mirror of
https://gitea.com/gitea/act_runner.git
synced 2026-06-05 08:12:44 +00:00
270ea41232
Running the full suite under `-race` (dropping `-short`) exposed pre-existing data races in parallel matrix-job execution, fixed by not sharing mutable state across combinations: - `containerDaemonSocket()`/`validVolumes()` derive per-job values instead of mutating shared `Config` - `getWorkflowSecrets` builds a fresh map, `rc.steps()` clones each step, and go-git workdir access is serialized - every write to a shared `Job`'s result/outputs runs under a per-`Job` lock, each combo interpolating outputs from a pristine snapshot (last wins, as on GitHub) ### Test suite - capability gates (docker / network / host-tools / Linux) replace the `-short` skips, and the suite runs offline via local fixtures (the artifact flow uses an in-process loopback server, only the docker-action force-pull needs the network) - drops redundant tests, adds a regression test for https://gitea.com/gitea/runner/issues/981 and a docker-in-docker harness (`make test-dind`) --- This PR was written with the help of Claude Opus 4.7 Reviewed-on: https://gitea.com/gitea/runner/pulls/994 Reviewed-by: Nicolas <bircni@icloud.com> Co-authored-by: silverwind <me@silverwind.io> Co-committed-by: silverwind <me@silverwind.io>
72 lines
2.0 KiB
Go
72 lines
2.0 KiB
Go
// Copyright 2023 The Gitea Authors. All rights reserved.
|
|
// Copyright 2021 The nektos/act Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
//go:build !(WITHOUT_DOCKER || !(linux || darwin || windows || netbsd))
|
|
|
|
package container
|
|
|
|
import (
|
|
"context"
|
|
|
|
"gitea.com/gitea/runner/act/common"
|
|
|
|
"github.com/distribution/reference"
|
|
"github.com/docker/cli/cli/config"
|
|
"github.com/moby/moby/api/types/registry"
|
|
)
|
|
|
|
func LoadDockerAuthConfig(ctx context.Context, image string) (registry.AuthConfig, error) {
|
|
logger := common.Logger(ctx)
|
|
// config.LoadDefaultConfigFile panics on nil io.Writer when the config
|
|
// file is malformed; use config.Load to route errors through the logger.
|
|
cfg, err := config.Load(config.Dir())
|
|
if err != nil {
|
|
logger.Warnf("Could not load docker config: %v", err)
|
|
return registry.AuthConfig{}, err
|
|
}
|
|
registryKey := registryAuthConfigKey("docker.io")
|
|
if image != "" {
|
|
if registryRef, refErr := reference.ParseNormalizedNamed(image); refErr != nil {
|
|
logger.Warnf("Could not normalize image reference: %v", refErr)
|
|
} else {
|
|
registryKey = registryAuthConfigKey(reference.Domain(registryRef))
|
|
}
|
|
}
|
|
|
|
authConfig, err := cfg.GetAuthConfig(registryKey)
|
|
if err != nil {
|
|
logger.Warnf("Could not get auth config from docker config: %v", err)
|
|
return registry.AuthConfig{}, err
|
|
}
|
|
|
|
return registry.AuthConfig(authConfig), nil
|
|
}
|
|
|
|
func LoadDockerAuthConfigs(ctx context.Context) map[string]registry.AuthConfig {
|
|
logger := common.Logger(ctx)
|
|
cfg, err := config.Load(config.Dir())
|
|
if err != nil {
|
|
logger.Warnf("Could not load docker config: %v", err)
|
|
return nil
|
|
}
|
|
creds, err := cfg.GetAllCredentials()
|
|
if err != nil {
|
|
logger.Warnf("Could not get docker auth configs: %v", err)
|
|
return nil
|
|
}
|
|
authConfigs := make(map[string]registry.AuthConfig, len(creds))
|
|
for k, v := range creds {
|
|
authConfigs[k] = registry.AuthConfig(v)
|
|
}
|
|
|
|
return authConfigs
|
|
}
|
|
|
|
func registryAuthConfigKey(domainName string) string {
|
|
if domainName == "docker.io" || domainName == "index.docker.io" {
|
|
return "https://index.docker.io/v1/"
|
|
}
|
|
return domainName
|
|
}
|