Bastian de Byl
2640d09cb5
Switch the act_runners from :host execution to docker:// images backed by a rootless podman socket under the gitea-runner user, so each job runs in its own ephemeral container with per-job Go caches. This eliminates the cross-repo GOMODCACHE/go-build poisoning that forced the debyl runner to capacity:1. - deps.yml: enable the rootless --user podman.socket, ensure subuid/subgid, register gitea_runner_uid; drop the rootful system socket override, podman-docker and host golang - images.yml + Containerfile.ci/.espidf: build localhost/gitea-ci and localhost/gitea-ci-espidf into the runner's rootless image store - config.yaml.j2: docker:// labels (per-runner overridable), docker_host -> rootless socket, force_pull false - act_runner.service.j2: XDG_RUNTIME_DIR + DOCKER_HOST -> user socket - defaults: uniform capacity:4 (drop the debyl capacity:1 workaround); esp_idf_version now tags the espressif/idf-based image - main.yml: import images.yml, drop the host esp-idf install (firmware jobs use the espressif/idf job container instead) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
17 lines
823 B
Docker
17 lines
823 B
Docker
# ESP-IDF firmware job image (managed by ansible: roles/gitea-actions).
|
|
# Adds node (required by actions/checkout and other JS actions) and the AWS CLI
|
|
# (firmware artifacts ship to S3) on top of the official Espressif toolchain.
|
|
# IDF lives at /opt/esp/idf — firmware jobs source /opt/esp/idf/export.sh.
|
|
FROM espressif/idf:{{ esp_idf_version }}
|
|
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
curl ca-certificates unzip \
|
|
&& curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
|
|
&& apt-get install -y --no-install-recommends nodejs \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
RUN curl -fsSL "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o /tmp/awscliv2.zip \
|
|
&& unzip -q /tmp/awscliv2.zip -d /tmp \
|
|
&& /tmp/aws/install \
|
|
&& rm -rf /tmp/aws /tmp/awscliv2.zip
|