public_git
/
actions-runner-controller
mirror of https://github.com/actions-runner-controller/actions-runner-controller.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

add dockerEnabled option (#191) 

Add dockerEnabled option for users who does not need docker and want not to run privileged container.
if `dockerEnabled == false`, dind container not run, and there are no privileged container.

Do the same as closed #96
This commit is contained in:
Shinnosuke Sawada 2020-11-16 09:41:12 +09:00 committed by GitHub
parent 1fd752fca2
commit 4371de9733
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
api/v1alpha1/runner_types.go
View File

@ -84,6 +84,8 @@ type RunnerSpec struct {
TerminationGracePeriodSeconds *int64 `json:"terminationGracePeriodSeconds,omitempty"` TerminationGracePeriodSeconds *int64 `json:"terminationGracePeriodSeconds,omitempty"`
// +optional // +optional
DockerdWithinRunnerContainer *bool `json:"dockerdWithinRunnerContainer,omitempty"` DockerdWithinRunnerContainer *bool `json:"dockerdWithinRunnerContainer,omitempty"`
// +optional
DockerEnabled *bool `json:"dockerEnabled,omitempty"`
} }
// ValidateRepository validates repository field. // ValidateRepository validates repository field.

5
api/v1alpha1/zz_generated.deepcopy.go
View File

@ -530,6 +530,11 @@ func (in *RunnerSpec) DeepCopyInto(out *RunnerSpec) {
*out = new(bool) *out = new(bool)
**out = **in **out = **in
} }
if in.DockerEnabled != nil {
in, out := &in.DockerEnabled, &out.DockerEnabled
*out = new(bool)
**out = **in
}
} }
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RunnerSpec. // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RunnerSpec.

2
charts/actions-runner-controller/crds/actions.summerwind.dev_runnerdeployments.yaml
View File

@ -400,6 +400,8 @@ spec:
- name - name
type: object type: object
type: array type: array
dockerEnabled:
type: boolean
dockerdContainerResources: dockerdContainerResources:
description: ResourceRequirements describes the compute resource requirements. description: ResourceRequirements describes the compute resource requirements.
properties: properties:

2
charts/actions-runner-controller/crds/actions.summerwind.dev_runnerreplicasets.yaml
View File

@ -400,6 +400,8 @@ spec:
- name - name
type: object type: object
type: array type: array
dockerEnabled:
type: boolean
dockerdContainerResources: dockerdContainerResources:
description: ResourceRequirements describes the compute resource requirements. description: ResourceRequirements describes the compute resource requirements.
properties: properties:

2
charts/actions-runner-controller/crds/actions.summerwind.dev_runners.yaml
View File

@ -393,6 +393,8 @@ spec:
- name - name
type: object type: object
type: array type: array
dockerEnabled:
type: boolean
dockerdContainerResources: dockerdContainerResources:
description: ResourceRequirements describes the compute resource requirements. description: ResourceRequirements describes the compute resource requirements.
properties: properties:

2
config/crd/bases/actions.summerwind.dev_runnerdeployments.yaml
View File

@ -400,6 +400,8 @@ spec:
- name - name
type: object type: object
type: array type: array
dockerEnabled:
type: boolean
dockerdContainerResources: dockerdContainerResources:
description: ResourceRequirements describes the compute resource requirements. description: ResourceRequirements describes the compute resource requirements.
properties: properties:

2
config/crd/bases/actions.summerwind.dev_runnerreplicasets.yaml
View File

@ -400,6 +400,8 @@ spec:
- name - name
type: object type: object
type: array type: array
dockerEnabled:
type: boolean
dockerdContainerResources: dockerdContainerResources:
description: ResourceRequirements describes the compute resource requirements. description: ResourceRequirements describes the compute resource requirements.
properties: properties:

2
config/crd/bases/actions.summerwind.dev_runners.yaml
View File

@ -393,6 +393,8 @@ spec:
- name - name
type: object type: object
type: array type: array
dockerEnabled:
type: boolean
dockerdContainerResources: dockerdContainerResources:
description: ResourceRequirements describes the compute resource requirements. description: ResourceRequirements describes the compute resource requirements.
properties: properties:

3
controllers/runner_controller.go
View File

@ -299,6 +299,7 @@ func (r *RunnerReconciler) newPod(runner v1alpha1.Runner) (corev1.Pod, error) {
var ( var (
privileged bool = true privileged bool = true
dockerdInRunner bool = runner.Spec.DockerdWithinRunnerContainer != nil && *runner.Spec.DockerdWithinRunnerContainer dockerdInRunner bool = runner.Spec.DockerdWithinRunnerContainer != nil && *runner.Spec.DockerdWithinRunnerContainer
dockerEnabled bool = runner.Spec.DockerEnabled == nil || *runner.Spec.DockerEnabled
) )
runnerImage := runner.Spec.Image runnerImage := runner.Spec.Image
@ -373,7 +374,7 @@ func (r *RunnerReconciler) newPod(runner v1alpha1.Runner) (corev1.Pod, error) {
}, },
} }
if !dockerdInRunner { if !dockerdInRunner && dockerEnabled {
pod.Spec.Volumes = []corev1.Volume{ pod.Spec.Volumes = []corev1.Volume{
{ {
Name: "work", Name: "work",