woodpecker/docker
woodpecker/docker
1
0
Fork 0
Code Issues 1 Pull requests Activity

1
Some checks failed
ci/woodpecker/pr/lint Pipeline was successful
Details
ci/woodpecker/pr/build Pipeline was successful
Details
ci/woodpecker/pr/test/2 Pipeline failed
Details
ci/woodpecker/pr/test/1 Pipeline failed
Details

Browse source 
1
This commit is contained in:
Stephan Schnabel 2025-06-19 16:50:32 +02:00
parent 7db99e0fa6
commit ee0ff67872
Signed by: stephan.schnabel
SSH key fingerprint: SHA256:99zuzxNGFb5/5P+E/O7ONU2qhUojUe/D8rIPTW+9Xp0
5 changed files with 75 additions and 80 deletions
Download patch file Download diff file Expand all files Collapse all files

13
.github/README.md vendored Normal file
View file

@ -0,0 +1,13 @@
# Docker Daemon WoodpeckerCI Plugin
[![pulls](https://img.shields.io/docker/pulls/kokuwaio/dockerd)](https://hub.docker.com/r/kokuwaio/dockerd)
[![size](https://img.shields.io/docker/image-size/kokuwaio/dockerd)](https://hub.docker.com/r/kokuwaio/dockerd)
[![dockerfile](https://img.shields.io/badge/source-Dockerfile%20-blue)](https://git.kokuwa.io/woodpecker/dockerd/src/branch/main/Dockerfile)
[![license](https://img.shields.io/badge/License-EUPL%201.2-blue)](https://git.kokuwa.io/woodpecker/dockerd/src/branch/main/LICENSE)
[![prs](https://img.shields.io/gitea/pull-requests/open/woodpecker/dockerd?gitea_url=https%3A%2F%2Fgit.kokuwa.io)](https://git.kokuwa.io/woodpecker/dockerd/pulls)
[![issues](https://img.shields.io/gitea/issues/open/woodpecker/dockerd?gitea_url=https%3A%2F%2Fgit.kokuwa.io)](https://git.kokuwa.io/woodpecker/dockerd/issues)
A [Woodpecker I](https://woodpecker-ci.org) prepared docker daemon.
Also usable with Gitlab, Github or locally, see examples for usage.
For more documention see: [git.kokuwa.io/woodpecker/dockerd](https://git.kokuwa.io/woodpecker/dockerd)

45
.woodpecker/test.yaml
View file

@ -1,9 +1,8 @@
when: when:
instance: ci.kokuwa.io instance: ci.kokuwa.io
repo: woodpecker/dockerd repo: woodpecker/dockerd
event: [manual, push, pull_request] event: pull_request
branch: main path: [.woodpecker/build.yaml, .woodpecker/test.yaml, Dockerfile, Dockerfile.dockerignore, entrypoint.sh]
path: [.woodpecker/build.yaml, Dockerfile, Dockerfile.dockerignore, entrypoint.sh]
depends_on: [build] depends_on: [build]
matrix: matrix:
@ -11,26 +10,28 @@ matrix:
labels: labels:
platform: linux/${PLATFORM} platform: linux/${PLATFORM}
services:
- name: dockerd
image: registry.kokuwa.io/kokuwaio/dockerd:ci-${CI_PIPELINE_NUMBER}
ports: [2375]
privileged: true
steps: steps:
pr: info:
image: registry.kokuwa.io/kokuwaio/dockerd:ci-${CI_PIPELINE_NUMBER} image: kokuwaio/docker-cli
commands: dockerd --version commands: docker info
when: environment:
event: pull_request DOCKER_HOST: tcp://dockerd:2375
kokuwa.io: &version pull:
image: registry.kokuwa.io/kokuwaio/dockerd image: kokuwaio/docker-cli
pull: true commands: docker pull bash
commands: dockerd --version environment:
when: DOCKER_HOST: tcp://dockerd:2375
event: [manual, push]
branch: main
docker.io: run:
image: docker.io/kokuwaio/dockerd image: kokuwaio/docker-cli
<<: *version commands: docker run --rm bash uname -a
environment:
ghcr.io: DOCKER_HOST: tcp://dockerd:2375
image: ghcr.io/kokuwaio/dockerd
<<: *version

13
Dockerfile
View file

@ -25,18 +25,23 @@ RUN ARCH=$(dpkg --print-architecture) && curl --fail --silent --parallel --remot
FROM docker.io/library/debian:12.11-slim@sha256:e5865e6858dacc255bead044a7f2d0ad8c362433cfaa5acefb670c1edf54dfef FROM docker.io/library/debian:12.11-slim@sha256:e5865e6858dacc255bead044a7f2d0ad8c362433cfaa5acefb670c1edf54dfef
SHELL ["/bin/bash", "-u", "-e", "-o", "pipefail", "-c"] SHELL ["/bin/bash", "-u", "-e", "-o", "pipefail", "-c"]
RUN --mount=type=cache,target=/var/lib/apt/lists,sharing=locked \
--mount=type=tmpfs,target=/var/log \
--mount=type=tmpfs,target=/var/cache \
apt-get -qq update && \
apt-get -qq install --yes --no-install-recommends ca-certificates uidmap slirp4netns dbus-user-session iproute2 && \
rm -rf /etc/*- /var/lib/dpkg/*-old /var/lib/dpkg/status
RUN --mount=type=bind,from=download,source=/tmp/docker,target=/tmp/docker \ RUN --mount=type=bind,from=download,source=/tmp/docker,target=/tmp/docker \
--mount=type=cache,target=/var/lib/apt/lists,sharing=locked \ --mount=type=cache,target=/var/lib/apt/lists,sharing=locked \
--mount=type=tmpfs,target=/var/log \ --mount=type=tmpfs,target=/var/log \
--mount=type=tmpfs,target=/var/cache \ --mount=type=tmpfs,target=/var/cache \
ls -lA /tmp/docker/ && \
apt-get -qq update && \ apt-get -qq update && \
apt-get -qq install --yes --no-install-recommends ca-certificates uidmap slirp4netns dbus-user-session iproute2 /tmp/docker/*.deb && \ apt-get -qq install --yes --no-install-recommends /tmp/docker/*.deb && \
rm -rf /etc/*- /var/lib/dpkg/*-old /var/lib/dpkg/status rm -rf /etc/*- /var/lib/dpkg/*-old /var/lib/dpkg/status
RUN useradd dockerd --uid 1000 --home-dir /woodpecker/docker --create-home && \ RUN useradd dockerd --uid 1000 --home-dir /home/docker --create-home && rm /etc/*- /home/docker/.* && \
echo dockerd:100000:65536 >/etc/subuid && \ echo dockerd:100000:65536 >/etc/subuid && \
echo dockerd:100000:65536 >/etc/subgid echo dockerd:100000:65536 >/etc/subgid
USER 1000
COPY --chmod=555 entrypoint.sh /usr/bin/entrypoint.sh COPY --chmod=555 entrypoint.sh /usr/bin/entrypoint.sh
ENTRYPOINT ["/usr/bin/entrypoint.sh"] ENTRYPOINT ["/usr/bin/entrypoint.sh"]
USER 1000

75
README.md
View file

@ -1,64 +1,43 @@
# Docker Daemon WoodpeckerCI Plugin # Docker Daemon WoodpeckerCI Plugin
[![pulls](https://img.shields.io/docker/pulls/kokuwaio/dockerhub-metadata)](https://hub.docker.com/repository/docker/kokuwaio/dockerhub-metadata) [![pulls](https://img.shields.io/docker/pulls/kokuwaio/dockerd)](https://hub.docker.com/r/kokuwaio/dockerd)
[![size](https://img.shields.io/docker/image-size/kokuwaio/dockerhub-metadata)](https://hub.docker.com/repository/docker/kokuwaio/dockerhub-metadata) [![size](https://img.shields.io/docker/image-size/kokuwaio/dockerd)](https://hub.docker.com/r/kokuwaio/dockerd)
[![dockerfile](https://img.shields.io/badge/source-Dockerfile%20-blue)](https://github.com/kokuwaio/dockerhub-metadata/blob/main/Dockerfile) [![dockerfile](https://img.shields.io/badge/source-Dockerfile%20-blue)](https://git.kokuwa.io/woodpecker/dockerd/src/branch/main/Dockerfile)
[![license](https://img.shields.io/github/license/kokuwaio/dockerhub-metadata)](https://github.com/kokuwaio/dockerhub-metadata/blob/main/LICENSE) [![license](https://img.shields.io/badge/License-EUPL%201.2-blue)](https://git.kokuwa.io/woodpecker/dockerd/src/branch/main/LICENSE)
[![issues](https://img.shields.io/github/issues/kokuwaio/dockerhub-metadata)](https://github.com/kokuwaio/dockerhub-metadata/issues) [![prs](https://img.shields.io/gitea/pull-requests/open/woodpecker/dockerd?gitea_url=https%3A%2F%2Fgit.kokuwa.io)](https://git.kokuwa.io/woodpecker/dockerd/pulls)
[![issues](https://img.shields.io/gitea/issues/open/woodpecker/dockerd?gitea_url=https%3A%2F%2Fgit.kokuwa.io)](https://git.kokuwa.io/woodpecker/dockerd/issues)
A [Woodpecker CI](https://woodpecker-ci.org) prepared docker daemon. A [Woodpecker I](https://woodpecker-ci.org) prepared docker daemon.
Also usable with Gitlab, Github or locally, see examples for usage. Also usable with Gitlab, Github or locally, see examples for usage.
## Features ## Features
- set full description in repository from local file - includes rootless
- set short description in repository from settings - configures mirror for dockerd
- set categories for repository
## Example ## Example
Woodpecker:
```yaml ```yaml
services:
- name: dockerd
image: kokuwaio/dockerd
ports: [2375, 8080]
steps: steps:
dockerhub: info:
image: kokuwaio/dockerhub-metadata image: kokuwaio/docker-cli
depends_on: [] commands: docker info
settings: environment:
repository: kokuwaio/example-image DOCKER_HOST: tcp://dockerd:2375
description-short: This image does that!
categories: [developer-tools, integration-and-delivery]
username: {from_secret: DOCKERHUB_USERNAME}
password: {from_secret: DOCKERHUB_PASSWORD}
when:
event: push
branch: main
path: README.md
```
Gitlab:
```yaml
dockerhub:
stage: deploy
needs: []
image: kokuwaio/hadolint
variables:
PLUGIN_REPOSITORY: kokuwaio/example-image
PLUGIN_DESCRIPTION_SHORT: This image does that!
PLUGIN_CATEGORIES: developer-tools,integration-and-delivery
rules:
- if: $CI_PIPELINE_SOURCE == "push"
changes: [README.md]
``` ```
## Settings ## Settings
| Settings Name | Environment | Default | Description | | Environment | Default | Description |
| ------------------- | ------------------------ | ----------- | ----------------------------------------------------------- | | ------------------------- | ------- | ---------------------------------------------------------------------------------- |
| `repository` | PLUGIN_DOCKER_PORT | `none` | Repository to update with metadata, e.g. `kokuwaio/example` | | DOCKERD_PORT | `2375` | Specifies the port to listen on |
| `description-short` | PLUGIN_DESCRIPTION_SHORT | `none` | Short description for repository. | | DOCKERD_SHUTDOWN_TIMEOUT | `0` | Set the default shutdown timeout |
| `description-file` | PLUGIN_DESCRIPTION_FILE | `README.md` | File to read full description from | | DOCKERD_LOG_LEVEL | `none` | Set the [logging level](https://docs.docker.com/reference/cli/dockerd/#log-format) |
| `categories` | PLUGIN_CATEGORIES | `[]` | List of categories to set (maximum 3) | | DOCKERD_REGISTRY_MIRROR | `none` | Specifies a list of registry mirrors. |
| `username` | PLUGIN_USERNAME | `none` | Username for Dockerhub login | | DOCKERD_INSECURE_REGISTRY | `none | Configure [insecure registry](https://docs.docker.com/reference/cli/dockerd/#insecure-registries) |
| `password` | PLUGIN_PASSWORD | `none` | Password for Dockerhub login, **PAT** is not supported! |

9
entrypoint.sh
View file

@ -7,10 +7,7 @@ set -e;
## build command to execute ## build command to execute
## ##
COMMAND="dockerd --rootless --host=0.0.0.0:${DOCKERD_PORT:-2375} --tls=false --data-root=/woodpecker/docker --shutdown-timeout=${DOCKERD_SHUTDOWN_TIMEOUT:-0} --feature=buildkit=true --feature=containerd-snapshotter=true" COMMAND="dockerd --rootless --host=0.0.0.0:${DOCKERD_PORT:-2375} --tls=false --data-root=/home/docker --shutdown-timeout=${DOCKERD_SHUTDOWN_TIMEOUT:-0} --feature=buildkit=true --feature=containerd-snapshotter=true"
if [[ "${DOCKERD_ROOTLESS:-true}" == "true" ]]; then
COMMAND+=" "
fi
if [[ -n "$DOCKERD_LOG_LEVEL" ]]; then if [[ -n "$DOCKERD_LOG_LEVEL" ]]; then
COMMAND+=" --log-level=$DOCKERD_LOG_LEVEL" COMMAND+=" --log-level=$DOCKERD_LOG_LEVEL"
fi fi
@ -28,7 +25,7 @@ fi
## execute command ## execute command
## ##
export XDG_RUNTIME_DIR=/woodpecker/docker/runtime export XDG_RUNTIME_DIR=/home/docker/runtime
COMMAND="rootlesskit --state-dir=/woodpecker/docker/rootlesskit --copy-up=/etc --copy-up=/run --propagation=rslave --disable-host-loopback --net=slirp4netns --slirp4netns-sandbox=auto --slirp4netns-seccomp=auto --port-driver=builtin $COMMAND" COMMAND="rootlesskit --publish=0.0.0.0:${DOCKERD_PORT:-2375}:${DOCKERD_PORT:-2375}/tcp --disable-host-loopback --copy-up=/etc --copy-up=/run --net=slirp4netns --slirp4netns-sandbox=auto --slirp4netns-seccomp=auto --port-driver=builtin $COMMAND"
echo -e "${COMMAND// --/\\n --}\n" echo -e "${COMMAND// --/\\n --}\n"
eval "$COMMAND" eval "$COMMAND"