From 4bfbfec4773ca27b70c59426eadcccdef1903d5b Mon Sep 17 00:00:00 2001 From: a1012112796 <1012112796@qq.com> Date: Thu, 8 Jun 2023 04:26:52 +0000 Subject: [PATCH 01/16] fix defaultActionsUrls config for exec (#233) follow #200 Reviewed-on: https://gitea.com/gitea/act_runner/pulls/233 Reviewed-by: Lunny Xiao Reviewed-by: Jason Song Co-authored-by: a1012112796 <1012112796@qq.com> Co-committed-by: a1012112796 <1012112796@qq.com> --- internal/app/cmd/exec.go | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/internal/app/cmd/exec.go b/internal/app/cmd/exec.go index 99e7ad8..8861950 100644 --- a/internal/app/cmd/exec.go +++ b/internal/app/cmd/exec.go @@ -39,7 +39,7 @@ type executeArgs struct { envs []string envfile string secrets []string - defaultActionsUrl string + defaultActionsUrls []string insecureSecrets bool privileged bool usernsMode string @@ -403,10 +403,10 @@ func runExec(ctx context.Context, execArgs *executeArgs) func(cmd *cobra.Command NoSkipCheckout: execArgs.noSkipCheckout, // PresetGitHubContext: preset, // EventJSON: string(eventJSON), - ContainerNamePrefix: fmt.Sprintf("GITEA-ACTIONS-TASK-%s", eventName), - ContainerMaxLifetime: maxLifetime, - ContainerNetworkMode: container.NetworkMode(execArgs.network), - DefaultActionInstance: execArgs.defaultActionsUrl, + ContainerNamePrefix: fmt.Sprintf("GITEA-ACTIONS-TASK-%s", eventName), + ContainerMaxLifetime: maxLifetime, + ContainerNetworkMode: container.NetworkMode(execArgs.network), + DefaultActionsURLs: execArgs.defaultActionsUrls, PlatformPicker: func(_ []string) string { return execArgs.image }, @@ -470,7 +470,7 @@ func loadExecCmd(ctx context.Context) *cobra.Command { execCmd.PersistentFlags().StringVarP(&execArg.artifactServerPath, "artifact-server-path", "", ".", "Defines the path where the artifact server stores uploads and retrieves downloads from. If not specified the artifact server will not start.") execCmd.PersistentFlags().StringVarP(&execArg.artifactServerAddr, "artifact-server-addr", "", "", "Defines the address where the artifact server listens") execCmd.PersistentFlags().StringVarP(&execArg.artifactServerPort, "artifact-server-port", "", "34567", "Defines the port where the artifact server listens (will only bind to localhost).") - execCmd.PersistentFlags().StringVarP(&execArg.defaultActionsUrl, "default-actions-url", "", "https://gitea.com", "Defines the default url of action instance.") + execCmd.PersistentFlags().StringArrayVarP(&execArg.defaultActionsUrls, "default-actions-url", "", []string{"https://gitea.com", "https://github.com"}, "Defines the default url list of action instance.") execCmd.PersistentFlags().BoolVarP(&execArg.noSkipCheckout, "no-skip-checkout", "", false, "Do not skip actions/checkout") execCmd.PersistentFlags().BoolVarP(&execArg.debug, "debug", "d", false, "enable debug log") execCmd.PersistentFlags().BoolVarP(&execArg.dryrun, "dryrun", "n", false, "dryrun mode") From a29307a9d92adda4a75a3b05cff31de78824debb Mon Sep 17 00:00:00 2001 From: Jason Song Date: Fri, 9 Jun 2023 02:50:30 +0000 Subject: [PATCH 02/16] Remove hadolint and improve Dockerfile (#234) Replace #190 See: - https://gitea.com/gitea/act_runner/pulls/190#issuecomment-741196 - https://gitea.com/gitea/act_runner/pulls/208#issuecomment-741049 Reviewed-on: https://gitea.com/gitea/act_runner/pulls/234 Reviewed-by: Lunny Xiao Reviewed-by: silverwind Reviewed-by: delvh --- .gitea/workflows/release-nightly.yml | 5 ----- .gitea/workflows/release-tag.yml | 5 ----- .gitea/workflows/test.yml | 4 ---- Dockerfile | 10 ++++------ 4 files changed, 4 insertions(+), 20 deletions(-) diff --git a/.gitea/workflows/release-nightly.yml b/.gitea/workflows/release-nightly.yml index 85c368c..b7127ee 100644 --- a/.gitea/workflows/release-nightly.yml +++ b/.gitea/workflows/release-nightly.yml @@ -58,11 +58,6 @@ jobs: with: fetch-depth: 0 # all history for all branches and tags - - name: dockerfile lint check - uses: https://github.com/hadolint/hadolint-action@v3.1.0 - with: - dockerfile: Dockerfile - - name: Set up QEMU uses: docker/setup-qemu-action@v2 diff --git a/.gitea/workflows/release-tag.yml b/.gitea/workflows/release-tag.yml index 927644b..fe3be30 100644 --- a/.gitea/workflows/release-tag.yml +++ b/.gitea/workflows/release-tag.yml @@ -69,11 +69,6 @@ jobs: with: fetch-depth: 0 # all history for all branches and tags - - name: dockerfile lint check - uses: https://github.com/hadolint/hadolint-action@v3.1.0 - with: - dockerfile: Dockerfile - - name: Set up QEMU uses: docker/setup-qemu-action@v2 diff --git a/.gitea/workflows/test.yml b/.gitea/workflows/test.yml index 7ffe3b0..73fbd00 100644 --- a/.gitea/workflows/test.yml +++ b/.gitea/workflows/test.yml @@ -36,7 +36,3 @@ jobs: run: make build - name: test run: make test - - name: dockerfile lint check - uses: https://github.com/hadolint/hadolint-action@v3.1.0 - with: - dockerfile: Dockerfile diff --git a/Dockerfile b/Dockerfile index 1f4b89c..0fa7e00 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,14 @@ -FROM golang:1.20-alpine3.17 as builder +FROM golang:1.20-alpine3.18 as builder # Do not remove `git` here, it is required for getting runner version when executing `make build` -RUN apk add --no-cache make=4.3-r1 git=2.38.5-r0 +RUN apk add --no-cache make git COPY . /opt/src/act_runner WORKDIR /opt/src/act_runner RUN make clean && make build -FROM alpine:3.17 -RUN apk add --no-cache \ - git=2.38.5-r0 bash=5.2.15-r0 tini=0.19.0-r1 \ - && rm -rf /var/cache/apk/* +FROM alpine:3.18 +RUN apk add --no-cache git bash tini COPY --from=builder /opt/src/act_runner/act_runner /usr/local/bin/act_runner COPY run.sh /opt/act/run.sh From b21d476acab1ffe576fa4ff043700efcd32a680e Mon Sep 17 00:00:00 2001 From: MarkusLoeffler01 Date: Fri, 9 Jun 2023 17:34:23 +0000 Subject: [PATCH 03/16] Exit with Code 1 if registering a runner fails (#228) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ### It's a "simple dirty fix" and I don't have any experiences with Go, so if this doesn't match your coding compliance, please adjust the code as needed I'm using bash scripts to register a token `./act_runner/act_runner register --no-interactive --name runner$number --instance http://localhost:3000 --token $token` But when a token is invalid, the command still returns 0, which is not practical for automation. A simple non-zero return would be more convenient for power users and developers. Co-authored-by: Markus Löffler Co-authored-by: techknowlogick Reviewed-on: https://gitea.com/gitea/act_runner/pulls/228 Reviewed-by: techknowlogick Co-authored-by: MarkusLoeffler01 Co-committed-by: MarkusLoeffler01 --- internal/app/cmd/register.go | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/internal/app/cmd/register.go b/internal/app/cmd/register.go index 51318e8..666d463 100644 --- a/internal/app/cmd/register.go +++ b/internal/app/cmd/register.go @@ -197,7 +197,7 @@ func registerInteractive(configFile string) error { if stage == StageWaitingForRegistration { log.Infof("Registering runner, name=%s, instance=%s, labels=%v.", inputs.RunnerName, inputs.InstanceAddr, inputs.CustomLabels) if err := doRegister(cfg, inputs); err != nil { - log.Errorf("Failed to register runner: %v", err) + return fmt.Errorf("Failed to register runner: %w", err) } else { log.Infof("Runner registered successfully.") } @@ -257,8 +257,7 @@ func registerNoInteractive(configFile string, regArgs *registerArgs) error { return nil } if err := doRegister(cfg, inputs); err != nil { - log.Errorf("Failed to register runner: %v", err) - return nil + return fmt.Errorf("Failed to register runner: %w", err) } log.Infof("Runner registered successfully.") return nil From 341d49a24d45abe4c7636e46d524f1ca2bf687cc Mon Sep 17 00:00:00 2001 From: ccureau Date: Mon, 12 Jun 2023 06:35:27 +0000 Subject: [PATCH 04/16] implement act_runner rootless image (#208) This PR creates a rootless Docker image that runs both `dockerd` and `act_runner` using `supervisord`. It has been tested locally for a few days and seems stable. Co-authored-by: ccureau Reviewed-on: https://gitea.com/gitea/act_runner/pulls/208 Reviewed-by: Jason Song Co-authored-by: ccureau Co-committed-by: ccureau --- Dockerfile | 2 +- Dockerfile.rootless | 24 +++++++++ Makefile | 2 + examples/kubernetes/README.md | 3 ++ examples/kubernetes/rootless-docker.yaml | 68 ++++++++++++++++++++++++ scripts/rootless.sh | 9 ++++ run.sh => scripts/run.sh | 0 scripts/supervisord.conf | 13 +++++ 8 files changed, 120 insertions(+), 1 deletion(-) create mode 100644 Dockerfile.rootless create mode 100644 examples/kubernetes/rootless-docker.yaml create mode 100755 scripts/rootless.sh rename run.sh => scripts/run.sh (100%) create mode 100644 scripts/supervisord.conf diff --git a/Dockerfile b/Dockerfile index 0fa7e00..478938f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,6 +11,6 @@ FROM alpine:3.18 RUN apk add --no-cache git bash tini COPY --from=builder /opt/src/act_runner/act_runner /usr/local/bin/act_runner -COPY run.sh /opt/act/run.sh +COPY scripts/run.sh /opt/act/run.sh ENTRYPOINT ["/sbin/tini","--","/opt/act/run.sh"] diff --git a/Dockerfile.rootless b/Dockerfile.rootless new file mode 100644 index 0000000..b80033d --- /dev/null +++ b/Dockerfile.rootless @@ -0,0 +1,24 @@ +FROM golang:1.20-alpine3.18 as builder +# Do not remove `git` here, it is required for getting runner version when executing `make build` +RUN apk add --no-cache make git + +COPY . /opt/src/act_runner +WORKDIR /opt/src/act_runner + +RUN make clean && make build + +FROM docker:dind-rootless +USER root +RUN apk add --no-cache \ + git bash supervisor + +COPY --from=builder /opt/src/act_runner/act_runner /usr/local/bin/act_runner +COPY /scripts/supervisord.conf /etc/supervisord.conf +COPY /scripts/run.sh /opt/act/run.sh +COPY /scripts/rootless.sh /opt/act/rootless.sh + +RUN mkdir /data \ + && chown rootless:rootless /data + +USER rootless +ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] diff --git a/Makefile b/Makefile index 454d2f5..2b8db97 100644 --- a/Makefile +++ b/Makefile @@ -19,6 +19,7 @@ GOFILES := $(shell find . -type f -name "*.go" -o -name "go.mod" ! -name "genera DOCKER_IMAGE ?= gitea/act_runner DOCKER_TAG ?= nightly DOCKER_REF := $(DOCKER_IMAGE):$(DOCKER_TAG) +DOCKER_ROOTLESS_REF := $(DOCKER_IMAGE)_rootless:$(DOCKER_TAG) ifneq ($(shell uname), Darwin) EXTLDFLAGS = -extldflags "-static" $(null) @@ -169,6 +170,7 @@ docker: ARG_DISABLE_CONTENT_TRUST=--disable-content-trust=false; \ fi; \ docker build $${ARG_DISABLE_CONTENT_TRUST} -t $(DOCKER_REF) . + docker build $${ARG_DISABLE_CONTENT_TRUST} -t $(DOCKER_ROOTLESS_REF) -f Dockerfile.rootless . clean: $(GO) clean -x -i ./... diff --git a/examples/kubernetes/README.md b/examples/kubernetes/README.md index a21d4a6..5427893 100644 --- a/examples/kubernetes/README.md +++ b/examples/kubernetes/README.md @@ -6,3 +6,6 @@ Files in this directory: - [`dind-docker.yaml`](dind-docker.yaml) How to create a Deployment and Persistent Volume for Kubernetes to act as a runner. The Docker credentials are re-generated each time the pod connects and does not need to be persisted. + +- [`rootless-docker.yaml`](rootless-docker.yaml) + How to create a rootless Deployment and Persistent Volume for Kubernetes to act as a runner. The Docker credentials are re-generated each time the pod connects and does not need to be persisted. diff --git a/examples/kubernetes/rootless-docker.yaml b/examples/kubernetes/rootless-docker.yaml new file mode 100644 index 0000000..5945bdc --- /dev/null +++ b/examples/kubernetes/rootless-docker.yaml @@ -0,0 +1,68 @@ +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: act-runner-vol +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + storageClassName: standard +--- +apiVersion: v1 +data: + token: << runner registration token goes here >> +kind: Secret +metadata: + name: runner-secret +type: Opaque +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + app: act-runner + name: act-runner +spec: + replicas: 1 + selector: + matchLabels: + app: act-runner + strategy: {} + template: + metadata: + creationTimestamp: null + labels: + app: act-runner + spec: + restartPolicy: Always + volumes: + - name: runner-data + persistentVolumeClaim: + claimName: act-runner-vol + containers: + - name: runner + image: gitea/act_runner:nightly-rootless + imagePullPolicy: Always + # command: ["sh", "-c", "while ! nc -z localhost 2376 Date: Tue, 13 Jun 2023 04:09:11 +0000 Subject: [PATCH 05/16] Improve `run.sh` to handle empty labels and log to stdout (#237) 1. Print logs on standard output 2. Don't add labels if GITEA_RUNNER_LABELS not set Reviewed-on: https://gitea.com/gitea/act_runner/pulls/237 Reviewed-by: Jason Song Co-authored-by: Tomasz Duda Co-committed-by: Tomasz Duda --- scripts/run.sh | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/scripts/run.sh b/scripts/run.sh index 8317b2d..d0154f0 100755 --- a/scripts/run.sh +++ b/scripts/run.sh @@ -10,6 +10,10 @@ CONFIG_ARG="" if [[ ! -z "${CONFIG_FILE}" ]]; then CONFIG_ARG="--config ${CONFIG_FILE}" fi +EXTRA_ARGS="" +if [[ ! -z "${GITEA_RUNNER_LABELS}" ]]; then + EXTRA_ARGS="${EXTRA_ARGS} --labels ${GITEA_RUNNER_LABELS}" +fi # Use the same ENV variable names as https://github.com/vegardit/docker-gitea-act-runner @@ -26,10 +30,7 @@ if [[ ! -s .runner ]]; then --instance "${GITEA_INSTANCE_URL}" \ --token "${GITEA_RUNNER_REGISTRATION_TOKEN}" \ --name "${GITEA_RUNNER_NAME:-`hostname`}" \ - --labels "${GITEA_RUNNER_LABELS}" \ - ${CONFIG_ARG} --no-interactive > /tmp/reg.log 2>&1 - - cat /tmp/reg.log + ${CONFIG_ARG} ${EXTRA_ARGS} --no-interactive 2>&1 | tee /tmp/reg.log cat /tmp/reg.log | grep 'Runner registered successfully' > /dev/null if [[ $? -eq 0 ]]; then From 67b1363d258ecd391fcbd4e70bafb815d06b8e62 Mon Sep 17 00:00:00 2001 From: sillyguodong Date: Thu, 15 Jun 2023 03:59:15 +0000 Subject: [PATCH 06/16] Support changing labels (#201) Implement proposal: https://github.com/go-gitea/gitea/issues/24540 Related: - Protocol: https://gitea.com/gitea/actions-proto-def/pulls/9 - Gitea side: https://github.com/go-gitea/gitea/pull/24806 Co-authored-by: Jason Song Reviewed-on: https://gitea.com/gitea/act_runner/pulls/201 Reviewed-by: Jason Song Co-authored-by: sillyguodong Co-committed-by: sillyguodong --- Makefile | 2 +- go.mod | 2 +- go.sum | 4 +- internal/app/cmd/daemon.go | 26 +++++++++- internal/app/cmd/register.go | 64 ++++++++++++++++++------- internal/app/run/runner.go | 8 ++++ internal/pkg/client/header.go | 5 +- internal/pkg/client/http.go | 1 + internal/pkg/client/mocks/Client.go | 26 ++++++++++ internal/pkg/config/config.example.yaml | 5 ++ internal/pkg/config/config.go | 1 + internal/pkg/labels/labels.go | 23 +++++++++ 12 files changed, 142 insertions(+), 25 deletions(-) diff --git a/Makefile b/Makefile index 2b8db97..37ae9e6 100644 --- a/Makefile +++ b/Makefile @@ -70,7 +70,7 @@ GO_PACKAGES_TO_VET ?= $(filter-out gitea.com/gitea/act_runner/internal/pkg/clien TAGS ?= -LDFLAGS ?= -X "gitea.com/gitea/act_runner/internal/pkg/ver.version=$(RELASE_VERSION)" +LDFLAGS ?= -X "gitea.com/gitea/act_runner/internal/pkg/ver.version=v$(RELASE_VERSION)" all: build diff --git a/go.mod b/go.mod index 6b77a04..e25a76b 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module gitea.com/gitea/act_runner go 1.20 require ( - code.gitea.io/actions-proto-go v0.2.1 + code.gitea.io/actions-proto-go v0.3.0 code.gitea.io/gitea-vet v0.2.3-0.20230113022436-2b1561217fa5 github.com/avast/retry-go/v4 v4.3.1 github.com/bufbuild/connect-go v1.3.1 diff --git a/go.sum b/go.sum index 5269551..658dbfb 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,5 @@ -code.gitea.io/actions-proto-go v0.2.1 h1:ToMN/8thz2q10TuCq8dL2d8mI+/pWpJcHCvG+TELwa0= -code.gitea.io/actions-proto-go v0.2.1/go.mod h1:00ys5QDo1iHN1tHNvvddAcy2W/g+425hQya1cCSvq9A= +code.gitea.io/actions-proto-go v0.3.0 h1:9Tvg8+TaaCXPKi6EnWl9vVgs2VZsj1Cs5afnsHa4AmM= +code.gitea.io/actions-proto-go v0.3.0/go.mod h1:00ys5QDo1iHN1tHNvvddAcy2W/g+425hQya1cCSvq9A= code.gitea.io/gitea-vet v0.2.3-0.20230113022436-2b1561217fa5 h1:daBEK2GQeqGikJESctP5Cu1i33z5ztAD4kyQWiw185M= code.gitea.io/gitea-vet v0.2.3-0.20230113022436-2b1561217fa5/go.mod h1:zcNbT/aJEmivCAhfmkHOlT645KNOf9W2KnkLgFjGGfE= gitea.com/gitea/act v0.245.2-0.20230606002131-6ce5c93cc815 h1:u4rHwJLJnH6mej1BjEc4iubwknVeJmRVq9xQP9cAMeQ= diff --git a/internal/app/cmd/daemon.go b/internal/app/cmd/daemon.go index 9cd66e2..d9b1821 100644 --- a/internal/app/cmd/daemon.go +++ b/internal/app/cmd/daemon.go @@ -12,6 +12,7 @@ import ( "strconv" "strings" + "github.com/bufbuild/connect-go" "github.com/mattn/go-isatty" log "github.com/sirupsen/logrus" "github.com/spf13/cobra" @@ -43,8 +44,13 @@ func runDaemon(ctx context.Context, configFile *string) func(cmd *cobra.Command, return fmt.Errorf("failed to load registration file: %w", err) } + lbls := reg.Labels + if len(cfg.Runner.Labels) > 0 { + lbls = cfg.Runner.Labels + } + ls := labels.Labels{} - for _, l := range reg.Labels { + for _, l := range lbls { label, err := labels.Parse(l) if err != nil { log.WithError(err).Warnf("ignored invalid label %q", l) @@ -71,6 +77,24 @@ func runDaemon(ctx context.Context, configFile *string) func(cmd *cobra.Command, ) runner := run.NewRunner(cfg, reg, cli) + // declare the labels of the runner before fetching tasks + resp, err := runner.Declare(ctx, ls.Names()) + if err != nil && connect.CodeOf(err) == connect.CodeUnimplemented { + // Gitea instance is older version. skip declare step. + log.Warn("Because the Gitea instance is an old version, skip declare labels and version.") + } else if err != nil { + log.WithError(err).Error("fail to invoke Declare") + return err + } else { + log.Infof("runner: %s, with version: %s, with labels: %v, declare successfully", + resp.Msg.Runner.Name, resp.Msg.Runner.Version, resp.Msg.Runner.Labels) + // if declare successfully, override the labels in the.runner file with valid labels in the config file (if specified) + reg.Labels = ls.ToStrings() + if err := config.SaveRegistration(cfg.Runner.File, reg); err != nil { + return fmt.Errorf("failed to save runner config: %w", err) + } + } + poller := poll.New(cfg, cli, runner) poller.Poll(ctx) diff --git a/internal/app/cmd/register.go b/internal/app/cmd/register.go index 666d463..fcea74d 100644 --- a/internal/app/cmd/register.go +++ b/internal/app/cmd/register.go @@ -85,7 +85,7 @@ const ( StageInputInstance StageInputToken StageInputRunnerName - StageInputCustomLabels + StageInputLabels StageWaitingForRegistration StageExit ) @@ -101,7 +101,7 @@ type registerInputs struct { InstanceAddr string Token string RunnerName string - CustomLabels []string + Labels []string } func (r *registerInputs) validate() error { @@ -111,8 +111,8 @@ func (r *registerInputs) validate() error { if r.Token == "" { return fmt.Errorf("token is empty") } - if len(r.CustomLabels) > 0 { - return validateLabels(r.CustomLabels) + if len(r.Labels) > 0 { + return validateLabels(r.Labels) } return nil } @@ -126,7 +126,7 @@ func validateLabels(ls []string) error { return nil } -func (r *registerInputs) assignToNext(stage registerStage, value string) registerStage { +func (r *registerInputs) assignToNext(stage registerStage, value string, cfg *config.Config) registerStage { // must set instance address and token. // if empty, keep current stage. if stage == StageInputInstance || stage == StageInputToken { @@ -154,16 +154,33 @@ func (r *registerInputs) assignToNext(stage registerStage, value string) registe return StageInputRunnerName case StageInputRunnerName: r.RunnerName = value - return StageInputCustomLabels - case StageInputCustomLabels: - r.CustomLabels = defaultLabels + // if there are some labels configured in config file, skip input labels stage + if len(cfg.Runner.Labels) > 0 { + ls := make([]string, 0, len(cfg.Runner.Labels)) + for _, l := range cfg.Runner.Labels { + _, err := labels.Parse(l) + if err != nil { + log.WithError(err).Warnf("ignored invalid label %q", l) + continue + } + ls = append(ls, l) + } + if len(ls) == 0 { + log.Warn("no valid labels configured in config file, runner may not be able to pick up jobs") + } + r.Labels = ls + return StageWaitingForRegistration + } + return StageInputLabels + case StageInputLabels: + r.Labels = defaultLabels if value != "" { - r.CustomLabels = strings.Split(value, ",") + r.Labels = strings.Split(value, ",") } - if validateLabels(r.CustomLabels) != nil { + if validateLabels(r.Labels) != nil { log.Infoln("Invalid labels, please input again, leave blank to use the default labels (for example, ubuntu-20.04:docker://node:16-bullseye,ubuntu-18.04:docker://node:16-buster,linux_arm:host)") - return StageInputCustomLabels + return StageInputLabels } return StageWaitingForRegistration } @@ -192,10 +209,10 @@ func registerInteractive(configFile string) error { if err != nil { return err } - stage = inputs.assignToNext(stage, strings.TrimSpace(cmdString)) + stage = inputs.assignToNext(stage, strings.TrimSpace(cmdString), cfg) if stage == StageWaitingForRegistration { - log.Infof("Registering runner, name=%s, instance=%s, labels=%v.", inputs.RunnerName, inputs.InstanceAddr, inputs.CustomLabels) + log.Infof("Registering runner, name=%s, instance=%s, labels=%v.", inputs.RunnerName, inputs.InstanceAddr, inputs.Labels) if err := doRegister(cfg, inputs); err != nil { return fmt.Errorf("Failed to register runner: %w", err) } else { @@ -226,7 +243,7 @@ func printStageHelp(stage registerStage) { case StageInputRunnerName: hostname, _ := os.Hostname() log.Infof("Enter the runner name (if set empty, use hostname: %s):\n", hostname) - case StageInputCustomLabels: + case StageInputLabels: log.Infoln("Enter the runner labels, leave blank to use the default labels (comma-separated, for example, ubuntu-20.04:docker://node:16-bullseye,ubuntu-18.04:docker://node:16-buster,linux_arm:host):") case StageWaitingForRegistration: log.Infoln("Waiting for registration...") @@ -242,12 +259,21 @@ func registerNoInteractive(configFile string, regArgs *registerArgs) error { InstanceAddr: regArgs.InstanceAddr, Token: regArgs.Token, RunnerName: regArgs.RunnerName, - CustomLabels: defaultLabels, + Labels: defaultLabels, } regArgs.Labels = strings.TrimSpace(regArgs.Labels) + // command line flag. if regArgs.Labels != "" { - inputs.CustomLabels = strings.Split(regArgs.Labels, ",") + inputs.Labels = strings.Split(regArgs.Labels, ",") } + // specify labels in config file. + if len(cfg.Runner.Labels) > 0 { + if regArgs.Labels != "" { + log.Warn("Labels from command will be ignored, use labels defined in config file.") + } + inputs.Labels = cfg.Runner.Labels + } + if inputs.RunnerName == "" { inputs.RunnerName, _ = os.Hostname() log.Infof("Runner name is empty, use hostname '%s'.", inputs.RunnerName) @@ -302,7 +328,7 @@ func doRegister(cfg *config.Config, inputs *registerInputs) error { Name: inputs.RunnerName, Token: inputs.Token, Address: inputs.InstanceAddr, - Labels: inputs.CustomLabels, + Labels: inputs.Labels, } ls := make([]string, len(reg.Labels)) @@ -314,7 +340,9 @@ func doRegister(cfg *config.Config, inputs *registerInputs) error { resp, err := cli.Register(ctx, connect.NewRequest(&runnerv1.RegisterRequest{ Name: reg.Name, Token: reg.Token, - AgentLabels: ls, + Version: ver.Version(), + AgentLabels: ls, // Could be removed after Gitea 1.20 + Labels: ls, })) if err != nil { log.WithError(err).Error("poller: cannot register new runner") diff --git a/internal/app/run/runner.go b/internal/app/run/runner.go index d636608..b78b4fc 100644 --- a/internal/app/run/runner.go +++ b/internal/app/run/runner.go @@ -13,6 +13,7 @@ import ( "time" runnerv1 "code.gitea.io/actions-proto-go/runner/v1" + "github.com/bufbuild/connect-go" "github.com/docker/docker/api/types/container" "github.com/nektos/act/pkg/artifactcache" "github.com/nektos/act/pkg/common" @@ -224,3 +225,10 @@ func parseDefaultActionsURLs(s string) []string { } return trimmed } + +func (r *Runner) Declare(ctx context.Context, labels []string) (*connect.Response[runnerv1.DeclareResponse], error) { + return r.client.Declare(ctx, connect.NewRequest(&runnerv1.DeclareRequest{ + Version: ver.Version(), + Labels: labels, + })) +} diff --git a/internal/pkg/client/header.go b/internal/pkg/client/header.go index df8627a..24844fa 100644 --- a/internal/pkg/client/header.go +++ b/internal/pkg/client/header.go @@ -4,7 +4,8 @@ package client const ( - UUIDHeader = "x-runner-uuid" - TokenHeader = "x-runner-token" + UUIDHeader = "x-runner-uuid" + TokenHeader = "x-runner-token" + // Deprecated: could be removed after Gitea 1.20 released VersionHeader = "x-runner-version" ) diff --git a/internal/pkg/client/http.go b/internal/pkg/client/http.go index cc0c44e..bcd74ae 100644 --- a/internal/pkg/client/http.go +++ b/internal/pkg/client/http.go @@ -39,6 +39,7 @@ func New(endpoint string, insecure bool, uuid, token, version string, opts ...co if token != "" { req.Header().Set(TokenHeader, token) } + // TODO: version will be removed from request header after Gitea 1.20 released. if version != "" { req.Header().Set(VersionHeader, version) } diff --git a/internal/pkg/client/mocks/Client.go b/internal/pkg/client/mocks/Client.go index a689c54..d80992d 100644 --- a/internal/pkg/client/mocks/Client.go +++ b/internal/pkg/client/mocks/Client.go @@ -33,6 +33,32 @@ func (_m *Client) Address() string { return r0 } +// Declare provides a mock function with given fields: _a0, _a1 +func (_m *Client) Declare(_a0 context.Context, _a1 *connect.Request[runnerv1.DeclareRequest]) (*connect.Response[runnerv1.DeclareResponse], error) { + ret := _m.Called(_a0, _a1) + + var r0 *connect.Response[runnerv1.DeclareResponse] + var r1 error + if rf, ok := ret.Get(0).(func(context.Context, *connect.Request[runnerv1.DeclareRequest]) (*connect.Response[runnerv1.DeclareResponse], error)); ok { + return rf(_a0, _a1) + } + if rf, ok := ret.Get(0).(func(context.Context, *connect.Request[runnerv1.DeclareRequest]) *connect.Response[runnerv1.DeclareResponse]); ok { + r0 = rf(_a0, _a1) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(*connect.Response[runnerv1.DeclareResponse]) + } + } + + if rf, ok := ret.Get(1).(func(context.Context, *connect.Request[runnerv1.DeclareRequest]) error); ok { + r1 = rf(_a0, _a1) + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + // FetchTask provides a mock function with given fields: _a0, _a1 func (_m *Client) FetchTask(_a0 context.Context, _a1 *connect.Request[runnerv1.FetchTaskRequest]) (*connect.Response[runnerv1.FetchTaskResponse], error) { ret := _m.Called(_a0, _a1) diff --git a/internal/pkg/config/config.example.yaml b/internal/pkg/config/config.example.yaml index fbcdf57..86a3998 100644 --- a/internal/pkg/config/config.example.yaml +++ b/internal/pkg/config/config.example.yaml @@ -26,6 +26,11 @@ runner: fetch_timeout: 5s # The interval for fetching the job from the Gitea instance. fetch_interval: 2s + # The labels of a runner are used to determine which jobs the runner can run, and how to run them. + # Like: ["macos-arm64:host", "ubuntu-latest:docker://node:16-bullseye", "ubuntu-22.04:docker://node:16-bullseye"] + # If it's empty when registering, it will ask for inputting labels. + # If it's empty when execute `deamon`, will use labels in `.runner` file. + labels: [] cache: # Enable cache server to use actions/cache. diff --git a/internal/pkg/config/config.go b/internal/pkg/config/config.go index 4819687..4a43a46 100644 --- a/internal/pkg/config/config.go +++ b/internal/pkg/config/config.go @@ -29,6 +29,7 @@ type Runner struct { Insecure bool `yaml:"insecure"` // Insecure indicates whether the runner operates in an insecure mode. FetchTimeout time.Duration `yaml:"fetch_timeout"` // FetchTimeout specifies the timeout duration for fetching resources. FetchInterval time.Duration `yaml:"fetch_interval"` // FetchInterval specifies the interval duration for fetching resources. + Labels []string `yaml:"labels"` // Labels specifies the labels of the runner. Labels are declared on each startup } // Cache represents the configuration for caching. diff --git a/internal/pkg/labels/labels.go b/internal/pkg/labels/labels.go index 0848222..8c38b14 100644 --- a/internal/pkg/labels/labels.go +++ b/internal/pkg/labels/labels.go @@ -82,3 +82,26 @@ func (l Labels) PickPlatform(runsOn []string) string { // TODO: it may be not correct, what if the runner is used as host mode only? return "node:16-bullseye" } + +func (l Labels) Names() []string { + names := make([]string, 0, len(l)) + for _, label := range l { + names = append(names, label.Name) + } + return names +} + +func (l Labels) ToStrings() []string { + ls := make([]string, 0, len(l)) + for _, label := range l { + lbl := label.Name + if label.Schema != "" { + lbl += ":" + label.Schema + if label.Arg != "" { + lbl += ":" + label.Arg + } + } + ls = append(ls, lbl) + } + return ls +} From 316534996aa6d0c037319e23651fd87024586000 Mon Sep 17 00:00:00 2001 From: Jason Song Date: Thu, 15 Jun 2023 05:27:35 +0000 Subject: [PATCH 07/16] Build docker image `gitea/act_runner/x.y.z-dind-rootless` (#239) Follow #208 Reviewed-on: https://gitea.com/gitea/act_runner/pulls/239 Reviewed-by: Zettat123 --- .gitea/workflows/release-nightly.yml | 13 +++++++++++++ .gitea/workflows/release-tag.yml | 15 +++++++++++++++ Makefile | 2 +- examples/kubernetes/rootless-docker.yaml | 2 +- 4 files changed, 30 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/release-nightly.yml b/.gitea/workflows/release-nightly.yml index b7127ee..053d6c7 100644 --- a/.gitea/workflows/release-nightly.yml +++ b/.gitea/workflows/release-nightly.yml @@ -90,3 +90,16 @@ jobs: tags: | ${{ env.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}:${{ env.DOCKER_LATEST }} + - name: Build and push dind-rootless + uses: docker/build-push-action@v4 + env: + ACTIONS_RUNTIME_TOKEN: '' # See https://gitea.com/gitea/act_runner/issues/119 + with: + context: . + file: ./Dockerfile.rootless + platforms: | + linux/amd64 + linux/arm64 + push: true + tags: | + ${{ env.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}:${{ env.DOCKER_LATEST }}-dind-rootless diff --git a/.gitea/workflows/release-tag.yml b/.gitea/workflows/release-tag.yml index fe3be30..e7c1173 100644 --- a/.gitea/workflows/release-tag.yml +++ b/.gitea/workflows/release-tag.yml @@ -101,3 +101,18 @@ jobs: tags: | ${{ env.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}:${{ steps.meta.outputs.REPO_VERSION }} ${{ env.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}:${{ env.DOCKER_LATEST }} + + - name: Build and push dind-rootless + uses: docker/build-push-action@v4 + env: + ACTIONS_RUNTIME_TOKEN: '' # See https://gitea.com/gitea/act_runner/issues/119 + with: + context: . + file: ./Dockerfile.rootless + platforms: | + linux/amd64 + linux/arm64 + push: true + tags: | + ${{ env.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}:${{ steps.meta.outputs.REPO_VERSION }}-dind-rootless + ${{ env.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}:${{ env.DOCKER_LATEST }}-dind-rootless diff --git a/Makefile b/Makefile index 37ae9e6..2e6c48e 100644 --- a/Makefile +++ b/Makefile @@ -19,7 +19,7 @@ GOFILES := $(shell find . -type f -name "*.go" -o -name "go.mod" ! -name "genera DOCKER_IMAGE ?= gitea/act_runner DOCKER_TAG ?= nightly DOCKER_REF := $(DOCKER_IMAGE):$(DOCKER_TAG) -DOCKER_ROOTLESS_REF := $(DOCKER_IMAGE)_rootless:$(DOCKER_TAG) +DOCKER_ROOTLESS_REF := $(DOCKER_IMAGE):$(DOCKER_TAG)-dind-rootless ifneq ($(shell uname), Darwin) EXTLDFLAGS = -extldflags "-static" $(null) diff --git a/examples/kubernetes/rootless-docker.yaml b/examples/kubernetes/rootless-docker.yaml index 5945bdc..2848e75 100644 --- a/examples/kubernetes/rootless-docker.yaml +++ b/examples/kubernetes/rootless-docker.yaml @@ -43,7 +43,7 @@ spec: claimName: act-runner-vol containers: - name: runner - image: gitea/act_runner:nightly-rootless + image: gitea/act_runner:nightly-dind-rootless imagePullPolicy: Always # command: ["sh", "-c", "while ! nc -z localhost 2376 Date: Thu, 15 Jun 2023 05:40:37 +0000 Subject: [PATCH 08/16] Accept empty file as config (#241) Close #240 `yaml.Decoder.Decode` will return EOF when the root node is nil , see https://github.com/go-yaml/yaml/blob/v3/yaml.go#L125 While `yaml.Unmarshal` will accept it, see https://github.com/go-yaml/yaml/blob/v3/yaml.go#L162 Reviewed-on: https://gitea.com/gitea/act_runner/pulls/241 Reviewed-by: Zettat123 --- internal/pkg/config/config.go | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/internal/pkg/config/config.go b/internal/pkg/config/config.go index 4a43a46..056d2f1 100644 --- a/internal/pkg/config/config.go +++ b/internal/pkg/config/config.go @@ -62,14 +62,12 @@ type Config struct { func LoadDefault(file string) (*Config, error) { cfg := &Config{} if file != "" { - f, err := os.Open(file) + content, err := os.ReadFile(file) if err != nil { - return nil, err + return nil, fmt.Errorf("open config file %q: %w", file, err) } - defer f.Close() - decoder := yaml.NewDecoder(f) - if err := decoder.Decode(&cfg); err != nil { - return nil, err + if err := yaml.Unmarshal(content, cfg); err != nil { + return nil, fmt.Errorf("parse config file %q: %w", file, err) } } compatibleWithOldEnvs(file != "", cfg) From ec38401097a1cbe02cc1f029436f514740054a82 Mon Sep 17 00:00:00 2001 From: Zettat123 Date: Fri, 16 Jun 2023 06:07:48 +0000 Subject: [PATCH 09/16] Add `ValidVolumes` config (#226) Follow https://gitea.com/gitea/act/pulls/60, https://gitea.com/gitea/act/pulls/64 This PR adds the `valid_volumes` configuration. `valid_volumes` is a sequence containing the volumes (including bind mounts) that can be mounted to the container. By default, `valid_volumes` is empty, which means that no volumes can be mounted. Users can specify multiple valid volumes and [glob](https://github.com/gobwas/glob) is supported. All volumes will be allowed when using `exec` to run workflows locally. Reviewed-on: https://gitea.com/gitea/act_runner/pulls/226 Reviewed-by: Lunny Xiao Reviewed-by: Jason Song Co-authored-by: Zettat123 Co-committed-by: Zettat123 --- go.mod | 30 ++++---- go.sum | 95 ++++++++++--------------- internal/app/cmd/exec.go | 1 + internal/app/run/runner.go | 1 + internal/pkg/config/config.example.yaml | 10 +++ internal/pkg/config/config.go | 11 +-- 6 files changed, 73 insertions(+), 75 deletions(-) diff --git a/go.mod b/go.mod index e25a76b..1b14742 100644 --- a/go.mod +++ b/go.mod @@ -7,14 +7,14 @@ require ( code.gitea.io/gitea-vet v0.2.3-0.20230113022436-2b1561217fa5 github.com/avast/retry-go/v4 v4.3.1 github.com/bufbuild/connect-go v1.3.1 - github.com/docker/docker v23.0.4+incompatible + github.com/docker/docker v23.0.6+incompatible github.com/joho/godotenv v1.5.1 github.com/mattn/go-isatty v0.0.18 github.com/nektos/act v0.0.0 - github.com/sirupsen/logrus v1.9.0 + github.com/sirupsen/logrus v1.9.2 github.com/spf13/cobra v1.7.0 github.com/stretchr/testify v1.8.2 - golang.org/x/term v0.7.0 + golang.org/x/term v0.8.0 golang.org/x/time v0.1.0 google.golang.org/protobuf v1.28.1 gopkg.in/yaml.v3 v3.0.1 @@ -25,23 +25,25 @@ require ( github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect github.com/Masterminds/semver v1.5.0 // indirect github.com/Microsoft/go-winio v0.5.2 // indirect - github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 // indirect + github.com/ProtonMail/go-crypto v0.0.0-20230518184743-7afd39499903 // indirect github.com/acomagu/bufpipe v1.0.4 // indirect - github.com/cloudflare/circl v1.1.0 // indirect + github.com/cloudflare/circl v1.3.3 // indirect github.com/containerd/containerd v1.6.20 // indirect github.com/creack/pty v1.1.18 // indirect github.com/davecgh/go-spew v1.1.1 // indirect - github.com/docker/cli v23.0.4+incompatible // indirect - github.com/docker/distribution v2.8.1+incompatible // indirect + github.com/docker/cli v24.0.1+incompatible // indirect + github.com/docker/distribution v2.8.2+incompatible // indirect github.com/docker/docker-credential-helpers v0.7.0 // indirect github.com/docker/go-connections v0.4.0 // indirect github.com/docker/go-units v0.5.0 // indirect github.com/emirpasic/gods v1.18.1 // indirect github.com/fatih/color v1.15.0 // indirect - github.com/go-git/gcfg v1.5.0 // indirect + github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect github.com/go-git/go-billy/v5 v5.4.1 // indirect - github.com/go-git/go-git/v5 v5.6.2-0.20230411180853-ce62f3e9ff86 // indirect + github.com/go-git/go-git/v5 v5.7.0 // indirect + github.com/gobwas/glob v0.2.3 // indirect github.com/gogo/protobuf v1.3.2 // indirect + github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/google/go-cmp v0.5.9 // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect github.com/imdario/mergo v0.3.15 // indirect @@ -69,7 +71,7 @@ require ( github.com/rivo/uniseg v0.4.4 // indirect github.com/robfig/cron v1.2.0 // indirect github.com/sergi/go-diff v1.2.0 // indirect - github.com/skeema/knownhosts v1.1.0 // indirect + github.com/skeema/knownhosts v1.1.1 // indirect github.com/spf13/pflag v1.0.5 // indirect github.com/stretchr/objx v0.5.0 // indirect github.com/timshannon/bolthold v0.0.0-20210913165410-232392fc8a6a // indirect @@ -78,13 +80,13 @@ require ( github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/xeipuuv/gojsonschema v1.2.0 // indirect go.etcd.io/bbolt v1.3.7 // indirect - golang.org/x/crypto v0.6.0 // indirect - golang.org/x/net v0.9.0 // indirect + golang.org/x/crypto v0.9.0 // indirect + golang.org/x/net v0.10.0 // indirect golang.org/x/sync v0.1.0 // indirect - golang.org/x/sys v0.7.0 // indirect + golang.org/x/sys v0.8.0 // indirect golang.org/x/tools v0.8.0 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect ) -replace github.com/nektos/act => gitea.com/gitea/act v0.245.2-0.20230606002131-6ce5c93cc815 +replace github.com/nektos/act => gitea.com/gitea/act v0.246.1-0.20230616052401-a165e17878fd diff --git a/go.sum b/go.sum index 658dbfb..3f57d64 100644 --- a/go.sum +++ b/go.sum @@ -2,8 +2,8 @@ code.gitea.io/actions-proto-go v0.3.0 h1:9Tvg8+TaaCXPKi6EnWl9vVgs2VZsj1Cs5afnsHa code.gitea.io/actions-proto-go v0.3.0/go.mod h1:00ys5QDo1iHN1tHNvvddAcy2W/g+425hQya1cCSvq9A= code.gitea.io/gitea-vet v0.2.3-0.20230113022436-2b1561217fa5 h1:daBEK2GQeqGikJESctP5Cu1i33z5ztAD4kyQWiw185M= code.gitea.io/gitea-vet v0.2.3-0.20230113022436-2b1561217fa5/go.mod h1:zcNbT/aJEmivCAhfmkHOlT645KNOf9W2KnkLgFjGGfE= -gitea.com/gitea/act v0.245.2-0.20230606002131-6ce5c93cc815 h1:u4rHwJLJnH6mej1BjEc4iubwknVeJmRVq9xQP9cAMeQ= -gitea.com/gitea/act v0.245.2-0.20230606002131-6ce5c93cc815/go.mod h1:1ffiGQZAZCLuk9QEBDdbRuQj1GL4uAQk6GNNtcEnPmI= +gitea.com/gitea/act v0.246.1-0.20230616052401-a165e17878fd h1:MM46R2qcxr1Toc9i38ks9oxsVpMDnQplejbI9qR6QTs= +gitea.com/gitea/act v0.246.1-0.20230616052401-a165e17878fd/go.mod h1:oU/5klyP5O+J2psPS3t50t09+SNVg+fZ/jN4lDZAq1U= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= @@ -12,14 +12,12 @@ github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF0 github.com/Microsoft/go-winio v0.5.2 h1:a9IhgEQBCUEk6QCdml9CiJGhAws+YwffDHEMp1VMrpA= github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY= github.com/Microsoft/hcsshim v0.9.8 h1:lf7xxK2+Ikbj9sVf2QZsouGjRjEp2STj1yDHgoVtU5k= -github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 h1:wPbRQzjjwFc0ih8puEVAOFGELsn1zoIIYdxvML7mDxA= -github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8/go.mod h1:I0gYDMZ6Z5GRU7l58bNFSkPTFN6Yl12dsUlAZ8xy98g= +github.com/ProtonMail/go-crypto v0.0.0-20230518184743-7afd39499903 h1:ZK3C5DtzV2nVAQTx5S5jQvMeDqWtD1By5mOoyY/xJek= +github.com/ProtonMail/go-crypto v0.0.0-20230518184743-7afd39499903/go.mod h1:8TI4H3IbrackdNgv+92dI+rhpCaLqM0IfpgCgenFvRE= github.com/acomagu/bufpipe v1.0.4 h1:e3H4WUzM3npvo5uv95QuJM3cQspFNtFBzvJ2oNjKIDQ= github.com/acomagu/bufpipe v1.0.4/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8= -github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4= github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio= -github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs= github.com/avast/retry-go/v4 v4.3.1 h1:Mtg11F9PdAIMkMiio2RKcYauoVHjl2aB3zQJJlzD4cE= github.com/avast/retry-go/v4 v4.3.1/go.mod h1:rg6XFaiuFYII0Xu3RDbZQkxCofFwruZKW8oEF1jpWiU= github.com/bufbuild/connect-go v1.3.1 h1:doJP6Q8Ypg6haUT2IAZJPWHUN9rAUp+F9MfK7yhu1zs= @@ -27,8 +25,9 @@ github.com/bufbuild/connect-go v1.3.1/go.mod h1:9iNvh/NOsfhNBUH5CtvXeVUskQO1xsrE github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0= github.com/checkpoint-restore/go-criu/v5 v5.3.0/go.mod h1:E/eQpaFtUKGOOSEBZgmKAcn+zUUwWxqcaKZlF54wK8E= github.com/cilium/ebpf v0.7.0/go.mod h1:/oI2+1shJiTGAMgl6/RgJr36Eo1jzrRcAWbcXO2usCA= -github.com/cloudflare/circl v1.1.0 h1:bZgT/A+cikZnKIwn7xL2OBj012Bmvho/o6RpRvv3GKY= github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtMxxK7fi4I= +github.com/cloudflare/circl v1.3.3 h1:fE/Qz0QdIGqeWfnwq0RE0R7MI51s0M2E4Ga9kq5AEMs= +github.com/cloudflare/circl v1.3.3/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA= github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U= github.com/containerd/containerd v1.6.20 h1:+itjwpdqXpzHB/QAiWc/BZCjjVfcNgw69w/oIeF4Oy0= github.com/containerd/containerd v1.6.20/go.mod h1:apei1/i5Ux2FzrK6+DM/suEsGuK/MeVOfy8tR2q7Wnw= @@ -43,12 +42,12 @@ github.com/cyphar/filepath-securejoin v0.2.3/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxG github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/docker/cli v23.0.4+incompatible h1:xClB7PsiATttDHj8ce5qvJcikiApNy7teRR1XkoBZGs= -github.com/docker/cli v23.0.4+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= -github.com/docker/distribution v2.8.1+incompatible h1:Q50tZOPR6T/hjNsyc9g8/syEs6bk8XXApsHjKukMl68= -github.com/docker/distribution v2.8.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v23.0.4+incompatible h1:Kd3Bh9V/rO+XpTP/BLqM+gx8z7+Yb0AA2Ibj+nNo4ek= -github.com/docker/docker v23.0.4+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/cli v24.0.1+incompatible h1:uVl5Xv/39kZJpDo9VaktTOYBc702sdYYF33FqwUG/dM= +github.com/docker/cli v24.0.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/distribution v2.8.2+incompatible h1:T3de5rq0dB1j30rp0sA2rER+m322EBzniBPB6ZIzuh8= +github.com/docker/distribution v2.8.2+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= +github.com/docker/docker v23.0.6+incompatible h1:aBD4np894vatVX99UTx/GyOUOK4uEcROwA3+bQhEcoU= +github.com/docker/docker v23.0.6+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.7.0 h1:xtCHsjxogADNZcdv1pKUHXryefjlVRqWqIhk/uXJp0A= github.com/docker/docker-credential-helpers v0.7.0/go.mod h1:rETQfLdHNT3foU5kuNkFR1R1V12OJRRO5lzt2D1b5X0= github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= @@ -56,26 +55,28 @@ github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5Xh github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4= github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= +github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819 h1:RIB4cRk+lBqKK3Oy0r2gRX4ui7tuhiZq2SuTtTCi0/0= github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc= github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ= github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs= github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw= github.com/frankban/quicktest v1.11.3/go.mod h1:wRf/ReqHper53s+kmmSZizM8NamnL3IM0I9ntUbOk+k= github.com/gliderlabs/ssh v0.3.5 h1:OcaySEmAQJgyYcArR+gGGTHCyE7nvhEMTlYY+Dp8CpY= -github.com/gliderlabs/ssh v0.3.5/go.mod h1:8XB4KraRrX39qHhT6yxPsHedjA08I/uBVwj4xC+/+z4= -github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4= -github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E= -github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0= +github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI= +github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic= github.com/go-git/go-billy/v5 v5.4.1 h1:Uwp5tDRkPr+l/TnbHOQzp+tmJfLceOlbVucgpTz8ix4= github.com/go-git/go-billy/v5 v5.4.1/go.mod h1:vjbugF6Fz7JIflbVpl1hJsGjSHNltrSw45YK/ukIvQg= github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20230305113008-0c11038e723f h1:Pz0DHeFij3XFhoBRGUDPzSJ+w2UcK5/0JvF8DRI58r8= -github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20230305113008-0c11038e723f/go.mod h1:8LHG1a3SRW71ettAD/jW13h8c6AqjVSeL11RAdgaqpo= -github.com/go-git/go-git/v5 v5.6.2-0.20230411180853-ce62f3e9ff86 h1:vbnwVQwGOr4xwrtcZ1lrhWHPMIgWkhNv+2+smiA2HHk= -github.com/go-git/go-git/v5 v5.6.2-0.20230411180853-ce62f3e9ff86/go.mod h1:Q3/DKr39xeJ3oEAVC8Q1+BlJK3OMsOQsksNb3s+9M1A= +github.com/go-git/go-git/v5 v5.7.0 h1:t9AudWVLmqzlo+4bqdf7GY+46SUuRsx59SboFxkq2aE= +github.com/go-git/go-git/v5 v5.7.0/go.mod h1:coJHKEOk5kUClpsNlXrUvPrDxY3w3gjHvhcZd8Fodw8= +github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= +github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.0.6/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= @@ -83,14 +84,12 @@ github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= -github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg= github.com/imdario/mergo v0.3.15 h1:M8XP7IuFNsqUx6VPK2P9OSmsYsI/YFaGil0uD21V3dM= github.com/imdario/mergo v0.3.15/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= -github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4= github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= github.com/julienschmidt/httprouter v1.3.0 h1:U0609e9tgbseu3rBINet9P48AI/D3oJs4dN7jwJOQ1U= @@ -122,7 +121,6 @@ github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWV github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/mmcloughlin/avo v0.5.0/go.mod h1:ChHFdoV7ql95Wi7vuq2YT1bwCJqiWdZrQ1im3VujLYM= github.com/moby/buildkit v0.11.6 h1:VYNdoKk5TVxN7k4RvZgdeM4GOyRvIi4Z8MXOY7xvyUs= github.com/moby/buildkit v0.11.6/go.mod h1:GCqKfHhz+pddzfgaR7WmHVEE3nKKZMMDPpK8mh3ZLv4= github.com/moby/patternmatcher v0.5.0 h1:YCZgJOeULcxLw1Q+sVR636pmS7sPEn1Qo2iAN6M7DBo= @@ -162,16 +160,15 @@ github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTE github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/seccomp/libseccomp-golang v0.9.2-0.20220502022130-f33da4d89646/go.mod h1:JA8cRccbGaA1s33RQf7Y1+q9gHmZX1yB/z9WDN1C6fg= -github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= -github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= -github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= -github.com/skeema/knownhosts v1.1.0 h1:Wvr9V0MxhjRbl3f9nMnKnFfiWTJmtECJ9Njkea3ysW0= -github.com/skeema/knownhosts v1.1.0/go.mod h1:sKFq3RD6/TKZkSWn8boUbDC7Qkgcv+8XXijpFO6roag= +github.com/sirupsen/logrus v1.9.2 h1:oxx1eChJGI6Uks2ZC4W1zpLlVgqB8ner4EuQwV4Ik1Y= +github.com/sirupsen/logrus v1.9.2/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/skeema/knownhosts v1.1.1 h1:MTk78x9FPgDFVFkDLTrsnnfCJl7g1C/nnKvePgrIngE= +github.com/skeema/knownhosts v1.1.1/go.mod h1:g4fPeYpque7P0xefxtGzV81ihjC8sX2IqpAoNkjxbMo= github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= @@ -210,21 +207,18 @@ github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5t go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4= go.etcd.io/bbolt v1.3.7 h1:j+zJOnnEjF/kyHlDDgGnVL/AIqIJPq8UoB2GSNfkUfQ= go.etcd.io/bbolt v1.3.7/go.mod h1:N9Mkw9X8x5fupy0IKsmuqVtoGDyxsaDlbk4Rd05IAQw= -golang.org/x/arch v0.1.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20220525230936-793ad666bf5e/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.0.0-20220826181053-bd7e27e6170d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= -golang.org/x/crypto v0.6.0 h1:qfktjS5LUO+fFKeJXZ+ikTRijMmljikvG68fpMMruSc= -golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= +golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= +golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g= +golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI= +golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -234,12 +228,10 @@ golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk= -golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.9.0 h1:aWJ/m6xSmxWBx+V0XRHTlrYrPG56jKsLdTFmsSsCzOM= -golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= +golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= +golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= +golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -251,13 +243,11 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190606203320-7fc4e5ec1444/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200923182605-d9f96fdee20d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210906170528-6f6e22806c34/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -267,28 +257,24 @@ golang.org/x/sys v0.0.0-20211116061358-0a5406a5449c/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220825204002-c680a09ffe64/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU= -golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU= +golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.0.0-20220722155259-a9ba230a4035/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.7.0 h1:BEvjmm5fURWqcfbSKTdpkDXYBrUS1c0m8agp14W48vQ= -golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= +golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= +golang.org/x/term v0.8.0 h1:n5xxQn2i3PC0yLAbjTpNT85q/Kgzcr2gIoX9OrJUols= +golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= golang.org/x/time v0.1.0 h1:xYY+Bajn2a7VBmTM5GikTmnK8ZuX8YgnQCqZpbBNtmA= golang.org/x/time v0.1.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -299,7 +285,7 @@ golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roY golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA= +golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/tools v0.8.0 h1:vSDcovVPld282ceKgDimkRSC8kpaH1dgyc9UMzlt84Y= golang.org/x/tools v0.8.0/go.mod h1:JxBZ99ISMI5ViVkT1tr6tdNmXeTrcpVSD3vZ1RsRdN4= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -313,7 +299,6 @@ google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= @@ -324,9 +309,7 @@ gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gotest.tools/v3 v3.4.0 h1:ZazjZUfuVeZGLAmlKKuyv3IKP5orXcwtOwDQH6YVr6o= gotest.tools/v3 v3.4.0/go.mod h1:CtbdzLSsqVhDgMtKsx03ird5YTGB3ar27v0u/yKBW5g= -rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= diff --git a/internal/app/cmd/exec.go b/internal/app/cmd/exec.go index 8861950..b85b67b 100644 --- a/internal/app/cmd/exec.go +++ b/internal/app/cmd/exec.go @@ -410,6 +410,7 @@ func runExec(ctx context.Context, execArgs *executeArgs) func(cmd *cobra.Command PlatformPicker: func(_ []string) string { return execArgs.image }, + ValidVolumes: []string{"**"}, // All volumes are allowed for `exec` command } if !execArgs.debug { diff --git a/internal/app/run/runner.go b/internal/app/run/runner.go index b78b4fc..f9bc836 100644 --- a/internal/app/run/runner.go +++ b/internal/app/run/runner.go @@ -198,6 +198,7 @@ func (r *Runner) run(ctx context.Context, task *runnerv1.Task, reporter *report. DefaultActionsURLs: parseDefaultActionsURLs(taskContext["gitea_default_actions_url"].GetStringValue()), PlatformPicker: r.labels.PickPlatform, Vars: task.Vars, + ValidVolumes: r.cfg.Container.ValidVolumes, } rr, err := runner.New(runnerConfig) diff --git a/internal/pkg/config/config.example.yaml b/internal/pkg/config/config.example.yaml index 86a3998..f692dd0 100644 --- a/internal/pkg/config/config.example.yaml +++ b/internal/pkg/config/config.example.yaml @@ -58,3 +58,13 @@ container: # The parent directory of a job's working directory. # If it's empty, /workspace will be used. workdir_parent: + # Volumes (including bind mounts) can be mounted to containers. Glob syntax is supported, see https://github.com/gobwas/glob + # You can specify multiple volumes. If the sequence is empty, no volumes can be mounted. + # For example, if you only allow containers to mount the `data` volume and all the json files in `/src`, you should change the config to: + # valid_volumes: + # - data + # - /src/*.json + # If you want to allow any volume, please use the following configuration: + # valid_volumes: + # - '**' + valid_volumes: [] diff --git a/internal/pkg/config/config.go b/internal/pkg/config/config.go index 056d2f1..eb916fe 100644 --- a/internal/pkg/config/config.go +++ b/internal/pkg/config/config.go @@ -42,11 +42,12 @@ type Cache struct { // Container represents the configuration for the container. type Container struct { - Network string `yaml:"network"` // Network specifies the network for the container. - NetworkMode string `yaml:"network_mode"` // Deprecated: use Network instead. Could be removed after Gitea 1.20 - Privileged bool `yaml:"privileged"` // Privileged indicates whether the container runs in privileged mode. - Options string `yaml:"options"` // Options specifies additional options for the container. - WorkdirParent string `yaml:"workdir_parent"` // WorkdirParent specifies the parent directory for the container's working directory. + Network string `yaml:"network"` // Network specifies the network for the container. + NetworkMode string `yaml:"network_mode"` // Deprecated: use Network instead. Could be removed after Gitea 1.20 + Privileged bool `yaml:"privileged"` // Privileged indicates whether the container runs in privileged mode. + Options string `yaml:"options"` // Options specifies additional options for the container. + WorkdirParent string `yaml:"workdir_parent"` // WorkdirParent specifies the parent directory for the container's working directory. + ValidVolumes []string `yaml:"valid_volumes"` // ValidVolumes specifies the volumes (including bind mounts) can be mounted to containers. } // Config represents the overall configuration. From 9e4a5f7363a5559ddaa3a48e91bb8e69db861de4 Mon Sep 17 00:00:00 2001 From: appleboy Date: Sun, 18 Jun 2023 05:38:38 +0000 Subject: [PATCH 10/16] feat: improve Docker configuration and detection handling (#242) - Pass `cfg` to `envcheck.CheckIfDockerRunning` function - Add `Docker` struct to `config.go` for Docker configuration - Update `config.example.yaml` with `docker` configuration options - Modify `CheckIfDockerRunning` in `docker.go` to use Docker host from config if provided Signed-off-by: appleboy Reviewed-on: https://gitea.com/gitea/act_runner/pulls/242 Reviewed-by: Lunny Xiao Reviewed-by: wxiaoguang Co-authored-by: appleboy Co-committed-by: appleboy --- internal/app/cmd/daemon.go | 2 +- internal/pkg/config/config.example.yaml | 6 ++++++ internal/pkg/config/config.go | 6 ++++++ internal/pkg/envcheck/docker.go | 15 ++++++++++++--- 4 files changed, 25 insertions(+), 4 deletions(-) diff --git a/internal/app/cmd/daemon.go b/internal/app/cmd/daemon.go index d9b1821..aebe641 100644 --- a/internal/app/cmd/daemon.go +++ b/internal/app/cmd/daemon.go @@ -63,7 +63,7 @@ func runDaemon(ctx context.Context, configFile *string) func(cmd *cobra.Command, } if ls.RequireDocker() { - if err := envcheck.CheckIfDockerRunning(ctx); err != nil { + if err := envcheck.CheckIfDockerRunning(ctx, cfg); err != nil { return err } } diff --git a/internal/pkg/config/config.example.yaml b/internal/pkg/config/config.example.yaml index f692dd0..46bf295 100644 --- a/internal/pkg/config/config.example.yaml +++ b/internal/pkg/config/config.example.yaml @@ -68,3 +68,9 @@ container: # valid_volumes: # - '**' valid_volumes: [] + +docker: + # overrides the docker client host with the specified one. + # default value is the value of DOCKER_HOST environment variable. + # if DOCKER_HOST is not set, the default value is unix:///var/run/docker.sock + host: "" diff --git a/internal/pkg/config/config.go b/internal/pkg/config/config.go index eb916fe..11ebd16 100644 --- a/internal/pkg/config/config.go +++ b/internal/pkg/config/config.go @@ -50,12 +50,18 @@ type Container struct { ValidVolumes []string `yaml:"valid_volumes"` // ValidVolumes specifies the volumes (including bind mounts) can be mounted to containers. } +// Docker represents the configuration for Docker. +type Docker struct { + Host string `yaml:"host"` // Host specifies the Docker host. +} + // Config represents the overall configuration. type Config struct { Log Log `yaml:"log"` // Log represents the configuration for logging. Runner Runner `yaml:"runner"` // Runner represents the configuration for the runner. Cache Cache `yaml:"cache"` // Cache represents the configuration for caching. Container Container `yaml:"container"` // Container represents the configuration for the container. + Docker Docker `yaml:"docker"` // Docker represents the configuration for Docker. } // LoadDefault returns the default configuration. diff --git a/internal/pkg/envcheck/docker.go b/internal/pkg/envcheck/docker.go index 841ca23..c657fec 100644 --- a/internal/pkg/envcheck/docker.go +++ b/internal/pkg/envcheck/docker.go @@ -7,12 +7,21 @@ import ( "context" "fmt" + "gitea.com/gitea/act_runner/internal/pkg/config" + "github.com/docker/docker/client" ) -func CheckIfDockerRunning(ctx context.Context) error { - // TODO: if runner support configures to use docker, we need config.Config to pass in - cli, err := client.NewClientWithOpts(client.FromEnv) +func CheckIfDockerRunning(ctx context.Context, cfg *config.Config) error { + opts := []client.Opt{ + client.FromEnv, + } + + if cfg.Docker.Host != "" { + opts = append(opts, client.WithHost(cfg.Docker.Host)) + } + + cli, err := client.NewClientWithOpts(opts...) if err != nil { return err } From 054c8d912fc81683c643dddc58daca6f72f1a849 Mon Sep 17 00:00:00 2001 From: Jason Song Date: Mon, 19 Jun 2023 09:01:16 +0000 Subject: [PATCH 11/16] Move `docker.host` to `container.docker_host` (#244) Follow #242. Move `docker.host` to `container.docker_host`. There are already some options for docker/container in `container`, so developers could get confused about where to add options. It's breaking, but I think it's OK since `docker.host` was added just two days ago. Reviewed-on: https://gitea.com/gitea/act_runner/pulls/244 Reviewed-by: Lunny Xiao --- internal/pkg/config/config.example.yaml | 4 +--- internal/pkg/config/config.go | 7 +------ internal/pkg/envcheck/docker.go | 8 ++++---- 3 files changed, 6 insertions(+), 13 deletions(-) diff --git a/internal/pkg/config/config.example.yaml b/internal/pkg/config/config.example.yaml index 46bf295..9b8f656 100644 --- a/internal/pkg/config/config.example.yaml +++ b/internal/pkg/config/config.example.yaml @@ -68,9 +68,7 @@ container: # valid_volumes: # - '**' valid_volumes: [] - -docker: # overrides the docker client host with the specified one. # default value is the value of DOCKER_HOST environment variable. # if DOCKER_HOST is not set, the default value is unix:///var/run/docker.sock - host: "" + docker_host: "" diff --git a/internal/pkg/config/config.go b/internal/pkg/config/config.go index 11ebd16..15835b1 100644 --- a/internal/pkg/config/config.go +++ b/internal/pkg/config/config.go @@ -48,11 +48,7 @@ type Container struct { Options string `yaml:"options"` // Options specifies additional options for the container. WorkdirParent string `yaml:"workdir_parent"` // WorkdirParent specifies the parent directory for the container's working directory. ValidVolumes []string `yaml:"valid_volumes"` // ValidVolumes specifies the volumes (including bind mounts) can be mounted to containers. -} - -// Docker represents the configuration for Docker. -type Docker struct { - Host string `yaml:"host"` // Host specifies the Docker host. + DockerHost string `yaml:"docker_host"` // DockerHost specifies the Docker host. It overrides the value specified in environment variable DOCKER_HOST. } // Config represents the overall configuration. @@ -61,7 +57,6 @@ type Config struct { Runner Runner `yaml:"runner"` // Runner represents the configuration for the runner. Cache Cache `yaml:"cache"` // Cache represents the configuration for caching. Container Container `yaml:"container"` // Container represents the configuration for the container. - Docker Docker `yaml:"docker"` // Docker represents the configuration for Docker. } // LoadDefault returns the default configuration. diff --git a/internal/pkg/envcheck/docker.go b/internal/pkg/envcheck/docker.go index c657fec..af7fe97 100644 --- a/internal/pkg/envcheck/docker.go +++ b/internal/pkg/envcheck/docker.go @@ -7,9 +7,9 @@ import ( "context" "fmt" - "gitea.com/gitea/act_runner/internal/pkg/config" - "github.com/docker/docker/client" + + "gitea.com/gitea/act_runner/internal/pkg/config" ) func CheckIfDockerRunning(ctx context.Context, cfg *config.Config) error { @@ -17,8 +17,8 @@ func CheckIfDockerRunning(ctx context.Context, cfg *config.Config) error { client.FromEnv, } - if cfg.Docker.Host != "" { - opts = append(opts, client.WithHost(cfg.Docker.Host)) + if cfg.Container.DockerHost != "" { + opts = append(opts, client.WithHost(cfg.Container.DockerHost)) } cli, err := client.NewClientWithOpts(opts...) From 2e2c0400c850bb5c1b2f0d7234b853ae944ea914 Mon Sep 17 00:00:00 2001 From: Tomasz Duda Date: Tue, 20 Jun 2023 01:57:21 +0000 Subject: [PATCH 12/16] add --gitea-instance (#245) add --gitea-instance to let user specify address of endpoint of exec Related to https://gitea.com/gitea/act/pulls/68. Both can be merged independently though. Reviewed-on: https://gitea.com/gitea/act_runner/pulls/245 Reviewed-by: Jason Song Co-authored-by: Tomasz Duda Co-committed-by: Tomasz Duda --- internal/app/cmd/exec.go | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/internal/app/cmd/exec.go b/internal/app/cmd/exec.go index b85b67b..8764a44 100644 --- a/internal/app/cmd/exec.go +++ b/internal/app/cmd/exec.go @@ -58,6 +58,7 @@ type executeArgs struct { image string cacheHandler *artifactcache.Handler network string + githubInstance string } // WorkflowsPath returns path to workflow file(s) @@ -392,15 +393,15 @@ func runExec(ctx context.Context, execArgs *executeArgs) func(cmd *cobra.Command ContainerArchitecture: execArgs.containerArchitecture, ContainerDaemonSocket: execArgs.containerDaemonSocket, UseGitIgnore: execArgs.useGitIgnore, - // GitHubInstance: t.client.Address(), - ContainerCapAdd: execArgs.containerCapAdd, - ContainerCapDrop: execArgs.containerCapDrop, - ContainerOptions: execArgs.containerOptions, - AutoRemove: true, - ArtifactServerPath: execArgs.artifactServerPath, - ArtifactServerPort: execArgs.artifactServerPort, - ArtifactServerAddr: execArgs.artifactServerAddr, - NoSkipCheckout: execArgs.noSkipCheckout, + GitHubInstance: execArgs.githubInstance, + ContainerCapAdd: execArgs.containerCapAdd, + ContainerCapDrop: execArgs.containerCapDrop, + ContainerOptions: execArgs.containerOptions, + AutoRemove: true, + ArtifactServerPath: execArgs.artifactServerPath, + ArtifactServerPort: execArgs.artifactServerPort, + ArtifactServerAddr: execArgs.artifactServerAddr, + NoSkipCheckout: execArgs.noSkipCheckout, // PresetGitHubContext: preset, // EventJSON: string(eventJSON), ContainerNamePrefix: fmt.Sprintf("GITEA-ACTIONS-TASK-%s", eventName), @@ -477,6 +478,7 @@ func loadExecCmd(ctx context.Context) *cobra.Command { execCmd.PersistentFlags().BoolVarP(&execArg.dryrun, "dryrun", "n", false, "dryrun mode") execCmd.PersistentFlags().StringVarP(&execArg.image, "image", "i", "node:16-bullseye", "docker image to use") execCmd.PersistentFlags().StringVarP(&execArg.network, "network", "", "", "Specify the network to which the container will connect") + execCmd.PersistentFlags().StringVarP(&execArg.githubInstance, "gitea-instance", "", "", "Gitea instance to use.") return execCmd } From 32d29f0813fc28a52be5120c8da5d88763dce8df Mon Sep 17 00:00:00 2001 From: Tomasz Duda Date: Tue, 20 Jun 2023 02:08:35 +0000 Subject: [PATCH 13/16] add ACT_EXEC (#246) Add env variable to distinguish build run locally from remote one. Co-authored-by: Jason Song Reviewed-on: https://gitea.com/gitea/act_runner/pulls/246 Reviewed-by: Jason Song Co-authored-by: Tomasz Duda Co-committed-by: Tomasz Duda --- internal/app/cmd/exec.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/internal/app/cmd/exec.go b/internal/app/cmd/exec.go index 8764a44..37571e7 100644 --- a/internal/app/cmd/exec.go +++ b/internal/app/cmd/exec.go @@ -414,6 +414,8 @@ func runExec(ctx context.Context, execArgs *executeArgs) func(cmd *cobra.Command ValidVolumes: []string{"**"}, // All volumes are allowed for `exec` command } + config.Env["ACT_EXEC"] = "true" + if !execArgs.debug { logLevel := log.Level(log.InfoLevel) config.JobLoggerLevel = &logLevel From 34d15f21c2ea8a6dbc8c3b905f332ec98ea0b813 Mon Sep 17 00:00:00 2001 From: Marius Zwicker Date: Tue, 20 Jun 2023 08:29:05 +0000 Subject: [PATCH 14/16] Add option to configure workspace on host (#238) Adds a new section to the configuration which is used to control options when running in host mode. The first option added is to allow configuration of the location workspaces get created in. Depends on ~~gitea/act#65~~ Will resolve #235 Reviewed-on: https://gitea.com/gitea/act_runner/pulls/238 Reviewed-by: Jason Song Co-authored-by: Marius Zwicker Co-committed-by: Marius Zwicker --- internal/app/run/runner.go | 5 +++-- internal/pkg/config/config.example.yaml | 5 +++++ internal/pkg/config/config.go | 10 ++++++++++ 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/internal/app/run/runner.go b/internal/app/run/runner.go index f9bc836..b4b0487 100644 --- a/internal/app/run/runner.go +++ b/internal/app/run/runner.go @@ -175,8 +175,9 @@ func (r *Runner) run(ctx context.Context, task *runnerv1.Task, reporter *report. runnerConfig := &runner.Config{ // On Linux, Workdir will be like "///" // On Windows, Workdir will be like "\\\" - Workdir: filepath.FromSlash(fmt.Sprintf("/%s/%s", r.cfg.Container.WorkdirParent, preset.Repository)), - BindWorkdir: false, + Workdir: filepath.FromSlash(fmt.Sprintf("/%s/%s", r.cfg.Container.WorkdirParent, preset.Repository)), + BindWorkdir: false, + ActionCacheDir: filepath.FromSlash(r.cfg.Host.WorkdirParent), ReuseContainers: false, ForcePull: false, diff --git a/internal/pkg/config/config.example.yaml b/internal/pkg/config/config.example.yaml index 9b8f656..e71184b 100644 --- a/internal/pkg/config/config.example.yaml +++ b/internal/pkg/config/config.example.yaml @@ -72,3 +72,8 @@ container: # default value is the value of DOCKER_HOST environment variable. # if DOCKER_HOST is not set, the default value is unix:///var/run/docker.sock docker_host: "" + +host: + # The parent directory of a job's working directory. + # If it's empty, $HOME/.cache/act/ will be used. + workdir_parent: diff --git a/internal/pkg/config/config.go b/internal/pkg/config/config.go index 15835b1..8f81cc8 100644 --- a/internal/pkg/config/config.go +++ b/internal/pkg/config/config.go @@ -51,12 +51,18 @@ type Container struct { DockerHost string `yaml:"docker_host"` // DockerHost specifies the Docker host. It overrides the value specified in environment variable DOCKER_HOST. } +// Host represents the configuration for the host. +type Host struct { + WorkdirParent string `yaml:"workdir_parent"` // WorkdirParent specifies the parent directory for the host's working directory. +} + // Config represents the overall configuration. type Config struct { Log Log `yaml:"log"` // Log represents the configuration for logging. Runner Runner `yaml:"runner"` // Runner represents the configuration for the runner. Cache Cache `yaml:"cache"` // Cache represents the configuration for caching. Container Container `yaml:"container"` // Container represents the configuration for the container. + Host Host `yaml:"host"` // Host represents the configuration for the host. } // LoadDefault returns the default configuration. @@ -111,6 +117,10 @@ func LoadDefault(file string) (*Config, error) { if cfg.Container.WorkdirParent == "" { cfg.Container.WorkdirParent = "workspace" } + if cfg.Host.WorkdirParent == "" { + home, _ := os.UserHomeDir() + cfg.Container.WorkdirParent = filepath.Join(home, ".cache", "act") + } if cfg.Runner.FetchTimeout <= 0 { cfg.Runner.FetchTimeout = 5 * time.Second } From 8c14933e7003775223285be084f39f9df6aea6fb Mon Sep 17 00:00:00 2001 From: Zettat123 Date: Tue, 20 Jun 2023 08:33:42 +0000 Subject: [PATCH 15/16] Upgrade act (#248) Follow https://gitea.com/gitea/act/pulls/68 Co-authored-by: Jason Song Reviewed-on: https://gitea.com/gitea/act_runner/pulls/248 Reviewed-by: Jason Song Co-authored-by: Zettat123 Co-committed-by: Zettat123 --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 1b14742..e5e9d27 100644 --- a/go.mod +++ b/go.mod @@ -89,4 +89,4 @@ require ( gopkg.in/yaml.v2 v2.4.0 // indirect ) -replace github.com/nektos/act => gitea.com/gitea/act v0.246.1-0.20230616052401-a165e17878fd +replace github.com/nektos/act => gitea.com/gitea/act v0.246.1-0.20230620073610-515c2c429d6d diff --git a/go.sum b/go.sum index 3f57d64..bdd7e53 100644 --- a/go.sum +++ b/go.sum @@ -2,8 +2,8 @@ code.gitea.io/actions-proto-go v0.3.0 h1:9Tvg8+TaaCXPKi6EnWl9vVgs2VZsj1Cs5afnsHa code.gitea.io/actions-proto-go v0.3.0/go.mod h1:00ys5QDo1iHN1tHNvvddAcy2W/g+425hQya1cCSvq9A= code.gitea.io/gitea-vet v0.2.3-0.20230113022436-2b1561217fa5 h1:daBEK2GQeqGikJESctP5Cu1i33z5ztAD4kyQWiw185M= code.gitea.io/gitea-vet v0.2.3-0.20230113022436-2b1561217fa5/go.mod h1:zcNbT/aJEmivCAhfmkHOlT645KNOf9W2KnkLgFjGGfE= -gitea.com/gitea/act v0.246.1-0.20230616052401-a165e17878fd h1:MM46R2qcxr1Toc9i38ks9oxsVpMDnQplejbI9qR6QTs= -gitea.com/gitea/act v0.246.1-0.20230616052401-a165e17878fd/go.mod h1:oU/5klyP5O+J2psPS3t50t09+SNVg+fZ/jN4lDZAq1U= +gitea.com/gitea/act v0.246.1-0.20230620073610-515c2c429d6d h1:msAht+dSo+RLcKox3imOiMWUEAID386ffpG+SMrQdbY= +gitea.com/gitea/act v0.246.1-0.20230620073610-515c2c429d6d/go.mod h1:oU/5klyP5O+J2psPS3t50t09+SNVg+fZ/jN4lDZAq1U= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 h1:w+iIsaOQNcT7OZ575w+acHgRric5iCyQh+xv+KJ4HB8= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= From b0bd503b117dc457ffdbe17a1b3f16d2471df09e Mon Sep 17 00:00:00 2001 From: Tomasz Duda Date: Tue, 20 Jun 2023 08:41:22 +0000 Subject: [PATCH 16/16] add token support for exec (#247) allow to pass token from secrets Reviewed-on: https://gitea.com/gitea/act_runner/pulls/247 Reviewed-by: Jason Song Reviewed-by: Lunny Xiao Co-authored-by: Tomasz Duda Co-committed-by: Tomasz Duda --- internal/app/cmd/exec.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/internal/app/cmd/exec.go b/internal/app/cmd/exec.go index 37571e7..97b6752 100644 --- a/internal/app/cmd/exec.go +++ b/internal/app/cmd/exec.go @@ -416,6 +416,12 @@ func runExec(ctx context.Context, execArgs *executeArgs) func(cmd *cobra.Command config.Env["ACT_EXEC"] = "true" + if t := config.Secrets["GITEA_TOKEN"]; t != "" { + config.Token = t + } else if t := config.Secrets["GITHUB_TOKEN"]; t != "" { + config.Token = t + } + if !execArgs.debug { logLevel := log.Level(log.InfoLevel) config.JobLoggerLevel = &logLevel