Bump Dagger to 0.20.6 and migrate runner-job-image to Alpine container.py
Bumps the Dagger engine/CLI from v0.20.1 to v0.20.6 (mise pin, dagger.json engineVersion, SDK regen) and rewrites the runner-job-image container as a native Dagger pipeline on Alpine 3.23 using the shared alpine_runtime helper, replacing the Debian-based Dockerfile. All Forgejo Actions in this repo use actions/checkout (a JS action), so musl is not a compatibility concern. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
parent
58fe4f0073
commit
db8fd946ae
8 changed files with 90 additions and 93 deletions
|
|
@ -1,84 +0,0 @@
|
|||
# Forgejo Actions Job Execution Image
|
||||
#
|
||||
# This image is used as the job execution environment for Forgejo Actions.
|
||||
# The host runner daemon creates containers from this image to run workflow steps.
|
||||
#
|
||||
# Build logic (container images, docs site) runs inside Dagger containers,
|
||||
# so this image only needs: git, Docker CLI, Dagger CLI, ArgoCD CLI, uv, yq, and basic tools.
|
||||
#
|
||||
# Usage: Configure runner with label like:
|
||||
# docker:docker://registry.ops.eblu.me/blumeops/runner-job-image:latest
|
||||
|
||||
ARG CONTAINER_APP_VERSION=0.20.1
|
||||
|
||||
FROM debian:bookworm-slim
|
||||
|
||||
ARG TARGETARCH
|
||||
ARG CONTAINER_APP_VERSION
|
||||
ARG DAGGER_VERSION=${CONTAINER_APP_VERSION}
|
||||
|
||||
LABEL org.opencontainers.image.title="Runner Job Image"
|
||||
LABEL org.opencontainers.image.description="Forgejo Actions job execution environment"
|
||||
LABEL org.opencontainers.image.version="${CONTAINER_APP_VERSION}"
|
||||
LABEL org.opencontainers.image.source="https://forge.eblu.me/eblume/blumeops"
|
||||
LABEL org.opencontainers.image.vendor="blumeops"
|
||||
|
||||
# Install base dependencies
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
ca-certificates \
|
||||
curl \
|
||||
git \
|
||||
gnupg \
|
||||
jq \
|
||||
tzdata \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Install Node.js (required by actions/checkout and other JavaScript Actions)
|
||||
RUN curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \
|
||||
&& apt-get install -y --no-install-recommends nodejs \
|
||||
&& rm -rf /var/lib/apt/lists/* \
|
||||
&& node --version
|
||||
|
||||
# Install Docker CLI (Dagger shells out to `docker` to provision its engine)
|
||||
RUN install -m 0755 -d /etc/apt/keyrings \
|
||||
&& curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc \
|
||||
&& chmod a+r /etc/apt/keyrings/docker.asc \
|
||||
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian bookworm stable" > /etc/apt/sources.list.d/docker.list \
|
||||
&& apt-get update \
|
||||
&& apt-get install -y --no-install-recommends docker-ce-cli \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Install uv (Python package runner for towncrier)
|
||||
RUN curl -LsSf https://astral.sh/uv/install.sh | sh \
|
||||
&& mv /root/.local/bin/uv /usr/local/bin/uv \
|
||||
&& mv /root/.local/bin/uvx /usr/local/bin/uvx
|
||||
|
||||
# Install argocd CLI (for syncing apps from workflows)
|
||||
RUN ARCH="${TARGETARCH:-$(dpkg --print-architecture)}" \
|
||||
&& curl -fsSL -o /usr/local/bin/argocd \
|
||||
"https://github.com/argoproj/argo-cd/releases/latest/download/argocd-linux-${ARCH}" \
|
||||
&& chmod +x /usr/local/bin/argocd \
|
||||
&& argocd version --client
|
||||
|
||||
# Install Dagger CLI (for running Dagger CI pipelines)
|
||||
RUN ARCH="${TARGETARCH:-$(dpkg --print-architecture)}" \
|
||||
&& curl -fsSL -o /tmp/dagger.tar.gz \
|
||||
"https://dl.dagger.io/dagger/releases/${DAGGER_VERSION}/dagger_v${DAGGER_VERSION}_linux_${ARCH}.tar.gz" \
|
||||
&& tar -xzf /tmp/dagger.tar.gz -C /usr/local/bin dagger \
|
||||
&& rm /tmp/dagger.tar.gz \
|
||||
&& dagger version
|
||||
|
||||
# Install yq (for editing YAML files in workflows)
|
||||
RUN ARCH="${TARGETARCH:-$(dpkg --print-architecture)}" \
|
||||
&& curl -fsSL -o /usr/local/bin/yq \
|
||||
"https://github.com/mikefarah/yq/releases/latest/download/yq_linux_${ARCH}" \
|
||||
&& chmod +x /usr/local/bin/yq \
|
||||
&& yq --version
|
||||
|
||||
# Install flyctl (for Fly.io cache purge after docs deploy)
|
||||
RUN curl -L https://fly.io/install.sh | sh \
|
||||
&& mv /root/.fly/bin/flyctl /usr/local/bin/fly \
|
||||
&& rm -rf /root/.fly
|
||||
|
||||
# Default to bash
|
||||
CMD ["/bin/bash"]
|
||||
79
containers/runner-job-image/container.py
Normal file
79
containers/runner-job-image/container.py
Normal file
|
|
@ -0,0 +1,79 @@
|
|||
"""Forgejo Actions job execution image — native Dagger build.
|
||||
|
||||
The forgejo-runner daemon creates containers from this image to run
|
||||
workflow steps. Contains the tools workflows reach for: git, Docker CLI,
|
||||
Node.js (for JavaScript Actions), Dagger CLI, ArgoCD CLI, uv, yq, flyctl.
|
||||
|
||||
VERSION tracks the Dagger CLI version, the primary build tool.
|
||||
"""
|
||||
|
||||
import dagger
|
||||
|
||||
from blumeops.containers import alpine_runtime, oci_labels
|
||||
|
||||
VERSION = "0.20.6"
|
||||
|
||||
|
||||
async def build(src: dagger.Directory) -> dagger.Container:
|
||||
# Map `uname -m` to the arch suffix each upstream uses.
|
||||
arch_setup = (
|
||||
'ARCH_UNAME="$(uname -m)"; '
|
||||
'case "$ARCH_UNAME" in '
|
||||
" x86_64) ARCH=amd64 ;; "
|
||||
" aarch64) ARCH=arm64 ;; "
|
||||
' *) echo "unsupported arch: $ARCH_UNAME" >&2; exit 1 ;; '
|
||||
"esac; "
|
||||
)
|
||||
|
||||
runtime = alpine_runtime(
|
||||
extra_apk=[
|
||||
"bash",
|
||||
"ca-certificates",
|
||||
"curl",
|
||||
"docker-cli",
|
||||
"git",
|
||||
"gnupg",
|
||||
"jq",
|
||||
"nodejs",
|
||||
"npm",
|
||||
"tzdata",
|
||||
],
|
||||
create_user=False,
|
||||
)
|
||||
runtime = oci_labels(
|
||||
runtime,
|
||||
title="Runner Job Image",
|
||||
description="Forgejo Actions job execution environment",
|
||||
version=VERSION,
|
||||
)
|
||||
|
||||
install_tools = (
|
||||
arch_setup
|
||||
+ "set -eux; "
|
||||
# Dagger CLI (pinned)
|
||||
+ f'curl -fsSL -o /tmp/dagger.tar.gz "https://dl.dagger.io/dagger/releases/{VERSION}/dagger_v{VERSION}_linux_${{ARCH}}.tar.gz"; '
|
||||
+ "tar -xzf /tmp/dagger.tar.gz -C /usr/local/bin dagger; "
|
||||
+ "rm /tmp/dagger.tar.gz; "
|
||||
+ "dagger version; "
|
||||
# ArgoCD CLI (latest — matches cluster server version over time)
|
||||
+ 'curl -fsSL -o /usr/local/bin/argocd "https://github.com/argoproj/argo-cd/releases/latest/download/argocd-linux-${ARCH}"; '
|
||||
+ "chmod +x /usr/local/bin/argocd; "
|
||||
+ "argocd version --client; "
|
||||
# yq (latest)
|
||||
+ 'curl -fsSL -o /usr/local/bin/yq "https://github.com/mikefarah/yq/releases/latest/download/yq_linux_${ARCH}"; '
|
||||
+ "chmod +x /usr/local/bin/yq; "
|
||||
+ "yq --version; "
|
||||
# uv / uvx (latest; musl target auto-selected by installer)
|
||||
+ "curl -LsSf https://astral.sh/uv/install.sh "
|
||||
+ '| env UV_INSTALL_DIR=/usr/local/bin UV_UNMANAGED_INSTALL="/usr/local/bin" sh; '
|
||||
+ "uv --version; "
|
||||
# flyctl (latest)
|
||||
+ "curl -L https://fly.io/install.sh | sh; "
|
||||
+ "mv /root/.fly/bin/flyctl /usr/local/bin/fly; "
|
||||
+ "rm -rf /root/.fly; "
|
||||
+ "fly version"
|
||||
)
|
||||
|
||||
return runtime.with_exec(["sh", "-c", install_tools]).with_default_args(
|
||||
args=["/bin/bash"]
|
||||
)
|
||||
Loading…
Add table
Add a link
Reference in a new issue