Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change runner image to make user/folder align with ubuntu-latest hosted runner. #2469

Merged
merged 1 commit into from
Mar 2, 2023
Merged

Change runner image to make user/folder align with ubuntu-latest hosted runner. #2469

merged 1 commit into from
Mar 2, 2023

Conversation

TingluoHuang
Copy link
Member

  • Runner is going to be placed under /home/runner/run.sh
  • The runner work dir will be under /home/runner/_work
  • Install sudo to the image, and make user runner as passwordless sudoers
  • The /home/runner is owned by runner:docker (1001:123)

@TingluoHuang TingluoHuang requested a review from a team as a code owner March 1, 2023 18:34
@TingluoHuang TingluoHuang mentioned this pull request Mar 1, 2023
Merged
Link-
Link- reviewed Mar 2, 2023
View reviewed changes
images/Dockerfile
Comment on lines +36 to +37
RUN adduser --disabled-password --gecos "" --uid 1001 runner \
&& groupadd docker --gid 123 \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we want to extract those as ARGs? Is there ever a scenario where we'll want to change those at build time?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I will change it to ARG once we need to. 😄

Link-
Link- reviewed Mar 2, 2023
View reviewed changes
images/Dockerfile
RUN apt-get update -y \
&& apt-get install -y --no-install-recommends \
sudo \
&& rm -rf /var/lib/apt/lists/*
Copy link
Member

@Link- Link- Mar 2, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm thinking out loud here, do we have a need for the ca-certificates package to be installed?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like a reasonable thing to do.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we add git as well?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the dotnet base image we use already installed ca-certificates
https://github.com/dotnet/dotnet-docker/blob/main/src/runtime-deps/6.0/bullseye-slim/amd64/Dockerfile

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We will avoid git for now, since that will require us to patch the image every time git has a security patch.

Link-
Link- reviewed Mar 2, 2023
View reviewed changes
Copy link
Member

@Link- Link- left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Left some nits

@TingluoHuang TingluoHuang merged commit d61b27b into main Mar 2, 2023
@TingluoHuang TingluoHuang deleted the users/tihuang/updateimage branch March 2, 2023 18:42
nikola-jokic pushed a commit to nikola-jokic/runner that referenced this pull request May 12, 2023
@TingluoHuang @nikola-jokic
Change runner image to make user/folder align with ubuntu-latest host…
5bca536 
…ed runner. (actions#2469)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Link- Link- Link- approved these changes

@chrispat chrispat chrispat approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@TingluoHuang @chrispat @Link-