Fix act_runner: SELinux label:disable, host network, pin image
Some checks failed
Build and Deploy UMBRA / build-and-deploy (push) Failing after 15m48s
Some checks failed
Build and Deploy UMBRA / build-and-deploy (push) Failing after 15m48s
Docker specialist review findings: - Replace :z with security_opt: label:disable (correct SELinux fix) - Remove user: 0:0 (unnecessary with SELinux handled) - Remove redundant DOCKER_HOST env var - Add network_mode: host (workflow steps need host access) - Pin image to 0.2.11 (avoid non-deterministic latest tag) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
parent
3ad216ab0c
commit
507c841a92
@ -64,14 +64,15 @@ services:
|
|||||||
cpus: "0.5"
|
cpus: "0.5"
|
||||||
|
|
||||||
act_runner:
|
act_runner:
|
||||||
image: gitea/act_runner:latest
|
image: gitea/act_runner:0.2.11
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
user: "0:0"
|
security_opt:
|
||||||
|
- label:disable
|
||||||
|
network_mode: host
|
||||||
volumes:
|
volumes:
|
||||||
- act_runner_data:/data
|
- act_runner_data:/data
|
||||||
- /var/run/docker.sock:/var/run/docker.sock:z
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
environment:
|
environment:
|
||||||
- DOCKER_HOST=unix:///var/run/docker.sock
|
|
||||||
- GITEA_INSTANCE_URL=https://git.sentinelforest.xyz
|
- GITEA_INSTANCE_URL=https://git.sentinelforest.xyz
|
||||||
- GITEA_RUNNER_REGISTRATION_TOKEN=${GITEA_RUNNER_REGISTRATION_TOKEN}
|
- GITEA_RUNNER_REGISTRATION_TOKEN=${GITEA_RUNNER_REGISTRATION_TOKEN}
|
||||||
- GITEA_RUNNER_NAME=umbra-runner
|
- GITEA_RUNNER_NAME=umbra-runner
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user