From 2e08dd2333f71a1a90cd71d555c57021a967ea8f Mon Sep 17 00:00:00 2001 From: Lauris BH Date: Mon, 26 Sep 2022 17:59:26 +0300 Subject: [PATCH] Add option to set default volumes for docker backend (#1203) --- .../30-administration/22-backends/10-docker.md | 8 +++++++- pipeline/backend/docker/docker.go | 16 ++++++++++++++++ 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/docs/docs/30-administration/22-backends/10-docker.md b/docs/docs/30-administration/22-backends/10-docker.md index ff2fb2491..7de0d0a15 100644 --- a/docs/docs/30-administration/22-backends/10-docker.md +++ b/docs/docs/30-administration/22-backends/10-docker.md @@ -14,6 +14,12 @@ Set to the name of an existing network which will be attached to all your pipeli Enable IPv6 for the networks used by pipeline containers (steps). Make sure you configured your docker daemon to support IPv6. +### `WOODPECKER_BACKEND_DOCKER_VOLUMES` +> Default: empty + +List of default volumes separated by comma to be mounted to all pipeline containers (steps). For example to use custom CA +certificates installed on host and host timezone use `/etc/ssl/certs:/etc/ssl/certs:ro,/etc/timezone:/etc/timezone`. + ## Docker credentials Woodpecker supports [Docker credentials](https://github.com/docker/docker-credential-helpers) to securely store registry credentials. Install your corresponding credential helper and configure it in your Docker config file passed via [`WOODPECKER_DOCKER_CONFIG`](../10-server-config.md#woodpecker_docker_config). @@ -28,4 +34,4 @@ RUN apk add -U --no-cache docker-credential-ecr-login ## Podman support -While the agent was developped with Docker/Moby, Podman can also be used by setting the environment variable `DOCKER_SOCK` to point to the podman socket. In order to work without workarounds, Podman 4.0 (or above) is required. +While the agent was developed with Docker/Moby, Podman can also be used by setting the environment variable `DOCKER_SOCK` to point to the podman socket. In order to work without workarounds, Podman 4.0 (or above) is required. diff --git a/pipeline/backend/docker/docker.go b/pipeline/backend/docker/docker.go index 337c2a655..99645fa31 100644 --- a/pipeline/backend/docker/docker.go +++ b/pipeline/backend/docker/docker.go @@ -23,6 +23,7 @@ type docker struct { client client.APIClient enableIPv6 bool network string + volumes []string } // make sure docker implements Engine @@ -59,6 +60,18 @@ func (e *docker) Load() error { e.network = os.Getenv("WOODPECKER_BACKEND_DOCKER_NETWORK") + volumes := strings.Split(os.Getenv("WOODPECKER_BACKEND_DOCKER_VOLUMES"), ",") + e.volumes = make([]string, 0, len(volumes)) + // Validate provided volume definitions + for _, v := range volumes { + parts, err := splitVolumeParts(v) + if err != nil { + log.Error().Err(err).Msgf("invalid volume '%s' provided in WOODPECKER_BACKEND_DOCKER_VOLUMES", v) + continue + } + e.volumes = append(e.volumes, strings.Join(parts, ":")) + } + return nil } @@ -117,6 +130,9 @@ func (e *docker) Exec(ctx context.Context, proc *backend.Step) error { } } + // add default volumes to the host configuration + hostConfig.Binds = append(hostConfig.Binds, e.volumes...) + _, err := e.client.ContainerCreate(ctx, config, hostConfig, nil, nil, proc.Name) if client.IsErrNotFound(err) { // automatically pull and try to re-create the image if the