SilverLABS/SilverMetal
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

fix(linux/build): wire config.yaml into act_runner via CONFIG_FILE env
Some checks failed
Build SilverMetal Linux ISO (reproducibility-gated) / builder-image (push) Failing after 0s
Details
Build SilverMetal Linux ISO (reproducibility-gated) / build-and-verify (push) Has been skipped
Details

Browse Source 
The runner config.yaml on disk was decorative — never read. The upstream
gitea/act_runner image's run.sh only adds `--config <file>` when the
CONFIG_FILE env var is set, and our compose set neither CONFIG_FILE nor
mounted config.yaml into the container. So `timeout: 240m`,
`container.options`, `valid_volumes` etc. were silently ignored and the
runner ran on built-in defaults.

This is also why iter17's `-v /root/.docker:/root/.docker:ro` addition
to config.yaml had no effect on run #4264: the runner never read it.
The push still failed with "no basic auth credentials".

Fix: bind-mount ./config.yaml into the runner container at
/etc/act_runner/config.yaml and set CONFIG_FILE to that path. After a
`docker compose up -d --force-recreate`, the runner picks up everything
in config.yaml — including the per-job-container /root/.docker bind.

Per-job timeouts in build-iso-linux.yaml are set via `timeout-minutes:
240` at the job level, which overrides the daemon default anyway, so
nothing was visibly broken before. But silently-ignored config is a
trap for the next thing we add to config.yaml, so wire it correctly now.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
SysAdmin
2026-05-07 17:48:07 +01:00
parent e7a5fdd629
commit f66585e0b1
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
linux/build/runner/docker-compose.yml
View File

@@ -31,10 +31,19 @@ services:
# that keeps the silvermetal-builder image minimal and avoids nesting
# docker-cli inside our own pinned image.
GITEA_RUNNER_LABELS: "silvermetal-builder:docker://catthehacker/ubuntu:act-latest,ubuntu-latest:docker://catthehacker/ubuntu:act-latest"
# Tell run.sh to launch act_runner with `--config /etc/act_runner/config.yaml`.
# Without this env, run.sh skips --config entirely and act_runner falls
# back to compiled-in defaults — silently ignoring everything in
# config.yaml (timeout, container.options, valid_volumes…).
CONFIG_FILE: /etc/act_runner/config.yaml
volumes:
- runner-data:/data
- /var/run/docker.sock:/var/run/docker.sock
- /root/.docker:/root/.docker:ro
# Bind the runner config in. With CONFIG_FILE set above, run.sh hands
# this path to `act_runner daemon --config`. Both the host file and the
# mount path must match the env var exactly.
- ./config.yaml:/etc/act_runner/config.yaml:ro
# Cache for snapshot.debian.org and apt downloads — survives container
# recreate, avoids repeated mirror traffic and the rate-limit risk.
- /opt/silvermetal-builder-runner/cache:/cache