Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package forgejo-runner for openSUSE:Factory
checked in at 2025-02-03 21:43:18
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/forgejo-runner (Old)
and /work/SRC/openSUSE:Factory/.forgejo-runner.new.2316 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "forgejo-runner"
Mon Feb 3 21:43:18 2025 rev:13 rq:1242011 version:6.2.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/forgejo-runner/forgejo-runner.changes
2025-01-24 13:40:17.326370823 +0100
+++ /work/SRC/openSUSE:Factory/.forgejo-runner.new.2316/forgejo-runner.changes
2025-02-03 21:43:44.751057317 +0100
@@ -1,0 +2,8 @@
+Sat Feb 01 00:22:52 UTC 2025 - rra...@opensuse.org
+
+- Update to version 6.2.2:
+ * LXC systemd service unit example script learned how to upgrade.
+- update to version 6.2.1:
+ * LXC templates are updated if needed.
+
+-------------------------------------------------------------------
Old:
----
forgejo-runner-6.2.0.obscpio
New:
----
forgejo-runner-6.2.2.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ forgejo-runner.spec ++++++
--- /var/tmp/diff_new_pack.Yd9zqZ/_old 2025-02-03 21:43:46.647135580 +0100
+++ /var/tmp/diff_new_pack.Yd9zqZ/_new 2025-02-03 21:43:46.647135580 +0100
@@ -17,7 +17,7 @@
Name: forgejo-runner
-Version: 6.2.0
+Version: 6.2.2
Release: 0
Summary: Daemon that connects to a Forgejo instance and runs CI jobs
License: MIT
++++++ _service ++++++
--- /var/tmp/diff_new_pack.Yd9zqZ/_old 2025-02-03 21:43:46.687137231 +0100
+++ /var/tmp/diff_new_pack.Yd9zqZ/_new 2025-02-03 21:43:46.687137231 +0100
@@ -2,7 +2,7 @@
<service name="obs_scm" mode="manual">
<param name="url">https://code.forgejo.org/forgejo/runner</param>
<param name="scm">git</param>
- <param name="revision">refs/tags/v6.2.0</param>
+ <param name="revision">refs/tags/v6.2.2</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="versionrewrite-pattern">v(.*)</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.Yd9zqZ/_old 2025-02-03 21:43:46.707138057 +0100
+++ /var/tmp/diff_new_pack.Yd9zqZ/_new 2025-02-03 21:43:46.711138221 +0100
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://code.forgejo.org/forgejo/runner</param>
- <param
name="changesrevision">d0abf2e1ea99e16646cd92ba68be02ff0b332783</param></service></servicedata>
+ <param
name="changesrevision">a6aae6b476c4038f5b2311d18b2d379cccf7e75b</param></service></servicedata>
(No newline at EOF)
++++++ forgejo-runner-6.2.0.obscpio -> forgejo-runner-6.2.2.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/forgejo-runner-6.2.0/.forgejo/workflows/cascade-setup-forgejo.yml
new/forgejo-runner-6.2.2/.forgejo/workflows/cascade-setup-forgejo.yml
--- old/forgejo-runner-6.2.0/.forgejo/workflows/cascade-setup-forgejo.yml
2025-01-22 22:52:02.000000000 +0100
+++ new/forgejo-runner-6.2.2/.forgejo/workflows/cascade-setup-forgejo.yml
2025-01-31 10:48:49.000000000 +0100
@@ -10,7 +10,8 @@
runs-on: docker
container:
image: 'code.forgejo.org/oci/node:20-bookworm'
- if: vars.CASCADE != 'no'
+ if: >
+ ! contains(github.event.pull_request.title, '[skip cascade]')
steps:
- uses: https://code.forgejo.org/actions/cascading-pr@v2.2.0
with:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/forgejo-runner-6.2.0/.forgejo/workflows/example-docker-compose.yml
new/forgejo-runner-6.2.2/.forgejo/workflows/example-docker-compose.yml
--- old/forgejo-runner-6.2.0/.forgejo/workflows/example-docker-compose.yml
2025-01-22 22:52:02.000000000 +0100
+++ new/forgejo-runner-6.2.2/.forgejo/workflows/example-docker-compose.yml
2025-01-31 10:48:49.000000000 +0100
@@ -4,6 +4,9 @@
branches:
- 'main'
pull_request:
+ paths:
+ - examples/docker-compose/**
+ - .forgejo/workflows/example-docker-compose.yml
jobs:
example-docker-compose:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/forgejo-runner-6.2.0/.forgejo/workflows/example-lxc-systemd.yml
new/forgejo-runner-6.2.2/.forgejo/workflows/example-lxc-systemd.yml
--- old/forgejo-runner-6.2.0/.forgejo/workflows/example-lxc-systemd.yml
1970-01-01 01:00:00.000000000 +0100
+++ new/forgejo-runner-6.2.2/.forgejo/workflows/example-lxc-systemd.yml
2025-01-31 10:48:49.000000000 +0100
@@ -0,0 +1,160 @@
+# SPDX-License-Identifier: MIT
+on:
+ push:
+ branches:
+ - 'main'
+ pull_request:
+ paths:
+ - examples/lxc-systemd/**
+ - .forgejo/workflows/example-lxc-systemd.yml
+
+env:
+ SERIAL: "30"
+ LIFETIME: "60"
+ SYSTEMD_OPTIONS: "--no-pager --full"
+
+jobs:
+ example-lxc-systemd:
+ if: github.repository_owner != 'forgejo-integration' &&
github.repository_owner != 'forgejo-experimental' && github.repository_owner !=
'forgejo-release'
+ runs-on: lxc-bookworm
+ steps:
+ - uses: https://data.forgejo.org/actions/checkout@v4
+
+ - name: forgejo-runner-service.sh dependencies
+ # run before setup-forgejo because it installs LXC and
+ # this would do nothing (false positive if a bug sneaks in)
+ run: |
+ set -x
+ cd examples/lxc-systemd
+ VERBOSE=true ./forgejo-runner-service.sh dependencies
+ lxc-ls
+
+ - name: forgejo-runner-service.sh upgrade
+ run: |
+ set -x
+
+ bin=/usr/local/bin
+ scripts="lxc-helpers.sh lxc-helpers-lib.sh
forgejo-runner-service.sh"
+
+ # make the existing scripts different, as if originating from a
previous release
+ rm -f $bin/*.backup
+ for script in $scripts; do
+ echo '# something' >> $bin/$script
+ done
+
+ cd examples/lxc-systemd
+ VERBOSE=true ./forgejo-runner-service.sh upgrade 1.2.3
$(pwd)/forgejo-runner-service.sh
+
+ for script in $scripts; do
+ ! grep --quiet something $bin/$script
+ grep --quiet something $bin/$script.backup
+ done
+
+ - id: forgejo
+ uses: https://data.forgejo.org/actions/setup-forgejo@v2.0.7
+ with:
+ user: root
+ password: admin1234
+ binary:
https://code.forgejo.org/forgejo/forgejo/releases/download/v7.0.12/forgejo-7.0.12-linux-amd64
+ # must be the same as LXC_IPV4_PREFIX in
examples/lxc-systemd/forgejo-runner-service.sh
+ lxc-ip-prefix: 10.105.7
+
+ - name: forgejo-runner-service.sh env
+ run: |
+ set -x
+ # this Forgejo instance needs to be reachable from within the LXC
+ # container created by forgejo-runner-service.sh
+ url=http://root:admin1234@${{ steps.forgejo.outputs.host-port }}
+ docker ps --all
+ export PATH=$(dirname /tmp/*/forgejocli):$PATH
+ token=$(su -c 'forgejocli -- actions generate-runner-token' forgejo)
+ cat > /tmp/env <<EOF
+ export INPUTS_SERIAL=${{ env.SERIAL }}
+ export INPUTS_FORGEJO=$url
+ export INPUTS_TOKEN=$token
+ export INPUTS_LIFETIME=${{ env.LIFETIME }}
+ export VERBOSE=true
+ EOF
+
+ - name: forgejo-runner-service.sh create
+ run: |
+ eval $(cat /tmp/env)
+ set -x
+ ./examples/lxc-systemd/forgejo-runner-service.sh install_runner
+ ./examples/lxc-systemd/forgejo-runner-service.sh lxc_create
+ ./examples/lxc-systemd/forgejo-runner-service.sh inside
ensure_configuration_and_registration
+ ./examples/lxc-systemd/forgejo-runner-service.sh service_create
+
+ - name: forgejo-runner-service.sh assert
+ run: |
+ eval $(cat /tmp/env)
+ set -x
+
+ runner=/etc/forgejo-runner/$INPUTS_SERIAL/.runner
+ cat $runner
+ test "$(hostname)-${{ env.SERIAL }}" = $(jq -r .name < $runner)
+
+ config=/etc/forgejo-runner/$INPUTS_SERIAL/config.yml
+ cat $config
+ grep --quiet data.forgejo.org $config
+
+ env=/etc/forgejo-runner/$INPUTS_SERIAL/env
+ cat $env
+ grep --quiet INPUTS_SERIAL=$INPUTS_SERIAL $env
+ echo VERBOSE=true >> $env
+
+ service=/etc/systemd/system/forgejo-runner@.service
+ cat $service
+
+
cache=/var/lib/forgejo-runner/runner-$INPUTS_SERIAL-lxc/.cache/actcache
+ touch $cache/something
+ lxc-attach runner-$INPUTS_SERIAL-lxc -- test -f $cache/something
+
+ - name: forgejo-runner-service.sh start / stop
+ run: |
+ set -x
+ serial=${{ env.SERIAL }}
+ all="${{ env.SYSTEMD_OPTIONS }}"
+
+ systemctl start forgejo-runner@$serial
+ systemctl $all status forgejo-runner@$serial
+ started_running=/etc/forgejo-runner/$serial/started-running
+ killed_gracefully=/etc/forgejo-runner/$serial/killed-gracefully
+ stopped_gracefully=/etc/forgejo-runner/$serial/stopped-gracefully
+ retry --delay 5 --times 20 cp -a $started_running /tmp/first-run
+ retry --delay 1 --times 30 grep --quiet 'Starting runner daemon'
/var/log/forgejo-runner/$serial.log
+ systemctl stop forgejo-runner@$serial
+ ! systemctl $all status forgejo-runner@$serial
+ ls -l /etc/forgejo-runner/$serial
+ test -f $killed_gracefully
+ test -f $stopped_gracefully
+
+ systemctl start forgejo-runner@$serial
+ retry --delay 5 --times 20 cp -a $started_running /tmp/second-run
+ ! test -f $killed_gracefully
+ ! test -f $stopped_gracefully
+ lifetime=${{ env.LIFETIME }}
+ # give it time to restart at least once
+ ls -l /etc/forgejo-runner/$serial
+ sleep $lifetime ; sleep $lifetime
+ ls -l /etc/forgejo-runner/$serial
+ ! test -f $killed_gracefully
+ ! test -f $stopped_gracefully
+ retry --delay 5 --times 20 cp -a $started_running /tmp/third-run
+ systemctl stop forgejo-runner@$serial
+ ls -l /etc/forgejo-runner/$serial
+ test -f $killed_gracefully
+ test -f $stopped_gracefully
+
+ ls -l /tmp/*-run
+ test /tmp/first-run -ot /tmp/second-run
+ test /tmp/second-run -ot /tmp/third-run
+
+ - name: forgejo-runner-service.sh status & destroy
+ if: always()
+ run: |
+ eval $(cat /tmp/env)
+ set -x
+ cat /var/log/forgejo-runner/${{ env.SERIAL }}.log || true
+ journalctl ${{ env.SYSTEMD_OPTIONS }} --unit forgejo-runner@${{
env.SERIAL }} || true
+ ./examples/lxc-systemd/forgejo-runner-service.sh lxc_destroy
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/forgejo-runner-6.2.0/Dockerfile
new/forgejo-runner-6.2.2/Dockerfile
--- old/forgejo-runner-6.2.0/Dockerfile 2025-01-22 22:52:02.000000000 +0100
+++ new/forgejo-runner-6.2.2/Dockerfile 2025-01-31 10:48:49.000000000 +0100
@@ -1,4 +1,4 @@
-FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/tonistiigi/xx AS xx
+FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/xx AS xx
FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/golang:1.23-alpine3.20 AS
build-env
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/forgejo-runner-6.2.0/RELEASE-NOTES.md
new/forgejo-runner-6.2.2/RELEASE-NOTES.md
--- old/forgejo-runner-6.2.0/RELEASE-NOTES.md 2025-01-22 22:52:02.000000000
+0100
+++ new/forgejo-runner-6.2.2/RELEASE-NOTES.md 2025-01-31 10:48:49.000000000
+0100
@@ -1,5 +1,13 @@
# Release Notes
+## 6.2.2
+
+* LXC systemd service unit example script [learned how to
upgrade](https://code.forgejo.org/forgejo/runner/pulls/475).
+
+## 6.2.1
+
+* LXC [templates are updated if
needed](https://code.forgejo.org/forgejo/act/pulls/102).
+
## 6.2.0
* The `container.options` [allows
`--hostname`](https://forgejo.org/docs/next/user/actions/#jobsjob_idcontaineroptions).
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/forgejo-runner-6.2.0/examples/README.md
new/forgejo-runner-6.2.2/examples/README.md
--- old/forgejo-runner-6.2.0/examples/README.md 2025-01-22 22:52:02.000000000
+0100
+++ new/forgejo-runner-6.2.2/examples/README.md 2025-01-31 10:48:49.000000000
+0100
@@ -1,10 +1,10 @@
This directory contains a collection of usage and deployment examples.
-Workflow examples can be found [in the
documentation](https://forgejo.org/docs/next/user/actions/)
-and in the [sources of the
setup-forgejo](https://code.forgejo.org/actions/setup-forgejo/src/branch/main/testdata)
action.
+Workflow examples can be found [in the
documentation](https://forgejo.org/docs/next/user/actions/).
| Section | Description
|
|-----------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| [`docker`](docker) | using the host docker server by mounting
the socket |
+| [`LXC systemd`](lxc-systemd) | systemd unit managing LXC
containers dedicated to a single runner |
| [`docker-compose`](docker-compose) | all in one docker-compose with the
Forgejo server, the runner and docker in docker |
| [`kubernetes`](kubernetes) | a sample deployment for the Forgejo runner
|
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/forgejo-runner-6.2.0/examples/lxc-systemd/README.md
new/forgejo-runner-6.2.2/examples/lxc-systemd/README.md
--- old/forgejo-runner-6.2.0/examples/lxc-systemd/README.md 1970-01-01
01:00:00.000000000 +0100
+++ new/forgejo-runner-6.2.2/examples/lxc-systemd/README.md 2025-01-31
10:48:49.000000000 +0100
@@ -0,0 +1,81 @@
+forgejo-runner-service.sh installs a [Forgejo
runner](https://forgejo.org/docs/next/admin/runner-installation/) within an
[LXC container](https://linuxcontainers.org/lxc/) and runs it from a systemd
service.
+
+## Quickstart
+
+- Install: `sudo wget -O /usr/local/bin/forgejo-runner-service.sh
https://code.forgejo.org/forgejo/runner/raw/branch/main/examples/lxc-systemd/forgejo-runner-service.sh
&& sudo chmod +x /usr/local/bin/forgejo-runner-service.sh`
+- Obtain a runner registration token ($TOKEN)
+- Choose a serial number that is not already in use in `/etc/forgejo-runner`
+- Create a runner `INPUTS_SERIAL=30 INPUTS_TOKEN=$TOKEN
INPUTS_FORGEJO=https://code.forgejo.org forgejo-runner-service.sh`
+- Start `systemctl enable --now forgejo-runner@$INPUTS_SERIAL`
+- Monitor with:
+ - `systemctl status forgejo-runner@$INPUTS_SERIAL`
+ - `tail --follow=name /var/log/forgejo-runner/$INPUTS_SERIAL.log`
+
+## Installation or upgrade
+
+### Installation
+
+- `sudo wget -O /usr/local/bin/forgejo-runner-service.sh
https://code.forgejo.org/forgejo/runner/raw/branch/main/examples/lxc-systemd/forgejo-runner-service.sh
&& sudo chmod +x /usr/local/bin/forgejo-runner-service.sh`
+
+### Upgrade
+
+> **Warning** runners will not be upgraded immediately, the upgrade will
happen when they restart (at `$INPUTS_LIFETIME` intervals).
+
+The following will be upgraded:
+
+- `forgejo-runner-service.sh` will replace itself with the version found at
`https://code.forgejo.org/forgejo/runner/src/tag/vX.Y.Z/examples/lxc-systemd/forgejo-runner-service.sh`
+- `lxc-helpers*.sh` will be replaced with the version pinned in
`forgejo-runner-service.sh`
+
+Upgrade to the version X.Y.Z (e.g 6.2.1):
+
+- `forgejo-runner-service.sh upgrade X.Y.Z`
+
+## Description
+
+- Each runner is assigned a unique serial number (`$INPUTS_SERIAL`)
+- The configuration is in `/etc/forgejo-runner/$INPUTS_SERIAL`
+- The environment variables are in `/etc/forgejo-runner/$INPUTS_SERIAL/env`
+- The cache is in `/var/lib/forgejo-runner/runner-$INPUTS_SERIAL`
+- The systemd service unit is `forgejo-runner@$INPUTS_SERIAL`
+- The logs of the runner daemon are in
`/var/log/forgejo-runner/$INPUTS_SERIAL.log`
+
+## How it works
+
+- Creating a runner (for instance with `INPUTS_SERIAL=30 INPUTS_TOKEN=$TOKEN
INPUTS_FORGEJO=https://code.forgejo.org forgejo-runner-service.sh`) will:
+ - use `$INPUTS_TOKEN` to register on `$INPUTS_FORGEJO` and save the result
in the `/etc/forgejo-runner/$INPUTS_SERIAL/.runner` file
+ - generate a default configuration file in the
`/etc/forgejo-runner/$INPUTS_SERIAL/config.yml` file which can then be manually
edited
+- Each runner is launched in a dedicated LXC container named
`runner-$INPUTS_SERIAL-lxc` with the following bind mounts:
+ - `/etc/forgejo-runner/$INPUTS_SERIAL`
+ - `/var/lib/forgejo-runner/runner-$INPUTS_SERIAL/.cache/actcache`
+- `systemctl start forgejo-runner@$INPUTS_SERIAL` will do the following when
it starts and every `$INPUTS_LIFETIME` interval after that:
+ - attempt to gracefully stop (SIGTERM) the runner, waiting for all jobs to
complete
+ - forcibly kill the runner if it does not stop within 6h
+ - shutdown the LXC container and delete it (the volumes bind mounted are
preserved)
+ - create a brand new LXC container (with the specified `$INPUTS_LXC_CONFIG`)
+ - install and run a Forgejo runner daemon in the LXC container using
`/etc/forgejo-runner/$INPUTS_SERIAL/config.yml`
+ - redirect the output of the runner to
`/var/log/forgejo-runner/$INPUTS_SERIAL.log`
+- `systemctl stop forgejo-runner@$INPUTS_SERIAL` will stop the runner but keep
the LXC container running
+
+## Creation
+
+The creation of a new runner is driven by the following environment variables:
+
+- `INPUTS_SERIAL`: unique number in the range `[10-100]` (check
`/etc/forgejo-runner`)
+- `INPUTS_TOKEN`: a runner registration token obtained from the web UI
+- `INPUTS_FORGEJO`: the Forgejo instance from which `INPUTS_TOKEN` was
obtained (e.g. https://code.forgejo.org)
+- `INPUTS_RUNNER_VERSION`: the version of the Forgejo runner as found in
https://code.forgejo.org/forgejo/runner/releases (e.g. 6.2.0)
+- `INPUTS_LXC_CONFIG`: the value of the `--config` argument of
[lxc-helpers](https://code.forgejo.org/forgejo/lxc-helpers/#usage) used when
creating the LXC container for the runner (e.g. `docker`)
+- `INPUTS_LIFETIME`: the LXC container is re-created when its lifetime expires
(e.g. 7d)
+
+## Hacking
+
+- An existing LXC configuration will not be modified. If `lxc-ls` exists, it
is assumed that LXC is configured and ready to be used.
+- Migrating an existing runner:
+ ```sh
+ serial=10
+ mkdir /etc/forgejo-runner/$serial
+ cp .runner config.yml /etc/forgejo-runner/$serial
+ INPUTS_SERIAL=$serial INPUTS_FORGEJO=https://code.forgejo.org
forgejo-runner-service.sh
+ systemctl status forgejo-runner@$serial
+ ```
+- Set debug by adding `VERBOSE=true` in
`/etc/forgejo-runner/$INPUTS_SERIAL/env`
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/forgejo-runner-6.2.0/examples/lxc-systemd/forgejo-runner-service.sh
new/forgejo-runner-6.2.2/examples/lxc-systemd/forgejo-runner-service.sh
--- old/forgejo-runner-6.2.0/examples/lxc-systemd/forgejo-runner-service.sh
1970-01-01 01:00:00.000000000 +0100
+++ new/forgejo-runner-6.2.2/examples/lxc-systemd/forgejo-runner-service.sh
2025-01-31 10:48:49.000000000 +0100
@@ -0,0 +1,385 @@
+#!/bin/bash
+# Copyright Forgejo Authors.
+# SPDX-License-Identifier: MIT
+
+set -o pipefail
+
+: ${TMPDIR:=$(mktemp -d)}
+
+export -n TMPDIR
+
+if ! test -d "$TMPDIR"; then
+ echo "TMPDIR=$TMPDIR is expected to be a directory"
+ exit 1
+fi
+
+trap "rm -fr $TMPDIR" EXIT
+
+: ${INPUTS_LXC_CONFIG:=docker libvirt lxc}
+: ${INPUTS_SERIAL:=}
+: ${INPUTS_TOKEN:=}
+: ${INPUTS_FORGEJO:=https://code.forgejo.org}
+: ${INPUTS_LIFETIME:=7d}
+: ${INPUTS_LXC_HELPERS_VERSION:=1.0.3}
+: ${INPUTS_RUNNER_VERSION:=6.2.2}
+
+: ${KILL_AFTER:=21600} # 6h == 21600
+NODEJS_VERSION=20
+DEBIAN_RELEASE=bookworm
+YQ_VERSION=v4.45.1
+SELF=${BASH_SOURCE[0]}
+SELF_FILENAME=$(basename "$SELF")
+ETC=/etc/forgejo-runner
+LIB=/var/lib/forgejo-runner
+LOG=/var/log/forgejo-runner
+LOCK=/var/lock/forgejo-runner
+: ${HOST:=$(hostname)}
+
+LXC_IPV4_PREFIX="10.105.7"
+LXC_IPV6_PREFIX="fd91"
+LXC_USER_NAME=debian
+LXC_USER_ID=1000
+
+if ${VERBOSE:-false}; then
+ set -ex
+ PS4='${BASH_SOURCE[0]}:$LINENO: ${FUNCNAME[0]}: '
+ # export LXC_VERBOSE=true # use with caution, it will block
.forgejo/workflows/example-lxc-systemd.yml
+else
+ set -e
+fi
+
+if test $(id -u) != 0; then
+ SUDO=sudo
+fi
+
+function config_inotify() {
+ if grep --quiet fs.inotify.max_user_instances=8192 /etc/sysctl.conf; then
+ return
+ fi
+ echo fs.inotify.max_user_instances=8192 | $SUDO tee -a /etc/sysctl.conf
+ $SUDO sysctl -p
+}
+
+function install_or_update_lxc_helpers() {
+ for lxc_helper in lxc-helpers.sh lxc-helpers-lib.sh; do
+ local new=$TMPDIR/$lxc_helper
+ local existing=/usr/local/bin/$lxc_helper
+ curl --fail -sS -o $new
https://code.forgejo.org/forgejo/lxc-helpers/raw/tag/v${INPUTS_LXC_HELPERS_VERSION}/$lxc_helper
+ if ! test -f $existing || ! cmp --quiet $existing $new; then
+ if test -f $existing; then
+ $SUDO mv $existing $existing.backup
+ fi
+ $SUDO mv $new $existing
+ $SUDO chmod +x $existing
+ fi
+ done
+}
+
+function install_or_update_self() {
+ local bin=/usr/local/bin/$SELF_FILENAME
+
+ if ! cmp --quiet $SELF $bin; then
+ if test -f $bin; then
+ $SUDO mv $bin $bin.backup
+ fi
+ $SUDO cp -a $SELF $bin
+ fi
+}
+
+function install_self() {
+ install_or_update_self
+}
+
+function dependencies() {
+ if ! which curl jq retry >/dev/null; then
+ export DEBIAN_FRONTEND=noninteractive
+ $SUDO apt-get update -qq
+ $SUDO apt-get install -y -qq curl jq retry
+ fi
+ if ! which yq >/dev/null; then
+ $SUDO curl -L --fail -sS -o /usr/local/bin/yq
https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_arm64
+ $SUDO chmod +x /usr/local/bin/yq
+ fi
+ install_self
+ install_or_update_lxc_helpers
+ if ! which lxc-ls >/dev/null; then
+ $SUDO lxc-helpers.sh lxc_install_lxc_inside $LXC_IPV4_PREFIX
$LXC_IPV6_PREFIX
+ fi
+}
+
+function lxc_name() {
+ echo runner-${INPUTS_SERIAL}-lxc
+}
+
+function lxc_destroy() {
+ $SUDO lxc-destroy -f $(lxc_name) >/dev/null || true
+}
+
+function lxc_create() {
+ local name=$(lxc_name)
+ local lib=$LIB/$name
+ local etc=$ETC/$INPUTS_SERIAL
+
+ lxc-helpers.sh --config "$INPUTS_LXC_CONFIG" lxc_container_create $name
+ echo "lxc.start.auto = 1" | sudo tee -a /var/lib/lxc/$name/config
+
+ local bin=/var/lib/lxc/$name/rootfs/usr/local/bin
+ $SUDO cp -a $SELF $bin/$SELF_FILENAME
+ $SUDO cp -a /usr/local/bin/forgejo-runner-$INPUTS_RUNNER_VERSION
$bin/forgejo-runner
+ $SUDO cp -a /usr/local/bin/yq $bin/yq
+ $SUDO cp -a $(which jq) $bin/jq
+
+ $SUDO mkdir -p $lib/.cache/actcache
+ $SUDO chown -R $LXC_USER_ID $lib
+ lxc-helpers.sh lxc_container_mount $name $lib/.cache/actcache
+
+ $SUDO mkdir -p $etc
+ $SUDO chown -R $LXC_USER_ID $etc
+ lxc-helpers.sh lxc_container_mount $name $etc
+
+ lxc-helpers.sh lxc_container_start $name
+ if echo $INPUTS_LXC_CONFIG | grep --quiet 'docker'; then
+ lxc-helpers.sh lxc_install_docker $name
+ fi
+ if echo $INPUTS_LXC_CONFIG | grep --quiet 'lxc'; then
+ local ipv4="10.48.$INPUTS_SERIAL"
+ local ipv6="fd$INPUTS_SERIAL"
+ lxc-helpers.sh lxc_install_lxc $name $ipv4 $ipv6
+ fi
+ lxc-helpers.sh lxc_container_user_install $name $LXC_USER_ID $LXC_USER_NAME
+}
+
+function service_create() {
+ cat >$TMPDIR/forgejo-runner@.service <<EOF
+[Unit]
+Description=Forgejo runner %i
+After=syslog.target
+After=network.target
+
+[Service]
+Restart=on-success
+ExecStart=/usr/local/bin/${SELF_FILENAME} run_in_copy start
+ExecStop=/usr/local/bin/${SELF_FILENAME} stop
+EnvironmentFile=/etc/forgejo-runner/%i/env
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+ local service=/etc/systemd/system/forgejo-runner@.service
+ if test -f $service && cmp $TMPDIR/forgejo-runner@.service $service; then
+ return
+ fi
+
+ $SUDO mkdir -p $ETC
+ $SUDO chown -R $LXC_USER_ID $ETC
+
+ $SUDO mkdir -p $LOG
+ $SUDO chown -R $LXC_USER_ID $LOG
+
+ $SUDO cp $TMPDIR/forgejo-runner@.service $service
+ $SUDO systemctl daemon-reload
+}
+
+function inside() {
+ local name=$(lxc_name)
+
+ # all exported variables must be --unset before running the daemon
+ lxc-helpers.sh lxc_container_run $name -- sudo --user $LXC_USER_NAME \
+ INPUTS_SERIAL="$INPUTS_SERIAL" \
+ INPUTS_LXC_CONFIG="$INPUTS_LXC_CONFIG" \
+ INPUTS_TOKEN="$INPUTS_TOKEN" \
+ INPUTS_FORGEJO="$INPUTS_FORGEJO" \
+ INPUTS_LIFETIME="$INPUTS_LIFETIME" \
+ KILL_AFTER="$KILL_AFTER" \
+ VERBOSE="$VERBOSE" \
+ HOST="$HOST" \
+ $SELF_FILENAME "$@"
+}
+
+function install_runner() {
+ local runner=/usr/local/bin/forgejo-runner-$INPUTS_RUNNER_VERSION
+ if test -f $runner; then
+ return
+ fi
+
+ $SUDO curl --fail -sS -o $runner
https://code.forgejo.org/forgejo/runner/releases/download/v$INPUTS_RUNNER_VERSION/forgejo-runner-$INPUTS_RUNNER_VERSION-linux-amd64
+ $SUDO chmod +x $runner
+}
+
+function ensure_configuration() {
+ if test -z "$INPUTS_SERIAL"; then
+ echo "the INPUTS_SERIAL environment variable is not set"
+ return 1
+ fi
+
+ local etc=$ETC/$INPUTS_SERIAL
+ $SUDO mkdir -p $etc
+
+ if test -f $etc/config; then
+ INPUTS_LXC_CONFIG=$(cat $etc/config)
+ else
+ echo $INPUTS_LXC_CONFIG >$etc/config
+ fi
+
+ $SUDO mkdir -p $LIB/$(lxc_name)/.cache/actcache
+}
+
+function ensure_configuration_and_registration() {
+ local etc=$ETC/$INPUTS_SERIAL
+
+ if ! test -f $etc/config.yml; then
+ forgejo-runner generate-config >$etc/config.yml
+ cat >$TMPDIR/edit-config <<EOF
+.runner.labels =
["docker:docker://data.forgejo.org/oci/node:${NODEJS_VERSION}-${DEBIAN_RELEASE}","lxc:lxc://debian:${DEBIAN_RELEASE}"]
+EOF
+ yq --inplace --from-file $TMPDIR/edit-config $etc/config.yml
+ cat >$TMPDIR/edit-config <<EOF
+.cache.dir =
"/var/lib/forgejo-runner/runner-${INPUTS_SERIAL}-lxc/.cache/actcache"
+EOF
+ yq --inplace --from-file $TMPDIR/edit-config $etc/config.yml
+
+ fi
+
+ if ! test -f $etc/env; then
+ cat >$etc/env <<EOF
+INPUTS_LXC_CONFIG=$INPUTS_LXC_CONFIG
+INPUTS_SERIAL=$INPUTS_SERIAL
+INPUTS_LIFETIME=$INPUTS_LIFETIME
+INPUTS_FORGEJO=$INPUTS_FORGEJO
+EOF
+ fi
+
+ if test -f $etc/.runner; then
+ return
+ fi
+ if test -z "$INPUTS_TOKEN"; then
+ echo "the INPUTS_TOKEN environment variable is not set"
+ return 1
+ fi
+ (
+ cd $etc
+ forgejo-runner register --config config.yml --no-interactive \
+ --token "$INPUTS_TOKEN" \
+ --name "$HOST-$INPUTS_SERIAL" \
+ --instance $INPUTS_FORGEJO
+ )
+}
+
+function daemon() {
+ cd $ETC/$INPUTS_SERIAL
+ rm -f stopped-* killed-*
+ touch started-running
+ set +e
+ timeout --signal=SIGINT --kill-after=$KILL_AFTER $INPUTS_LIFETIME env \
+ --unset INPUTS_SERIAL \
+ --unset INPUTS_LXC_CONFIG \
+ --unset INPUTS_TOKEN \
+ --unset INPUTS_FORGEJO \
+ --unset INPUTS_LIFETIME \
+ --unset KILL_AFTER \
+ --unset VERBOSE \
+ --unset HOST \
+ /usr/local/bin/forgejo-runner --config config.yml daemon
+ case $? in
+ 0) touch stopped-gracefully ;;
+ 124) touch stopped-timeout ;;
+ 137) touch stopped-forcefully ;;
+ esac
+ set -e
+}
+
+function destroy_and_create() {
+ stop || true
+ lxc-helpers.sh lxc_container_destroy $(lxc_name)
+ lxc_create
+}
+
+function start() {
+ # it should be more than
+ # (time it takes for one runner to be recreated) * (number of runners)
+ # because they will all start at the same time on boot
+ local timeout=3600
+
+ flock --timeout $timeout $LOCK $SELF destroy_and_create
+
+ local log=$LOG/$INPUTS_SERIAL.log
+ if test -f $log; then
+ mv $log $log.backup
+ fi
+ inside daemon >&$log
+}
+
+function kill_runner() {
+ cd $ETC/$INPUTS_SERIAL
+ rm -f killed-* started-running
+
+ set +e
+ pkill --exact forgejo-runner
+ if test $? = 1; then
+ touch killed-already
+ return
+ fi
+
+ timeout $KILL_AFTER pidwait --exact forgejo-runner
+ status=$?
+ set -e
+
+ # pidwait will exit 1 if the process is already gone
+ # pidwait will exit 0 if the process terminated gracefully before the timeout
+ if test $status = 0 || test $status = 1; then
+ touch killed-gracefully
+ echo "forgejo-runner stopped gracefully"
+ else
+ pkill --exact --signal=KILL forgejo-runner
+ touch killed-forcefully
+ echo "forgejo-runner stopped forcefully"
+ fi
+}
+
+function stop() {
+ inside kill_runner
+}
+
+function main() {
+ config_inotify
+ dependencies
+ install_runner
+ service_create
+ lxc_create
+ inside ensure_configuration_and_registration
+}
+
+function upgrade() {
+ run_in_copy upgrade_safely "$@"
+}
+
+function upgrade_safely() {
+ local version="${1:-$INPUTS_RUNNER_VERSION}"
+ local upgrade="${2:-$TMPDIR/$SELF_FILENAME}"
+
+ if ! test -f $upgrade; then
+ curl --fail -sS -o $upgrade
https://code.forgejo.org/forgejo/runner/raw/tag/v$version/examples/lxc-systemd/forgejo-runner-service.sh
+ fi
+ chmod +x $upgrade
+ $upgrade install_or_update_lxc_helpers
+ $upgrade install_or_update_self
+}
+
+#
+# ensure an update of the current script does not break a long
+# running function (such as `start`) by running from a copy instead
+# of the script itself
+#
+function run_in_copy() {
+ if test "$#" = 0; then
+ echo "run_in_copy needs an argument"
+ return 1
+ fi
+
+ export TMPDIR # otherwise it will not be removed by trap
+ cp $SELF $TMPDIR/$SELF_FILENAME
+ exec $TMPDIR/$SELF_FILENAME "$@"
+}
+
+"${@:-main}"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/forgejo-runner-6.2.0/go.mod
new/forgejo-runner-6.2.2/go.mod
--- old/forgejo-runner-6.2.0/go.mod 2025-01-22 22:52:02.000000000 +0100
+++ new/forgejo-runner-6.2.2/go.mod 2025-01-31 10:48:49.000000000 +0100
@@ -19,7 +19,7 @@
github.com/stretchr/testify v1.10.0
golang.org/x/term v0.28.0
golang.org/x/time v0.9.0
- google.golang.org/protobuf v1.36.3
+ google.golang.org/protobuf v1.36.4
gopkg.in/yaml.v3 v3.0.1
gotest.tools/v3 v3.5.1
)
@@ -102,4 +102,4 @@
gopkg.in/yaml.v2 v2.4.0 // indirect
)
-replace github.com/nektos/act => code.forgejo.org/forgejo/act v1.24.0
+replace github.com/nektos/act => code.forgejo.org/forgejo/act v1.24.1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/forgejo-runner-6.2.0/go.sum
new/forgejo-runner-6.2.2/go.sum
--- old/forgejo-runner-6.2.0/go.sum 2025-01-22 22:52:02.000000000 +0100
+++ new/forgejo-runner-6.2.2/go.sum 2025-01-31 10:48:49.000000000 +0100
@@ -1,5 +1,5 @@
-code.forgejo.org/forgejo/act v1.24.0
h1:93zqpMV/Gw3koo8Ufnhiosno3LyoJU+tOb+uPUmqQ0A=
-code.forgejo.org/forgejo/act v1.24.0/go.mod
h1:tSg5CAHnXp4WLNkMa2e9AEDSujMxKzNM4bF2pvvRCYQ=
+code.forgejo.org/forgejo/act v1.24.1
h1:kTTMA2G4+vLFOsr4oTxvvaEf4JN42lIc/tu+TwbkmmU=
+code.forgejo.org/forgejo/act v1.24.1/go.mod
h1:tSg5CAHnXp4WLNkMa2e9AEDSujMxKzNM4bF2pvvRCYQ=
code.gitea.io/actions-proto-go v0.4.0
h1:OsPBPhodXuQnsspG1sQ4eRE1PeoZyofd7+i73zCwnsU=
code.gitea.io/actions-proto-go v0.4.0/go.mod
h1:mn7Wkqz6JbnTOHQpot3yDeHx+O5C9EGhMEE+htvHBas=
code.gitea.io/gitea-vet v0.2.3 h1:gdFmm6WOTM65rE8FUBTRzeQZYzXePKSSB1+r574hWwI=
@@ -293,8 +293,8 @@
google.golang.org/genproto/googleapis/rpc
v0.0.0-20231016165738-49dd2c1f3d0b/go.mod
h1:swOH3j0KzcDDgGUWr+SNpyTen5YrXjS3eyPzFYKc6lc=
google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk=
google.golang.org/grpc v1.59.0/go.mod
h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98=
-google.golang.org/protobuf v1.36.3
h1:82DV7MYdb8anAVi3qge1wSnMDrnKK7ebr+I0hHRN1BU=
-google.golang.org/protobuf v1.36.3/go.mod
h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
+google.golang.org/protobuf v1.36.4
h1:6A3ZDJHn/eNqc1i+IdefRzy/9PokBTPvcqMySR7NNIM=
+google.golang.org/protobuf v1.36.4/go.mod
h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod
h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod
h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c
h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
++++++ forgejo-runner.obsinfo ++++++
--- /var/tmp/diff_new_pack.Yd9zqZ/_old 2025-02-03 21:43:46.835143340 +0100
+++ /var/tmp/diff_new_pack.Yd9zqZ/_new 2025-02-03 21:43:46.839143505 +0100
@@ -1,5 +1,5 @@
name: forgejo-runner
-version: 6.2.0
-mtime: 1737582722
-commit: d0abf2e1ea99e16646cd92ba68be02ff0b332783
+version: 6.2.2
+mtime: 1738316929
+commit: a6aae6b476c4038f5b2311d18b2d379cccf7e75b
++++++ vendor.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/vendor/github.com/nektos/act/pkg/runner/lxc-helpers-lib.sh
new/vendor/github.com/nektos/act/pkg/runner/lxc-helpers-lib.sh
--- old/vendor/github.com/nektos/act/pkg/runner/lxc-helpers-lib.sh
2025-01-23 16:36:08.000000000 +0100
+++ new/vendor/github.com/nektos/act/pkg/runner/lxc-helpers-lib.sh
2025-02-01 01:23:01.000000000 +0100
@@ -3,13 +3,14 @@
export DEBIAN_FRONTEND=noninteractive
-LXC_SELF_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+LXC_SELF_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
LXC_BIN=/usr/local/bin
LXC_CONTAINER_CONFIG_ALL="unprivileged lxc libvirt docker k8s"
LXC_CONTAINER_CONFIG_DEFAULT="lxc libvirt docker"
-LXC_IPV6_PREFIX_DEFAULT="fc15"
+LXC_IPV6_PREFIX_DEFAULT="fd15"
LXC_DOCKER_PREFIX_DEFAULT="172.17"
LXC_IPV6_DOCKER_PREFIX_DEFAULT="fd00:d0ca"
+LXC_APT_TOO_OLD='1 week ago'
: ${LXC_SUDO:=}
: ${LXC_CONTAINER_RELEASE:=bookworm}
@@ -75,14 +76,14 @@
local user_id="$2"
local user="$3"
- if test "$user" = root ; then
- return
+ if test "$user" = root; then
+ return
fi
local root=$(lxc_root $name)
- if ! $LXC_SUDO grep --quiet "^$user " $root/etc/sudoers ; then
- $LXC_SUDO tee $root/usr/local/bin/lxc-helpers-create-user.sh >
/dev/null <<EOF
+ if ! $LXC_SUDO grep --quiet "^$user " $root/etc/sudoers; then
+ $LXC_SUDO tee $root/usr/local/bin/lxc-helpers-create-user.sh
>/dev/null <<EOF
#!/bin/bash
set -ex
@@ -94,20 +95,20 @@
echo "$user ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
sudo --user $user ssh-keygen -b 2048 -N '' -f $LXC_HOME/$user/.ssh/id_rsa
EOF
- lxc_container_run_script $name /usr/local/bin/lxc-helpers-create-user.sh
+ lxc_container_run_script $name
/usr/local/bin/lxc-helpers-create-user.sh
fi
}
function lxc_maybe_sudo() {
- if test $(id -u) != 0 ; then
- LXC_SUDO=sudo
+ if test $(id -u) != 0; then
+ LXC_SUDO=sudo
fi
}
function lxc_prepare_environment() {
lxc_maybe_sudo
- if ! $(which lxc-create > /dev/null) ; then
- $LXC_SUDO apt-get install -y -qq make git libvirt0 libpam-cgfs
bridge-utils uidmap dnsmasq-base dnsmasq dnsmasq-utils qemu-user-static
+ if ! $(which lxc-create >/dev/null); then
+ $LXC_SUDO apt-get install -y -qq make git libvirt0 libpam-cgfs
bridge-utils uidmap dnsmasq-base dnsmasq dnsmasq-utils qemu-user-static
fi
}
@@ -194,42 +195,41 @@
}
function lxc_container_config() {
- for config in "$@" ; do
- case $config in
- unprivileged)
- ;;
- lxc)
- echo nesting
- echo cap
- ;;
- docker)
- echo net
- ;;
- libvirt)
- echo cap
- echo kvm
- echo loop
- echo mapper
- echo fuse
- ;;
- k8s)
- echo cap
- echo loop
- echo mapper
- echo fuse
- echo kmsg
- echo proc
- ;;
- *)
- echo "$config unknown ($LXC_CONTAINER_CONFIG_ALL)"
- return 1
- ;;
- esac
- done | sort -u | while read config ; do
- echo "#"
- echo "# include $config config snippet"
- echo "#"
- lxc_container_config_$config
+ for config in "$@"; do
+ case $config in
+ unprivileged) ;;
+ lxc)
+ echo nesting
+ echo cap
+ ;;
+ docker)
+ echo net
+ ;;
+ libvirt)
+ echo cap
+ echo kvm
+ echo loop
+ echo mapper
+ echo fuse
+ ;;
+ k8s)
+ echo cap
+ echo loop
+ echo mapper
+ echo fuse
+ echo kmsg
+ echo proc
+ ;;
+ *)
+ echo "$config unknown ($LXC_CONTAINER_CONFIG_ALL)"
+ return 1
+ ;;
+ esac
+ done | sort -u | while read config; do
+ echo "#"
+ echo "# include $config config snippet"
+ echo "#"
+ lxc_container_config_$config
done
}
@@ -247,7 +247,7 @@
# Wait for the network to come up
#
local wait_networking=$(lxc_root
$name)/usr/local/bin/lxc-helpers-wait-networking.sh
- $LXC_SUDO tee $wait_networking > /dev/null <<'EOF'
+ $LXC_SUDO tee $wait_networking >/dev/null <<'EOF'
#!/bin/sh -e
for d in $(seq 60); do
getent hosts wikipedia.org > /dev/null && break
@@ -271,23 +271,22 @@
local config=$(lxc_config $name)
- if ! $LXC_SUDO grep --quiet "lxc.mount.entry = $dir" $config ; then
- local relative_dir=${dir##/}
- $LXC_SUDO tee -a $config > /dev/null <<< "lxc.mount.entry = $dir
$relative_dir none bind,create=dir 0 0"
+ if ! $LXC_SUDO grep --quiet "lxc.mount.entry = $dir" $config; then
+ local relative_dir=${dir##/}
+ $LXC_SUDO tee -a $config >/dev/null <<<"lxc.mount.entry = $dir
$relative_dir none bind,create=dir 0 0"
fi
}
-
function lxc_container_start() {
local name="$1"
- if lxc_running $name ; then
- return
+ if lxc_running $name; then
+ return
fi
local logs
if $LXC_VERBOSE; then
- logs="--logfile=/dev/tty"
+ logs="--logfile=/dev/tty"
fi
$LXC_SUDO lxc-start $logs $name
@@ -298,8 +297,8 @@
function lxc_container_stop() {
local name="$1"
- $LXC_SUDO lxc-ls -1 --running --filter="^$name" | while read container ; do
- $LXC_SUDO lxc-stop --kill --name="$container"
+ $LXC_SUDO lxc-ls -1 --running --filter="^$name" | while read container; do
+ $LXC_SUDO lxc-stop --kill --name="$container"
done
}
@@ -307,9 +306,9 @@
local name="$1"
local root="$2"
- if lxc_exists "$name" ; then
- lxc_container_stop $name $root
- $LXC_SUDO lxc-destroy --force --name="$name"
+ if lxc_exists "$name"; then
+ lxc_container_stop $name $root
+ $LXC_SUDO lxc-destroy --force --name="$name"
fi
}
@@ -319,6 +318,21 @@
test "$($LXC_SUDO lxc-ls --filter=^$name\$)"
}
+function lxc_exists_and_apt_not_old() {
+ local name="$1"
+
+ if lxc_exists $name; then
+ if lxc_apt_is_old $name; then
+ $LXC_SUDO lxc-destroy --force --name="$name"
+ return 1
+ else
+ return 0
+ fi
+ else
+ return 1
+ fi
+}
+
function lxc_running() {
local name="$1"
@@ -328,8 +342,8 @@
function lxc_build_template_release() {
local name="$(lxc_template_release)"
- if lxc_exists $name ; then
- return
+ if lxc_exists_and_apt_not_old $name; then
+ return
fi
local root=$(lxc_root $name)
@@ -346,21 +360,35 @@
local name="$1"
local newname="$2"
- if lxc_exists $newname ; then
- return
+ if lxc_exists_and_apt_not_old $newname; then
+ return
fi
- if test "$name" = "$(lxc_template_release)" ; then
- lxc_build_template_release
+ if test "$name" = "$(lxc_template_release)"; then
+ lxc_build_template_release
fi
- if ! $LXC_SUDO lxc-copy --name=$name --newname=$newname ; then
- echo lxc-copy --name=$name --newname=$newname failed
- return 1
+ if ! $LXC_SUDO lxc-copy --name=$name --newname=$newname; then
+ echo lxc-copy --name=$name --newname=$newname failed
+ return 1
fi
lxc_container_configure $newname
}
+function lxc_apt_age() {
+ local name="$1"
+ $LXC_SUDO stat --format %Y $(lxc_root $name)/var/cache/apt/pkgcache.bin
+}
+
+function lxc_apt_is_old() {
+ local name="$1"
+
+ local age=$(lxc_apt_age $name)
+ local too_old=$(date --date "$LXC_APT_TOO_OLD" +%s)
+
+ test $age -lt $too_old
+}
+
function lxc_apt_install() {
local name="$1"
shift
@@ -385,19 +413,19 @@
local prefixv6="${2:-$LXC_IPV6_PREFIX_DEFAULT}"
local packages="make git libvirt0 libpam-cgfs bridge-utils uidmap
dnsmasq-base dnsmasq dnsmasq-utils qemu-user-static lxc-templates debootstrap"
- if test "$(lxc_release)" = bookworm ; then
- packages="$packages distro-info"
+ if test "$(lxc_release)" = bookworm; then
+ packages="$packages distro-info"
fi
lxc_apt_install_inside $packages
- if ! grep --quiet LXC_ADDR=.$prefix.1. /etc/default/lxc-net ; then
- systemctl disable --now dnsmasq
- apt-get install -y -qq lxc
- systemctl stop lxc-net
- sed -i -e '/ConditionVirtualization/d'
/usr/lib/systemd/system/lxc-net.service
- systemctl daemon-reload
- cat >> /etc/default/lxc-net <<EOF
+ if ! grep --quiet LXC_ADDR=.$prefix.1. /etc/default/lxc-net; then
+ systemctl disable --now dnsmasq
+ apt-get install -y -qq lxc
+ systemctl stop lxc-net
+ sed -i -e '/ConditionVirtualization/d'
/usr/lib/systemd/system/lxc-net.service
+ systemctl daemon-reload
+ cat >>/etc/default/lxc-net <<EOF
LXC_ADDR="$prefix.1"
LXC_NETMASK="255.255.255.0"
LXC_NETWORK="$prefix.0/24"
@@ -408,7 +436,7 @@
LXC_IPV6_NETWORK="$prefixv6::/64"
LXC_IPV6_NAT="true"
EOF
- systemctl start lxc-net
+ systemctl start lxc-net
fi
}
@@ -420,7 +448,7 @@
function lxc_install_docker_inside() {
mkdir /etc/docker
- cat > /etc/docker/daemon.json <<EOF
+ cat >/etc/docker/daemon.json <<EOF
{
"ipv6": true,
"fixed-cidr-v6": "$LXC_IPV6_DOCKER_PREFIX_DEFAULT:1::/64",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/vendor/github.com/nektos/act/pkg/runner/lxc-helpers.sh
new/vendor/github.com/nektos/act/pkg/runner/lxc-helpers.sh
--- old/vendor/github.com/nektos/act/pkg/runner/lxc-helpers.sh 2025-01-23
16:36:08.000000000 +0100
+++ new/vendor/github.com/nektos/act/pkg/runner/lxc-helpers.sh 2025-02-01
01:23:01.000000000 +0100
@@ -101,7 +101,7 @@
Install LXC in the `name` container to allow the creation of
named containers. `prefix` is a class C IP prefix from which
containers will obtain their IP (for instance 10.40.50). `prefixv6`
- is an optional IPv6 private address prefix that defaults to fc15.
+ is an optional IPv6 private address prefix that defaults to fd15.
lxc_container_run `name` command [options...]
@@ -129,32 +129,32 @@
function main() {
local options=$(getopt -o hvoc --long help,verbose,os:,config: -- "$@")
[ $? -eq 0 ] || {
- echo "Incorrect options provided"
- exit 1
+ echo "Incorrect options provided"
+ exit 1
}
eval set -- "$options"
while true; do
- case "$1" in
- -v | --verbose)
- verbose
- ;;
- -h | --help)
- help
- ;;
- -o | --os)
- LXC_CONTAINER_RELEASE=$2
- shift
- ;;
- -c | --config)
- LXC_CONTAINER_CONFIG="$2"
- shift
- ;;
- --)
- shift
- break
- ;;
- esac
- shift
+ case "$1" in
+ -v | --verbose)
+ verbose
+ ;;
+ -h | --help)
+ help
+ ;;
+ -o | --os)
+ LXC_CONTAINER_RELEASE=$2
+ shift
+ ;;
+ -c | --config)
+ LXC_CONTAINER_CONFIG="$2"
+ shift
+ ;;
+ --)
+ shift
+ break
+ ;;
+ esac
+ shift
done
lxc_maybe_sudo
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/vendor/github.com/nektos/act/pkg/runner/run_context.go
new/vendor/github.com/nektos/act/pkg/runner/run_context.go
--- old/vendor/github.com/nektos/act/pkg/runner/run_context.go 2025-01-23
16:36:08.000000000 +0100
+++ new/vendor/github.com/nektos/act/pkg/runner/run_context.go 2025-02-01
01:23:01.000000000 +0100
@@ -222,8 +222,8 @@
function build_template_act() {
local name="$(template_act)"
- if lxc_exists $name ; then
- return
+ if lxc_exists_and_apt_not_old $name ; then
+ return 0
fi
lxc_build_template $(lxc_template_release) $name
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/vendor/google.golang.org/protobuf/internal/version/version.go
new/vendor/google.golang.org/protobuf/internal/version/version.go
--- old/vendor/google.golang.org/protobuf/internal/version/version.go
2025-01-23 16:36:08.000000000 +0100
+++ new/vendor/google.golang.org/protobuf/internal/version/version.go
2025-02-01 01:23:01.000000000 +0100
@@ -52,7 +52,7 @@
const (
Major = 1
Minor = 36
- Patch = 3
+ Patch = 4
PreRelease = ""
)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/vendor/google.golang.org/protobuf/types/known/anypb/any.pb.go
new/vendor/google.golang.org/protobuf/types/known/anypb/any.pb.go
--- old/vendor/google.golang.org/protobuf/types/known/anypb/any.pb.go
2025-01-23 16:36:08.000000000 +0100
+++ new/vendor/google.golang.org/protobuf/types/known/anypb/any.pb.go
2025-02-01 01:23:01.000000000 +0100
@@ -122,6 +122,7 @@
reflect "reflect"
strings "strings"
sync "sync"
+ unsafe "unsafe"
)
// `Any` contains an arbitrary serialized protocol buffer message along with a
@@ -411,7 +412,7 @@
var File_google_protobuf_any_proto protoreflect.FileDescriptor
-var file_google_protobuf_any_proto_rawDesc = []byte{
+var file_google_protobuf_any_proto_rawDesc = string([]byte{
0x0a, 0x19, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
0x74, 0x6f, 0x62, 0x75,
0x66, 0x2f, 0x61, 0x6e, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12,
0x0f, 0x67, 0x6f, 0x6f,
0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
0x22, 0x36, 0x0a, 0x03,
@@ -427,16 +428,16 @@
0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
0x66, 0x2e, 0x57, 0x65,
0x6c, 0x6c, 0x4b, 0x6e, 0x6f, 0x77, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x73,
0x62, 0x06, 0x70, 0x72,
0x6f, 0x74, 0x6f, 0x33,
-}
+})
var (
file_google_protobuf_any_proto_rawDescOnce sync.Once
- file_google_protobuf_any_proto_rawDescData =
file_google_protobuf_any_proto_rawDesc
+ file_google_protobuf_any_proto_rawDescData []byte
)
func file_google_protobuf_any_proto_rawDescGZIP() []byte {
file_google_protobuf_any_proto_rawDescOnce.Do(func() {
- file_google_protobuf_any_proto_rawDescData =
protoimpl.X.CompressGZIP(file_google_protobuf_any_proto_rawDescData)
+ file_google_protobuf_any_proto_rawDescData =
protoimpl.X.CompressGZIP(unsafe.Slice(unsafe.StringData(file_google_protobuf_any_proto_rawDesc),
len(file_google_protobuf_any_proto_rawDesc)))
})
return file_google_protobuf_any_proto_rawDescData
}
@@ -462,7 +463,7 @@
out := protoimpl.TypeBuilder{
File: protoimpl.DescBuilder{
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
- RawDescriptor: file_google_protobuf_any_proto_rawDesc,
+ RawDescriptor:
unsafe.Slice(unsafe.StringData(file_google_protobuf_any_proto_rawDesc),
len(file_google_protobuf_any_proto_rawDesc)),
NumEnums: 0,
NumMessages: 1,
NumExtensions: 0,
@@ -473,7 +474,6 @@
MessageInfos: file_google_protobuf_any_proto_msgTypes,
}.Build()
File_google_protobuf_any_proto = out.File
- file_google_protobuf_any_proto_rawDesc = nil
file_google_protobuf_any_proto_goTypes = nil
file_google_protobuf_any_proto_depIdxs = nil
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/vendor/google.golang.org/protobuf/types/known/structpb/struct.pb.go
new/vendor/google.golang.org/protobuf/types/known/structpb/struct.pb.go
--- old/vendor/google.golang.org/protobuf/types/known/structpb/struct.pb.go
2025-01-23 16:36:08.000000000 +0100
+++ new/vendor/google.golang.org/protobuf/types/known/structpb/struct.pb.go
2025-02-01 01:23:01.000000000 +0100
@@ -128,6 +128,7 @@
reflect "reflect"
sync "sync"
utf8 "unicode/utf8"
+ unsafe "unsafe"
)
// `NullValue` is a singleton enumeration to represent the null value for the
@@ -671,7 +672,7 @@
var File_google_protobuf_struct_proto protoreflect.FileDescriptor
-var file_google_protobuf_struct_proto_rawDesc = []byte{
+var file_google_protobuf_struct_proto_rawDesc = string([]byte{
0x0a, 0x1c, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
0x74, 0x6f, 0x62, 0x75,
0x66, 0x2f, 0x73, 0x74, 0x72, 0x75, 0x63, 0x74, 0x2e, 0x70, 0x72, 0x6f,
0x74, 0x6f, 0x12, 0x0f,
0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
0x62, 0x75, 0x66, 0x22,
@@ -719,16 +720,16 @@
0x6c, 0x65, 0x2e, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
0x57, 0x65, 0x6c, 0x6c,
0x4b, 0x6e, 0x6f, 0x77, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x73, 0x62, 0x06,
0x70, 0x72, 0x6f, 0x74,
0x6f, 0x33,
-}
+})
var (
file_google_protobuf_struct_proto_rawDescOnce sync.Once
- file_google_protobuf_struct_proto_rawDescData =
file_google_protobuf_struct_proto_rawDesc
+ file_google_protobuf_struct_proto_rawDescData []byte
)
func file_google_protobuf_struct_proto_rawDescGZIP() []byte {
file_google_protobuf_struct_proto_rawDescOnce.Do(func() {
- file_google_protobuf_struct_proto_rawDescData =
protoimpl.X.CompressGZIP(file_google_protobuf_struct_proto_rawDescData)
+ file_google_protobuf_struct_proto_rawDescData =
protoimpl.X.CompressGZIP(unsafe.Slice(unsafe.StringData(file_google_protobuf_struct_proto_rawDesc),
len(file_google_protobuf_struct_proto_rawDesc)))
})
return file_google_protobuf_struct_proto_rawDescData
}
@@ -773,7 +774,7 @@
out := protoimpl.TypeBuilder{
File: protoimpl.DescBuilder{
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
- RawDescriptor:
file_google_protobuf_struct_proto_rawDesc,
+ RawDescriptor:
unsafe.Slice(unsafe.StringData(file_google_protobuf_struct_proto_rawDesc),
len(file_google_protobuf_struct_proto_rawDesc)),
NumEnums: 1,
NumMessages: 4,
NumExtensions: 0,
@@ -785,7 +786,6 @@
MessageInfos: file_google_protobuf_struct_proto_msgTypes,
}.Build()
File_google_protobuf_struct_proto = out.File
- file_google_protobuf_struct_proto_rawDesc = nil
file_google_protobuf_struct_proto_goTypes = nil
file_google_protobuf_struct_proto_depIdxs = nil
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go
new/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go
---
old/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go
2025-01-23 16:36:08.000000000 +0100
+++
new/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go
2025-02-01 01:23:01.000000000 +0100
@@ -78,6 +78,7 @@
reflect "reflect"
sync "sync"
time "time"
+ unsafe "unsafe"
)
// A Timestamp represents a point in time independent of any time zone or local
@@ -297,7 +298,7 @@
var File_google_protobuf_timestamp_proto protoreflect.FileDescriptor
-var file_google_protobuf_timestamp_proto_rawDesc = []byte{
+var file_google_protobuf_timestamp_proto_rawDesc = string([]byte{
0x0a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f,
0x74, 0x6f, 0x62, 0x75,
0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e,
0x70, 0x72, 0x6f, 0x74,
0x6f, 0x12, 0x0f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
0x6f, 0x74, 0x6f, 0x62,
@@ -314,16 +315,16 @@
0xa2, 0x02, 0x03, 0x47, 0x50, 0x42, 0xaa, 0x02, 0x1e, 0x47, 0x6f, 0x6f,
0x67, 0x6c, 0x65, 0x2e,
0x50, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x57, 0x65, 0x6c,
0x6c, 0x4b, 0x6e, 0x6f,
0x77, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x73, 0x62, 0x06, 0x70, 0x72, 0x6f,
0x74, 0x6f, 0x33,
-}
+})
var (
file_google_protobuf_timestamp_proto_rawDescOnce sync.Once
- file_google_protobuf_timestamp_proto_rawDescData =
file_google_protobuf_timestamp_proto_rawDesc
+ file_google_protobuf_timestamp_proto_rawDescData []byte
)
func file_google_protobuf_timestamp_proto_rawDescGZIP() []byte {
file_google_protobuf_timestamp_proto_rawDescOnce.Do(func() {
- file_google_protobuf_timestamp_proto_rawDescData =
protoimpl.X.CompressGZIP(file_google_protobuf_timestamp_proto_rawDescData)
+ file_google_protobuf_timestamp_proto_rawDescData =
protoimpl.X.CompressGZIP(unsafe.Slice(unsafe.StringData(file_google_protobuf_timestamp_proto_rawDesc),
len(file_google_protobuf_timestamp_proto_rawDesc)))
})
return file_google_protobuf_timestamp_proto_rawDescData
}
@@ -349,7 +350,7 @@
out := protoimpl.TypeBuilder{
File: protoimpl.DescBuilder{
GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
- RawDescriptor:
file_google_protobuf_timestamp_proto_rawDesc,
+ RawDescriptor:
unsafe.Slice(unsafe.StringData(file_google_protobuf_timestamp_proto_rawDesc),
len(file_google_protobuf_timestamp_proto_rawDesc)),
NumEnums: 0,
NumMessages: 1,
NumExtensions: 0,
@@ -360,7 +361,6 @@
MessageInfos:
file_google_protobuf_timestamp_proto_msgTypes,
}.Build()
File_google_protobuf_timestamp_proto = out.File
- file_google_protobuf_timestamp_proto_rawDesc = nil
file_google_protobuf_timestamp_proto_goTypes = nil
file_google_protobuf_timestamp_proto_depIdxs = nil
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/vendor/modules.txt new/vendor/modules.txt
--- old/vendor/modules.txt 2025-01-23 16:36:08.000000000 +0100
+++ new/vendor/modules.txt 2025-02-01 01:23:01.000000000 +0100
@@ -315,7 +315,7 @@
# github.com/moby/sys/user v0.1.0
## explicit; go 1.17
github.com/moby/sys/user
-# github.com/nektos/act v0.2.49 => code.forgejo.org/forgejo/act v1.24.0
+# github.com/nektos/act v0.2.49 => code.forgejo.org/forgejo/act v1.24.1
## explicit; go 1.22
github.com/nektos/act/pkg/artifactcache
github.com/nektos/act/pkg/artifacts
@@ -491,7 +491,7 @@
golang.org/x/tools/internal/tokeninternal
golang.org/x/tools/internal/typesinternal
golang.org/x/tools/internal/versions
-# google.golang.org/protobuf v1.36.3
+# google.golang.org/protobuf v1.36.4
## explicit; go 1.21
google.golang.org/protobuf/encoding/protojson
google.golang.org/protobuf/encoding/prototext
@@ -542,4 +542,4 @@
gotest.tools/v3/internal/difflib
gotest.tools/v3/internal/format
gotest.tools/v3/internal/source
-# github.com/nektos/act => code.forgejo.org/forgejo/act v1.24.0
+# github.com/nektos/act => code.forgejo.org/forgejo/act v1.24.1
