oss/forgejo-runner
oss/forgejo-runner
1
0
Fork 0
mirror of https://code.forgejo.org/forgejo/runner.git synced 2025-10-10 19:32:04 +00:00
Code Wiki Activity
forgejo-runner/examples/lxc-systemd/forgejo-runner-service.sh

395 lines
10 KiB
Bash
Raw Normal View History

feat: systemd unit example for managing LXC containers (#451) Refs: https://code.forgejo.org/forgejo/runner/issues/450 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/451 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-25 12:24:31 +00:00
#!/bin/bash
# Copyright Forgejo Authors.
# SPDX-License-Identifier: MIT
set -o pipefail
: ${TMPDIR:=$(mktemp -d)}
export -n TMPDIR
if ! test -d "$TMPDIR"; then
echo "TMPDIR=$TMPDIR is expected to be a directory"
exit 1
fi
trap "rm -fr $TMPDIR" EXIT
: ${INPUTS_LXC_CONFIG:=docker libvirt lxc}
: ${INPUTS_SERIAL:=}
: ${INPUTS_TOKEN:=}
: ${INPUTS_FORGEJO:=https://code.forgejo.org}
: ${INPUTS_LIFETIME:=7d}
chore: teach renovate about examples/lxc-systemd/forgejo-runner-service.sh (#627) <!--start release-notes-assistant--> <!--URL:https://code.forgejo.org/forgejo/runner--> - other - [PR](https://code.forgejo.org/forgejo/runner/pulls/627): <!--number 627 --><!--line 0 --><!--description Y2hvcmU6IHRlYWNoIHJlbm92YXRlIGFib3V0IGV4YW1wbGVzL2x4Yy1zeXN0ZW1kL2Zvcmdlam8tcnVubmVyLXNlcnZpY2Uuc2g=-->chore: teach renovate about examples/lxc-systemd/forgejo-runner-service.sh<!--description--> <!--end release-notes-assistant--> Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/627 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-08-03 17:45:58 +00:00
DEFAULT_LXC_HELPERS_VERSION=1.0.3 # renovate: datasource=forgejo-tags depName=forgejo/lxc-helpers
: ${INPUTS_LXC_HELPERS_VERSION:=$DEFAULT_LXC_HELPERS_VERSION}
Update forgejo-runner to v11 (major) (#975) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [code.forgejo.org/forgejo/runner](https://forgejo.org) ([source](https://code.forgejo.org/forgejo/runner)) | major | `9.1.1` -> `11.0.0` | | [forgejo/runner](https://code.forgejo.org/forgejo/runner) | major | `10.0.1` -> `11.0.0` | --- ### Release Notes <details> <summary>forgejo/runner (code.forgejo.org/forgejo/runner)</summary> ### [`v11.0.0`](https://code.forgejo.org/forgejo/runner/releases/tag/v11.0.0) [Compare Source](https://code.forgejo.org/forgejo/runner/compare/v10.0.1...v11.0.0) - [User guide](https://forgejo.org/docs/next/user/actions/overview/) - [Administrator guide](https://forgejo.org/docs/next/admin/actions/) - [Container images](https://code.forgejo.org/forgejo/-/packages/container/runner/versions) Release Notes The breaking change in this release is not technical, it is the change of the license which is now GPLv3-or-later. - [PR](https://code.forgejo.org/forgejo/runner/pulls/773): <!--number 773 --><!--line 0 --><!--description Y2hvcmU6IGNoYW5nZSB0aGUgbGljZW5zZSB0byBHUEx2My1vci1sYXRlcg==-->chore: change the license to GPLv3-or-later<!--description--> *** <!--start release-notes-assistant--> <!--URL:https://code.forgejo.org/forgejo/runner--> - bug fixes - [PR](https://code.forgejo.org/forgejo/runner/pulls/935): <!--number 935 --><!--line 0 --><!--description Zml4OiBzaHV0ZG93biB0aGUgcnVubmVyIHdoZW4gIHRoZSBjYWNoZSBmYWlscyB3aXRoIGEgbm9uIHJlY292ZXJhYmxlIGVycm9y-->fix: shutdown the runner when the cache fails with a non recoverable error<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/948): <!--number 948 --><!--line 0 --><!--description Zml4OiBhbHNvIGNhc2NhZGUgaWYgcnVuLSotdGVzdCBpcyBzZXQgd2hlbiB0aGUgUFIgaXMgb3Blbg==-->fix: also cascade if run-\*-test is set when the PR is open<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/946): <!--number 946 --><!--line 0 --><!--description Zml4OiBncmFjZWZ1bCBzaHV0ZG93biBvZiB0YXNrcyBiZWluZyBpbnRlcnJ1cHRlZCBieSBzaWduYWw=-->fix: graceful shutdown of tasks being interrupted by signal<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/943): <!--number 943 --><!--line 0 --><!--description Zml4OiBseGMtc3lzdGVtZCBleGFtcGxlOiBleHBvcnQgSU5QVVRTX1NFUklBTA==-->fix: lxc-systemd example: export INPUTS\_SERIAL<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/941): <!--number 941 --><!--line 0 --><!--description Zml4OiBhbGxvdyBpbnB1dHMgY29udGV4dCBpbiBhY3Rpb24gZGVmYXVsdHM=-->fix: allow inputs context in action defaults<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/931): <!--number 931 --><!--line 0 --><!--description Zml4OiBhbiBleHByZXNzaW9uIGluIHdpdGg6IGZvciBhIHJldXNhYmxlIHdvcmtmbG93IGNhbGwgY2FuIHVzZSBlbnY=-->fix: an expression in with: for a reusable workflow call can use env<!--description--> - other - [PR](https://code.forgejo.org/forgejo/runner/pulls/951): <!--number 951 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnb2xhbmcub3JnL3gvdGltZSB0byB2MC4xMy4w-->Update module golang.org/x/time to v0.13.0<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/950): <!--number 950 --><!--line 0 --><!--description UmV2ZXJ0ICJmaXg6IGFsc28gY2FzY2FkZSBpZiBydW4tKi10ZXN0IGlzIHNldCB3aGVuIHRoZSBQUiBpcyBvcGVuICgjOTQ4KSI=-->Revert "fix: also cascade if run-\*-test is set when the PR is open ([#&#8203;948](https://github.com/forgejo/runner/issues/948))"<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/945): <!--number 945 --><!--line 0 --><!--description VXBkYXRlIGNvZGUuZm9yZ2Vqby5vcmcvZm9yZ2Vqby9mb3JnZWpvIERvY2tlciB0YWcgdG8gdjExLjAuNQ==-->Update code.forgejo.org/forgejo/forgejo Docker tag to v11.0.5<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/942): <!--number 942 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL2RvY2tlci9kb2NrZXIgdG8gdjI4LjQuMCtpbmNvbXBhdGlibGU=-->Update module github.com/docker/docker to v28.4.0+incompatible<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/773): <!--number 773 --><!--line 0 --><!--description Y2hvcmU6IGNoYW5nZSB0aGUgbGljZW5zZSB0byBHUEx2My1vci1sYXRlcg==-->chore: change the license to GPLv3-or-later<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/940): <!--number 940 --><!--line 0 --><!--description Y2hvcmU6IGJ1bXAgdmVyc2lvbiB0byB2MTE=-->chore: bump version to v11<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/936): <!--number 936 --><!--line 0 --><!--description cmVmYWN0b3I6IHJlbW92ZSBkdXBsaWNhdGUgY29tcHV0ZU1hYyBmdW5jdGlvbg==-->refactor: remove duplicate computeMac function<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/938): <!--number 938 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL2RvY2tlci9jbGkgdG8gdjI4LjQuMCtpbmNvbXBhdGlibGU=-->Update module github.com/docker/cli to v28.4.0+incompatible<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/934): <!--number 934 --><!--line 0 --><!--description Y2hvcmU6IHJlZmFjdG9yIGFjdC9hcnRpZmFjdGNhY2hlIEhhbmRsZXIgdG8gYW4gaW50ZXJmYWNl-->chore: refactor act/artifactcache Handler to an interface<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/933): <!--number 933 --><!--line 0 --><!--description VXBkYXRlIGRlcGVuZGVuY3kgZ28gdG8gdjEuMjQuNw==-->Update dependency go to v1.24.7<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/932): <!--number 932 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL3NwZjEzL3BmbGFnIHRvIHYxLjAuMTA=-->Update module github.com/spf13/pflag to v1.0.10<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/930): <!--number 930 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL3NwZjEzL2NvYnJhIHRvIHYxLjEwLjE=-->Update module github.com/spf13/cobra to v1.10.1<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/928): <!--number 928 --><!--line 0 --><!--description VXBkYXRlIGRlcGVuZGVuY3kgZm9yZ2Vqby9ydW5uZXIgdG8gdjEw-->Update dependency forgejo/runner to v10<!--description--> <!--end release-notes-assistant--> ### [`v10.0.1`](https://code.forgejo.org/forgejo/runner/releases/tag/v10.0.1) [Compare Source](https://code.forgejo.org/forgejo/runner/compare/v10.0.0...v10.0.1) - [User guide](https://forgejo.org/docs/next/user/actions/overview/) - [Administrator guide](https://forgejo.org/docs/next/admin/actions/) - [Container images](https://code.forgejo.org/forgejo/-/packages/container/runner/versions) Release Notes *** <!--start release-notes-assistant--> <!--URL:https://code.forgejo.org/forgejo/runner--> - bug fixes - [PR](https://code.forgejo.org/forgejo/runner/pulls/927): <!--number 927 --><!--line 0 --><!--description Zml4OiBwdWxsX3JlcXVlc3RfdGFyZ2V0IGV2ZW50cyBjYW4gc2hhcmUgdGhlIGNhY2hlIG9mIHRoZSByZXBvc2l0b3J5-->fix: pull\_request\_target events can share the cache of the repository<!--description--> <!--end release-notes-assistant--> ### [`v10.0.0`](https://code.forgejo.org/forgejo/runner/releases/tag/v10.0.0) [Compare Source](https://code.forgejo.org/forgejo/runner/compare/v9.1.1...v10.0.0) > **Warning** Upgrade to v10.0.1 instead. A regression was found on `pull_request_target` events and is fixed in the [v10.0.1 release](https://code.forgejo.org/forgejo/runner/releases/tag/v10.0.1). - [User guide](https://forgejo.org/docs/next/user/actions/overview/) - [Administrator guide](https://forgejo.org/docs/next/admin/actions/) - [Container images](https://code.forgejo.org/forgejo/-/packages/container/runner/versions) Release Notes - [PR](https://code.forgejo.org/forgejo/runner/pulls/925): <!--number 925 --><!--line 0 --><!--description Zml4KHNlY3VyaXR5KTogcHJldmVudCBvbjogcHVsbF9yZXF1ZXN0IGFjdGlvbnMgZnJvbSBtdXRhdGluZyBjYWNoZXMgb2Ygb3RoZXIgd29ya2Zsb3cgZXZlbnRz-->fix(security): prevent on: pull\_request actions from mutating caches of other workflow events<!--description--> forgej-runner currently creates a safer execution environment for workflows triggered by pull requests by denying those workflows access to the repository's secrets, preventing pull requests from compromising the confidentiality of the secrets. Workflows do have access to write to the action cache, which is shared with future workflow executions, including executions that may have access to repository secrets. This was assumed safe as the cache is a "write-once" operation based upon the cache key; if an execution writes to that cache, it will be read by other workflows only if a matching key parameter is provided, and it can not be modified again. These assumptions were identified as weak security practices with known workarounds. It is possible for a malicious pull request to mutate the shared cache and embed untrusted artifacts, which may later be executed in workflow executions with access to secrets, risking the confidentiality of those secrets. In order to eliminate this risk, workflows executing with the `pull_request` and `pull_request_target` events have their write operations to the cache isolated to future workflow executions from the same pull request. They can continue to read from the shared cache if applicable. If using an external cache server configuration, both the cache server and other instances of the runner must be running the same software version. The recommended upgrade procedure in this configuration is to bring all runners offline, upgrade the cache server to the latest release and bring it online, and then bring all other runners online. - [PR](https://code.forgejo.org/forgejo/runner/pulls/924): <!--number 924 --><!--line 0 --><!--description Zml4KHNlY3VyaXR5KTogZW5zdXJlIHVuaXF1ZSBuYW1lcyBmb3IgY29udGFpbmVyIGltYWdlcyBjcmVhdGVkIGJ5IGFjdGlvbnM=-->fix(security): ensure unique names for container images created by actions<!--description--> Without this fix, when a workflow ran a local [docker action](https://forgejo.org/docs/next/user/actions/actions/#docker-actions) (e.g. the [example in the end-to-end tests](https://code.forgejo.org/forgejo/end-to-end/src/commit/8f920b4b7adcb920e435db1acd02407b2312ab74/actions/example-force-rebuild/.forgejo/workflows/test.yml)), it used an image tag that could collide with other workflows that happen to use the same name. The workaround for older runner versions is to set [`[container].force_rebuild: true`](https://forgejo.org/docs/next/admin/actions/runner-installation/#configuration) in the runner configuration file. *** <!--start release-notes-assistant--> <!--URL:https://code.forgejo.org/forgejo/runner--> - bug fixes - [PR](https://code.forgejo.org/forgejo/runner/pulls/925): <!--number 925 --><!--line 0 --><!--description Zml4KHNlY3VyaXR5KTogcHJldmVudCBvbjogcHVsbF9yZXF1ZXN0IGFjdGlvbnMgZnJvbSBtdXRhdGluZyBjYWNoZXMgb2Ygb3RoZXIgd29ya2Zsb3cgZXZlbnRz-->fix(security): prevent on: pull\_request actions from mutating caches of other workflow events<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/924): <!--number 924 --><!--line 0 --><!--description Zml4KHNlY3VyaXR5KTogZW5zdXJlIHVuaXF1ZSBuYW1lcyBmb3IgY29udGFpbmVyIGltYWdlcyBjcmVhdGVkIGJ5IGFjdGlvbnM=-->fix(security): ensure unique names for container images created by actions<!--description--> - other - [PR](https://code.forgejo.org/forgejo/runner/pulls/921): <!--number 921 --><!--line 0 --><!--description VXBkYXRlIGNvZGUuZm9yZ2Vqby5vcmcvZm9yZ2Vqby9mb3JnZWpvIERvY2tlciB0YWcgdG8gdjExLjAuNA==-->Update code.forgejo.org/forgejo/forgejo Docker tag to v11.0.4<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/922): <!--number 922 --><!--line 0 --><!--description Y2hvcmU6IGV4cGxhaW4gdGhlIGRpZmZlcmVuY2UgYmV0d2VlbiBgam9iX2xldmVsYCBhbmQgYGxldmVsYA==-->chore: explain the difference between `job_level` and `level`<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/917): <!--number 917 --><!--line 0 --><!--description Y2hvcmU6IGFkZCByZW1pbmRlciBvZiBob3cgdG8gcnVuIGEgbG9jYWwgdGVzdA==-->chore: add reminder of how to run a local test<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/919): <!--number 919 --><!--line 0 --><!--description Y2hvcmU6IHVuaWZ5IGNhc2NhZGUtc2V0dXAtZm9yZ2VqbyB3aXRoIGNhc2NhZGUtZm9yZ2Vqbw==-->chore: unify cascade-setup-forgejo with cascade-forgejo<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/873): <!--number 873 --><!--line 0 --><!--description Y2hvcmU6IHJlbW92ZSBgZ2l0aHViLmNvbS9wa2cvZXJyb3JzYA==-->chore: remove `github.com/pkg/errors`<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/915): <!--number 915 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL3N0cmV0Y2hyL3Rlc3RpZnkgdG8gdjEuMTEuMQ==-->Update module github.com/stretchr/testify to v1.11.1<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/914): <!--number 914 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnb29nbGUuZ29sYW5nLm9yZy9wcm90b2J1ZiB0byB2MS4zNi44-->Update module google.golang.org/protobuf to v1.36.8<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/907): <!--number 907 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnby5ldGNkLmlvL2Jib2x0IHRvIHYxLjQuMw==-->Update module go.etcd.io/bbolt to v1.4.3<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/906): <!--number 906 --><!--line 0 --><!--description dGVzdDogcmVtb3ZlIGludGVybmFsIHRpbWVvdXQgaW4gVGVzdFJ1bm5lckNhY2hlQ29uZmlndXJhdGlvbg==-->test: remove internal timeout in TestRunnerCacheConfiguration<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/902): <!--number 902 --><!--line 0 --><!--description Y2hvcmU6IHNraXAgdGVzdHMgdGhhdCByZXF1aXJlIEZvcmdlam8gaWYgaXQgaXMgbm90IGF2YWlsYWJsZQ==-->chore: skip tests that require Forgejo if it is not available<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/903): <!--number 903 --><!--line 0 --><!--description Y2hvcmU6IHJld29yayB0aGUgUkVBRE1F-->chore: rework the README<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/904): <!--number 904 --><!--line 0 --><!--description VXBkYXRlIGdpdGh1Yi5jb20vZ28tdmlwZXIvbWFwc3RydWN0dXJlL3YyIChpbmRpcmVjdCkgdG8gdjIuNC4wIFtTRUNVUklUWV0=-->Update github.com/go-viper/mapstructure/v2 (indirect) to v2.4.0 \[SECURITY]<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/900): <!--number 900 --><!--line 0 --><!--description Y2hvcmU6IHJlbW92ZSBUZXN0UnVuQ29udGV4dF9HZXRHaXRIdWJDb250ZXh0-->chore: remove TestRunContext\_GetGitHubContext<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/899): <!--number 899 --><!--line 0 --><!--description Y2hvcmU6IGRvIG5vdCBmb3JjZSBHT1BST1hZ-->chore: do not force GOPROXY<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/890): <!--number 890 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL3Zla3RyYS9tb2NrZXJ5L3YyIHRvIHYyLjUzLjU=-->Update module github.com/vektra/mockery/v2 to v2.53.5<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/893): <!--number 893 --><!--line 0 --><!--description Y2hvcmU6IGZpeCAuUEhPTlkgbGludCB0YXJnZXRz-->chore: fix .PHONY lint targets<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/898): <!--number 898 --><!--line 0 --><!--description VXBkYXRlIGRlcGVuZGVuY3kgZm9yZ2Vqby9ydW5uZXIgdG8gdjkuMS4x-->Update dependency forgejo/runner to v9.1.1<!--description--> - [PR](https://code.forgejo.org/forgejo/runner/pulls/897): <!--number 897 --><!--line 0 --><!--description VXBkYXRlIGNvZGUuZm9yZ2Vqby5vcmcvZm9yZ2Vqby9ydW5uZXIgRG9ja2VyIHRhZyB0byB2OS4xLjE=-->Update code.forgejo.org/forgejo/runner Docker tag to v9.1.1<!--description--> <!--end release-notes-assistant--> </details> --- ### Configuration 📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS45Ny45IiwidXBkYXRlZEluVmVyIjoiNDEuOTcuOSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiS2luZC9EZXBlbmRlbmN5VXBkYXRlIiwicnVuLWVuZC10by1lbmQtdGVzdHMiXX0=--> Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/975 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Renovate Bot <bot@kriese.eu> Co-committed-by: Renovate Bot <bot@kriese.eu>
2025-09-10 09:18:50 +00:00
DEFAULT_RUNNER_VERSION=11.0.0 # renovate: datasource=forgejo-releases depName=forgejo/runner
chore: teach renovate about examples/lxc-systemd/forgejo-runner-service.sh (#627) <!--start release-notes-assistant--> <!--URL:https://code.forgejo.org/forgejo/runner--> - other - [PR](https://code.forgejo.org/forgejo/runner/pulls/627): <!--number 627 --><!--line 0 --><!--description Y2hvcmU6IHRlYWNoIHJlbm92YXRlIGFib3V0IGV4YW1wbGVzL2x4Yy1zeXN0ZW1kL2Zvcmdlam8tcnVubmVyLXNlcnZpY2Uuc2g=-->chore: teach renovate about examples/lxc-systemd/forgejo-runner-service.sh<!--description--> <!--end release-notes-assistant--> Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/627 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-08-03 17:45:58 +00:00
: ${INPUTS_RUNNER_VERSION:=$DEFAULT_RUNNER_VERSION}
feat: systemd unit example for managing LXC containers (#451) Refs: https://code.forgejo.org/forgejo/runner/issues/450 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/451 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-25 12:24:31 +00:00
: ${KILL_AFTER:=21600} # 6h == 21600
NODEJS_VERSION=20
DEBIAN_RELEASE=bookworm
YQ_VERSION=v4.45.1
SELF=${BASH_SOURCE[0]}
SELF_FILENAME=$(basename "$SELF")
fix: lxc-systemd: upgrade using a URL instead of a version [skip cascade] (#520) It is common to install a version from a branch or a fork. Change the upgrade to be a URL instead of a version number for simplicity. Fix a bug by which the lxc-helpers and the runner are upgraded but not the script itself. Increase the service unit timeout when stopping the runner: it may take up to three hours. Adapt the tests accordingly. Fixes https://code.forgejo.org/forgejo/runner/issues/510 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/520 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-03-25 22:45:49 +00:00
SELF_INSTALLED=/usr/local/bin/$SELF_FILENAME
feat: systemd unit example for managing LXC containers (#451) Refs: https://code.forgejo.org/forgejo/runner/issues/450 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/451 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-25 12:24:31 +00:00
ETC=/etc/forgejo-runner
LIB=/var/lib/forgejo-runner
LOG=/var/log/forgejo-runner
feat: forgejo-runner-service.sh safeguard to avoid overheating re-creating the LXC container from scratch is expensive. When rebooting or when multiple units start at the same time, it may cause an execessive load. Use a global lock to guard this operation so they happen in sequence and not in parallel. They typically take around one minute to complete which means that in the event of a reboot, it will take around 1 minutes * the number of runners for the unlucky one to start. During this interval workflows will have to wait.
2025-01-27 14:17:15 +01:00
LOCK=/var/lock/forgejo-runner
feat: systemd unit example for managing LXC containers (#451) Refs: https://code.forgejo.org/forgejo/runner/issues/450 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/451 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-25 12:24:31 +00:00
: ${HOST:=$(hostname)}
LXC_IPV4_PREFIX="10.105.7"
LXC_IPV6_PREFIX="fd91"
LXC_USER_NAME=debian
LXC_USER_ID=1000
if ${VERBOSE:-false}; then
set -ex
PS4='${BASH_SOURCE[0]}:$LINENO: ${FUNCNAME[0]}: '
# export LXC_VERBOSE=true # use with caution, it will block .forgejo/workflows/example-lxc-systemd.yml
else
set -e
fi
if test $(id -u) != 0; then
SUDO=sudo
fi
function config_inotify() {
if grep --quiet fs.inotify.max_user_instances=8192 /etc/sysctl.conf; then
return
fi
echo fs.inotify.max_user_instances=8192 | $SUDO tee -a /etc/sysctl.conf
$SUDO sysctl -p
}
feat: add upgrade to forgejo-runner-service.sh (#475) for the purpose of indirectly upgrading lxc-helpers if a newer version is needed. Otherwise it has to be done manually and can easily be overlooked. Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/475 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-30 19:37:17 +00:00
function install_or_update_lxc_helpers() {
for lxc_helper in lxc-helpers.sh lxc-helpers-lib.sh; do
local new=$TMPDIR/$lxc_helper
local existing=/usr/local/bin/$lxc_helper
curl --fail -sS -o $new https://code.forgejo.org/forgejo/lxc-helpers/raw/tag/v${INPUTS_LXC_HELPERS_VERSION}/$lxc_helper
if ! test -f $existing || ! cmp --quiet $existing $new; then
if test -f $existing; then
$SUDO mv $existing $existing.backup
fi
$SUDO mv $new $existing
$SUDO chmod +x $existing
fi
done
}
function install_or_update_self() {
fix: lxc-systemd: upgrade using a URL instead of a version [skip cascade] (#520) It is common to install a version from a branch or a fork. Change the upgrade to be a URL instead of a version number for simplicity. Fix a bug by which the lxc-helpers and the runner are upgraded but not the script itself. Increase the service unit timeout when stopping the runner: it may take up to three hours. Adapt the tests accordingly. Fixes https://code.forgejo.org/forgejo/runner/issues/510 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/520 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-03-25 22:45:49 +00:00
if ! cmp --quiet $SELF $SELF_INSTALLED; then
if test -f $SELF_INSTALLED; then
$SUDO mv $SELF_INSTALLED $SELF_INSTALLED.backup
feat: add upgrade to forgejo-runner-service.sh (#475) for the purpose of indirectly upgrading lxc-helpers if a newer version is needed. Otherwise it has to be done manually and can easily be overlooked. Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/475 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-30 19:37:17 +00:00
fi
fix: lxc-systemd: upgrade using a URL instead of a version [skip cascade] (#520) It is common to install a version from a branch or a fork. Change the upgrade to be a URL instead of a version number for simplicity. Fix a bug by which the lxc-helpers and the runner are upgraded but not the script itself. Increase the service unit timeout when stopping the runner: it may take up to three hours. Adapt the tests accordingly. Fixes https://code.forgejo.org/forgejo/runner/issues/510 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/520 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-03-25 22:45:49 +00:00
$SUDO cp -a $SELF $SELF_INSTALLED
feat: add upgrade to forgejo-runner-service.sh (#475) for the purpose of indirectly upgrading lxc-helpers if a newer version is needed. Otherwise it has to be done manually and can easily be overlooked. Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/475 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-30 19:37:17 +00:00
fi
}
function install_self() {
install_or_update_self
}
feat: systemd unit example for managing LXC containers (#451) Refs: https://code.forgejo.org/forgejo/runner/issues/450 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/451 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-25 12:24:31 +00:00
function dependencies() {
if ! which curl jq retry >/dev/null; then
export DEBIAN_FRONTEND=noninteractive
$SUDO apt-get update -qq
$SUDO apt-get install -y -qq curl jq retry
fi
if ! which yq >/dev/null; then
$SUDO curl -L --fail -sS -o /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_arm64
$SUDO chmod +x /usr/local/bin/yq
fi
feat: add upgrade to forgejo-runner-service.sh (#475) for the purpose of indirectly upgrading lxc-helpers if a newer version is needed. Otherwise it has to be done manually and can easily be overlooked. Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/475 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-30 19:37:17 +00:00
install_self
install_or_update_lxc_helpers
if ! which lxc-ls >/dev/null; then
$SUDO lxc-helpers.sh lxc_install_lxc_inside $LXC_IPV4_PREFIX $LXC_IPV6_PREFIX
feat: systemd unit example for managing LXC containers (#451) Refs: https://code.forgejo.org/forgejo/runner/issues/450 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/451 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-25 12:24:31 +00:00
fi
}
function lxc_name() {
echo runner-${INPUTS_SERIAL}-lxc
}
function lxc_destroy() {
$SUDO lxc-destroy -f $(lxc_name) >/dev/null || true
}
function lxc_create() {
local name=$(lxc_name)
local lib=$LIB/$name
local etc=$ETC/$INPUTS_SERIAL
lxc-helpers.sh --config "$INPUTS_LXC_CONFIG" lxc_container_create $name
echo "lxc.start.auto = 1" | sudo tee -a /var/lib/lxc/$name/config
local bin=/var/lib/lxc/$name/rootfs/usr/local/bin
$SUDO cp -a $SELF $bin/$SELF_FILENAME
$SUDO cp -a /usr/local/bin/forgejo-runner-$INPUTS_RUNNER_VERSION $bin/forgejo-runner
$SUDO cp -a /usr/local/bin/yq $bin/yq
$SUDO cp -a $(which jq) $bin/jq
$SUDO mkdir -p $lib/.cache/actcache
$SUDO chown -R $LXC_USER_ID $lib
lxc-helpers.sh lxc_container_mount $name $lib/.cache/actcache
$SUDO mkdir -p $etc
$SUDO chown -R $LXC_USER_ID $etc
lxc-helpers.sh lxc_container_mount $name $etc
lxc-helpers.sh lxc_container_start $name
if echo $INPUTS_LXC_CONFIG | grep --quiet 'docker'; then
lxc-helpers.sh lxc_install_docker $name
fi
if echo $INPUTS_LXC_CONFIG | grep --quiet 'lxc'; then
local ipv4="10.48.$INPUTS_SERIAL"
local ipv6="fd$INPUTS_SERIAL"
lxc-helpers.sh lxc_install_lxc $name $ipv4 $ipv6
fi
lxc-helpers.sh lxc_container_user_install $name $LXC_USER_ID $LXC_USER_NAME
}
function service_create() {
cat >$TMPDIR/forgejo-runner@.service <<EOF
[Unit]
Description=Forgejo runner %i
After=syslog.target
After=network.target
[Service]
Restart=on-success
ExecStart=/usr/local/bin/${SELF_FILENAME} run_in_copy start
ExecStop=/usr/local/bin/${SELF_FILENAME} stop
fix: lxc-systemd: upgrade using a URL instead of a version [skip cascade] (#520) It is common to install a version from a branch or a fork. Change the upgrade to be a URL instead of a version number for simplicity. Fix a bug by which the lxc-helpers and the runner are upgraded but not the script itself. Increase the service unit timeout when stopping the runner: it may take up to three hours. Adapt the tests accordingly. Fixes https://code.forgejo.org/forgejo/runner/issues/510 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/520 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-03-25 22:45:49 +00:00
TimeoutStopSec=10800
feat: systemd unit example for managing LXC containers (#451) Refs: https://code.forgejo.org/forgejo/runner/issues/450 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/451 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-25 12:24:31 +00:00
EnvironmentFile=/etc/forgejo-runner/%i/env
[Install]
WantedBy=multi-user.target
EOF
local service=/etc/systemd/system/forgejo-runner@.service
if test -f $service && cmp $TMPDIR/forgejo-runner@.service $service; then
return
fi
$SUDO mkdir -p $ETC
$SUDO chown -R $LXC_USER_ID $ETC
$SUDO mkdir -p $LOG
$SUDO chown -R $LXC_USER_ID $LOG
$SUDO cp $TMPDIR/forgejo-runner@.service $service
$SUDO systemctl daemon-reload
}
function inside() {
local name=$(lxc_name)
fix: forgejo-runner-service.sh must not leak the env to the runner
2025-01-28 13:41:57 +01:00
# all exported variables must be --unset before running the daemon
feat: systemd unit example for managing LXC containers (#451) Refs: https://code.forgejo.org/forgejo/runner/issues/450 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/451 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-25 12:24:31 +00:00
lxc-helpers.sh lxc_container_run $name -- sudo --user $LXC_USER_NAME \
fix: forgejo-runner-service.sh misses LXC config When re-creating the LXC container, the INPUTS_LXC_CONFIG must be set otherwise it will always use the default.
2025-01-27 09:59:38 +01:00
INPUTS_SERIAL="$INPUTS_SERIAL" \
INPUTS_LXC_CONFIG="$INPUTS_LXC_CONFIG" \
INPUTS_TOKEN="$INPUTS_TOKEN" \
INPUTS_FORGEJO="$INPUTS_FORGEJO" \
INPUTS_LIFETIME="$INPUTS_LIFETIME" \
KILL_AFTER="$KILL_AFTER" \
VERBOSE="$VERBOSE" \
HOST="$HOST" \
feat: systemd unit example for managing LXC containers (#451) Refs: https://code.forgejo.org/forgejo/runner/issues/450 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/451 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-25 12:24:31 +00:00
$SELF_FILENAME "$@"
}
fix: lxc-systemd: upgrade using a URL instead of a version [skip cascade] (#520) It is common to install a version from a branch or a fork. Change the upgrade to be a URL instead of a version number for simplicity. Fix a bug by which the lxc-helpers and the runner are upgraded but not the script itself. Increase the service unit timeout when stopping the runner: it may take up to three hours. Adapt the tests accordingly. Fixes https://code.forgejo.org/forgejo/runner/issues/510 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/520 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-03-25 22:45:49 +00:00
function display_default_runner_version() {
echo "Forgejo runner $INPUTS_RUNNER_VERSION"
}
feat: systemd unit example for managing LXC containers (#451) Refs: https://code.forgejo.org/forgejo/runner/issues/450 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/451 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-25 12:24:31 +00:00
function install_runner() {
local runner=/usr/local/bin/forgejo-runner-$INPUTS_RUNNER_VERSION
if test -f $runner; then
return
fi
$SUDO curl --fail -sS -o $runner https://code.forgejo.org/forgejo/runner/releases/download/v$INPUTS_RUNNER_VERSION/forgejo-runner-$INPUTS_RUNNER_VERSION-linux-amd64
$SUDO chmod +x $runner
}
function ensure_configuration() {
if test -z "$INPUTS_SERIAL"; then
echo "the INPUTS_SERIAL environment variable is not set"
return 1
fi
local etc=$ETC/$INPUTS_SERIAL
$SUDO mkdir -p $etc
if test -f $etc/config; then
INPUTS_LXC_CONFIG=$(cat $etc/config)
else
echo $INPUTS_LXC_CONFIG >$etc/config
fi
$SUDO mkdir -p $LIB/$(lxc_name)/.cache/actcache
}
function ensure_configuration_and_registration() {
local etc=$ETC/$INPUTS_SERIAL
if ! test -f $etc/config.yml; then
forgejo-runner generate-config >$etc/config.yml
cat >$TMPDIR/edit-config <<EOF
.runner.labels = ["docker:docker://data.forgejo.org/oci/node:${NODEJS_VERSION}-${DEBIAN_RELEASE}","lxc:lxc://debian:${DEBIAN_RELEASE}"]
EOF
yq --inplace --from-file $TMPDIR/edit-config $etc/config.yml
fix: forgejo-runner-service.sh config.yml must point to the cache It is not the default $HOME/.cache/actcache and must be set in config.yml otherwise it won't be used.
2025-01-27 12:02:45 +01:00
cat >$TMPDIR/edit-config <<EOF
.cache.dir = "/var/lib/forgejo-runner/runner-${INPUTS_SERIAL}-lxc/.cache/actcache"
EOF
yq --inplace --from-file $TMPDIR/edit-config $etc/config.yml
feat: systemd unit example for managing LXC containers (#451) Refs: https://code.forgejo.org/forgejo/runner/issues/450 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/451 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-25 12:24:31 +00:00
fi
if ! test -f $etc/env; then
cat >$etc/env <<EOF
INPUTS_LXC_CONFIG=$INPUTS_LXC_CONFIG
INPUTS_SERIAL=$INPUTS_SERIAL
INPUTS_LIFETIME=$INPUTS_LIFETIME
INPUTS_FORGEJO=$INPUTS_FORGEJO
EOF
fi
if test -f $etc/.runner; then
return
fi
if test -z "$INPUTS_TOKEN"; then
echo "the INPUTS_TOKEN environment variable is not set"
return 1
fi
(
cd $etc
forgejo-runner register --config config.yml --no-interactive \
--token "$INPUTS_TOKEN" \
--name "$HOST-$INPUTS_SERIAL" \
--instance $INPUTS_FORGEJO
)
}
function daemon() {
cd $ETC/$INPUTS_SERIAL
rm -f stopped-* killed-*
touch started-running
set +e
fix: forgejo-runner-service.sh must not leak the env to the runner
2025-01-28 13:41:57 +01:00
timeout --signal=SIGINT --kill-after=$KILL_AFTER $INPUTS_LIFETIME env \
--unset INPUTS_SERIAL \
--unset INPUTS_LXC_CONFIG \
--unset INPUTS_TOKEN \
--unset INPUTS_FORGEJO \
--unset INPUTS_LIFETIME \
--unset KILL_AFTER \
--unset VERBOSE \
--unset HOST \
/usr/local/bin/forgejo-runner --config config.yml daemon
feat: systemd unit example for managing LXC containers (#451) Refs: https://code.forgejo.org/forgejo/runner/issues/450 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/451 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-25 12:24:31 +00:00
case $? in
0) touch stopped-gracefully ;;
124) touch stopped-timeout ;;
137) touch stopped-forcefully ;;
esac
set -e
}
feat: forgejo-runner-service.sh safeguard to avoid overheating re-creating the LXC container from scratch is expensive. When rebooting or when multiple units start at the same time, it may cause an execessive load. Use a global lock to guard this operation so they happen in sequence and not in parallel. They typically take around one minute to complete which means that in the event of a reboot, it will take around 1 minutes * the number of runners for the unlucky one to start. During this interval workflows will have to wait.
2025-01-27 14:17:15 +01:00
function destroy_and_create() {
fix: forgejo-runner-service.sh do not fail container does not exist If the daemon cannot be stopped and the goal is to destroy the container, just proceed instead of failing.
2025-01-28 15:24:28 +01:00
stop || true
feat: systemd unit example for managing LXC containers (#451) Refs: https://code.forgejo.org/forgejo/runner/issues/450 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/451 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-25 12:24:31 +00:00
lxc-helpers.sh lxc_container_destroy $(lxc_name)
lxc_create
feat: forgejo-runner-service.sh safeguard to avoid overheating re-creating the LXC container from scratch is expensive. When rebooting or when multiple units start at the same time, it may cause an execessive load. Use a global lock to guard this operation so they happen in sequence and not in parallel. They typically take around one minute to complete which means that in the event of a reboot, it will take around 1 minutes * the number of runners for the unlucky one to start. During this interval workflows will have to wait.
2025-01-27 14:17:15 +01:00
}
function start() {
# it should be more than
# (time it takes for one runner to be recreated) * (number of runners)
# because they will all start at the same time on boot
local timeout=3600
flock --timeout $timeout $LOCK $SELF destroy_and_create
feat: systemd unit example for managing LXC containers (#451) Refs: https://code.forgejo.org/forgejo/runner/issues/450 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/451 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-25 12:24:31 +00:00
local log=$LOG/$INPUTS_SERIAL.log
if test -f $log; then
mv $log $log.backup
fi
inside daemon >&$log
}
function kill_runner() {
cd $ETC/$INPUTS_SERIAL
rm -f killed-* started-running
set +e
pkill --exact forgejo-runner
if test $? = 1; then
touch killed-already
return
fi
timeout $KILL_AFTER pidwait --exact forgejo-runner
status=$?
set -e
# pidwait will exit 1 if the process is already gone
# pidwait will exit 0 if the process terminated gracefully before the timeout
if test $status = 0 || test $status = 1; then
touch killed-gracefully
echo "forgejo-runner stopped gracefully"
else
pkill --exact --signal=KILL forgejo-runner
touch killed-forcefully
echo "forgejo-runner stopped forcefully"
fi
}
function stop() {
inside kill_runner
}
function main() {
config_inotify
dependencies
install_runner
service_create
lxc_create
inside ensure_configuration_and_registration
}
feat: add upgrade to forgejo-runner-service.sh (#475) for the purpose of indirectly upgrading lxc-helpers if a newer version is needed. Otherwise it has to be done manually and can easily be overlooked. Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/475 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-30 19:37:17 +00:00
function upgrade() {
run_in_copy upgrade_safely "$@"
}
function upgrade_safely() {
fix: lxc-systemd: upgrade using a URL instead of a version [skip cascade] (#520) It is common to install a version from a branch or a fork. Change the upgrade to be a URL instead of a version number for simplicity. Fix a bug by which the lxc-helpers and the runner are upgraded but not the script itself. Increase the service unit timeout when stopping the runner: it may take up to three hours. Adapt the tests accordingly. Fixes https://code.forgejo.org/forgejo/runner/issues/510 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/520 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-03-25 22:45:49 +00:00
local url="$1"
feat: add upgrade to forgejo-runner-service.sh (#475) for the purpose of indirectly upgrading lxc-helpers if a newer version is needed. Otherwise it has to be done manually and can easily be overlooked. Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/475 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-30 19:37:17 +00:00
fix: lxc-systemd: upgrade using a URL instead of a version [skip cascade] (#520) It is common to install a version from a branch or a fork. Change the upgrade to be a URL instead of a version number for simplicity. Fix a bug by which the lxc-helpers and the runner are upgraded but not the script itself. Increase the service unit timeout when stopping the runner: it may take up to three hours. Adapt the tests accordingly. Fixes https://code.forgejo.org/forgejo/runner/issues/510 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/520 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-03-25 22:45:49 +00:00
local upgrade_dir=$TMPDIR/upgrades
mkdir -p $TMPDIR/upgrades
local upgrade="$upgrade_dir/$SELF_FILENAME"
curl --fail -sS -o $upgrade $url
feat: add upgrade to forgejo-runner-service.sh (#475) for the purpose of indirectly upgrading lxc-helpers if a newer version is needed. Otherwise it has to be done manually and can easily be overlooked. Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/475 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-30 19:37:17 +00:00
chmod +x $upgrade
fix(examples): systemd LXC units upgrade must install the runner (#479) Install the version of the runner that the upgraded script needs. Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/479 Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-02-25 10:37:20 +00:00
$upgrade install_runner
fix: lxc-systemd: upgrade using a URL instead of a version [skip cascade] (#520) It is common to install a version from a branch or a fork. Change the upgrade to be a URL instead of a version number for simplicity. Fix a bug by which the lxc-helpers and the runner are upgraded but not the script itself. Increase the service unit timeout when stopping the runner: it may take up to three hours. Adapt the tests accordingly. Fixes https://code.forgejo.org/forgejo/runner/issues/510 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/520 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-03-25 22:45:49 +00:00
$upgrade display_default_runner_version
feat: add upgrade to forgejo-runner-service.sh (#475) for the purpose of indirectly upgrading lxc-helpers if a newer version is needed. Otherwise it has to be done manually and can easily be overlooked. Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/475 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-30 19:37:17 +00:00
$upgrade install_or_update_lxc_helpers
$upgrade install_or_update_self
}
feat: systemd unit example for managing LXC containers (#451) Refs: https://code.forgejo.org/forgejo/runner/issues/450 Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/451 Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
2025-01-25 12:24:31 +00:00
#
# ensure an update of the current script does not break a long
# running function (such as `start`) by running from a copy instead
# of the script itself
#
function run_in_copy() {
if test "$#" = 0; then
echo "run_in_copy needs an argument"
return 1
fi
export TMPDIR # otherwise it will not be removed by trap
cp $SELF $TMPDIR/$SELF_FILENAME
exec $TMPDIR/$SELF_FILENAME "$@"
}
"${@:-main}"
Copy permalink