mirror of
https://code.forgejo.org/forgejo/runner.git
synced 2025-09-05 18:40:59 +00:00
fix: container removal is the runner responsibility (#851)
If a container is configured for implicit removal in the docker/podman server, it will race against the explicit removal performed by the runner. <!--start release-notes-assistant--> <!--URL:https://code.forgejo.org/forgejo/runner--> - bug fixes - [PR](https://code.forgejo.org/forgejo/runner/pulls/851): <!--number 851 --><!--line 0 --><!--description Zml4OiBjb250YWluZXIgcmVtb3ZhbCBpcyB0aGUgcnVubmVyIHJlc3BvbnNpYmlsaXR5-->fix: container removal is the runner responsibility<!--description--> <!--end release-notes-assistant--> Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/851 Reviewed-by: Mathieu Fenniak <mfenniak@noreply.code.forgejo.org> Co-authored-by: Earl Warren <contact@earl-warren.org> Co-committed-by: Earl Warren <contact@earl-warren.org>
This commit is contained in:
Earl Warren
earl-warren
parent
41f8b03b79
commit
773bb92aa3
12 changed files with 2 additions and 16 deletions
|
|
@ -35,9 +35,6 @@ type NewContainerInput struct {
|
||||||
ConfigOptions string
|
ConfigOptions string
|
||||||
JobOptions string
|
JobOptions string
|
||||||
|
|
||||||
// Gitea specific
|
|
||||||
AutoRemove bool
|
|
||||||
|
|
||||||
ValidVolumes []string
|
ValidVolumes []string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -577,7 +577,6 @@ func (cr *containerReference) create(capAdd, capDrop []string) common.Executor {
|
||||||
Privileged: input.Privileged,
|
Privileged: input.Privileged,
|
||||||
UsernsMode: container.UsernsMode(input.UsernsMode),
|
UsernsMode: container.UsernsMode(input.UsernsMode),
|
||||||
PortBindings: input.PortBindings,
|
PortBindings: input.PortBindings,
|
||||||
AutoRemove: input.AutoRemove,
|
|
||||||
}
|
}
|
||||||
logger.Debugf("Common container.HostConfig ==> %+v", hostConfig)
|
logger.Debugf("Common container.HostConfig ==> %+v", hostConfig)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -451,7 +451,6 @@ func newStepContainer(ctx context.Context, step step, image string, cmd, entrypo
|
||||||
Privileged: rc.Config.Privileged,
|
Privileged: rc.Config.Privileged,
|
||||||
UsernsMode: rc.Config.UsernsMode,
|
UsernsMode: rc.Config.UsernsMode,
|
||||||
Platform: rc.Config.ContainerArchitecture,
|
Platform: rc.Config.ContainerArchitecture,
|
||||||
AutoRemove: rc.Config.AutoRemove,
|
|
||||||
ValidVolumes: validVolumes,
|
ValidVolumes: validVolumes,
|
||||||
|
|
||||||
ConfigOptions: rc.Config.ContainerOptions,
|
ConfigOptions: rc.Config.ContainerOptions,
|
||||||
|
|
|
||||||
|
|
@ -119,7 +119,7 @@ func newJobExecutor(info jobInfo, sf stepFactory, rc *RunContext) common.Executo
|
||||||
setJobOutputs(ctx, rc)
|
setJobOutputs(ctx, rc)
|
||||||
|
|
||||||
var err error
|
var err error
|
||||||
if rc.Config.AutoRemove || jobError == nil {
|
{
|
||||||
// Separate timeout for cleanup tasks; logger is cleared so that cleanup logs go to runner, not job
|
// Separate timeout for cleanup tasks; logger is cleared so that cleanup logs go to runner, not job
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), cleanupTimeout)
|
ctx, cancel := context.WithTimeout(context.Background(), cleanupTimeout)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
|
||||||
|
|
@ -141,6 +141,7 @@ func TestJobExecutorNewJobExecutor(t *testing.T) {
|
||||||
executedSteps: []string{
|
executedSteps: []string{
|
||||||
"startContainer",
|
"startContainer",
|
||||||
"step1",
|
"step1",
|
||||||
|
"stopContainer",
|
||||||
"interpolateOutputs",
|
"interpolateOutputs",
|
||||||
"closeContainer",
|
"closeContainer",
|
||||||
},
|
},
|
||||||
|
|
|
||||||
|
|
@ -501,7 +501,6 @@ func (rc *RunContext) prepareJobContainer(ctx context.Context) error {
|
||||||
Privileged: rc.Config.Privileged,
|
Privileged: rc.Config.Privileged,
|
||||||
UsernsMode: rc.Config.UsernsMode,
|
UsernsMode: rc.Config.UsernsMode,
|
||||||
Platform: rc.Config.ContainerArchitecture,
|
Platform: rc.Config.ContainerArchitecture,
|
||||||
AutoRemove: rc.Config.AutoRemove,
|
|
||||||
NetworkMode: networkName,
|
NetworkMode: networkName,
|
||||||
NetworkAliases: []string{sanitizeNetworkAlias(ctx, serviceID)},
|
NetworkAliases: []string{sanitizeNetworkAlias(ctx, serviceID)},
|
||||||
ExposedPorts: exposedPorts,
|
ExposedPorts: exposedPorts,
|
||||||
|
|
@ -569,7 +568,6 @@ func (rc *RunContext) prepareJobContainer(ctx context.Context) error {
|
||||||
Privileged: rc.Config.Privileged,
|
Privileged: rc.Config.Privileged,
|
||||||
UsernsMode: rc.Config.UsernsMode,
|
UsernsMode: rc.Config.UsernsMode,
|
||||||
Platform: rc.Config.ContainerArchitecture,
|
Platform: rc.Config.ContainerArchitecture,
|
||||||
AutoRemove: rc.Config.AutoRemove,
|
|
||||||
ValidVolumes: validVolumes,
|
ValidVolumes: validVolumes,
|
||||||
|
|
||||||
JobOptions: rc.options(ctx),
|
JobOptions: rc.options(ctx),
|
||||||
|
|
|
||||||
|
|
@ -735,7 +735,6 @@ jobs:
|
||||||
PortBindings: nil,
|
PortBindings: nil,
|
||||||
ConfigOptions: "",
|
ConfigOptions: "",
|
||||||
JobOptions: "",
|
JobOptions: "",
|
||||||
AutoRemove: false,
|
|
||||||
ValidVolumes: []string{
|
ValidVolumes: []string{
|
||||||
"WORKFLOW-e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855_JOB",
|
"WORKFLOW-e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855_JOB",
|
||||||
"WORKFLOW-e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855_JOB-env",
|
"WORKFLOW-e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855_JOB-env",
|
||||||
|
|
@ -763,7 +762,6 @@ jobs:
|
||||||
PortBindings: nat.PortMap{},
|
PortBindings: nat.PortMap{},
|
||||||
ConfigOptions: "",
|
ConfigOptions: "",
|
||||||
JobOptions: "",
|
JobOptions: "",
|
||||||
AutoRemove: false,
|
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
Name: "WORKFLOW-e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca49599-c233cf913e1d0c90cc1404ee09917e625f9cb82156ca3d7cb10b729d563728ea",
|
Name: "WORKFLOW-e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca49599-c233cf913e1d0c90cc1404ee09917e625f9cb82156ca3d7cb10b729d563728ea",
|
||||||
|
|
@ -786,7 +784,6 @@ jobs:
|
||||||
PortBindings: nat.PortMap{},
|
PortBindings: nat.PortMap{},
|
||||||
ConfigOptions: "",
|
ConfigOptions: "",
|
||||||
JobOptions: "",
|
JobOptions: "",
|
||||||
AutoRemove: false,
|
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
|
||||||
|
|
@ -52,7 +52,6 @@ type Config struct {
|
||||||
GitHubInstance string // GitHub instance to use, default "github.com"
|
GitHubInstance string // GitHub instance to use, default "github.com"
|
||||||
ContainerCapAdd []string // list of kernel capabilities to add to the containers
|
ContainerCapAdd []string // list of kernel capabilities to add to the containers
|
||||||
ContainerCapDrop []string // list of kernel capabilities to remove from the containers
|
ContainerCapDrop []string // list of kernel capabilities to remove from the containers
|
||||||
AutoRemove bool // controls if the container is automatically removed upon workflow completion
|
|
||||||
ArtifactServerPath string // the path where the artifact server stores uploads
|
ArtifactServerPath string // the path where the artifact server stores uploads
|
||||||
ArtifactServerAddr string // the address the artifact server binds to
|
ArtifactServerAddr string // the address the artifact server binds to
|
||||||
ArtifactServerPort string // the port the artifact server binds to
|
ArtifactServerPort string // the port the artifact server binds to
|
||||||
|
|
|
||||||
|
|
@ -191,7 +191,6 @@ func (j *TestJobFileInfo) runTest(ctx context.Context, t *testing.T, cfg *Config
|
||||||
Matrix: cfg.Matrix,
|
Matrix: cfg.Matrix,
|
||||||
JobLoggerLevel: cfg.JobLoggerLevel,
|
JobLoggerLevel: cfg.JobLoggerLevel,
|
||||||
ActionCache: cfg.ActionCache,
|
ActionCache: cfg.ActionCache,
|
||||||
AutoRemove: true,
|
|
||||||
}
|
}
|
||||||
|
|
||||||
runner, err := New(runnerConfig)
|
runner, err := New(runnerConfig)
|
||||||
|
|
|
||||||
|
|
@ -129,7 +129,6 @@ func (sd *stepDocker) newStepContainer(ctx context.Context, image string, cmd, e
|
||||||
Privileged: rc.Config.Privileged,
|
Privileged: rc.Config.Privileged,
|
||||||
UsernsMode: rc.Config.UsernsMode,
|
UsernsMode: rc.Config.UsernsMode,
|
||||||
Platform: rc.Config.ContainerArchitecture,
|
Platform: rc.Config.ContainerArchitecture,
|
||||||
AutoRemove: rc.Config.AutoRemove,
|
|
||||||
ValidVolumes: validVolumes,
|
ValidVolumes: validVolumes,
|
||||||
})
|
})
|
||||||
return stepContainer
|
return stepContainer
|
||||||
|
|
|
||||||
|
|
@ -394,7 +394,6 @@ func runExec(ctx context.Context, execArgs *executeArgs) func(cmd *cobra.Command
|
||||||
ContainerCapAdd: execArgs.containerCapAdd,
|
ContainerCapAdd: execArgs.containerCapAdd,
|
||||||
ContainerCapDrop: execArgs.containerCapDrop,
|
ContainerCapDrop: execArgs.containerCapDrop,
|
||||||
ContainerOptions: execArgs.containerOptions,
|
ContainerOptions: execArgs.containerOptions,
|
||||||
AutoRemove: true,
|
|
||||||
NoSkipCheckout: execArgs.noSkipCheckout,
|
NoSkipCheckout: execArgs.noSkipCheckout,
|
||||||
// PresetGitHubContext: preset,
|
// PresetGitHubContext: preset,
|
||||||
// EventJSON: string(eventJSON),
|
// EventJSON: string(eventJSON),
|
||||||
|
|
|
||||||
|
|
@ -314,7 +314,6 @@ func (r *Runner) run(ctx context.Context, task *runnerv1.Task, reporter *report.
|
||||||
Env: runEnvs,
|
Env: runEnvs,
|
||||||
Secrets: task.Secrets,
|
Secrets: task.Secrets,
|
||||||
GitHubInstance: strings.TrimSuffix(r.client.Address(), "/"),
|
GitHubInstance: strings.TrimSuffix(r.client.Address(), "/"),
|
||||||
AutoRemove: true,
|
|
||||||
NoSkipCheckout: true,
|
NoSkipCheckout: true,
|
||||||
PresetGitHubContext: preset,
|
PresetGitHubContext: preset,
|
||||||
EventJSON: string(eventJSON),
|
EventJSON: string(eventJSON),
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue