# Gitea act_runner config for the silvermetal-builder runner.
#
# Two ISO builds back-to-back at ~60-90 minutes each = workflow runtime
# floor of ~3h. Default 60m timeout would trip mid-build.

log:
  level: info

runner:
  capacity: 1            # one reproducibility-gated build at a time
  timeout: 240m          # 4h ceiling per job — covers two builds + diffoscope
  fetch_timeout: 5s
  fetch_interval: 2s

container:
  network: host
  privileged: true       # required: live-build needs loop devices + chroot
  # `valid_volumes` is an allowlist of **source paths** (globs), not full
  # bind specs. Listing "/root/.docker:/root/.docker:ro" here makes the
  # runner silently drop the bind from container.options with
  # "[/root/.docker] is not a valid volume, will be ignored" — because
  # the literal pattern "/root/.docker:/root/.docker:ro" doesn't match
  # the bind source "/root/.docker". Source paths only:
  valid_volumes:
    - /cache
    - /var/run/docker.sock
    - /root/.docker
  # `options` is applied on top of act_runner's default per-job-container
  # docker run args. /var/run/docker.sock is auto-mounted by act_runner
  # already; listing it here a second time triggers
  # "Duplicate mount point" on container create. So options carries ONLY
  # the bind that act_runner doesn't know about: the host's
  # docker-registry.silverlabs.uk credentials at /root/.docker, which
  # catthehacker/ubuntu:act-latest reads from /root/.docker/config.json
  # for `docker push`. Without it the push fails with "no basic auth
  # credentials" even though `docker build` over the DooD socket works
  # fine. /cache stays in valid_volumes (workflow-requestable) but
  # doesn't need an unconditional mount.
  options: -v /root/.docker:/root/.docker:ro
  # Cache the silvermetal-builder image locally after first pull. Bumping
  # the image digest in BUILDER_IMAGE invalidates and re-pulls automatically.
  force_pull: false

host:
  workdir_parent: /data/cache/actions