initial commit

.dockerignore

@@ -0,0 +1,6 @@
+.drone.yml
+.git
+.gitea
+.gitignore
+LICENSE.md
+README.md

.gitea/workflows/build.yaml

@@ -0,0 +1,140 @@
+name: Build Container Image
+run-name: ${{ gitea.actor }} pushed to ${{ gitea.repository }}:${{ gitea.ref_name }}
+on: [push, workflow_call]
+jobs:
+  buildamd64:
+    if: gitea.repository_owner == 'NephNET' && !contains(github.event.head_commit.message, '#noci')
+    runs-on: nephnet
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v3
+      - name: Docker Build
+        run: |
+          docker build --pull -t code.nephatrine.net/nephnet/drone-runner:${{ gitea.ref_name }}-cached --target builder ${{ gitea.workspace }}
+          docker build --pull -t code.nephatrine.net/nephnet/drone-runner:${{ gitea.ref_name }}-amd64 ${{ gitea.workspace }}
+      - name: Notify Discord
+        uses: actions/discord-status@v1
+        if: always()
+        with:
+          title: "Container Build (X86_64)"
+          webhook: ${{ secrets.DISCORD_WEBHOOK_BUILD }}
+  buildarm64:
+    if: gitea.repository_owner == 'NephNET' && !contains(github.event.head_commit.message, '#noci')
+    runs-on: rpi4
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v3
+      - name: Docker Build
+        run: |
+          docker build --pull -t code.nephatrine.net/nephnet/drone-runner:${{ gitea.ref_name }}-cached --target builder ${{ gitea.workspace }}
+          docker build --pull -t code.nephatrine.net/nephnet/drone-runner:${{ gitea.ref_name }}-arm64v8 ${{ gitea.workspace }}
+      - name: Notify Discord
+        uses: actions/discord-status@v1
+        if: always()
+        with:
+          title: "Container Build (AARCH64)"
+          webhook: ${{ secrets.DISCORD_WEBHOOK_BUILD }}
+  packageamd64:
+    if: gitea.repository_owner == 'NephNET'
+    needs: [buildamd64]
+    runs-on: nephnet
+    steps:
+      - name: Docker Login
+        uses: actions/docker-login@v2
+        with:
+          registry: code.nephatrine.net
+          username: ${{ gitea.actor }}
+          password: ${{ secrets.PACKAGER_TOKEN }}
+      - name: Docker Push
+        run: docker push code.nephatrine.net/nephnet/drone-runner:${{ gitea.ref_name }}-amd64
+  packagearm64:
+    if: gitea.repository_owner == 'NephNET'
+    needs: [buildarm64]
+    runs-on: rpi4
+    steps:
+      - name: Docker Login
+        uses: actions/docker-login@v2
+        with:
+          registry: code.nephatrine.net
+          username: ${{ gitea.actor }}
+          password: ${{ secrets.PACKAGER_TOKEN }}
+      - name: Docker Push
+        run: docker push code.nephatrine.net/nephnet/drone-runner:${{ gitea.ref_name }}-arm64v8
+  manifestpkg:
+    if: gitea.repository_owner == 'NephNET'
+    needs: [packageamd64, packagearm64]
+    runs-on: nephnet
+    steps:
+      - name: Docker Login
+        uses: actions/docker-login@v2
+        with:
+          registry: code.nephatrine.net
+          username: ${{ gitea.actor }}
+          password: ${{ secrets.PACKAGER_TOKEN }}
+      - name: Docker Manifest
+        run: |
+          docker manifest create code.nephatrine.net/nephnet/drone-runner:${{ gitea.ref_name }} --amend code.nephatrine.net/nephnet/drone-runner:${{ gitea.ref_name }}-amd64 --amend code.nephatrine.net/nephnet/drone-runner:${{ gitea.ref_name }}-arm64v8
+          docker manifest push --purge code.nephatrine.net/nephnet/drone-runner:${{ gitea.ref_name }}
+  publishamd64:
+    if: gitea.repository_owner == 'NephNET' && gitea.ref_name == 'master'
+    needs: [buildamd64]
+    runs-on: nephnet
+    steps:
+      - name: Check Base Image
+        if: github.event_name != 'push'
+        uses: actions/docker-base-image-check@v1.2.1
+        id: checkbase
+        with:
+          base-image: nephatrine/alpine-s6:latest-amd64
+          image: nephatrine/drone-runner:latest-amd64
+      - name: Docker Login
+        uses: actions/docker-login@v2
+        with:
+          username: ${{ secrets.DOCKER_USER }}
+          password: ${{ secrets.DOCKER_PASS }}
+      - name: Docker Push
+        run: |
+          docker tag code.nephatrine.net/nephnet/drone-runner:master-amd64 nephatrine/drone-runner:latest-amd64
+          docker push nephatrine/drone-runner:latest-amd64
+      - name: Notify Discord
+        if: github.event_name == 'push' || steps.checkbase.outputs.needs-updating == 'true'
+        uses: actions/discord-status@v1
+        with:
+          title: "DockerHub: drone-runner"
+          description: "The container image was pushed to [DockerHub](https://hub.docker.com/repository/docker/nephatrine/drone-runner/general).\nPull `nephatrine/drone-runner:latest-amd64` for the newest image."
+          nodetail: true
+          webhook: ${{ secrets.DISCORD_WEBHOOK_PACKAGE }}
+  publisharm64:
+    if: gitea.repository_owner == 'NephNET' && gitea.ref_name == 'master'
+    needs: [buildarm64]
+    runs-on: rpi4
+    steps:
+      - name: Docker Login
+        uses: actions/docker-login@v2
+        with:
+          username: ${{ secrets.DOCKER_USER }}
+          password: ${{ secrets.DOCKER_PASS }}
+      - name: Docker Push
+        run: |
+          docker tag code.nephatrine.net/nephnet/drone-runner:master-arm64v8 nephatrine/drone-runner:latest-arm64v8
+          docker push nephatrine/drone-runner:latest-arm64v8
+  manifesthub:
+    if: gitea.repository_owner == 'NephNET' && gitea.ref_name == 'master'
+    needs: [publishamd64, publisharm64]
+    runs-on: nephnet
+    steps:
+      - name: Docker Login
+        uses: actions/docker-login@v2
+        with:
+          username: ${{ secrets.DOCKER_USER }}
+          password: ${{ secrets.DOCKER_PASS }}
+      - name: Docker Manifest
+        run: |
+          docker manifest create nephatrine/drone-runner:0.1.2 --amend nephatrine/drone-runner:latest-amd64 --amend nephatrine/drone-runner:latest-arm64v8
+          docker manifest create nephatrine/drone-runner:0.1 --amend nephatrine/drone-runner:latest-amd64 --amend nephatrine/drone-runner:latest-arm64v8
+          docker manifest create nephatrine/drone-runner:0 --amend nephatrine/drone-runner:latest-amd64 --amend nephatrine/drone-runner:latest-arm64v8
+          docker manifest create nephatrine/drone-runner:latest --amend nephatrine/drone-runner:latest-amd64 --amend nephatrine/drone-runner:latest-arm64v8
+          docker manifest push --purge nephatrine/drone-runner:0.1.2
+          docker manifest push --purge nephatrine/drone-runner:0.1
+          docker manifest push --purge nephatrine/drone-runner:0
+          docker manifest push --purge nephatrine/drone-runner:latest

.gitea/workflows/pullreq.yaml

@@ -0,0 +1,14 @@
+name: Build Container Image
+run-name: ${{ gitea.actor }} pushed to ${{ gitea.repository }}:${{ gitea.ref_name }}
+on:
+  pull_request:
+    types: [ opened, synchronize, ready_for_review ]
+jobs:
+  build:
+    if: gitea.actor == 'nephatrine' && gitea.event.pull_request.draft == false
+    runs-on: nephnet
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v3
+      - name: Docker Build
+        run: docker build --pull ${{ gitea.workspace }}

.gitignore

@@ -0,0 +1,3 @@
+sign-build.sh
+test-build.sh
+fix-perms.sh

Dockerfile

@@ -0,0 +1,17 @@
+FROM nephatrine/nxbuilder:golang AS builder
+
+ARG DRONE_DOCKER_VERSION=v1.8.3
+
+RUN git -C /root clone -b "$DRONE_DOCKER_VERSION" --single-branch --depth=1 https://github.com/drone-runners/drone-runner-docker
+
+RUN echo "====== COMPILE DRONE-RUNNERS ======" \
+ && cd /root/drone-runner-docker && go build -o /go/bin/drone-runner-docker
+
+FROM nephatrine/alpine-s6:latest
+LABEL maintainer="Daniel Wolf <nephatrine@gmail.com>"
+
+RUN echo "====== INSTALL PACKAGES ======" \
+ && apk add --no-cache docker git git-lfs
+
+COPY --from=builder /go/bin/drone-runner-docker /usr/bin/
+COPY override /

LICENSE.md

@@ -0,0 +1,13 @@
+Copyright © 2023 Daniel Wolf <<nephatrine@gmail.com>>
+
+**Permission to use, copy, modify, and distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.**
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

README.md

@@ -0,0 +1,62 @@
+[Git](https://code.nephatrine.net/NephNET/docker-drone-run/src/branch/master) |
+[Docker](https://hub.docker.com/r/nephatrine/drone-runner/) |
+[unRAID](https://code.nephatrine.net/nephatrine/unraid-containers)
+
+# Drone CI/CD Runner
+
+This docker image contains a Drone server to self-host your own continuous
+delivery platform.
+
+**Please note that the runner itself runs as the root user inside the container.**
+
+- [Alpine Linux](https://alpinelinux.org/) w/ [S6 Overlay](https://github.com/just-containers/s6-overlay)
+- [Drone-Runner-Docker](https://docs.drone.io/runner/docker/overview/)
+
+You can spin up a quick temporary test container like this:
+
+~~~
+docker run --rm -v /var/run/docker.sock:/run/docker.sock -it nephatrine/drone-runner:latest /bin/bash
+~~~
+
+## Docker Tags
+
+- **nephatrine/drone-server:latest**: Drone Docker Runner v1.8.3 / Alpine Latest
+
+## Configuration Variables
+
+You can set these parameters using the syntax ``-e "VARNAME=VALUE"`` on your
+``docker run`` command. Some of these may only be used during initial
+configuration and further changes may need to be made in the generated
+configuration files.
+
+- ``DRONE_RPC_SECRET``: Drone CI Secret (**generated**)
+- ``DRONE_RPC_HOST``: Drone CI Hostname (*""*)
+- ``DRONE_RPC_PROTO``: Drone CI Protocol (*"http"*)
+- ``DRONE_RUNNER_NAME``: Runner Name (**generated**)
+- ``DRONE_RUNNER_CAPACITY``: Runner Capacity (**1**)
+- ``PUID``: Mount Owner UID (*1000*)
+- ``PGID``: Mount Owner GID (*100*)
+- ``TZ``: System Timezone (*America/New_York*)
+
+## Persistent Mounts
+
+You can provide a persistent mountpoint using the ``-v /host/path:/container/path``
+syntax. These mountpoints are intended to house important configuration files,
+logs, and application state (e.g. databases) so they are not lost on image
+update.
+
+- ``/mnt/config``: Persistent Data.
+- ``/run/docker.sock`: Docker Daemon Socket.
+
+Do not share ``/mnt/config`` volumes between multiple containers as they may
+interfere with the operation of one another.
+
+You can perform some basic configuration of the container using the files and
+directories listed below.
+
+- ``/mnt/config/etc/crontabs/<user>``: User Crontabs. [*]
+- ``/mnt/config/etc/logrotate.conf``: Logrotate Global Configuration.
+- ``/mnt/config/etc/logrotate.d/``: Logrotate Additional Configuration.
+
+**[*] Changes to some configuration files may require service restart to take
+immediate effect.**

override/etc/logrotate.d/drone-runner-docker

@@ -0,0 +1,4 @@
+/mnt/config/log/drone-docker-runner.log {
+	missingok
+	notifempty
+}

override/etc/s6-overlay/s6-rc.d/drone-runner-docker/dependencies.d/guardian_setup

@@ -0,0 +1 @@
+ 

override/etc/s6-overlay/s6-rc.d/drone-runner-docker/run

@@ -0,0 +1,32 @@
+#!/command/with-contenv /bin/bash
+
+export HOME=/mnt/config/home
+cd /mnt/config/home
+
+# Create Log Directory
+
+if [[ ! -d /mnt/config/log ]]; then
+  /command/s6-setuidgid guardian /bin/mkdir -p /mnt/config/log
+fi
+
+# Start Runner
+
+export DRONE_LOG_FILE=${DRONE_LOG_FILE:-"/mnt/config/log/drone-docker-runner.log"}
+export DRONE_RPC_PROTO=${DRONE_RPC_PROTO:-"http"}
+#export DRONE_RUNNER_OS=${DRONE_RUNNER_OS:-"linux"}
+#export DRONE_RUNNER_ARCH=${DRONE_RUNNER_ARCH:-"amd64"}
+export DRONE_RUNNER_NAME=${DRONE_RPC_PROTO:-"$(hostname)"}
+export DRONE_RUNNER_CAPACITY=${DRONE_RUNNER_CAPACITY:-1}
+
+if [[ ! -f "${DRONE_LOG_FILE}" ]]; then
+  /command/s6-setuidgid guardian /bin/touch "${DRONE_LOG_FILE}"
+else
+  /bin/chown guardian:users "${DRONE_LOG_FILE}"
+fi
+
+if [[ ! -z "${DRONE_RPC_SECRET}" && ! -z "${DRONE_RPC_HOST}" ]]; then
+  exec /usr/bin/drone-runner-docker
+else
+  sleep 300
+  exit 0
+fi

override/etc/s6-overlay/s6-rc.d/drone-runner-docker/type

@@ -0,0 +1 @@
+longrun

override/etc/s6-overlay/s6-rc.d/user/contents.d/drone-runner-docker

@@ -0,0 +1 @@
+