mirror of
https://codeberg.org/hyperreal/vauxite-build
synced 2024-11-25 12:23:42 +01:00
Try using podman-exec for vauxite-nonfree-job
This commit is contained in:
parent
26c0b25305
commit
8fd50d2f16
@ -37,10 +37,13 @@ vauxite-compose-job:
|
|||||||
vauxite-nonfree-job:
|
vauxite-nonfree-job:
|
||||||
stage: build
|
stage: build
|
||||||
tags:
|
tags:
|
||||||
- shell-exec
|
- podman-exec
|
||||||
variables:
|
variables:
|
||||||
PODMAN_IMAGE_NAME: "${CI_REGISTRY_IMAGE}-nonfree:${CI_COMMIT_REF_SLUG}"
|
PODMAN_IMAGE_NAME: "${CI_REGISTRY_IMAGE}-nonfree:${CI_COMMIT_REF_SLUG}"
|
||||||
before_script:
|
before_script:
|
||||||
|
- printf "fastestmirror=True\ndeltarpm=True\n" | tee -a /etc/dnf/dnf.conf
|
||||||
|
- dnf update -y
|
||||||
|
- dnf install -y container-selinux git git-core podman
|
||||||
- podman login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
|
- podman login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
|
||||||
script:
|
script:
|
||||||
- cd oci/nonfree
|
- cd oci/nonfree
|
||||||
|
35
README.org
35
README.org
@ -2,10 +2,43 @@
|
|||||||
|
|
||||||
This is my personalized Vauxite configuration. Vauxite is an unofficial Xfce variant of ostree-based Fedora. I'm currently working with Fedora developers to make it an official variant. There is already a sort-of-official treefile for Vauxite at https://pagure.io/workstation-ostree-config, as well as an experimental Vauxite container image hosted at https://quay.io/repository/fedora-ostree-desktops/vauxite.
|
This is my personalized Vauxite configuration. Vauxite is an unofficial Xfce variant of ostree-based Fedora. I'm currently working with Fedora developers to make it an official variant. There is already a sort-of-official treefile for Vauxite at https://pagure.io/workstation-ostree-config, as well as an experimental Vauxite container image hosted at https://quay.io/repository/fedora-ostree-desktops/vauxite.
|
||||||
|
|
||||||
The ~vauxite.json~ treefile and ~xfce-desktop-pkgs.yaml~ under the ~src~ directory contain my personal customizations and differ from the [[https://pagure.io/workstation-ostree-config][upstream ones]]. As such, they may not be suitable for everyone.
|
The ~vauxite.json~ treefile and under the ~src~ directory contains my personal customizations and differ from the [[https://pagure.io/workstation-ostree-config][upstream one]], so they may not be suitable for everyone.
|
||||||
|
|
||||||
** How I use this repository
|
** How I use this repository
|
||||||
|
*** Setup GitLab runner with Podman
|
||||||
|
1. Install [[https://docs.gitlab.com/16.9/runner/install/linux-manually.html][GitLab Runner]].
|
||||||
|
2. Create a new runner from the GitLab UI.
|
||||||
|
3. Use the authentication token from the GitLab UI to register a new runner on the machine hosting the runner. Select the Docker executor.
|
||||||
|
#+begin_src shell
|
||||||
|
sudo systemctl enable --now gitlab-runner.service
|
||||||
|
sudo gitlab-runner register --url https://git.hyperreal.coffee --token <TOKEN>
|
||||||
|
#+end_src
|
||||||
|
4. Add the following lines to ~/etc/gitlab-runner/config.toml~ for Podman:
|
||||||
|
#+begin_quote
|
||||||
|
We need to set ~privileged = true~ in order to create new namespaces inside the runner container. See https://github.com/coreos/rpm-ostree/pull/429
|
||||||
|
#+end_quote
|
||||||
|
|
||||||
|
#+begin_src toml
|
||||||
|
[[runners]]
|
||||||
|
environment = ["FF_NETWORK_PER_BUILD=1"]
|
||||||
|
[runners.docker]
|
||||||
|
host = "unix:///run/podman/podman.sock"
|
||||||
|
tls_verify = false
|
||||||
|
image = "registry.fedoraproject.org/fedora:latest"
|
||||||
|
privileged = true
|
||||||
|
volumes = ["/build-repo", "/cache", "/source-repo"]
|
||||||
|
#+end_src
|
||||||
|
|
||||||
|
5. Restart the gitlab-runner:
|
||||||
|
#+begin_src shell
|
||||||
|
sudo gitlab-runner restart
|
||||||
|
#+end_src
|
||||||
|
|
||||||
|
We should now be ready to use the Podman runner.
|
||||||
|
|
||||||
|
*** Additional notes about ~.gitlab-ci.yml~
|
||||||
|
- The package ~container-selinux~ is required for the vauxite-compose-job so SELinux works inside the runner container. I'm considering having a custom image built on a weekly basis from registry.fedoraproject.org/fedora:latest that contains updated packages and the required dependencies, which I would then just use as the runner's container image. The registry.fedoraproject.org/fedora:latest image doesn't seem to be updated at all.
|
||||||
|
- BUILD_REPO and SOURCE_REPO are the directories ~/build-repo~ and ~/source-repo~. If these values are changed, then we would need make equivalent changes to the ~volumes~ directive in ~/etc/gitlab-runner/config.toml~ if we want to keep persistent storage of those repos across pipeline runs. Eventually there will be a conditional in the ~.gitlab-ci.yml~ to clean these volumes if another variable (say CLEAN_BUILD) is set to true.
|
||||||
|
|
||||||
** How I previously used this repository
|
** How I previously used this repository
|
||||||
- I run Fedora Server in a VM on my homelab machine. This Fedora Server has the ~ostree~ and ~rpm-ostree~ commands installed.
|
- I run Fedora Server in a VM on my homelab machine. This Fedora Server has the ~ostree~ and ~rpm-ostree~ commands installed.
|
||||||
|
Loading…
Reference in New Issue
Block a user