chaos/drone-runner-podman
Archived
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

init commit for coverting to podman

Browse Source
This commit is contained in:
zerodoctor
2023-10-04 23:19:30 -05:00
parent 7e9969423c
commit 04332e5527
96 changed files with 2034 additions and 534 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
BUILDING.md
View File

@@ -9,6 +9,6 @@
4. Build images
docker build -t drone/drone-runner-docker:latest-linux-amd64 -f docker/Dockerfile.linux.amd64 .
docker build -t drone/drone-runner-docker:latest-linux-arm64 -f docker/Dockerfile.linux.arm64 .
docker build -t drone/drone-runner-docker:latest-linux-arm -f docker/Dockerfile.linux.arm .
podman build -t drone/drone-runner-podman:latest-linux-amd64 -f docker/Dockerfile.linux.amd64 .
podman build -t drone/drone-runner-podman:latest-linux-arm64 -f docker/Dockerfile.linux.arm64 .
podman build -t drone/drone-runner-podman:latest-linux-arm -f docker/Dockerfile.linux.arm .

70
CHANGELOG.md
View File

@@ -1,88 +1,88 @@
# Changelog
## [v1.8.3](https://github.com/drone-runners/drone-runner-docker/tree/v1.8.3) (2023-01-06)
## [v1.8.3](https://github.com/drone-runners/drone-runner-podman/tree/v1.8.3) (2023-01-06)
[Full Changelog](https://github.com/drone-runners/drone-runner-docker/compare/v1.8.2...v1.8.3)
[Full Changelog](https://github.com/drone-runners/drone-runner-podman/compare/v1.8.2...v1.8.3)
**Fixed bugs:**
- \(dron-434\) set platform in docker build step [\#57](https://github.com/drone-runners/drone-runner-docker/pull/57) ([tphoney](https://github.com/tphoney))
- Revert "Dockerfile: Add target architecture to Docker images" [\#56](https://github.com/drone-runners/drone-runner-docker/pull/56) ([tphoney](https://github.com/tphoney))
- Dockerfile: Add target architecture to Docker images [\#54](https://github.com/drone-runners/drone-runner-docker/pull/54) ([jnohlgard](https://github.com/jnohlgard))
- \(dron-434\) set platform in docker build step [\#57](https://github.com/drone-runners/drone-runner-podman/pull/57) ([tphoney](https://github.com/tphoney))
- Revert "Dockerfile: Add target architecture to Docker images" [\#56](https://github.com/drone-runners/drone-runner-podman/pull/56) ([tphoney](https://github.com/tphoney))
- Dockerfile: Add target architecture to Docker images [\#54](https://github.com/drone-runners/drone-runner-podman/pull/54) ([jnohlgard](https://github.com/jnohlgard))
**Merged pull requests:**
- \(maint\) move to harness.drone.io [\#59](https://github.com/drone-runners/drone-runner-docker/pull/59) ([tphoney](https://github.com/tphoney))
- \(maint\) move to harness.drone.io [\#59](https://github.com/drone-runners/drone-runner-podman/pull/59) ([tphoney](https://github.com/tphoney))
## [v1.8.2](https://github.com/drone-runners/drone-runner-docker/tree/v1.8.2) (2022-06-14)
## [v1.8.2](https://github.com/drone-runners/drone-runner-podman/tree/v1.8.2) (2022-06-14)
[Full Changelog](https://github.com/drone-runners/drone-runner-docker/compare/v1.8.1...v1.8.2)
[Full Changelog](https://github.com/drone-runners/drone-runner-podman/compare/v1.8.1...v1.8.2)
**Implemented enhancements:**
- Add retries option to the clone step [\#44](https://github.com/drone-runners/drone-runner-docker/pull/44) ([julienduchesne](https://github.com/julienduchesne))
- Add retries option to the clone step [\#44](https://github.com/drone-runners/drone-runner-podman/pull/44) ([julienduchesne](https://github.com/julienduchesne))
**Merged pull requests:**
- release prep for v1.8.2 [\#49](https://github.com/drone-runners/drone-runner-docker/pull/49) ([eoinmcafee00](https://github.com/eoinmcafee00))
- release prep for v1.8.2 [\#49](https://github.com/drone-runners/drone-runner-podman/pull/49) ([eoinmcafee00](https://github.com/eoinmcafee00))
## [v1.8.1](https://github.com/drone-runners/drone-runner-docker/tree/v1.8.1) (2022-04-19)
## [v1.8.1](https://github.com/drone-runners/drone-runner-podman/tree/v1.8.1) (2022-04-19)
[Full Changelog](https://github.com/drone-runners/drone-runner-docker/compare/v1.8.0...v1.8.1)
[Full Changelog](https://github.com/drone-runners/drone-runner-podman/compare/v1.8.0...v1.8.1)
**Fixed bugs:**
- \(dron-254\) handle wait for log transfer [\#46](https://github.com/drone-runners/drone-runner-docker/pull/46) ([tphoney](https://github.com/tphoney))
- Fix 3 doc typos in compiler.go [\#45](https://github.com/drone-runners/drone-runner-docker/pull/45) ([mach6](https://github.com/mach6))
- feat\(engine\): Add debug logs for Docker.Destroy errors [\#20](https://github.com/drone-runners/drone-runner-docker/pull/20) ([jvrplmlmn](https://github.com/jvrplmlmn))
- \(dron-254\) handle wait for log transfer [\#46](https://github.com/drone-runners/drone-runner-podman/pull/46) ([tphoney](https://github.com/tphoney))
- Fix 3 doc typos in compiler.go [\#45](https://github.com/drone-runners/drone-runner-podman/pull/45) ([mach6](https://github.com/mach6))
- feat\(engine\): Add debug logs for Docker.Destroy errors [\#20](https://github.com/drone-runners/drone-runner-podman/pull/20) ([jvrplmlmn](https://github.com/jvrplmlmn))
**Merged pull requests:**
- \(maint\) release prep v1.8.1 [\#47](https://github.com/drone-runners/drone-runner-docker/pull/47) ([tphoney](https://github.com/tphoney))
- \(maint\) release prep v1.8.1 [\#47](https://github.com/drone-runners/drone-runner-podman/pull/47) ([tphoney](https://github.com/tphoney))
## [v1.8.0](https://github.com/drone-runners/drone-runner-docker/tree/v1.8.0) (2021-11-18)
## [v1.8.0](https://github.com/drone-runners/drone-runner-podman/tree/v1.8.0) (2021-11-18)
[Full Changelog](https://github.com/drone-runners/drone-runner-docker/compare/v1.7.0...v1.8.0)
[Full Changelog](https://github.com/drone-runners/drone-runner-podman/compare/v1.7.0...v1.8.0)
**Implemented enhancements:**
- create and store card data [\#41](https://github.com/drone-runners/drone-runner-docker/pull/41) ([eoinmcafee00](https://github.com/eoinmcafee00))
- create and store card data [\#41](https://github.com/drone-runners/drone-runner-podman/pull/41) ([eoinmcafee00](https://github.com/eoinmcafee00))
**Merged pull requests:**
- release prep for v1.8.0 [\#43](https://github.com/drone-runners/drone-runner-docker/pull/43) ([eoinmcafee00](https://github.com/eoinmcafee00))
- release prep for v1.8.0 [\#43](https://github.com/drone-runners/drone-runner-podman/pull/43) ([eoinmcafee00](https://github.com/eoinmcafee00))
## [v1.7.0](https://github.com/drone-runners/drone-runner-docker/tree/v1.7.0) (2021-11-02)
## [v1.7.0](https://github.com/drone-runners/drone-runner-podman/tree/v1.7.0) (2021-11-02)
[Full Changelog](https://github.com/drone-runners/drone-runner-docker/compare/v1.6.3...v1.7.0)
[Full Changelog](https://github.com/drone-runners/drone-runner-podman/compare/v1.6.3...v1.7.0)
**Implemented enhancements:**
- \(maint\) prep for v1.7.0 [\#42](https://github.com/drone-runners/drone-runner-docker/pull/42) ([tphoney](https://github.com/tphoney))
- Expose the authorized keys tmate feature [\#18](https://github.com/drone-runners/drone-runner-docker/pull/18) ([julienduchesne](https://github.com/julienduchesne))
- Support ppc64le [\#17](https://github.com/drone-runners/drone-runner-docker/pull/17) ([isuruf](https://github.com/isuruf))
- \(feat\) adding image field to step [\#14](https://github.com/drone-runners/drone-runner-docker/pull/14) ([tphoney](https://github.com/tphoney))
- check privileged image whitelist in service section [\#9](https://github.com/drone-runners/drone-runner-docker/pull/9) ([divialth](https://github.com/divialth))
- \(maint\) prep for v1.7.0 [\#42](https://github.com/drone-runners/drone-runner-podman/pull/42) ([tphoney](https://github.com/tphoney))
- Expose the authorized keys tmate feature [\#18](https://github.com/drone-runners/drone-runner-podman/pull/18) ([julienduchesne](https://github.com/julienduchesne))
- Support ppc64le [\#17](https://github.com/drone-runners/drone-runner-podman/pull/17) ([isuruf](https://github.com/isuruf))
- \(feat\) adding image field to step [\#14](https://github.com/drone-runners/drone-runner-podman/pull/14) ([tphoney](https://github.com/tphoney))
- check privileged image whitelist in service section [\#9](https://github.com/drone-runners/drone-runner-podman/pull/9) ([divialth](https://github.com/divialth))
**Fixed bugs:**
- \(maint\) bump go version in build to match go.mod [\#40](https://github.com/drone-runners/drone-runner-docker/pull/40) ([tphoney](https://github.com/tphoney))
- bump drone/runner-go to include trigger env var [\#32](https://github.com/drone-runners/drone-runner-docker/pull/32) ([willejs](https://github.com/willejs))
- Use correct name for the root depends\_on yaml key. [\#28](https://github.com/drone-runners/drone-runner-docker/pull/28) ([staffanselander](https://github.com/staffanselander))
- \(DRON-82\) update envsubst to prevent compiler panics [\#24](https://github.com/drone-runners/drone-runner-docker/pull/24) ([tphoney](https://github.com/tphoney))
- \(maint\) bump go version in build to match go.mod [\#40](https://github.com/drone-runners/drone-runner-podman/pull/40) ([tphoney](https://github.com/tphoney))
- bump drone/runner-go to include trigger env var [\#32](https://github.com/drone-runners/drone-runner-podman/pull/32) ([willejs](https://github.com/willejs))
- Use correct name for the root depends\_on yaml key. [\#28](https://github.com/drone-runners/drone-runner-podman/pull/28) ([staffanselander](https://github.com/staffanselander))
- \(DRON-82\) update envsubst to prevent compiler panics [\#24](https://github.com/drone-runners/drone-runner-podman/pull/24) ([tphoney](https://github.com/tphoney))
**Merged pull requests:**
- Use IsRestrictedVolume from runner-go [\#26](https://github.com/drone-runners/drone-runner-docker/pull/26) ([marko-gacesa](https://github.com/marko-gacesa))
- chore: update runner-go to 1.8.0 [\#25](https://github.com/drone-runners/drone-runner-docker/pull/25) ([fgierlinger](https://github.com/fgierlinger))
- Test that inverse matches work for `DRONE_LIMIT_REPOS` [\#19](https://github.com/drone-runners/drone-runner-docker/pull/19) ([jvrplmlmn](https://github.com/jvrplmlmn))
- Use IsRestrictedVolume from runner-go [\#26](https://github.com/drone-runners/drone-runner-podman/pull/26) ([marko-gacesa](https://github.com/marko-gacesa))
- chore: update runner-go to 1.8.0 [\#25](https://github.com/drone-runners/drone-runner-podman/pull/25) ([fgierlinger](https://github.com/fgierlinger))
- Test that inverse matches work for `DRONE_LIMIT_REPOS` [\#19](https://github.com/drone-runners/drone-runner-podman/pull/19) ([jvrplmlmn](https://github.com/jvrplmlmn))
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## 1.6.3
### Fixed
- use path prefix when evaluating restricted volume mounts. See [#ea74fa2](https://github.com/drone-runners/drone-runner-docker/commit/ea74fa2ba442eacb0812ad5983c305a16b6763bc).
- use path prefix when evaluating restricted volume mounts. See [#ea74fa2](https://github.com/drone-runners/drone-runner-podman/commit/ea74fa2ba442eacb0812ad5983c305a16b6763bc).
## 1.6.2
### Added

2
HISTORY.md
View File

@@ -3,7 +3,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## 1.6.3
### Fixed
- use path prefix when evaluating restricted volume mounts. See [#ea74fa2](https://github.com/drone-runners/drone-runner-docker/commit/ea74fa2ba442eacb0812ad5983c305a16b6763bc).
- use path prefix when evaluating restricted volume mounts. See [#ea74fa2](https://github.com/drone-runners/drone-runner-podman/commit/ea74fa2ba442eacb0812ad5983c305a16b6763bc).
## 1.6.2
### Added

17
README.md
View File

@@ -1,9 +1,9 @@
# drone-runner-docker
# drone-runner-podman
The `docker` runner executes pipelines inside Docker containers. This runner is intended for linux workloads that are suitable for execution inside containers. This requires Drone server `1.6.0` or higher.
The `podman` runner executes pipelines inside Podman containers. This runner is intended for linux workloads that are suitable for execution inside containers. This requires Drone server `1.6.0` or higher.
Documentation:<br/>
https://docs.drone.io/runner/docker/overview/
https://docs.drone.io/runner/podman/overview/
Technical Support:<br/>
https://discourse.drone.io
@@ -16,7 +16,7 @@ https://trello.com/b/ttae5E5o/drone
Run the changelog generator.
```BASH
docker run -it --rm -v "$(pwd)":/usr/local/src/your-app githubchangeloggenerator/github-changelog-generator -u drone-runners -p drone-runner-docker -t <secret github token>
podman run -it --rm -v "$(pwd)":/usr/local/src/your-app githubchangeloggenerator/github-changelog-generator -u drone-runners -p drone-runner-podman -t <secret github token>
```
You can generate a token by logging into your GitHub account and going to Settings -> Personal access tokens.
@@ -28,7 +28,12 @@ Next we tag the PR's with the fixes or enhancements labels. If the PR does not f
Run the changelog generator again with the future version according to semver.
```BASH
docker run -it --rm -v "$(pwd)":/usr/local/src/your-app githubchangeloggenerator/github-changelog-generator -u drone-runners -p drone-runner-docker -t <secret token> --future-release v1.0.0
podman run -it --rm -v "$(pwd)":/usr/local/src/your-app githubchangeloggenerator/github-changelog-generator -u drone-runners -p drone-runner-podman -t <secret token> --future-release v1.0.0
```
Create your pull request for the release. Get it merged then tag the release.
Create your pull request for the release. Get it merged then tag the release.
## Podman Binding Docs
https://github.com/containers/podman/tree/main/pkg/bindings

4
command/command.go
View File

@@ -8,7 +8,7 @@ import (
"context"
"os"
"github.com/drone-runners/drone-runner-docker/command/daemon"
"github.com/drone-runners/drone-runner-podman/command/daemon"
"gopkg.in/alecthomas/kingpin.v2"
)
@@ -22,7 +22,7 @@ var nocontext = context.Background()
// Command parses the command line arguments and then executes a
// subcommand program.
func Command() {
app := kingpin.New("drone", "drone docker runner")
app := kingpin.New("drone", "drone podman runner")
registerCompile(app)
registerExec(app)
registerCopy(app)

20
command/compile.go
View File

@@ -7,14 +7,14 @@ package command
import (
"encoding/json"
"fmt"
"io/ioutil"
"io"
"os"
"strings"
"github.com/drone-runners/drone-runner-docker/command/internal"
"github.com/drone-runners/drone-runner-docker/engine/compiler"
"github.com/drone-runners/drone-runner-docker/engine/linter"
"github.com/drone-runners/drone-runner-docker/engine/resource"
"github.com/drone-runners/drone-runner-podman/command/internal"
"github.com/drone-runners/drone-runner-podman/engine/compiler"
"github.com/drone-runners/drone-runner-podman/engine/linter"
"github.com/drone-runners/drone-runner-podman/engine/resource"
"github.com/drone/envsubst"
"github.com/drone/runner-go/environ"
"github.com/drone/runner-go/environ/provider"
@@ -43,7 +43,7 @@ type compileCommand struct {
}
func (c *compileCommand) run(*kingpin.ParseContext) error {
rawsource, err := ioutil.ReadAll(c.Source)
rawsource, err := io.ReadAll(c.Source)
if err != nil {
return err
}
@@ -171,7 +171,7 @@ func registerCompile(app *kingpin.Application) {
cmd.Flag("volumes", "container volumes").
StringMapVar(&c.Volumes)
cmd.Flag("privileged", "privileged docker images").
cmd.Flag("privileged", "privileged podman images").
StringsVar(&c.Privileged)
cmd.Flag("cpu-period", "container cpu period").
@@ -192,11 +192,11 @@ func registerCompile(app *kingpin.Application) {
cmd.Flag("memory-swap", "container memory swap limit").
Int64Var(&c.Resources.MemorySwap)
cmd.Flag("docker-config", "path to the docker config file").
cmd.Flag("podman-config", "path to the podman config file").
StringVar(&c.Config)
cmd.Flag("tmate-image", "tmate docker image").
Default("drone/drone-runner-docker:1").
cmd.Flag("tmate-image", "tmate podman image").
Default("drone/drone-runner-podman:1").
StringVar(&c.Tmate.Image)
cmd.Flag("tmate-enabled", "tmate enabled").

8
command/daemon/config.go
View File

@@ -102,14 +102,14 @@ type Config struct {
SkipVerify bool `envconfig:"DRONE_REGISTRY_PLUGIN_SKIP_VERIFY"`
}
Docker struct {
Config string `envconfig:"DRONE_DOCKER_CONFIG"`
Stream bool `envconfig:"DRONE_DOCKER_STREAM_PULL" default:"true"`
Podman struct {
Config string `envconfig:"DRONE_PODMAN_CONFIG"`
Stream bool `envconfig:"DRONE_PODMAN_STREAM_PULL" default:"true"`
}
Tmate struct {
Enabled bool `envconfig:"DRONE_TMATE_ENABLED" default:"false"`
Image string `envconfig:"DRONE_TMATE_IMAGE" default:"drone/drone-runner-docker:1"`
Image string `envconfig:"DRONE_TMATE_IMAGE" default:"drone/drone-runner-podman:1"`
Server string `envconfig:"DRONE_TMATE_HOST"`
Port string `envconfig:"DRONE_TMATE_PORT"`
RSA string `envconfig:"DRONE_TMATE_FINGERPRINT_RSA"`

37
command/daemon/daemon.go
View File

@@ -8,11 +8,11 @@ import (
"context"
"time"
"github.com/drone-runners/drone-runner-docker/engine"
"github.com/drone-runners/drone-runner-docker/engine/compiler"
"github.com/drone-runners/drone-runner-docker/engine/linter"
"github.com/drone-runners/drone-runner-docker/engine/resource"
"github.com/drone-runners/drone-runner-docker/internal/match"
"github.com/drone-runners/drone-runner-podman/engine"
"github.com/drone-runners/drone-runner-podman/engine/compiler"
"github.com/drone-runners/drone-runner-podman/engine/linter"
"github.com/drone-runners/drone-runner-podman/engine/resource"
"github.com/drone-runners/drone-runner-podman/internal/match"
"github.com/drone/runner-go/client"
"github.com/drone/runner-go/environ/provider"
@@ -82,31 +82,12 @@ func (c *daemonCommand) run(*kingpin.ParseContext) error {
)
opts := engine.Opts{
HidePull: !config.Docker.Stream,
HidePull: !config.Podman.Stream,
}
engine, err := engine.NewEnv(opts)
engine, err := engine.NewEnv(context.Background(), opts)
if err != nil {
logrus.WithError(err).
Fatalln("cannot load the docker engine")
}
for {
err := engine.Ping(ctx)
if err == context.Canceled {
break
}
select {
case <-ctx.Done():
return ctx.Err()
default:
}
if err != nil {
logrus.WithError(err).
Errorln("cannot ping the docker daemon")
time.Sleep(time.Second)
} else {
logrus.Debugln("successfully pinged the docker daemon")
break
}
Fatalln("cannot load the podman engine")
}
remote := remote.New(cli)
@@ -162,7 +143,7 @@ func (c *daemonCommand) run(*kingpin.ParseContext) error {
),
Registry: registry.Combine(
registry.File(
config.Docker.Config,
config.Podman.Config,
),
registry.External(
config.Registry.Endpoint,

18
command/daemon/process.go
View File

@@ -5,10 +5,12 @@
package daemon
import (
"github.com/drone-runners/drone-runner-docker/engine"
"github.com/drone-runners/drone-runner-docker/engine/compiler"
"github.com/drone-runners/drone-runner-docker/engine/linter"
"github.com/drone-runners/drone-runner-docker/engine/resource"
"context"
"github.com/drone-runners/drone-runner-podman/engine"
"github.com/drone-runners/drone-runner-podman/engine/compiler"
"github.com/drone-runners/drone-runner-podman/engine/linter"
"github.com/drone-runners/drone-runner-podman/engine/resource"
"github.com/drone/runner-go/pipeline/uploader"
"github.com/drone/runner-go/client"
@@ -54,12 +56,12 @@ func (c *processCommand) run(*kingpin.ParseContext) error {
)
opts := engine.Opts{
HidePull: !config.Docker.Stream,
HidePull: !config.Podman.Stream,
}
engine, err := engine.NewEnv(opts)
engine, err := engine.NewEnv(context.Background(), opts)
if err != nil {
logrus.WithError(err).
Fatalln("cannot load the docker engine")
Fatalln("cannot load the podman engine")
}
remote := remote.New(cli)
@@ -98,7 +100,7 @@ func (c *processCommand) run(*kingpin.ParseContext) error {
),
Registry: registry.Combine(
registry.File(
config.Docker.Config,
config.Podman.Config,
),
registry.External(
config.Registry.Endpoint,

24
command/exec.go
View File

@@ -8,16 +8,16 @@ import (
"context"
"encoding/json"
"fmt"
"io/ioutil"
"io"
"os"
"strings"
"time"
"github.com/drone-runners/drone-runner-docker/command/internal"
"github.com/drone-runners/drone-runner-docker/engine"
"github.com/drone-runners/drone-runner-docker/engine/compiler"
"github.com/drone-runners/drone-runner-docker/engine/linter"
"github.com/drone-runners/drone-runner-docker/engine/resource"
"github.com/drone-runners/drone-runner-podman/command/internal"
"github.com/drone-runners/drone-runner-podman/engine"
"github.com/drone-runners/drone-runner-podman/engine/compiler"
"github.com/drone-runners/drone-runner-podman/engine/linter"
"github.com/drone-runners/drone-runner-podman/engine/resource"
"github.com/drone/drone-go/drone"
"github.com/drone/envsubst"
@@ -63,7 +63,7 @@ type execCommand struct {
}
func (c *execCommand) run(*kingpin.ParseContext) error {
rawsource, err := ioutil.ReadAll(c.Source)
rawsource, err := io.ReadAll(c.Source)
if err != nil {
return err
}
@@ -231,7 +231,7 @@ func (c *execCommand) run(*kingpin.ParseContext) error {
),
)
engine, err := engine.NewEnv(engine.Opts{})
engine, err := engine.NewEnv(context.Background(), engine.Opts{})
if err != nil {
return err
}
@@ -301,7 +301,7 @@ func registerExec(app *kingpin.Application) {
cmd.Flag("volumes", "container volumes").
StringMapVar(&c.Volumes)
cmd.Flag("privileged", "privileged docker images").
cmd.Flag("privileged", "privileged podman images").
StringsVar(&c.Privileged)
cmd.Flag("cpu-period", "container cpu period").
@@ -328,11 +328,11 @@ func registerExec(app *kingpin.Application) {
cmd.Flag("private-key", "private key file path").
ExistingFileVar(&c.PrivateKey)
cmd.Flag("docker-config", "path to the docker config file").
cmd.Flag("podman-config", "path to the podman config file").
StringVar(&c.Config)
cmd.Flag("tmate-image", "tmate docker image").
Default("drone/drone-runner-docker:1").
cmd.Flag("tmate-image", "tmate podman image").
Default("drone/drone-runner-podman:1").
StringVar(&c.Tmate.Image)
cmd.Flag("tmate-enabled", "tmate enabled").

4
docker/Dockerfile.linux.amd64
View File

@@ -18,5 +18,5 @@ COPY --from=alpine /bin/tmate /bin/
LABEL com.centurylinklabs.watchtower.stop-signal="SIGINT"
ADD release/linux/amd64/drone-runner-docker /bin/
ENTRYPOINT ["/bin/drone-runner-docker"]
ADD release/linux/amd64/drone-runner-podman /bin/
ENTRYPOINT ["/bin/drone-runner-podman"]

4
docker/Dockerfile.linux.arm64
View File

@@ -18,5 +18,5 @@ COPY --from=alpine /bin/tmate /bin/
LABEL com.centurylinklabs.watchtower.stop-signal="SIGINT"
ADD release/linux/arm64/drone-runner-docker /bin/
ENTRYPOINT ["/bin/drone-runner-docker"]
ADD release/linux/arm64/drone-runner-podman /bin/
ENTRYPOINT ["/bin/drone-runner-podman"]

4
docker/Dockerfile.linux.ppc64le
View File

@@ -18,5 +18,5 @@ COPY --from=alpine /bin/tmate /bin/
LABEL com.centurylinklabs.watchtower.stop-signal="SIGINT"
ADD release/linux/ppc64le/drone-runner-docker /bin/
ENTRYPOINT ["/bin/drone-runner-docker"]
ADD release/linux/ppc64le/drone-runner-podman /bin/
ENTRYPOINT ["/bin/drone-runner-podman"]

4
docker/Dockerfile.windows.1809
View File

@@ -8,5 +8,5 @@ ENV DRONE_PLATFORM_OS windows
ENV DRONE_PLATFORM_ARCH amd64
ENV DRONE_PLATFORM_KERNEL 1809
ADD release/windows/amd64/drone-runner-docker.exe C:/drone-runner-docker.exe
ENTRYPOINT [ "C:\\drone-runner-docker.exe" ]
ADD release/windows/amd64/drone-runner-podman .exe C:/drone-runner-podman.exe
ENTRYPOINT [ "C:\\drone-runner-podman.exe" ]

4
docker/Dockerfile.windows.ltsc2022
View File

@@ -8,5 +8,5 @@ ENV DRONE_PLATFORM_OS windows
ENV DRONE_PLATFORM_ARCH amd64
ENV DRONE_PLATFORM_KERNEL ltsc2022
ADD release/windows/amd64/drone-runner-docker.exe C:/drone-runner-docker.exe
ENTRYPOINT [ "C:\\drone-runner-docker.exe" ]
ADD release/windows/amd64/drone-runner-podman.exe C:/drone-runner-podman.exe
ENTRYPOINT [ "C:\\drone-runner-podman.exe" ]

14
docker/manifest.tmpl
View File

@@ -1,4 +1,4 @@
image: drone/drone-runner-docker:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
image: drone/drone-runner-podman:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
{{#if build.tags}}
tags:
{{#each build.tags}}
@@ -7,30 +7,30 @@ tags:
{{/if}}
manifests:
-
image: drone/drone-runner-docker:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64
image: drone/drone-runner-podman:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64
platform:
architecture: amd64
os: linux
-
image: drone/drone-runner-docker:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64
image: drone/drone-runner-podman:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64
platform:
variant: v8
architecture: arm64
os: linux
-
image: drone/drone-runner-docker:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-ppc64le
image: drone/drone-runner-podman:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-ppc64le
platform:
architecture: ppc64le
os: linux
-
image: drone/drone-runner-docker:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1809-amd64
image: drone/drone-runner-podman:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1809-amd64
platform:
architecture: amd64
os: windows
version: 1809
-
image: drone/drone-runner-docker:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-ltsc2022-amd64
image: drone/drone-runner-podman:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-ltsc2022-amd64
platform:
architecture: amd64
os: windows
version: ltsc2022
version: ltsc2022

4
engine/compiler/clone.go
View File

@@ -7,8 +7,8 @@ package compiler
import (
"strconv"
"github.com/drone-runners/drone-runner-docker/engine"
"github.com/drone-runners/drone-runner-docker/engine/resource"
"github.com/drone-runners/drone-runner-podman/engine"
"github.com/drone-runners/drone-runner-podman/engine/resource"
"github.com/drone/runner-go/manifest"
"github.com/drone/runner-go/pipeline/runtime"
)

4
engine/compiler/clone_test.go
View File

@@ -8,8 +8,8 @@ import (
"testing"
"github.com/dchest/uniuri"
"github.com/drone-runners/drone-runner-docker/engine"
"github.com/drone-runners/drone-runner-docker/engine/resource"
"github.com/drone-runners/drone-runner-podman/engine"
"github.com/drone-runners/drone-runner-podman/engine/resource"
"github.com/drone/drone-go/drone"
"github.com/drone/runner-go/environ/provider"
"github.com/drone/runner-go/manifest"

20
engine/compiler/compiler.go
View File

@@ -9,9 +9,9 @@ import (
"os"
"strings"
"github.com/drone-runners/drone-runner-docker/engine"
"github.com/drone-runners/drone-runner-docker/engine/resource"
"github.com/drone-runners/drone-runner-docker/internal/docker/image"
"github.com/drone-runners/drone-runner-podman/engine"
"github.com/drone-runners/drone-runner-podman/engine/resource"
"github.com/drone-runners/drone-runner-podman/internal/podman/image"
"github.com/drone/drone-go/drone"
"github.com/drone/runner-go/clone"
@@ -37,7 +37,7 @@ var random = func() string {
// with privileged capabilities in order to run Docker
// in Docker.
var Privileged = []string{
"plugins/docker",
"plugins/podman",
"plugins/acr",
"plugins/ecr",
"plugins/gcr",
@@ -230,7 +230,7 @@ func (c *Compiler) Compile(ctx context.Context, args runtime.CompilerArgs) runti
)
// create network reference variables
envs["DRONE_DOCKER_NETWORK_ID"] = spec.Network.ID
envs["DRONE_PODMAN_NETWORK_ID"] = spec.Network.ID
// create the workspace variables
envs["DRONE_WORKSPACE"] = full
@@ -239,9 +239,9 @@ func (c *Compiler) Compile(ctx context.Context, args runtime.CompilerArgs) runti
// create volume reference variables
if volume.EmptyDir != nil {
envs["DRONE_DOCKER_VOLUME_ID"] = volume.EmptyDir.ID
envs["DRONE_PODMAN_VOLUME_ID"] = volume.EmptyDir.ID
} else {
envs["DRONE_DOCKER_VOLUME_PATH"] = volume.HostPath.Path
envs["DRONE_PODMAN_VOLUME_PATH"] = volume.HostPath.Path
}
// create tmate variables
@@ -359,7 +359,7 @@ func (c *Compiler) Compile(ctx context.Context, args runtime.CompilerArgs) runti
Labels: stageLabels,
Pull: engine.PullIfNotExists,
Image: image.Expand(c.Tmate.Image),
Entrypoint: []string{"/bin/drone-runner-docker"},
Entrypoint: []string{"/bin/drone-runner-podman"},
Command: []string{"copy"},
Network: "none",
})
@@ -531,7 +531,7 @@ func (c *Compiler) Compile(ctx context.Context, args runtime.CompilerArgs) runti
// feature toggle that disables the check that restricts
// docker plugins from mounting volumes.
// DO NOT USE: THIS WILL BE DEPRECATED IN THE FUTURE
var allowDockerPluginVolumes = os.Getenv("DRONE_FLAG_ALLOW_DOCKER_PLUGIN_VOLUMES") == "true"
var allowPodmanPluginVolumes = os.Getenv("DRONE_FLAG_ALLOW_PODMAN_PLUGIN_VOLUMES") == "true"
func (c *Compiler) isPrivileged(step *resource.Step) bool {
// privileged-by-default containers are only
@@ -547,7 +547,7 @@ func (c *Compiler) isPrivileged(step *resource.Step) bool {
return false
}
if allowDockerPluginVolumes == false {
if allowPodmanPluginVolumes == false {
if len(step.Volumes) > 0 {
return false
}

16
engine/compiler/compiler_test.go
View File

@@ -2,6 +2,7 @@
// Use of this source code is governed by the Polyform License
// that can be found in the LICENSE file.
//go:build !windows
// +build !windows
package compiler
@@ -9,14 +10,13 @@ package compiler
import (
"context"
"encoding/json"
"io/ioutil"
"os"
"strconv"
"testing"
"github.com/dchest/uniuri"
"github.com/drone-runners/drone-runner-docker/engine"
"github.com/drone-runners/drone-runner-docker/engine/resource"
"github.com/drone-runners/drone-runner-podman/engine"
"github.com/drone-runners/drone-runner-podman/engine/resource"
"github.com/drone/drone-go/drone"
"github.com/drone/runner-go/environ/provider"
"github.com/drone/runner-go/manifest"
@@ -280,7 +280,7 @@ func testCompile(t *testing.T, source, golden string) *engine.Spec {
got := compiler.Compile(nocontext, args)
raw, err := ioutil.ReadFile(golden)
raw, err := os.ReadFile(golden)
if err != nil {
t.Error(err)
}
@@ -320,13 +320,13 @@ func TestIsPrivileged(t *testing.T) {
t.Errorf("Disable privileged mode if commands are specified")
}
if c.isPrivileged(&resource.Step{Image: "foo", Command: []string{"echo hello", "echo world"}}) {
t.Errorf("Disable privileged mode if the Docker command is specified")
t.Errorf("Disable privileged mode if the Podman command is specified")
}
if c.isPrivileged(&resource.Step{Image: "foo", Entrypoint: []string{"/bin/sh"}}) {
t.Errorf("Disable privileged mode if the Docker entrypoint is specified")
t.Errorf("Disable privileged mode if the Podman entrypoint is specified")
}
if c.isPrivileged(&resource.Step{Image: "foo", Volumes: []*resource.VolumeMount{{MountPath: "/var/run/docker.sock"}}}) {
t.Errorf("Disable privileged mode if /var/run/docker.sock mounted")
if c.isPrivileged(&resource.Step{Image: "foo", Volumes: []*resource.VolumeMount{{MountPath: "/var/run/podman.sock"}}}) {
t.Errorf("Disable privileged mode if /var/run/podman.sock mounted")
}
if c.isPrivileged(&resource.Step{Image: "foo", Volumes: []*resource.VolumeMount{{MountPath: "/var"}}}) {
t.Errorf("Disable privileged mode if /var mounted")

8
engine/compiler/script.go
View File

@@ -5,10 +5,10 @@
package compiler
import (
"github.com/drone-runners/drone-runner-docker/engine"
"github.com/drone-runners/drone-runner-docker/engine/compiler/shell"
"github.com/drone-runners/drone-runner-docker/engine/compiler/shell/powershell"
"github.com/drone-runners/drone-runner-docker/engine/resource"
"github.com/drone-runners/drone-runner-podman/engine"
"github.com/drone-runners/drone-runner-podman/engine/compiler/shell"
"github.com/drone-runners/drone-runner-podman/engine/compiler/shell/powershell"
"github.com/drone-runners/drone-runner-podman/engine/resource"
)
// helper function configures the pipeline script for the

8
engine/compiler/step.go
View File

@@ -7,10 +7,10 @@ package compiler
import (
"strings"
"github.com/drone-runners/drone-runner-docker/engine"
"github.com/drone-runners/drone-runner-docker/engine/resource"
"github.com/drone-runners/drone-runner-docker/internal/docker/image"
"github.com/drone-runners/drone-runner-docker/internal/encoder"
"github.com/drone-runners/drone-runner-podman/engine"
"github.com/drone-runners/drone-runner-podman/engine/resource"
"github.com/drone-runners/drone-runner-podman/internal/encoder"
"github.com/drone-runners/drone-runner-podman/internal/podman/image"
"github.com/drone/runner-go/pipeline/runtime"
)

2
engine/compiler/testdata/graph.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
steps:

2
engine/compiler/testdata/match.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
clone:

4
engine/compiler/testdata/noclone_graph.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
clone:
@@ -15,4 +15,4 @@ steps:
image: golang
commands:
- go test
depends_on: [ build ]
depends_on: [ build ]

2
engine/compiler/testdata/noclone_serial.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
clone:

2
engine/compiler/testdata/run_always.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
clone:

2
engine/compiler/testdata/run_failure.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
clone:

2
engine/compiler/testdata/secret.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
clone:

2
engine/compiler/testdata/serial.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
steps:

2
engine/compiler/testdata/steps.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
clone:

4
engine/compiler/util.go
View File

@@ -7,8 +7,8 @@ package compiler
import (
"strings"
"github.com/drone-runners/drone-runner-docker/engine"
"github.com/drone-runners/drone-runner-docker/engine/resource"
"github.com/drone-runners/drone-runner-podman/engine"
"github.com/drone-runners/drone-runner-podman/engine/resource"
"github.com/drone/drone-go/drone"
"github.com/drone/runner-go/manifest"

4
engine/compiler/util_test.go
View File

@@ -7,8 +7,8 @@ package compiler
import (
"testing"
"github.com/drone-runners/drone-runner-docker/engine"
"github.com/drone-runners/drone-runner-docker/engine/resource"
"github.com/drone-runners/drone-runner-podman/engine"
"github.com/drone-runners/drone-runner-podman/engine/resource"
"github.com/drone/runner-go/manifest"

4
engine/compiler/workspace.go
View File

@@ -8,8 +8,8 @@ import (
stdpath "path"
"strings"
"github.com/drone-runners/drone-runner-docker/engine"
"github.com/drone-runners/drone-runner-docker/engine/resource"
"github.com/drone-runners/drone-runner-podman/engine"
"github.com/drone-runners/drone-runner-podman/engine/resource"
)
const (

4
engine/compiler/workspace_test.go
View File

@@ -7,8 +7,8 @@ package compiler
import (
"testing"
"github.com/drone-runners/drone-runner-docker/engine"
"github.com/drone-runners/drone-runner-docker/engine/resource"
"github.com/drone-runners/drone-runner-podman/engine"
"github.com/drone-runners/drone-runner-podman/engine/resource"
"github.com/drone/runner-go/manifest"
)

201
engine/convert.go
View File

@@ -5,114 +5,117 @@
package engine
import (
"io/fs"
"net"
"strings"
"github.com/docker/docker/api/types/container"
"github.com/containers/common/libnetwork/types"
"github.com/containers/podman/v4/pkg/specgen"
"github.com/docker/docker/api/types/mount"
"github.com/docker/docker/api/types/network"
"github.com/opencontainers/runtime-spec/specs-go"
"github.com/sirupsen/logrus"
)
// returns a container configuration.
func toConfig(spec *Spec, step *Step) *container.Config {
config := &container.Config{
Image: step.Image,
func toSpec(spec *Spec, step *Step) *specgen.SpecGenerator {
basic := specgen.ContainerBasicConfig{
Name: step.ID,
RawImageName: step.Image,
Labels: step.Labels,
WorkingDir: step.WorkingDir,
User: step.User,
AttachStdin: false,
AttachStdout: true,
AttachStderr: true,
Tty: false,
OpenStdin: false,
StdinOnce: false,
ArgsEscaped: false,
Env: step.Envs,
Entrypoint: step.Entrypoint,
Command: step.Command,
Stdin: false,
Terminal: false,
}
if len(step.Envs) != 0 {
config.Env = toEnv(step.Envs)
}
for _, sec := range step.Secrets {
config.Env = append(config.Env, sec.Env+"="+string(sec.Data))
basic.EnvSecrets[sec.Env] = string(sec.Data)
}
if len(step.Entrypoint) != 0 {
config.Entrypoint = step.Entrypoint
volume := specgen.ContainerStorageConfig{
Image: step.Image,
WorkDir: step.WorkingDir,
ShmSize: toPtr(step.ShmSize),
}
if len(step.Command) != 0 {
config.Cmd = step.Command
volumeSet := toVolumeSet(spec, step)
for path := range volumeSet {
volume.Volumes = append(volume.Volumes, &specgen.NamedVolume{
Dest: path,
})
}
if len(step.Volumes) != 0 {
config.Volumes = toVolumeSet(spec, step)
volume.Devices = toLinuxDeviceSlice(spec, step)
volume.Mounts = toLinuxVolumeMounts(spec, step)
}
return config
}
// returns a container host configuration.
func toHostConfig(spec *Spec, step *Step) *container.HostConfig {
config := &container.HostConfig{
LogConfig: container.LogConfig{
Type: "json-file",
},
security := specgen.ContainerSecurityConfig{
User: step.User,
Privileged: step.Privileged,
ShmSize: step.ShmSize,
}
// windows does not support privileged so we hard-code
// this value to false.
// windows does not support privileged so we hard-code this value to false.
// podman doesn't even support windows so this would be a problem
// if we reach here
if spec.Platform.OS == "windows" {
config.Privileged = false
security.Privileged = false
}
var dns []net.IP
for i := range step.DNS {
ip, _, err := net.ParseCIDR(step.DNS[i])
if err != nil {
logrus.Warnf("failed to parse dns [ip=%s] [error=%s]", step.DNS[i], err.Error())
continue
}
dns = append(dns, ip)
}
net := specgen.ContainerNetworkConfig{
DNSServers: dns,
DNSSearch: step.DNSSearch,
HostAdd: step.ExtraHosts,
}
if len(step.Network) > 0 {
config.NetworkMode = container.NetworkMode(step.Network)
}
if len(step.DNS) > 0 {
config.DNS = step.DNS
}
if len(step.DNSSearch) > 0 {
config.DNSSearch = step.DNSSearch
}
if len(step.ExtraHosts) > 0 {
config.ExtraHosts = step.ExtraHosts
net.Networks = make(map[string]types.PerNetworkOptions)
net.Networks[step.Network] = types.PerNetworkOptions{}
}
resource := specgen.ContainerResourceConfig{}
if isUnlimited(step) == false {
config.Resources = container.Resources{
CPUPeriod: step.CPUPeriod,
CPUQuota: step.CPUQuota,
CpusetCpus: strings.Join(step.CPUSet, ","),
CPUShares: step.CPUShares,
Memory: step.MemLimit,
MemorySwap: step.MemSwapLimit,
resource = specgen.ContainerResourceConfig{
CPUPeriod: uint64(step.CPUPeriod),
CPUQuota: step.CPUQuota,
ResourceLimits: &specs.LinuxResources{
CPU: &specs.LinuxCPU{
Cpus: strings.Join(step.CPUSet, ","),
Shares: toPtr(uint64(step.CPUShares)),
},
Memory: &specs.LinuxMemory{
Limit: &step.MemLimit,
Swap: &step.MemSwapLimit,
},
},
}
}
if len(step.Volumes) != 0 {
config.Devices = toDeviceSlice(spec, step)
config.Binds = toVolumeSlice(spec, step)
config.Mounts = toVolumeMounts(spec, step)
config := &specgen.SpecGenerator{
ContainerBasicConfig: basic,
ContainerStorageConfig: volume,
ContainerSecurityConfig: security,
ContainerNetworkConfig: net,
ContainerResourceConfig: resource,
}
return config
}
// helper function returns the container network configuration.
func toNetConfig(spec *Spec, proc *Step) *network.NetworkingConfig {
// if the user overrides the default network we do not
// attach to the user-defined network.
if proc.Network != "" {
return &network.NetworkingConfig{}
}
endpoints := map[string]*network.EndpointSettings{}
endpoints[spec.Network.ID] = &network.EndpointSettings{
NetworkID: spec.Network.ID,
Aliases: []string{proc.Name},
}
return &network.NetworkingConfig{
EndpointsConfig: endpoints,
}
return config
}
// helper function that converts a slice of device paths to a slice of
// container.DeviceMapping.
func toDeviceSlice(spec *Spec, step *Step) []container.DeviceMapping {
var to []container.DeviceMapping
func toLinuxDeviceSlice(spec *Spec, step *Step) []specs.LinuxDevice {
var to []specs.LinuxDevice
for _, mount := range step.Devices {
device, ok := lookupVolume(spec, mount.Name)
if !ok {
@@ -121,10 +124,13 @@ func toDeviceSlice(spec *Spec, step *Step) []container.DeviceMapping {
if isDevice(device) == false {
continue
}
to = append(to, container.DeviceMapping{
PathOnHost: device.HostPath.Path,
PathInContainer: mount.DevicePath,
CgroupPermissions: "rwm",
to = append(to, specs.LinuxDevice{
// NOTE: there only host path... weird
Path: device.HostPath.Path,
// PathOnHost: device.HostPath.Path,
// PathInContainer: mount.DevicePath,
FileMode: toPtr(fs.ModePerm),
})
}
if len(to) == 0 {
@@ -184,8 +190,8 @@ func toVolumeSlice(spec *Spec, step *Step) []string {
// helper function returns a slice of docker mount
// configurations.
func toVolumeMounts(spec *Spec, step *Step) []mount.Mount {
var mounts []mount.Mount
func toLinuxVolumeMounts(spec *Spec, step *Step) []specs.Mount {
var mounts []specs.Mount
for _, target := range step.Volumes {
source, ok := lookupVolume(spec, target.Name)
if !ok {
@@ -203,7 +209,7 @@ func toVolumeMounts(spec *Spec, step *Step) []mount.Mount {
if isDataVolume(source) {
continue
}
mounts = append(mounts, toMount(source, target))
mounts = append(mounts, toLinuxMount(source, target))
}
if len(mounts) == 0 {
return nil
@@ -213,21 +219,30 @@ func toVolumeMounts(spec *Spec, step *Step) []mount.Mount {
// helper function converts the volume declaration to a
// docker mount structure.
func toMount(source *Volume, target *VolumeMount) mount.Mount {
to := mount.Mount{
Target: target.Path,
Type: toVolumeType(source),
func toLinuxMount(source *Volume, target *VolumeMount) specs.Mount {
to := specs.Mount{
Destination: target.Path,
Type: string(toVolumeType(source)),
}
if isBindMount(source) || isNamedPipe(source) {
to.Source = source.HostPath.Path
to.ReadOnly = source.HostPath.ReadOnly
}
if isTempfs(source) {
to.TmpfsOptions = &mount.TmpfsOptions{
SizeBytes: source.EmptyDir.SizeLimit,
Mode: 0700,
if source.HostPath.ReadOnly {
// options defaults = rw, suid, dev, exec, auto, nouser, and async
to.Options = append(to.Options, "ro")
}
// to.ReadOnly = source.HostPath.ReadOnly
}
if isTempfs(source) {
// NOTE: not sure if this is translatable
// probably part of resource struct
// to.TmpfsOptions = &mount.TmpfsOptions{
// SizeBytes: source.EmptyDir.SizeLimit,
// Mode: 0700,
// }
}
return to
}

215
engine/engine.go
View File

@@ -5,64 +5,57 @@
package engine
import (
"bytes"
"context"
"io"
"io/ioutil"
"os"
"time"
"github.com/drone-runners/drone-runner-docker/internal/docker/errors"
"github.com/drone-runners/drone-runner-docker/internal/docker/image"
"github.com/drone-runners/drone-runner-docker/internal/docker/jsonmessage"
"github.com/drone-runners/drone-runner-docker/internal/docker/stdcopy"
"github.com/drone-runners/drone-runner-podman/internal/podman/errors"
"github.com/drone-runners/drone-runner-podman/internal/podman/image"
"github.com/drone-runners/drone-runner-podman/internal/podman/jsonmessage"
"github.com/drone-runners/drone-runner-podman/internal/podman/stdcopy"
"github.com/drone/runner-go/logger"
"github.com/drone/runner-go/pipeline/runtime"
"github.com/drone/runner-go/registry/auths"
"github.com/docker/docker/api/types"
"github.com/docker/docker/api/types/container"
"github.com/docker/docker/api/types/network"
"github.com/docker/docker/api/types/volume"
"github.com/docker/docker/client"
"github.com/docker/docker/errdefs"
"github.com/containers/common/libnetwork/types"
"github.com/containers/podman/v4/pkg/bindings"
"github.com/containers/podman/v4/pkg/bindings/containers"
"github.com/containers/podman/v4/pkg/bindings/images"
"github.com/containers/podman/v4/pkg/bindings/network"
"github.com/containers/podman/v4/pkg/bindings/volumes"
"github.com/containers/podman/v4/pkg/domain/entities"
)
// TODO: figure out what to do about this global
const UNIX_SOCK string = "unix:///run/podman/podman.sock"
// Opts configures the Docker engine.
type Opts struct {
HidePull bool
}
// Docker implements a Docker pipeline engine.
type Docker struct {
client client.APIClient
// Podman implements a Podman pipeline engine.
type Podman struct {
hidePull bool
conn context.Context
}
// New returns a new engine.
func New(client client.APIClient, opts Opts) *Docker {
return &Docker{
client: client,
func New(conn context.Context, opts Opts) *Podman {
return &Podman{
hidePull: opts.HidePull,
}
}
// NewEnv returns a new Engine from the environment.
func NewEnv(opts Opts) (*Docker, error) {
cli, err := client.NewClientWithOpts(client.FromEnv)
if err != nil {
return nil, err
}
return New(cli, opts), nil
}
// Ping pings the Docker daemon.
func (e *Docker) Ping(ctx context.Context) error {
_, err := e.client.Ping(ctx)
return err
func NewEnv(ctx context.Context, opts Opts) (*Podman, error) {
conn, err := bindings.NewConnection(ctx, UNIX_SOCK)
return New(conn, opts), err
}
// Setup the pipeline environment.
func (e *Docker) Setup(ctx context.Context, specv runtime.Spec) error {
func (e *Podman) Setup(ctx context.Context, specv runtime.Spec) error {
spec := specv.(*Spec)
// creates the default temporary (local) volumes
@@ -71,11 +64,16 @@ func (e *Docker) Setup(ctx context.Context, specv runtime.Spec) error {
if vol.EmptyDir == nil {
continue
}
_, err := e.client.VolumeCreate(ctx, volume.VolumeCreateBody{
Name: vol.EmptyDir.ID,
Driver: "local",
Labels: vol.EmptyDir.Labels,
})
_, err := volumes.Create(
e.conn,
entities.VolumeCreateOptions{
Name: vol.EmptyDir.ID,
Driver: "local",
Label: vol.EmptyDir.Labels,
},
&volumes.CreateOptions{},
)
if err != nil {
return errors.TrimExtraInfo(err)
}
@@ -87,7 +85,9 @@ func (e *Docker) Setup(ctx context.Context, specv runtime.Spec) error {
if spec.Platform.OS == "windows" {
driver = "nat"
}
_, err := e.client.NetworkCreate(ctx, spec.Network.ID, types.NetworkCreate{
_, err := network.Create(e.conn, &types.Network{
ID: spec.Network.ID,
Driver: driver,
Options: spec.Network.Options,
Labels: spec.Network.Labels,
@@ -95,7 +95,7 @@ func (e *Docker) Setup(ctx context.Context, specv runtime.Spec) error {
// launches the inernal setup steps
for _, step := range spec.Internal {
if err := e.create(ctx, spec, step, ioutil.Discard); err != nil {
if err := e.create(ctx, spec, step, io.Discard); err != nil {
logger.FromContext(ctx).
WithError(err).
WithField("container", step.ID).
@@ -126,18 +126,19 @@ func (e *Docker) Setup(ctx context.Context, specv runtime.Spec) error {
}
// Destroy the pipeline environment.
func (e *Docker) Destroy(ctx context.Context, specv runtime.Spec) error {
func (e *Podman) Destroy(ctx context.Context, specv runtime.Spec) error {
spec := specv.(*Spec)
removeOpts := types.ContainerRemoveOptions{
Force: true,
RemoveLinks: false,
RemoveVolumes: true,
removeOpts := containers.RemoveOptions{
Force: toPtr(true),
Volumes: toPtr(true),
Depend: toPtr(true), // maybe?
Ignore: toPtr(true),
}
// stop all containers
for _, step := range append(spec.Steps, spec.Internal...) {
if err := e.client.ContainerKill(ctx, step.ID, "9"); err != nil && !client.IsErrNotFound(err) && !errdefs.IsConflict(err) {
if err := containers.Kill(ctx, step.ID, &containers.KillOptions{Signal: toPtr("9")}); err != nil {
logger.FromContext(ctx).
WithError(err).
WithField("container", step.ID).
@@ -147,7 +148,7 @@ func (e *Docker) Destroy(ctx context.Context, specv runtime.Spec) error {
// cleanup all containers
for _, step := range append(spec.Steps, spec.Internal...) {
if err := e.client.ContainerRemove(ctx, step.ID, removeOpts); err != nil && !client.IsErrNotFound(err) {
if _, err := containers.Remove(e.conn, step.ID, &removeOpts); err != nil {
logger.FromContext(ctx).
WithError(err).
WithField("container", step.ID).
@@ -165,7 +166,8 @@ func (e *Docker) Destroy(ctx context.Context, specv runtime.Spec) error {
if vol.EmptyDir.Medium == "memory" {
continue
}
if err := e.client.VolumeRemove(ctx, vol.EmptyDir.ID, true); err != nil {
if err := volumes.Remove(e.conn, vol.EmptyDir.ID, &volumes.RemoveOptions{Force: toPtr(true)}); err != nil {
logger.FromContext(ctx).
WithError(err).
WithField("volume", vol.EmptyDir.ID).
@@ -173,8 +175,7 @@ func (e *Docker) Destroy(ctx context.Context, specv runtime.Spec) error {
}
}
// cleanup the network
if err := e.client.NetworkRemove(ctx, spec.Network.ID); err != nil {
if _, err := network.Remove(e.conn, spec.Network.ID, &network.RemoveOptions{}); err != nil {
logger.FromContext(ctx).
WithError(err).
WithField("network", spec.Network.ID).
@@ -189,7 +190,7 @@ func (e *Docker) Destroy(ctx context.Context, specv runtime.Spec) error {
}
// Run runs the pipeline step.
func (e *Docker) Run(ctx context.Context, specv runtime.Spec, stepv runtime.Step, output io.Writer) (*runtime.State, error) {
func (e *Podman) Run(ctx context.Context, specv runtime.Spec, stepv runtime.Step, output io.Writer) (*runtime.State, error) {
spec := specv.(*Spec)
step := stepv.(*Step)
@@ -209,7 +210,7 @@ func (e *Docker) Run(ctx context.Context, specv runtime.Spec, stepv runtime.Step
// tail the container
logger.FromContext(ctx).
WithField("step id", step.ID).
Debugln("using deferred docker tail")
Debugln("using deferred podman tail")
logs, tailErr := e.deferTail(ctx, step.ID, output)
if tailErr != nil {
return nil, errors.TrimExtraInfo(tailErr)
@@ -229,64 +230,52 @@ func (e *Docker) Run(ctx context.Context, specv runtime.Spec, stepv runtime.Step
// emulate docker commands
//
func (e *Docker) create(ctx context.Context, spec *Spec, step *Step, output io.Writer) error {
func (e *Podman) create(ctx context.Context, spec *Spec, step *Step, output io.Writer) error {
// create pull options with encoded authorization credentials.
pullopts := types.ImagePullOptions{}
pullopts := images.PullOptions{}
if step.Auth != nil {
pullopts.RegistryAuth = auths.Header(
step.Auth.Username,
step.Auth.Password,
)
pullopts.Username = &step.Auth.Username
pullopts.Password = &step.Auth.Password
}
// Read(p []byte) (n int, err error)
// automatically pull the latest version of the image if requested
// by the process configuration, or if the image is :latest
if step.Pull == PullAlways ||
(step.Pull == PullDefault && image.IsLatest(step.Image)) {
rc, pullerr := e.client.ImagePull(ctx, step.Image, pullopts)
rc, pullerr := images.Pull(e.conn, step.Image, &pullopts)
if pullerr == nil {
b := bytes.NewBuffer(flattenToBytes(rc))
if e.hidePull {
io.Copy(ioutil.Discard, rc)
} else {
jsonmessage.Copy(rc, output)
io.Copy(io.Discard, b)
}
rc.Close()
jsonmessage.Copy(b, output)
}
if pullerr != nil {
return pullerr
}
}
_, err := e.client.ContainerCreate(ctx,
toConfig(spec, step),
toHostConfig(spec, step),
toNetConfig(spec, step),
step.ID,
)
_, err := containers.CreateWithSpec(e.conn, toSpec(spec, step), &containers.CreateOptions{})
// automatically pull and try to re-create the image if the
// failure is caused because the image does not exist.
if client.IsErrNotFound(err) && step.Pull != PullNever {
rc, pullerr := e.client.ImagePull(ctx, step.Image, pullopts)
if step.Pull != PullNever {
rc, pullerr := images.Pull(e.conn, step.Image, &pullopts)
if pullerr != nil {
return pullerr
}
b := bytes.NewBuffer(flattenToBytes(rc))
if e.hidePull {
io.Copy(ioutil.Discard, rc)
} else {
jsonmessage.Copy(rc, output)
io.Copy(io.Discard, b)
}
rc.Close()
jsonmessage.Copy(b, output)
// once the image is successfully pulled we attempt to
// re-create the container.
_, err = e.client.ContainerCreate(ctx,
toConfig(spec, step),
toHostConfig(spec, step),
toNetConfig(spec, step),
step.ID,
)
_, err = containers.CreateWithSpec(e.conn, toSpec(spec, step), &containers.CreateOptions{})
}
if err != nil {
return err
@@ -296,7 +285,7 @@ func (e *Docker) create(ctx context.Context, spec *Spec, step *Step, output io.W
// primarily used to attach global user-defined networks.
if step.Network == "" {
for _, net := range step.Networks {
err = e.client.NetworkConnect(ctx, net, step.ID, &network.EndpointSettings{
err = network.Connect(e.conn, net, step.ID, &types.PerNetworkOptions{
Aliases: []string{net},
})
if err != nil {
@@ -309,13 +298,13 @@ func (e *Docker) create(ctx context.Context, spec *Spec, step *Step, output io.W
}
// helper function emulates the `docker start` command.
func (e *Docker) start(ctx context.Context, id string) error {
return e.client.ContainerStart(ctx, id, types.ContainerStartOptions{})
func (e *Podman) start(ctx context.Context, id string) error {
return containers.Start(e.conn, id, &containers.StartOptions{})
}
// helper function emulates the `docker wait` command, blocking
// until the container stops and returning the exit code.
func (e *Docker) waitRetry(ctx context.Context, id string) (*runtime.State, error) {
func (e *Podman) waitRetry(ctx context.Context, id string) (*runtime.State, error) {
for {
// if the context is canceled, meaning the
// pipeline timed out or was killed by the
@@ -332,42 +321,42 @@ func (e *Docker) waitRetry(ctx context.Context, id string) (*runtime.State, erro
}
logger.FromContext(ctx).
WithField("container", id).
Trace("docker wait exited unexpectedly")
Trace("podman wait exited unexpectedly")
}
}
// helper function emulates the `docker wait` command, blocking
// until the container stops and returning the exit code.
func (e *Docker) wait(ctx context.Context, id string) (*runtime.State, error) {
wait, errc := e.client.ContainerWait(ctx, id, container.WaitConditionNotRunning)
select {
case <-wait:
case <-errc:
}
func (e *Podman) wait(ctx context.Context, id string) (*runtime.State, error) {
containers.Wait(ctx, id, &containers.WaitOptions{
Conditions: []string{"created", "exited", "dead", "removing", "removed"},
})
info, err := e.client.ContainerInspect(ctx, id)
info, err := containers.Inspect(ctx, id, &containers.InspectOptions{})
if err != nil {
return nil, err
}
return &runtime.State{
Exited: !info.State.Running,
ExitCode: info.State.ExitCode,
ExitCode: int(info.State.ExitCode),
OOMKilled: info.State.OOMKilled,
}, nil
}
// helper function emulates the `docker logs -f` command, streaming all container logs until the container stops.
func (e *Docker) deferTail(ctx context.Context, id string, output io.Writer) (logs io.ReadCloser, err error) {
opts := types.ContainerLogsOptions{
Follow: true,
ShowStdout: true,
ShowStderr: true,
Details: false,
Timestamps: false,
func (e *Podman) deferTail(ctx context.Context, id string, output io.Writer) (logs io.ReadCloser, err error) {
opts := containers.LogOptions{
Follow: toPtr(true),
Stdout: toPtr(true),
Stderr: toPtr(true),
Timestamps: toPtr(false),
}
logs, err = e.client.ContainerLogs(ctx, id, opts)
out := make(chan string, 100)
error := make(chan string, 100)
err = containers.Logs(ctx, id, &opts, out, error)
if err != nil {
logger.FromContext(ctx).
WithError(err).
@@ -382,23 +371,25 @@ func (e *Docker) deferTail(ctx context.Context, id string, output io.Writer) (lo
}
// helper function emulates the `docker logs -f` command, streaming all container logs until the container stops.
func (e *Docker) tail(ctx context.Context, id string, output io.Writer) error {
opts := types.ContainerLogsOptions{
Follow: true,
ShowStdout: true,
ShowStderr: true,
Details: false,
Timestamps: false,
func (e *Podman) tail(ctx context.Context, id string, output io.Writer) error {
opts := containers.LogOptions{
Follow: toPtr(true),
Stdout: toPtr(true),
Stderr: toPtr(true),
Timestamps: toPtr(false),
}
logs, err := e.client.ContainerLogs(ctx, id, opts)
out := make(chan string, 100)
error := make(chan string, 100)
err := containers.Logs(ctx, id, &opts, out, error)
if err != nil {
return err
}
go func() {
stdcopy.StdCopy(output, output, logs)
logs.Close()
}()
// go func() {
// stdcopy.StdCopy(output, output, logs)
// logs.Close()
// }()
return nil
}

6
engine/linter/linter.go
View File

@@ -10,7 +10,7 @@ import (
"path/filepath"
"strings"
"github.com/drone-runners/drone-runner-docker/engine/resource"
"github.com/drone-runners/drone-runner-podman/engine/resource"
"github.com/drone/drone-go/drone"
"github.com/drone/runner-go/manifest"
)
@@ -130,7 +130,7 @@ func checkStep(step *resource.Step, trusted bool) error {
}
for _, mount := range step.Volumes {
switch mount.Name {
case "workspace", "_workspace", "_docker_socket":
case "workspace", "_workspace", "_podman_socket":
return fmt.Errorf("linter: invalid volume name: %s", mount.Name)
}
if strings.HasPrefix(filepath.Clean(mount.MountPath), "/run/drone") {
@@ -157,7 +157,7 @@ func checkVolumes(pipeline *resource.Pipeline, trusted bool) error {
switch volume.Name {
case "":
return fmt.Errorf("linter: missing volume name")
case "workspace", "_workspace", "_docker_socket":
case "workspace", "_workspace", "_podman_socket":
return fmt.Errorf("linter: invalid volume name: %s", volume.Name)
}
}

4
engine/linter/linter_test.go
View File

@@ -8,7 +8,7 @@ import (
"path"
"testing"
"github.com/drone-runners/drone-runner-docker/engine/resource"
"github.com/drone-runners/drone-runner-podman/engine/resource"
"github.com/drone/drone-go/drone"
"github.com/drone/runner-go/manifest"
)
@@ -47,7 +47,7 @@ func TestLint(t *testing.T) {
path: "testdata/pipeline_volume_invalid_name.yml",
trusted: false,
invalid: true,
message: "linter: invalid volume name: _docker_socket",
message: "linter: invalid volume name: _podman_socket",
},
// user should not be trying to mount internal or restricted
// volume paths.

4
engine/linter/testdata/duplicate_name.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: default
steps:
@@ -21,4 +21,4 @@ steps:
- go build
- go test
...
...

4
engine/linter/testdata/duplicate_step.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: default
steps:
@@ -14,4 +14,4 @@ steps:
image: golang
commands:
- go build
- go test
- go test

2
engine/linter/testdata/duplicate_step_service.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: default
steps:

2
engine/linter/testdata/invalid_arch.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
platform:

2
engine/linter/testdata/invalid_os.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
platform:

2
engine/linter/testdata/missing_build_image.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:

4
engine/linter/testdata/missing_dep.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: default
steps:
@@ -15,4 +15,4 @@ steps:
- go build
- go test
depends_on:
- foo
- foo

2
engine/linter/testdata/missing_image.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:

2
engine/linter/testdata/missing_name.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:

2
engine/linter/testdata/pipeline_device.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:

2
engine/linter/testdata/pipeline_dns.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:

2
engine/linter/testdata/pipeline_dns_search.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:

2
engine/linter/testdata/pipeline_extra_hosts.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:

2
engine/linter/testdata/pipeline_network_mode.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:

2
engine/linter/testdata/pipeline_port_host.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:

2
engine/linter/testdata/pipeline_privileged.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:

10
engine/linter/testdata/pipeline_volume_invalid_name.yml vendored
View File

@@ -1,14 +1,14 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:
- name: test
image: docker
image: podman
volumes:
- name: _docker_socket
path: /var/run/docker.sock
- name: _podman_socket
path: /run/podman/podman.sock
commands:
- docker system prune
- podman system prune

2
engine/linter/testdata/service_device.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:

2
engine/linter/testdata/service_port_host.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:

4
engine/linter/testdata/simple.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: amd64
steps:
@@ -36,4 +36,4 @@ steps:
depends_on:
- amd64
...
...

2
engine/linter/testdata/volume_empty_dir.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:

2
engine/linter/testdata/volume_empty_dir_memory.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:

2
engine/linter/testdata/volume_host_path.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:

2
engine/linter/testdata/volume_invalid_name.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:

2
engine/linter/testdata/volume_missing_name.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:

4
engine/linter/testdata/volume_restricted.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
name: linux
steps:
@@ -15,4 +15,4 @@ steps:
volumes:
- name: vol
temp: {}
temp: {}

10
engine/resource/parser_test.go
View File

@@ -32,7 +32,7 @@ func TestParse(t *testing.T) {
},
&Pipeline{
Kind: "pipeline",
Type: "docker",
Type: "podman",
Name: "default",
Version: "1",
Environment: map[string]string{
@@ -48,8 +48,8 @@ func TestParse(t *testing.T) {
Clone: manifest.Clone{
Depth: 50,
},
Deps: []string{"dependency"},
PullSecrets: []string{"dockerconfigjson"},
Deps: []string{"dependency"},
PullSecrets: []string{"podmanconfigjson"},
Trigger: manifest.Conditions{
Branch: manifest.Condition{
Include: []string{"master"},
@@ -130,7 +130,7 @@ func TestParseNoMatch(t *testing.T) {
func TestMatch(t *testing.T) {
r := &manifest.RawResource{
Kind: "pipeline",
Type: "docker",
Type: "podman",
}
if match(r) == false {
t.Errorf("Expect match, got false")
@@ -138,7 +138,7 @@ func TestMatch(t *testing.T) {
r = &manifest.RawResource{
Kind: "approval",
Type: "docker",
Type: "podman",
}
if match(r) == true {
t.Errorf("Expect kind mismatch, got true")

2
engine/resource/pipeline.go
View File

@@ -16,7 +16,7 @@ var (
// Defines the Resource Kind and Type.
const (
Kind = "pipeline"
Type = "docker"
Type = "podman"
)
// Pipeline is a pipeline resource that executes pipelines

2
engine/resource/pipeline_test.go
View File

@@ -39,7 +39,7 @@ func TestGetters(t *testing.T) {
pipeline := &Pipeline{
Version: "1.0.0",
Kind: "pipeline",
Type: "docker",
Type: "podman",
Name: "default",
Deps: []string{"before"},
Platform: platform,

4
engine/resource/testdata/linterr.yml vendored
View File

@@ -1,6 +1,6 @@
---
kind: pipeline
type: docker
type: podman
server:
image: docker-18-04
@@ -12,4 +12,4 @@ steps:
- go build
- go test
...
...

4
engine/resource/testdata/malformed.yml vendored
View File

@@ -1,8 +1,8 @@
---
kind: pipeline
type: docker
type: podman
steps:
foo: bar
...
...

4
engine/resource/testdata/manifest.yml vendored
View File

@@ -10,7 +10,7 @@ data: f0e4c2f76c58916ec25
---
kind: pipeline
type: docker
type: podman
name: default
version: 1
@@ -54,7 +54,7 @@ services:
command: [ "--debug" ]
image_pull_secrets:
- dockerconfigjson
- podmanconfigjson
trigger:
branch: [ master ]

4
engine/resource/testdata/nilstep.yml vendored
View File

@@ -1,9 +1,9 @@
---
kind: pipeline
type: docker
type: podman
name: test
steps:
- ~
...
...

4
engine/resource/testdata/nomatch.yml vendored
View File

@@ -1,5 +1,5 @@
---
kind: pipeline
type: docker
type: podman
...
...

2
engine/testdata/network_default.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
clone:

2
engine/testdata/status_failure.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
clone:

2
engine/testdata/status_success.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
clone:

4
engine/testdata/volume_host.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
clone:
@@ -29,4 +29,4 @@ steps:
volumes:
- name: test
host:
path: /tmp/drone/test
path: /tmp/drone/test

2
engine/testdata/volume_mem.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
clone:

2
engine/testdata/volume_temp.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
clone:

2
engine/testdata/workspace_custom.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
clone:

2
engine/testdata/workspace_default.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
clone:

2
engine/testdata/workspace_legacy.yml vendored
View File

@@ -1,5 +1,5 @@
kind: pipeline
type: docker
type: podman
name: default
clone:

77
engine/util.go
View File

@@ -3,3 +3,80 @@
// that can be found in the LICENSE file.
package engine
import (
"bytes"
"context"
"io"
"reflect"
)
// if another module requires this function
// then remove this function and place in util module
func toPtr[T any](a T) *T {
ptr := new(T)
*ptr = a
return ptr
}
func flattenToBytes(data []string) []byte {
var total int
for i := range data {
total += len(data[i])
}
b := make([]byte, total)
for i := range data {
b = append(b, data[i]...)
}
return b
}
type ReaderClose struct {
ctx context.Context
channels []chan string
}
func NewChansReadClose(ctx context.Context, channels ...chan string) ReaderClose {
return ReaderClose{
ctx: ctx,
channels: channels,
}
}
func (c *ReaderClose) Read(p []byte) (int, error) {
cases := make([]reflect.SelectCase, len(c.channels))
for i := range c.channels {
cases[i] = reflect.SelectCase{Dir: reflect.SelectRecv, Chan: reflect.ValueOf(c.channels[i])}
}
remaining := len(cases)
for remaining > 0 {
select {
case <-c.ctx.Done():
c.Close()
return len(p), nil
default:
}
chosen, value, ok := reflect.Select(cases)
if !ok {
cases[chosen].Chan = reflect.ValueOf(nil)
remaining -= 1
continue
}
io.WriteString(bytes.NewBuffer(p), value.String())
}
return len(p), io.EOF
}
func (c *ReaderClose) Close() error {
for i := range c.channels {
close(c.channels[i])
}
return nil
}

6
engine/util_test.go
View File

@@ -3,3 +3,9 @@
// that can be found in the LICENSE file.
package engine
import "testing"
func TestChansToReader(t *testing.T) {
}

170
go.mod
View File

@@ -1,43 +1,151 @@
module github.com/drone-runners/drone-runner-docker
module github.com/drone-runners/drone-runner-podman
go 1.16
replace github.com/docker/docker => github.com/docker/engine v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible
go 1.20
require (
github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect
github.com/Microsoft/go-winio v0.4.11 // indirect
github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc // indirect
github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf // indirect
github.com/buildkite/yaml v2.1.0+incompatible
github.com/containerd/containerd v1.3.4 // indirect
github.com/dchest/uniuri v0.0.0-20160212164326-8902c56451e9
github.com/docker/distribution v2.7.1+incompatible
github.com/docker/docker v0.0.0-00010101000000-000000000000
github.com/docker/go-connections v0.3.0 // indirect
github.com/containers/common v0.56.0
github.com/containers/podman/v4 v4.7.0
github.com/dchest/uniuri v1.2.0
github.com/docker/distribution v2.8.3+incompatible
github.com/docker/docker v24.0.6+incompatible
github.com/drone/drone-go v1.7.1
github.com/drone/envsubst v1.0.3
github.com/drone/runner-go v1.12.0
github.com/drone/signal v1.0.0
github.com/ghodss/yaml v1.0.0
github.com/gogo/protobuf v0.0.0-20170307180453-100ba4e88506 // indirect
github.com/google/go-cmp v0.3.0
github.com/gorilla/mux v1.7.4 // indirect
github.com/joho/godotenv v1.3.0
github.com/google/go-cmp v0.5.9
github.com/joho/godotenv v1.5.1
github.com/kelseyhightower/envconfig v1.4.0
github.com/kr/pretty v0.1.0 // indirect
github.com/mattn/go-isatty v0.0.8
github.com/morikuni/aec v1.0.0 // indirect
github.com/opencontainers/go-digest v1.0.0-rc1 // indirect
github.com/opencontainers/image-spec v1.0.1 // indirect
github.com/pkg/errors v0.8.1 // indirect
github.com/sirupsen/logrus v1.4.2
github.com/stretchr/testify v1.3.0 // indirect
golang.org/x/sync v0.0.0-20190423024810-112230192c58
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c // indirect
google.golang.org/grpc v1.29.1 // indirect
github.com/mattn/go-isatty v0.0.19
github.com/opencontainers/runtime-spec v1.1.1-0.20230823135140-4fec88fd00a4
github.com/sirupsen/logrus v1.9.3
golang.org/x/sync v0.3.0
gopkg.in/alecthomas/kingpin.v2 v2.2.6
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
gopkg.in/yaml.v2 v2.2.2 // indirect
gotest.tools v2.2.0+incompatible // indirect
)
require (
dario.cat/mergo v1.0.0 // indirect
github.com/99designs/basicauth-go v0.0.0-20230316000542-bf6f9cbbf0f8 // indirect
github.com/99designs/httpsignatures-go v0.0.0-20170731043157-88528bf4ca7e // indirect
github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
github.com/BurntSushi/toml v1.3.2 // indirect
github.com/Microsoft/go-winio v0.6.1 // indirect
github.com/Microsoft/hcsshim v0.12.0-rc.0 // indirect
github.com/VividCortex/ewma v1.2.0 // indirect
github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d // indirect
github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 // indirect
github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 // indirect
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
github.com/blang/semver/v4 v4.0.0 // indirect
github.com/bmatcuk/doublestar v1.3.4 // indirect
github.com/chzyer/readline v1.5.1 // indirect
github.com/cilium/ebpf v0.11.0 // indirect
github.com/container-orchestrated-devices/container-device-interface v0.6.1 // indirect
github.com/containerd/cgroups/v3 v3.0.2 // indirect
github.com/containerd/containerd v1.7.6 // indirect
github.com/containerd/stargz-snapshotter/estargz v0.14.3 // indirect
github.com/containers/buildah v1.32.0 // indirect
github.com/containers/image/v5 v5.28.0 // indirect
github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 // indirect
github.com/containers/ocicrypt v1.1.8 // indirect
github.com/containers/psgo v1.8.0 // indirect
github.com/containers/storage v1.50.2 // indirect
github.com/coreos/go-semver v0.3.1 // indirect
github.com/coreos/go-systemd/v22 v22.5.0 // indirect
github.com/cyberphone/json-canonicalization v0.0.0-20230710064741-aa7fe85c7dbd // indirect
github.com/cyphar/filepath-securejoin v0.2.4 // indirect
github.com/disiqueira/gotree/v3 v3.0.2 // indirect
github.com/distribution/reference v0.5.0 // indirect
github.com/docker/docker-credential-helpers v0.8.0 // indirect
github.com/docker/go-connections v0.4.1-0.20210727194412-58542c764a11 // indirect
github.com/docker/go-units v0.5.0 // indirect
github.com/fsnotify/fsnotify v1.6.0 // indirect
github.com/go-jose/go-jose/v3 v3.0.0 // indirect
github.com/go-openapi/analysis v0.21.4 // indirect
github.com/go-openapi/errors v0.20.4 // indirect
github.com/go-openapi/jsonpointer v0.20.0 // indirect
github.com/go-openapi/jsonreference v0.20.2 // indirect
github.com/go-openapi/loads v0.21.2 // indirect
github.com/go-openapi/runtime v0.26.0 // indirect
github.com/go-openapi/spec v0.20.9 // indirect
github.com/go-openapi/strfmt v0.21.7 // indirect
github.com/go-openapi/swag v0.22.4 // indirect
github.com/go-openapi/validate v0.22.1 // indirect
github.com/godbus/dbus/v5 v5.1.1-0.20230522191255-76236955d466 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/google/go-containerregistry v0.16.1 // indirect
github.com/google/go-intervals v0.0.2 // indirect
github.com/google/uuid v1.3.1 // indirect
github.com/gorilla/mux v1.8.0 // indirect
github.com/gorilla/schema v1.2.0 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/jinzhu/copier v0.4.0 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/klauspost/compress v1.17.0 // indirect
github.com/klauspost/pgzip v1.2.6 // indirect
github.com/kr/fs v0.1.0 // indirect
github.com/letsencrypt/boulder v0.0.0-20231004222641-2fa09d59901e // indirect
github.com/mailru/easyjson v0.7.7 // indirect
github.com/manifoldco/promptui v0.9.0 // indirect
github.com/mattn/go-runewidth v0.0.15 // indirect
github.com/mattn/go-shellwords v1.0.12 // indirect
github.com/mattn/go-sqlite3 v1.14.17 // indirect
github.com/miekg/pkcs11 v1.1.1 // indirect
github.com/mistifyio/go-zfs/v3 v3.0.1 // indirect
github.com/mitchellh/mapstructure v1.5.0 // indirect
github.com/moby/sys/mountinfo v0.6.2 // indirect
github.com/moby/term v0.5.0 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/natessilva/dag v0.0.0-20180124060714-7194b8dcc5c4 // indirect
github.com/nxadm/tail v1.4.8 // indirect
github.com/oklog/ulid v1.3.1 // indirect
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.1.0-rc5 // indirect
github.com/opencontainers/runc v1.1.9 // indirect
github.com/opencontainers/runtime-tools v0.9.1-0.20230317050512-e931285f4b69 // indirect
github.com/opencontainers/selinux v1.11.0 // indirect
github.com/ostreedev/ostree-go v0.0.0-20210805093236-719684c64e4f // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/pkg/sftp v1.13.6 // indirect
github.com/proglottis/gpgme v0.1.3 // indirect
github.com/rivo/uniseg v0.4.4 // indirect
github.com/secure-systems-lab/go-securesystemslib v0.7.0 // indirect
github.com/sigstore/fulcio v1.4.0 // indirect
github.com/sigstore/rekor v1.3.0 // indirect
github.com/sigstore/sigstore v1.7.3 // indirect
github.com/spf13/pflag v1.0.5 // indirect
github.com/stefanberger/go-pkcs11uri v0.0.0-20230803200340-78284954bff6 // indirect
github.com/sylabs/sif/v2 v2.14.1 // indirect
github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 // indirect
github.com/tchap/go-patricia/v2 v2.3.1 // indirect
github.com/theupdateframework/go-tuf v0.6.1 // indirect
github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect
github.com/ulikunitz/xz v0.5.11 // indirect
github.com/vbatts/tar-split v0.11.5 // indirect
github.com/vbauerster/mpb/v8 v8.6.1 // indirect
go.mongodb.org/mongo-driver v1.12.1 // indirect
go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352 // indirect
go.opencensus.io v0.24.0 // indirect
golang.org/x/crypto v0.13.0 // indirect
golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
golang.org/x/mod v0.12.0 // indirect
golang.org/x/net v0.15.0 // indirect
golang.org/x/sys v0.12.0 // indirect
golang.org/x/term v0.12.0 // indirect
golang.org/x/text v0.13.0 // indirect
golang.org/x/tools v0.13.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97 // indirect
google.golang.org/grpc v1.58.2 // indirect
google.golang.org/protobuf v1.31.0 // indirect
gopkg.in/go-jose/go-jose.v2 v2.6.1 // indirect
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
sigs.k8s.io/yaml v1.3.0 // indirect
)

1407
go.sum
View File

File diff suppressed because it is too large Load Diff

0
internal/docker/errors/errors.go → internal/podman/errors/errors.go
View File

0
internal/docker/errors/errors_test.go → internal/podman/errors/errors_test.go
View File

0
internal/docker/image/image.go → internal/podman/image/image.go
View File

0
internal/docker/image/image_test.go → internal/podman/image/image_test.go
View File

0
internal/docker/jsonmessage/jsonmessage.go → internal/podman/jsonmessage/jsonmessage.go
View File

0
internal/docker/jsonmessage/testdata/alpine.json → internal/podman/jsonmessage/testdata/alpine.json vendored
View File

2
internal/docker/docker.go → internal/podman/podman.go
View File

@@ -2,4 +2,4 @@
// Use of this source code is governed by the Polyform License
// that can be found in the LICENSE file.
package docker
package podman

0
internal/docker/stdcopy/stdcopy.go → internal/podman/stdcopy/stdcopy.go
View File

2
main.go
View File

@@ -5,7 +5,7 @@
package main
import (
"github.com/drone-runners/drone-runner-docker/command"
"github.com/drone-runners/drone-runner-podman/command"
_ "github.com/joho/godotenv/autoload"
)

18
scripts/build.sh
View File

@@ -3,17 +3,19 @@
# disable go modules
export GOPATH=""
# disable cgo
export CGO_ENABLED=0
# enable cgo due to
# https://github.com/containers/image/issues/1382
# which means difficult times ahead with cross compiling
export CGO_ENABLED=1
set -e
set -x
# linux
GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/drone-runner-docker
GOOS=linux GOARCH=arm64 go build -o release/linux/arm64/drone-runner-docker
GOOS=linux GOARCH=arm go build -o release/linux/arm/drone-runner-docker
GOOS=linux GOARCH=ppc64le go build -o release/linux/ppc64le/drone-runner-docker
# linux - btw, I use amd64 arch linux... okay its manjaro... close enough
GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/drone-runner-podman
# GOOS=linux GOARCH=arm64 go build -o release/linux/arm64/drone-runner-podman
# GOOS=linux GOARCH=arm go build -o release/linux/arm/drone-runner-podman
# GOOS=linux GOARCH=ppc64le go build -o release/linux/ppc64le/drone-runner-podman
# windows
GOOS=windows go build -o release/windows/amd64/drone-runner-docker.exe
# GOOS=windows go build -o release/windows/amd64/drone-runner-podman.exe