mirror of
https://code.forgejo.org/forgejo/runner.git
synced 2024-11-21 12:17:17 +03:00
fix: make container.docker_host default to -
Otherwise containers will be running by default with a socket to the docker host which is insecure. The default must be secure.
This commit is contained in:
Earl Warren
parent
a424406b0f
commit
2b64f15543
2 changed files with 11 additions and 9 deletions
|
|
@ -1,7 +1,9 @@
|
|||
# Release Notes
|
||||
|
||||
## 3.5.2
|
||||
## 4.0.0
|
||||
|
||||
* Breaking change: fix the default configuration for `docker_host` is changed to [not mounting the docker server socket](https://code.forgejo.org/forgejo/runner/pulls/305).
|
||||
* [Remove debug information from the setup of a workflow](https://code.forgejo.org/forgejo/runner/pulls/297).
|
||||
* Fix [crash in some cases when the YAML structure is not as expected](https://code.forgejo.org/forgejo/runner/issues/267).
|
||||
|
||||
## 3.5.1
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
# Example configuration file, it's safe to copy this as the default config file without any modification.
|
||||
|
||||
# You don't have to copy this file to your instance,
|
||||
# just run `./act_runner generate-config > config.yaml` to generate a config file.
|
||||
# just run `forgejo-runner generate-config > config.yaml` to generate a config file.
|
||||
|
||||
log:
|
||||
# The level of logging, can be trace, debug, info, warn, error, fatal
|
||||
|
|
@ -40,7 +40,7 @@ runner:
|
|||
# The labels of a runner are used to determine which jobs the runner can run, and how to run them.
|
||||
# Like: ["macos-arm64:host", "ubuntu-latest:docker://node:20-bookworm", "ubuntu-22.04:docker://node:20-bookworm"]
|
||||
# If it's empty when registering, it will ask for inputting labels.
|
||||
# If it's empty when execute `deamon`, will use labels in `.runner` file.
|
||||
# If it's empty when executing the `daemon`, it will use labels in the `.runner` file.
|
||||
labels: []
|
||||
|
||||
cache:
|
||||
|
|
@ -57,8 +57,8 @@ cache:
|
|||
# 0 means to use a random available port.
|
||||
port: 0
|
||||
# The external cache server URL. Valid only when enable is true.
|
||||
# If it's specified, act_runner will use this URL as the ACTIONS_CACHE_URL rather than start a server by itself.
|
||||
# The URL should generally end with "/".
|
||||
# If it's specified, it will be used to set the ACTIONS_CACHE_URL environment variable. The URL should generally end with "/".
|
||||
# Otherwise it will be set to the the URL of the internal cache server.
|
||||
external_server: ""
|
||||
|
||||
container:
|
||||
|
|
@ -87,10 +87,10 @@ container:
|
|||
# - '**'
|
||||
valid_volumes: []
|
||||
# overrides the docker client host with the specified one.
|
||||
# If it's empty, act_runner will find an available docker host automatically.
|
||||
# If it's "-", act_runner will find an available docker host automatically, but the docker host won't be mounted to the job containers and service containers.
|
||||
# If it's not empty or "-", the specified docker host will be used. An error will be returned if it doesn't work.
|
||||
docker_host: ""
|
||||
# If "-", an available docker host will automatically be found.
|
||||
# If empty, an available docker host will automatically be found and mounted in the job container (e.g. /var/run/docker.sock).
|
||||
# Otherwise the specified docker host will be used and an error will be returned if it doesn't work.
|
||||
docker_host: "-"
|
||||
# Pull docker image(s) even if already present
|
||||
force_pull: false
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue