oss/forgejo-runner
oss/forgejo-runner
1
0
Fork 0
mirror of https://code.forgejo.org/forgejo/runner.git synced 2025-08-16 18:01:34 +00:00
Code Wiki Activity
forgejo-runner/examples/lxc-systemd
History
Renovate Bot 386baae8de
Update dependency forgejo/runner to v9.0.3 (#812) 
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [forgejo/runner](https://code.forgejo.org/forgejo/runner) | patch | `9.0.2` -> `9.0.3` |

---

### Release Notes

<details>
<summary>forgejo/runner (forgejo/runner)</summary>

### [`v9.0.3`](https://code.forgejo.org/forgejo/runner/releases/tag/v9.0.3)

[Compare Source](https://code.forgejo.org/forgejo/runner/compare/v9.0.2...v9.0.3)

- [User guide](https://forgejo.org/docs/next/user/actions/overview/)
- [Administrator guide](https://forgejo.org/docs/next/admin/actions/)
- [Container images](https://code.forgejo.org/forgejo/-/packages/container/runner/versions)

Release Notes

***

<!--start release-notes-assistant-->

<!--URL:https://code.forgejo.org/forgejo/runner-->

- features
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/804): <!--number 804 --><!--line 0 --><!--description ZmVhdDogbHhjLXN5c3RlbWQgZGVmYXVsdHMgdG8gdXNpbmcgRm9yZ2VqbyBydW5uZXIgOS4wLjI=-->feat: lxc-systemd defaults to using Forgejo runner 9.0.2<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/784): <!--number 784 --><!--line 0 --><!--description ZmVhdDogLS1oZWFsdGgtKiBvcHRpb25zIGFyZSBhbGxvd2VkIGluIGpvYi48aWQ+LnNlcnZpY2VzLjxpZD4ub3B0aW9ucw==-->feat: --health-\* options are allowed in `job.<id>.services.<id>.options`<!--description-->
- bug fixes
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/810): <!--number 810 --><!--line 0 --><!--description Zml4OiBsb2cgdGhlIFVSTCBvZiB0aGUgYWN0aW9uIHdoZW4gaXQgZmFpbHMgc2NoZW1hIHZhbGlkYXRpb24=-->fix: log the URL of the action when it fails schema validation<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/798): <!--number 798 --><!--line 0 --><!--description Zml4OiBsaW5nZXJpbmcgc2VydmljZXMvdm9sdW1lcy9uZXR3b3JrcyBhZnRlciBqb2JzIGlmIGNsZWFudXAgdGFrZXMgPjFtaW4=-->fix: lingering services/volumes/networks after jobs if cleanup takes >1min<!--description-->
- other
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/806): <!--number 806 --><!--line 0 --><!--description Y2hvcmU6IHVwZ3JhZGUgbHhjLWhlbHBlcnM=-->chore: upgrade lxc-helpers<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/627): <!--number 627 --><!--line 0 --><!--description Y2hvcmU6IHRlYWNoIHJlbm92YXRlIGFib3V0IGV4YW1wbGVzL2x4Yy1zeXN0ZW1kL2Zvcmdlam8tcnVubmVyLXNlcnZpY2Uuc2g=-->chore: teach renovate about examples/lxc-systemd/forgejo-runner-service.sh<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/807): <!--number 807 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL2NvbnRhaW5lcmQvZXJyZGVmcyB0byB2MQ==-->Update module github.com/containerd/errdefs to v1<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/803): <!--number 803 --><!--line 0 --><!--description Y2hvcmU6IGV4cGxhaW4gdGhhdCBwYXJ0IG9mIHRoZSBzb3VyY2UgaXMgQXBhY2hlIDI=-->chore: explain that part of the source is Apache 2<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/790): <!--number 790 --><!--line 0 --><!--description Y2hvcmUoY2xlYW51cCk6IGRpc3BhdGNoIHdvcmtmbG93cyBhY2NvcmRpbmcgdG8gdGhlIHJvbGUgb2YgdGhlIHJlcG9zaXRvcnk=-->chore(cleanup): dispatch workflows according to the role of the repository<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/797): <!--number 797 --><!--line 0 --><!--description Y2hvcmU6IHVuaWZ5IGZvcmdlam8gaW1hZ2UgbmFtZXMgbG9jYXRpb24=-->chore: unify forgejo image names location<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/799): <!--number 799 --><!--line 0 --><!--description Y2hvcmU6IHJlcGxhY2UgZG9ja2VyIGh1YiB3aXRoIGNvZGUuZm9yZ2Vqby5vcmc=-->chore: replace docker hub with code.forgejo.org<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/802): <!--number 802 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL2dvbGFuZ2NpL2dvbGFuZ2NpLWxpbnQvdjIvY21kL2dvbGFuZ2NpLWxpbnQgdG8gdjIuMy4x-->Update module github.com/golangci/golangci-lint/v2/cmd/golangci-lint to v2.3.1<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/801): <!--number 801 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL29wZW5jb250YWluZXJzL3NlbGludXggdG8gdjEuMTIuMA==-->Update module github.com/opencontainers/selinux to v1.12.0<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/800): <!--number 800 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL2dvLWdpdC9nby1naXQvdjUgdG8gdjUuMTYuMg==-->Update module github.com/go-git/go-git/v5 to v5.16.2<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/796): <!--number 796 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL2RvY2tlci9jbGkgdG8gdjI4LjMuMytpbmNvbXBhdGlibGU=-->Update module github.com/docker/cli to v28.3.3+incompatible<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/795): <!--number 795 --><!--line 0 --><!--description VXBkYXRlIGRlcGVuZGVuY3kgZm9yZ2Vqby9yZWxlYXNlLW5vdGVzLWFzc2lzdGFudCB0byB2MS40LjA=-->Update dependency forgejo/release-notes-assistant to v1.4.0<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/794): <!--number 794 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL3NwZjEzL3BmbGFnIHRvIHYxLjAuNw==-->Update module github.com/spf13/pflag to v1.0.7<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/793): <!--number 793 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL29wZW5jb250YWluZXJzL2ltYWdlLXNwZWMgdG8gdjEuMS4x-->Update module github.com/opencontainers/image-spec to v1.1.1<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/792): <!--number 792 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnby5ldGNkLmlvL2Jib2x0IHRvIHYxLjQuMg==-->Update module go.etcd.io/bbolt to v1.4.2<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/791): <!--number 791 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL3JoeXNkL2FjdGlvbmxpbnQgdG8gdjEuNy43-->Update module github.com/rhysd/actionlint to v1.7.7<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/787): <!--number 787 --><!--line 0 --><!--description VXBkYXRlIG1vZHVsZSBnaXRodWIuY29tL2dvLWdpdC9nby1iaWxseS92NSB0byB2NS42LjI=-->Update module github.com/go-git/go-billy/v5 to v5.6.2<!--description-->
  - [PR](https://code.forgejo.org/forgejo/runner/pulls/789): <!--number 789 --><!--line 0 --><!--description Y2hvcmU6IHRoZSByZWxlYXNlIGxpbmsgdG8gUkVMRUFTRS1OT1RFUy5tZCBpcyBubyBsb25nZXIgbmVlZGVkICh0YWtlIDIp-->chore: the release link to RELEASE-NOTES.md is no longer needed (take 2)<!--description-->

<!--end release-notes-assistant-->

</details>

---

### Configuration

📅 **Schedule**: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS41MS4xIiwidXBkYXRlZEluVmVyIjoiNDEuNTEuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->

Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/812
Reviewed-by: earl-warren <earl-warren@noreply.code.forgejo.org>
Co-authored-by: Renovate Bot <bot@kriese.eu>
Co-committed-by: Renovate Bot <bot@kriese.eu>
2025-08-06 13:07:24 +00:00
..
forgejo-runner-service.sh Update dependency forgejo/runner to v9.0.3 (#812) 2025-08-06 13:07:24 +00:00
README.md feat: lxc-systemd defaults to using Forgejo runner 9.0.2 (#804) 2025-08-03 09:57:24 +00:00

README.md

forgejo-runner-service.sh installs a Forgejo runner within an LXC container and runs it from a systemd service.

Quickstart

  • Install: sudo wget -O /usr/local/bin/forgejo-runner-service.sh https://code.forgejo.org/forgejo/runner/raw/branch/main/examples/lxc-systemd/forgejo-runner-service.sh && sudo chmod +x /usr/local/bin/forgejo-runner-service.sh
  • Obtain a runner registration token ($TOKEN)
  • Choose a serial number that is not already in use in /etc/forgejo-runner
  • Create a runner INPUTS_SERIAL=30 INPUTS_TOKEN=$TOKEN INPUTS_FORGEJO=https://code.forgejo.org forgejo-runner-service.sh
  • Start systemctl enable --now forgejo-runner@$INPUTS_SERIAL
  • Monitor with:
    • systemctl status forgejo-runner@$INPUTS_SERIAL
    • tail --follow=name /var/log/forgejo-runner/$INPUTS_SERIAL.log

Installation or upgrade

Installation

  • sudo wget -O /usr/local/bin/forgejo-runner-service.sh https://code.forgejo.org/forgejo/runner/raw/branch/main/examples/lxc-systemd/forgejo-runner-service.sh && sudo chmod +x /usr/local/bin/forgejo-runner-service.sh

Upgrade

Warning

runners will not be upgraded immediately, the upgrade will happen when they restart (at $INPUTS_LIFETIME intervals).

The following will be upgraded:

  • forgejo-runner-service.sh will replace itself with the script found at the provided URL (e.g. https://code.forgejo.org/forgejo/runner/src/tag/v6.3.1/examples/lxc-systemd/forgejo-runner-service.sh)
  • lxc-helpers*.sh will be replaced with the version pinned in forgejo-runner-service.sh
  • forgejo-runner-X.Y.Z will default to the version hardcoded in forgejo-runner-service.sh

Example:

  • forgejo-runner-service.sh upgrade https://code.forgejo.org/forgejo/runner/src/tag/v6.3.1/examples/lxc-systemd/forgejo-runner-service.sh

Description

  • Each runner is assigned a unique serial number ($INPUTS_SERIAL)
  • The configuration is in /etc/forgejo-runner/$INPUTS_SERIAL
  • The environment variables are in /etc/forgejo-runner/$INPUTS_SERIAL/env
  • The cache is in /var/lib/forgejo-runner/runner-$INPUTS_SERIAL
  • The systemd service unit is forgejo-runner@$INPUTS_SERIAL
  • The logs of the runner daemon are in /var/log/forgejo-runner/$INPUTS_SERIAL.log

How it works

  • Creating a runner (for instance with INPUTS_SERIAL=30 INPUTS_TOKEN=$TOKEN INPUTS_FORGEJO=https://code.forgejo.org forgejo-runner-service.sh) will:
    • use $INPUTS_TOKEN to register on $INPUTS_FORGEJO and save the result in the /etc/forgejo-runner/$INPUTS_SERIAL/.runner file
    • generate a default configuration file in the /etc/forgejo-runner/$INPUTS_SERIAL/config.yml file which can then be manually edited
  • Each runner is launched in a dedicated LXC container named runner-$INPUTS_SERIAL-lxc with the following bind mounts:
    • /etc/forgejo-runner/$INPUTS_SERIAL
    • /var/lib/forgejo-runner/runner-$INPUTS_SERIAL/.cache/actcache
  • systemctl start forgejo-runner@$INPUTS_SERIAL will do the following when it starts and every $INPUTS_LIFETIME interval after that:
    • attempt to gracefully stop (SIGTERM) the runner, waiting for all jobs to complete
    • forcibly kill the runner if it does not stop within 6h
    • shutdown the LXC container and delete it (the volumes bind mounted are preserved)
    • create a brand new LXC container (with the specified $INPUTS_LXC_CONFIG)
    • install and run a Forgejo runner daemon in the LXC container using /etc/forgejo-runner/$INPUTS_SERIAL/config.yml
    • redirect the output of the runner to /var/log/forgejo-runner/$INPUTS_SERIAL.log
  • systemctl stop forgejo-runner@$INPUTS_SERIAL will stop the runner but keep the LXC container running

Creation

The creation of a new runner is driven by the following environment variables:

  • INPUTS_SERIAL: unique number in the range [10-100] (check /etc/forgejo-runner)
  • INPUTS_TOKEN: a runner registration token obtained from the web UI
  • INPUTS_FORGEJO: the Forgejo instance from which INPUTS_TOKEN was obtained (e.g. https://code.forgejo.org)
  • INPUTS_RUNNER_VERSION: the version of the Forgejo runner as found in https://code.forgejo.org/forgejo/runner/releases (e.g. 9.0.2)
  • INPUTS_LXC_CONFIG: the value of the --config argument of lxc-helpers used when creating the LXC container for the runner (e.g. docker)
  • INPUTS_LIFETIME: the LXC container is re-created when its lifetime expires (e.g. 7d)

Hacking

  • An existing LXC configuration will not be modified. If lxc-ls exists, it is assumed that LXC is configured and ready to be used.
  • Migrating an existing runner: 
    serial=10
mkdir /etc/forgejo-runner/$serial
cp .runner config.yml /etc/forgejo-runner/$serial
INPUTS_SERIAL=$serial INPUTS_FORGEJO=https://code.forgejo.org forgejo-runner-service.sh
systemctl status forgejo-runner@$serial
  • Set debug by adding VERBOSE=true in /etc/forgejo-runner/$INPUTS_SERIAL/env

Use a specific version of the Forgejo runner

The goal is that a LXC container uses a version of the Forgejo runner that is different from the default. It needs to be installed and pinned.

  • Install: INPUTS_RUNNER_VERSION=9.0.2 forgejo-runner-service.sh install_runner
  • Pin the version in /etc/forgejo-runner/N/env (e.g. INPUTS_RUNNER_VERSION=9.0.2)