From dc58f6ba13403f1476a4de4463d27c3d3419bc3e Mon Sep 17 00:00:00 2001
From: Thorsten Wildberger <thorsten.wildberger@t-online.de>
Date: Tue, 25 Jul 2023 06:59:49 +0200
Subject: [PATCH] feat: allow more dockerd options (#2701)

---
 docs/using-entrypoint-features.md             | 43 +++++++++++++++++++
 ...nner-dind-rootless.ubuntu-20.04.dockerfile |  4 ++
 ...nner-dind-rootless.ubuntu-22.04.dockerfile |  4 ++
 runner/entrypoint-dind-rootless.sh            |  1 -
 4 files changed, 51 insertions(+), 1 deletion(-)

diff --git a/docs/using-entrypoint-features.md b/docs/using-entrypoint-features.md
index 98ff04f7..432b4d4d 100644
--- a/docs/using-entrypoint-features.md
+++ b/docs/using-entrypoint-features.md
@@ -66,4 +66,47 @@ spec:
           value: "172.17.0.0/12"
         - name: DOCKER_DEFAULT_ADDRESS_POOL_SIZE
           value: "24"
+```
+
+More options can be configured by mounting a configmap to the daemon.json location:
+
+- rootless: /home/runner/.config/docker/daemon.json
+- rootful: /etc/docker/daemon.json
+
+```yaml
+apiVersion: actions.summerwind.dev/v1alpha1
+kind: RunnerDeployment
+metadata:
+  name: example-runnerdeployment
+spec:
+  template:
+    spec:
+      dockerdWithinRunnerContainer: true
+      image: summerwind/actions-runner-dind(-rootless)
+      volumeMounts:
+        - mountPath: /home/runner/.config/docker/daemon.json
+          name: daemon-config-volume
+          subPath: daemon.json
+      volumes:
+        - name: daemon-config-volume
+          configMap:
+            name: daemon-cm
+            items:
+              - key: daemon.json
+                path: daemon.json
+      securityContext:
+        fsGroup: 1001 # runner user id
+```
+
+```yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: daemon-cm
+data:
+  daemon.json: |
+    {
+      "log-level": "warn",
+      "dns": ["x.x.x.x"]
+    }
 ```
\ No newline at end of file
diff --git a/runner/actions-runner-dind-rootless.ubuntu-20.04.dockerfile b/runner/actions-runner-dind-rootless.ubuntu-20.04.dockerfile
index 79b540d7..0991c265 100644
--- a/runner/actions-runner-dind-rootless.ubuntu-20.04.dockerfile
+++ b/runner/actions-runner-dind-rootless.ubuntu-20.04.dockerfile
@@ -146,5 +146,9 @@ RUN export ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
     && which docker-compose \
     && docker compose version
 
+# Create folder structure here to avoid permission issues
+# when mounting the daemon.json file from a configmap.
+RUN mkdir -p /home/runner/.config/docker
+
 ENTRYPOINT ["/bin/bash", "-c"]
 CMD ["entrypoint-dind-rootless.sh"]
diff --git a/runner/actions-runner-dind-rootless.ubuntu-22.04.dockerfile b/runner/actions-runner-dind-rootless.ubuntu-22.04.dockerfile
index 506f16f6..68e11e0a 100644
--- a/runner/actions-runner-dind-rootless.ubuntu-22.04.dockerfile
+++ b/runner/actions-runner-dind-rootless.ubuntu-22.04.dockerfile
@@ -123,5 +123,9 @@ RUN export ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
     && which docker-compose \
     && docker compose version
 
+# Create folder structure here to avoid permission issues
+# when mounting the daemon.json file from a configmap.
+RUN mkdir -p /home/runner/.config/docker
+
 ENTRYPOINT ["/bin/bash", "-c"]
 CMD ["entrypoint-dind-rootless.sh"]
diff --git a/runner/entrypoint-dind-rootless.sh b/runner/entrypoint-dind-rootless.sh
index 668de492..9c8cc011 100644
--- a/runner/entrypoint-dind-rootless.sh
+++ b/runner/entrypoint-dind-rootless.sh
@@ -5,7 +5,6 @@ trap graceful_stop TERM
 
 log.notice "Writing out Docker config file"
 /bin/bash <<SCRIPT
-mkdir -p /home/runner/.config/docker/
 
 if [ ! -f /home/runner/.config/docker/daemon.json ]; then
   echo "{}" > /home/runner/.config/docker/daemon.json