Fix act_runner: SELinux label:disable, host network, pin image
Some checks failed
Build and Deploy UMBRA / build-and-deploy (push) Failing after 15m48s
Some checks failed
Build and Deploy UMBRA / build-and-deploy (push) Failing after 15m48s
Docker specialist review findings: - Replace :z with security_opt: label:disable (correct SELinux fix) - Remove user: 0:0 (unnecessary with SELinux handled) - Remove redundant DOCKER_HOST env var - Add network_mode: host (workflow steps need host access) - Pin image to 0.2.11 (avoid non-deterministic latest tag) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
parent
3ad216ab0c
commit
507c841a92
@ -64,14 +64,15 @@ services:
|
||||
cpus: "0.5"
|
||||
|
||||
act_runner:
|
||||
image: gitea/act_runner:latest
|
||||
image: gitea/act_runner:0.2.11
|
||||
restart: unless-stopped
|
||||
user: "0:0"
|
||||
security_opt:
|
||||
- label:disable
|
||||
network_mode: host
|
||||
volumes:
|
||||
- act_runner_data:/data
|
||||
- /var/run/docker.sock:/var/run/docker.sock:z
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
environment:
|
||||
- DOCKER_HOST=unix:///var/run/docker.sock
|
||||
- GITEA_INSTANCE_URL=https://git.sentinelforest.xyz
|
||||
- GITEA_RUNNER_REGISTRATION_TOKEN=${GITEA_RUNNER_REGISTRATION_TOKEN}
|
||||
- GITEA_RUNNER_NAME=umbra-runner
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user