mirror of https://github.com/rusefi/rusefi-ci.git
trying to add rootless docker
This commit is contained in:
parent
a4004b33b3
commit
c3b214f0d6
22
Dockerfile
22
Dockerfile
|
@ -26,7 +26,7 @@ COPY --from=builder /tmp/rusefi-provide_gcc /tmp/rusefi-provide_gcc
|
|||
|
||||
ENV JAVA_HOME /usr/lib/jvm/temurin-11-jdk-amd64/
|
||||
|
||||
RUN useradd -m -g sudo docker &&\
|
||||
RUN useradd -m -g sudo -u 1001 docker &&\
|
||||
apt-get update -y &&\
|
||||
apt-get install -y wget gpg &&\
|
||||
wget -O key.gpg https://packages.adoptium.net/artifactory/api/gpg/key/public &&\
|
||||
|
@ -69,6 +69,8 @@ RUN useradd -m -g sudo docker &&\
|
|||
scour \
|
||||
librsvg2-bin \
|
||||
temurin-11-jdk \
|
||||
uidmap \
|
||||
supervisor \
|
||||
&& apt-get autoremove -y && apt-get clean -y &&\
|
||||
echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers &&\
|
||||
echo 'APT::Get::Assume-Yes "true";' >/etc/apt/apt.conf.d/90forceyes &&\
|
||||
|
@ -76,10 +78,28 @@ RUN useradd -m -g sudo docker &&\
|
|||
chown -R docker /tmp/rusefi-provide_gcc &&\
|
||||
update-alternatives --set java /usr/lib/jvm/temurin-11-jdk-amd64/bin/java
|
||||
|
||||
# Install Docker CLI
|
||||
RUN curl -fsSL https://get.docker.com -o- | sh && \
|
||||
rm -rf /var/lib/apt/lists/* && \
|
||||
apt-get clean
|
||||
|
||||
# Install Docker-Compose
|
||||
RUN curl -L -o /usr/local/bin/docker-compose \
|
||||
"https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-$(uname -s)-$(uname -m)" && \
|
||||
chmod +x /usr/local/bin/docker-compose
|
||||
|
||||
COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
|
||||
RUN chmod 644 /etc/supervisor/conf.d/supervisord.conf &&\
|
||||
chmod u-s /usr/bin/newuidmap &&\
|
||||
chmod u-s /usr/bin/newgidmap
|
||||
|
||||
WORKDIR /opt
|
||||
|
||||
USER docker
|
||||
|
||||
RUN dockerd-rootless-setuptool.sh install
|
||||
|
||||
VOLUME /opt/actions-runner
|
||||
|
||||
ENTRYPOINT ["./start.sh"]
|
||||
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]
|
||||
|
|
11
start.sh
11
start.sh
|
@ -1,5 +1,14 @@
|
|||
#!/bin/bash
|
||||
|
||||
if [[ "$@" == "bash" ]]; then
|
||||
exec $@
|
||||
fi
|
||||
|
||||
export XDG_RUNTIME_DIR=$HOME/.docker/xrd
|
||||
rm -rf $XDG_RUNTIME_DIR
|
||||
mkdir -p $XDG_RUNTIME_DIR
|
||||
PATH=/usr/bin:/sbin:/usr/sbin:$PATH dockerd-rootless.sh
|
||||
|
||||
cd /opt/actions-runner
|
||||
|
||||
if [[ -z $RUNNER_NAME ]]; then
|
||||
|
@ -70,4 +79,4 @@ else
|
|||
--unattended
|
||||
fi
|
||||
|
||||
./run.sh & wait $!
|
||||
exec "$@"
|
||||
|
|
|
@ -0,0 +1,13 @@
|
|||
[supervisord]
|
||||
user=docker
|
||||
nodaemon=true
|
||||
logfile=/dev/fd/1
|
||||
logfile_maxbytes=0
|
||||
loglevel=error
|
||||
|
||||
[program:runner]
|
||||
directory=/opt/actions-runner
|
||||
command=/opt/actions-runner/bin/runsvc.sh
|
||||
stdout_logfile=/dev/fd/1
|
||||
stdout_logfile_maxbytes=0
|
||||
redirect_stderr=true
|
Loading…
Reference in New Issue