From 6cea858fc1b265ddd35c6efedccfc8a45e5ca4f1 Mon Sep 17 00:00:00 2001 From: sebthom Date: Thu, 13 Apr 2023 18:59:41 +0200 Subject: [PATCH] add GITEA_RUNNER_JOB_CONTAINER_(PRIVILEGED|OPTIONS) env vars --- README.md | 31 +++++++++++++++++-------------- image/Dockerfile | 2 ++ image/config.template.yaml | 4 ++++ 3 files changed, 23 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 1dc5b38..15bd6bb 100644 --- a/README.md +++ b/README.md @@ -58,10 +58,10 @@ Name|Default Value|Description ----|-------------|----------- GITEA_INSTANCE_INSECURE|`false`|It `true` don't verify the TLS certificate of the Gitea instance GITEA_RUNNER_NAME|``|If not specified the container's hostname is used -GITEA_RUNNER_LABELS|``|Comma-separated list of labels (e.g. `ubuntu-20.04:docker://node:16-bullseye,ubuntu-18.04:docker://node:16-buster,linux_arm:host`) If not specified default labels are used. -GITEA_RUNNER_REGISTRATION_FILE|`/data/.runner`|The JSON file that holds the result from the runner registration with the Gitea instance. -GITEA_RUNNER_REGISTRATION_TIMEOUT|`30`|In case of failure, registration is retried until this timeout in seconds is reached. -GITEA_RUNNER_REGISTRATION_RETRY_INTERVAL|`5`|Wait period in seconds between registration retries. +GITEA_RUNNER_LABELS|``|Comma-separated list of labels (e.g. `ubuntu-20.04:docker://node:16-bullseye,ubuntu-18.04:docker://node:16-buster,linux_arm:host`) If not specified default labels are used +GITEA_RUNNER_REGISTRATION_FILE|`/data/.runner`|The JSON file that holds the result from the runner registration with the Gitea instance +GITEA_RUNNER_REGISTRATION_TIMEOUT|`30`|In case of failure, registration is retried until this timeout in seconds is reached +GITEA_RUNNER_REGISTRATION_RETRY_INTERVAL|`5`|Wait period in seconds between registration retries #### Runner runtime config: @@ -71,23 +71,26 @@ GITEA_RUNNER_CONFIG_TEMPLATE_FILE|`/opt/config.template.yaml`|Template to derive GITEA_RUNNER_UID|`1000`|The UID of the Gitea runner process GITEA_RUNNER_GID|`1000`|The GID of the Gitea runner process GITEA_RUNNER_LOG_LEVEL|`info`|The level of logging, can be trace, debug, info, warn, error, fatal -GITEA_RUNNER_ENV_FILE|`/data/.env`|Extra environment variables to run jobs from a file. -GITEA_RUNNER_FETCH_TIMEOUT|`5s`|The timeout for fetching the job from the Gitea instance. -GITEA_RUNNER_FETCH_INTERVAL|`2s`|The interval for fetching the job from the Gitea instance. +GITEA_RUNNER_ENV_FILE|`/data/.env`|Extra environment variables to run jobs from a file +GITEA_RUNNER_FETCH_TIMEOUT|`5s`|The timeout for fetching the job from the Gitea instance +GITEA_RUNNER_FETCH_INTERVAL|`2s`|The interval for fetching the job from the Gitea instance GITEA_RUNNER_MAX_PARALLEL_JOBS|`1`|Maximum number of concurrently executed jobs -GITEA_RUNNER_JOB_CONTAINER_NETWORK|`bridge`|Docker network to use with job containers. Can be `bridge`, `host`, `none`, or the name of a custom network. -GITEA_RUNNER_JOB_TIMEOUT|`3h`|The maximum time a job can run before it is cancelled. +GITEA_RUNNER_JOB_CONTAINER_NETWORK|`bridge`|Docker network to use with job containers. Can be `bridge`, `host`, `none`, or the name of a custom network +GITEA_RUNNER_JOB_CONTAINER_PRIVILEGED|`false`|Whether to run jobs in containers with privileged mode which is required for **Docker-in-Docker** aka **dind** +GITEA_RUNNER_JOB_CONTAINER_OPTIONS|`none`|Additional container launch options (eg, --add-host=my.gitea.url:host-gateway) +GITEA_RUNNER_JOB_TIMEOUT|`3h`|The maximum time a job can run before it is cancelled GITEA_RUNNER_ENV_VAR_**N**_NAME|`none`|Name of the **N**-th extra environment variable to be passed to Job containers, e.g. `GITEA_RUNNER_ENV_VAR_1_NAME=MY_AUTH_TOKEN` GITEA_RUNNER_ENV_VAR_**N**_VALUE|``|Value of the **N**-th extra environment variable to be passed to Job containers, e.g. `GITEA_RUNNER_ENV_VAR_1_VALUE=SGVsbG8gbXkgZnJpZW5kIQ==` -GITEA_RUNNER_ACTION_CACHE_DIR|`/data/cache/actions`|Path to cache cloned actions. +GITEA_RUNNER_ACTION_CACHE_DIR|`/data/cache/actions`|Path to cache cloned actions #### Embedded cache server: Name|Default Value|Description ----|-------------|----------- -ACT_CACHE_SERVER_ENABLED|`true`| Enable the embedded cache service to use `actions/cache` in jobs. -ACT_CACHE_SERVER_DIR|`/data/cache/server`| The directory to store the cache data. -ACT_CACHE_SERVER_HOST|``| The IP address or hostname via which the job containers can reach the cache server. Leave empty for automatic detection. -ACT_CACHE_SERVER_PORT|`0`|The TCP port of the cache server. `0` means to use a random, available port. +ACT_CACHE_SERVER_ENABLED|`true`| Enable the embedded cache service to use `actions/cache` in jobs +ACT_CACHE_SERVER_DIR|`/data/cache/server`| The directory to store the cache data +ACT_CACHE_SERVER_HOST|``| The IP address or hostname via which the job containers can reach the cache server. Leave empty for automatic detection +ACT_CACHE_SERVER_PORT|`0`|The TCP port of the cache server. `0` means to use a random, available port + ## License diff --git a/image/Dockerfile b/image/Dockerfile index dfceb98..038c8c5 100644 --- a/image/Dockerfile +++ b/image/Dockerfile @@ -148,6 +148,8 @@ ENV \ GITEA_INSTANCE_INSECURE='false' \ # GITEA_RUNNER_JOB_CONTAINER_NETWORK='bridge' \ + GITEA_RUNNER_JOB_CONTAINER_OPTIONS='' \ + GITEA_RUNNER_JOB_CONTAINER_PRIVILEGED='false' \ GITEA_RUNNER_ACTION_CACHE_DIR='/data/cache/actions' \ # ACT_CACHE_SERVER_ENABLED='true' \ diff --git a/image/config.template.yaml b/image/config.template.yaml index 9d2e523..9746174 100644 --- a/image/config.template.yaml +++ b/image/config.template.yaml @@ -48,3 +48,7 @@ cache: container: # Which network to use for the job containers. Could be bridge, host, none, or the name of a custom network. network_mode: ${GITEA_RUNNER_JOB_CONTAINER_NETWORK:-bridge} + # Whether to use privileged mode or not when launching task containers (privileged mode is required for Docker-in-Docker). + privileged: ${GITEA_RUNNER_JOB_CONTAINER_PRIVILEGED:-false} + # Additional container launch options (eg, --add-host=my.gitea.url:host-gateway) + options: ${GITEA_RUNNER_JOB_CONTAINER_OPTIONS:-}