.gitea/workflows/release-nightly.yml

@@ -66,7 +66,6 @@ jobs:
         with:
           context: .
           file: ./Dockerfile
-          target: basic
           platforms: |
             linux/amd64
             linux/arm64
@@ -74,25 +73,13 @@ jobs:
           tags: |
             ${{ env.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}:${{ env.DOCKER_LATEST }}
 
-      - name: Build and push dind
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          file: ./Dockerfile
-          target: dind
-          platforms: |
-            linux/amd64
-            linux/arm64
-          push: true
-          tags: |
-            ${{ env.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}:${{ env.DOCKER_LATEST }}-dind
-
       - name: Build and push dind-rootless
         uses: docker/build-push-action@v5
+        env:
+          ACTIONS_RUNTIME_TOKEN: "" # See https://gitea.com/gitea/act_runner/issues/119
         with:
           context: .
-          file: ./Dockerfile
+          file: ./Dockerfile.rootless
-          target: dind-rootless
           platforms: |
             linux/amd64
             linux/arm64

.gitea/workflows/release-tag.yml

@@ -73,7 +73,6 @@ jobs:
         with:
           context: .
           file: ./Dockerfile
-          target: basic
           platforms: |
             linux/amd64
             linux/arm64
@@ -82,26 +81,13 @@ jobs:
             ${{ env.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}:${{ steps.meta.outputs.REPO_VERSION }}
             ${{ env.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}:${{ env.DOCKER_LATEST }}
 
-      - name: Build and push dind
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          file: ./Dockerfile
-          target: dind
-          platforms: |
-            linux/amd64
-            linux/arm64
-          push: true
-          tags: |
-            ${{ env.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}:${{ steps.meta.outputs.REPO_VERSION }}-dind
-            ${{ env.DOCKER_ORG }}/${{ steps.meta.outputs.REPO_NAME }}:${{ env.DOCKER_LATEST }}-dind
-
       - name: Build and push dind-rootless
         uses: docker/build-push-action@v5
+        env:
+          ACTIONS_RUNTIME_TOKEN: "" # See https://gitea.com/gitea/act_runner/issues/119
         with:
           context: .
-          file: ./Dockerfile
+          file: ./Dockerfile.rootless
-          target: dind-rootless
           platforms: |
             linux/amd64
             linux/arm64

.gitignore

@@ -1,4 +1,4 @@
-/act_runner
+act_runner
 .env
 .runner
 coverage.txt

Dockerfile

@@ -1,54 +1,16 @@
 FROM golang:1.23-alpine AS builder
-
 # Do not remove `git` here, it is required for getting runner version when executing `make build`
 RUN apk add --no-cache make git
 
-ARG GOPROXY
-ENV GOPROXY=${GOPROXY:-}
-
 COPY . /opt/src/act_runner
 WORKDIR /opt/src/act_runner
 
 RUN make clean && make build
 
-FROM docker:dind AS dind
+FROM alpine
-
+RUN apk add --no-cache git bash tini
-RUN apk add --no-cache s6 bash git
 
 COPY --from=builder /opt/src/act_runner/act_runner /usr/local/bin/act_runner
-COPY scripts/run.sh /usr/local/bin/run.sh
+COPY scripts/run.sh /opt/act/run.sh
-COPY scripts/s6 /etc/s6
 
-VOLUME /data
+ENTRYPOINT ["/sbin/tini","--","/opt/act/run.sh"]
-
-ENTRYPOINT ["s6-svscan","/etc/s6"]
-
-FROM docker:dind-rootless AS dind-rootless
-
-USER root
-RUN apk add --no-cache s6 bash git
-
-COPY --from=builder /opt/src/act_runner/act_runner /usr/local/bin/act_runner
-COPY scripts/run.sh /usr/local/bin/run.sh
-COPY scripts/s6 /etc/s6
-
-VOLUME /data
-
-RUN mkdir -p /data && chown -R rootless:rootless /etc/s6 /data
-
-ENV DOCKER_HOST=unix:///run/user/1000/docker.sock
-
-USER rootless
-ENTRYPOINT ["s6-svscan","/etc/s6"]
-
-FROM alpine AS basic
-RUN apk add --no-cache tini bash git
-
-COPY --from=builder /opt/src/act_runner/act_runner /usr/local/bin/act_runner
-COPY scripts/run.sh /usr/local/bin/run.sh
-
-VOLUME /var/run/docker.sock
-
-VOLUME /data
-
-ENTRYPOINT ["/sbin/tini","--","run.sh"]

Dockerfile.rootless

@@ -0,0 +1,24 @@
+FROM golang:1.23-alpine AS builder
+# Do not remove `git` here, it is required for getting runner version when executing `make build`
+RUN apk add --no-cache make git
+
+COPY . /opt/src/act_runner
+WORKDIR /opt/src/act_runner
+
+RUN make clean && make build
+
+FROM docker:dind-rootless
+USER root
+RUN apk add --no-cache \
+  git bash supervisor
+
+COPY --from=builder /opt/src/act_runner/act_runner /usr/local/bin/act_runner
+COPY /scripts/supervisord.conf /etc/supervisord.conf
+COPY /scripts/run.sh /opt/act/run.sh
+COPY /scripts/rootless.sh /opt/act/rootless.sh
+
+RUN mkdir /data \
+    && chown rootless:rootless /data
+
+USER rootless
+ENTRYPOINT ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]

scripts/rootless.sh

@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+
+# wait for docker daemon
+while ! nc -z localhost 2376 </dev/null; do
+  echo 'waiting for docker daemon...'
+  sleep 5
+done
+
+. /opt/act/run.sh

scripts/s6/act_runner/finish

@@ -1,3 +0,0 @@
-#!/usr/bin/env bash
-
-exec s6-svscanctl -t /etc/s6

scripts/s6/act_runner/run

@@ -1,5 +0,0 @@
-#!/usr/bin/env bash
-
-s6-svwait -U /etc/s6/docker
-
-exec run.sh

scripts/s6/docker/data/check

@@ -1,6 +0,0 @@
-#!/usr/bin/env bash
-
-if ! docker info &> /dev/null; then
-  echo "Waiting for Docker daemon to start..."
-  exit 1
-fi

scripts/s6/docker/finish

@@ -1,4 +0,0 @@
-#!/usr/bin/env bash
-
-exec s6-svscanctl -t /etc/s6
-

scripts/s6/docker/notification-fd

@@ -1 +0,0 @@
-3

scripts/s6/docker/run

@@ -1,3 +0,0 @@
-#!/usr/bin/env bash
-
-exec s6-notifyoncheck dockerd-entrypoint.sh

scripts/supervisord.conf

@@ -0,0 +1,17 @@
+[supervisord]
+nodaemon=true
+logfile=/dev/null
+logfile_maxbytes=0
+
+[program:dockerd]
+command=/usr/local/bin/dockerd-entrypoint.sh
+
+[program:act_runner]
+stdout_logfile=/dev/fd/1
+stdout_logfile_maxbytes=0
+redirect_stderr=true
+command=/opt/act/rootless.sh
+
+[eventlistener:processes]
+command=bash -c "echo READY && read line && kill -SIGQUIT $PPID"
+events=PROCESS_STATE_STOPPED,PROCESS_STATE_EXITED,PROCESS_STATE_FATAL