Add extra information on how to use this with the gitea runner
Some checks failed
Build-and-publish podman-in-docker / build-and-push (push) Failing after 26s
Some checks failed
Build-and-publish podman-in-docker / build-and-push (push) Failing after 26s
This commit is contained in:
63
README.md
63
README.md
@@ -5,3 +5,66 @@ A cleaned-up fork of https://github.com/JamesJonesConsulting/podman-dind-like th
|
|||||||
This is a dind-like container using podman based on `quay.io/podman/stable` with podman.sock service running. Meant to
|
This is a dind-like container using podman based on `quay.io/podman/stable` with podman.sock service running. Meant to
|
||||||
be used with gitea runner as dind replacement to avoid docker --rm race conditions, as `act_runner` does not properly
|
be used with gitea runner as dind replacement to avoid docker --rm race conditions, as `act_runner` does not properly
|
||||||
wait for docker operations to complete and those are async. Podman does not seem to have that issue
|
wait for docker operations to complete and those are async. Podman does not seem to have that issue
|
||||||
|
|
||||||
|
# Kernel pre-requisites
|
||||||
|
|
||||||
|
For this to work you need to make sure that you have the following enabled in the kernel
|
||||||
|
- CONFIG_NF_TABLES_INET (needs CONFIG_IPv6)
|
||||||
|
- CONFIG_NFT_FIB_INET (needs CONFIG_NFT_FIB_IPV4 and CONFIG_NFT_FIB_IPV6)
|
||||||
|
|
||||||
|
and your host kernel is a decently new one. So if you are still on the time-proven debian from 2002 with kernel 2.6.* it might be a good idea to upgrade. Tested on 6.18.7. YMMV
|
||||||
|
|
||||||
|
# Runner config
|
||||||
|
|
||||||
|
That's the config for act_runner
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
log:
|
||||||
|
level: info
|
||||||
|
cache:
|
||||||
|
enabled: true # Optional, needed for action/cache
|
||||||
|
dir: /data/.cache # This has to be mounted into a persistent storage
|
||||||
|
container:
|
||||||
|
# That's defaults
|
||||||
|
network: "bridge"
|
||||||
|
require_docker: true
|
||||||
|
docker_timeout: 300s
|
||||||
|
privileged: true # Needed for docker-in-podman-in-docker aka buildkit aka docker buildx
|
||||||
|
options: "--volume=/var/run/docker.sock:/var/run/docker.sock" # for any docker command to work
|
||||||
|
valid_volumes:
|
||||||
|
- /var/run/docker.sock
|
||||||
|
```
|
||||||
|
|
||||||
|
# DinD config
|
||||||
|
|
||||||
|
Using Gitea's Helm chart for the runner https://gitea.com/gitea/helm-actions/
|
||||||
|
|
||||||
|
[!NOTE]
|
||||||
|
You need the >v0.0.2 release which, at the time of writing this, does not exist. So use the tarball URL as your helm chart directly.
|
||||||
|
|
||||||
|
`values.yaml`:
|
||||||
|
```yaml
|
||||||
|
enabled: true
|
||||||
|
statefulset:
|
||||||
|
persistence:
|
||||||
|
size: 1Gi # that's the data-act-runner volume from the config above
|
||||||
|
actRunner:
|
||||||
|
config: <config from the above>
|
||||||
|
extraVolumeMounts:
|
||||||
|
- name: data-act-runner # this is for the cache: true in the config
|
||||||
|
subPath: runner-cache
|
||||||
|
mountPath: /root/.cache
|
||||||
|
dind:
|
||||||
|
repository: <this docker image>
|
||||||
|
tag: latest
|
||||||
|
extraVolumeMounts:
|
||||||
|
- name: data-act-runner # caches the downloaded images and is required for the native overlayfs to work
|
||||||
|
subPath: containers
|
||||||
|
mountPath: /var/lib/containers
|
||||||
|
existingSecret: <secret with registration token>
|
||||||
|
existingSecretKey: <token key in secret>
|
||||||
|
giteaRootURL: <your gitea url>
|
||||||
|
```
|
||||||
|
|
||||||
|
[!NOTE]
|
||||||
|
You either need to mount `/var/lib/containers` as shown or you need `fuse` working. The `fuse` option is not tested
|
||||||
Reference in New Issue
Block a user