockerfile as upon further investigation into how a `rootless` container works, the entrypoint that has been written fully accomodates that

to reflect this the compose file has had the rootless config removed from it as it is no longer needed to test a seperate container image,

added a debug echo function `decho` to the entrypoint, when `DEBUG=true` it will print "[entrypoint] message content"

added a 10 second wait to the entrypoint to allow other services such as docker-in-docker and forgejo to finish launching before the runner is launched, this is bypassable by `SKIP_WAIT=true`

applied several modifications requested by viceice,
2024-09-26 15:08:31 -07:00
..
.gitignore push example docker-compose for runner and forgejo 2024-09-25 14:07:09 -07:00
compose-demo-workflow.yml Use forgejo mirror images 2024-08-13 08:37:52 +02:00
compose-forgejo-and-runner.yml remove rootless dockerfile, updatedate entrypoint, update docker compose 2024-09-26 15:08:31 -07:00
README.md docker-compose example: documentation updates 2024-04-07 20:30:41 +02:00

Docker compose with docker-in-docker

The compose-forgejo-and-runner.yml compose file runs a Forgejo instance and registers a Forgejo runner. A docker server is also launched within a container (using dind) and will be used by the Forgejo runner to execute the workflows.

Quick start

rm -fr /srv/runner-data /srv/forgejo-data
secret=$(openssl rand -hex 20)
sed -i -e "s/{SHARED_SECRET}/$secret/" compose-forgejo-and-runner.yml
docker compose -f compose-forgejo-and-runner.yml up -d

Visit http://0.0.0.0:8080/admin/actions/runners with login root and password {ROOT_PASSWORD} and see the runner is registered with the label docker.

NOTE: the Your ROOT_URL in app.ini is "http://localhost:3000/", it's unlikely matching the site you are visiting. message is a warning that can be ignored in the context of this example.

docker compose -f compose-forgejo-and-runner.yml -f compose-demo-workflow.yml up demo-workflow

Visit http://0.0.0.0:8080/root/test/actions/runs/1 and see that the job ran.

Running

Create a shared secret with:

openssl rand -hex 20

Replace all occurences of {SHARED_SECRET} in compose-forgejo-and-runner.yml.

NOTE: a token obtained from the Forgejo web interface cannot be used as a shared secret.

Replace {ROOT_PASSWORD} with a secure password in compose-forgejo-and-runner.yml.

docker compose -f compose-forgejo-and-runner.yml up
Creating docker-compose_docker-in-docker_1 ... done
Creating docker-compose_forgejo_1          ... done
Creating docker-compose_runner-register_1  ... done
...
docker-in-docker_1  | time="2023-08-24T10:22:15.023338461Z" level=warning msg="WARNING: API is accessible on http://0.0.0.0:2376
...
forgejo_1           | 2023/08/24 10:22:14 ...s/graceful/server.go:75:func1() [D] Starting server on tcp:0.0.0.0:3000 (PID: 19)
...
runner-daemon_1     | time="2023-08-24T10:22:16Z" level=info msg="Starting runner daemon"

Manual testing

To login the Forgejo instance:

Forgejo Actions is enabled by default when creating a repository.

Tests workflow

The compose-demo-workflow.yml compose file runs two demo workflows:

  • one to verify the Forgejo runner can pick up a task from the Forgejo instance and run it to completion.
  • one to verify docker can be run inside the Forgejo runner container.

A new repository is created in root/test with the following workflows:

.forgejo/workflows/demo.yml:

on: [push]
jobs:
  test:
    runs-on: docker
    steps:
      - run: echo All Good

.forgejo/workflows/demo_docker.yml

on: [push]
jobs:
  test_docker:
    runs-on: ubuntu-22.04
    steps:
      - run: docker info

A wait loop expects the status of the check associated with the commit in Forgejo to show "success" to assert the workflow was run.

Running

$ docker-compose -f compose-forgejo-and-runner.yml -f compose-demo-workflow.yml up demo-workflow
...
demo-workflow_1     | To http://forgejo:3000/root/test
demo-workflow_1     |  + 5ce134e...261cc79 main -> main (forced update)
demo-workflow_1     | branch 'main' set up to track 'http://root:admin1234@forgejo:3000/root/test/main'.
...
demo-workflow_1     | running
...