From f61257a765daf37d57a04ddcab7141be47e59976 Mon Sep 17 00:00:00 2001
From: Stephan Schnabel <stephan.schnabel@grayc.de>
Date: Thu, 19 Jun 2025 16:50:32 +0200
Subject: [PATCH] 1

1
---
 .github/README.md     | 13 ++++++++
 .woodpecker/test.yaml | 44 ++++++++++++-------------
 Dockerfile            | 13 +++++---
 README.md             | 75 ++++++++++++++++---------------------------
 entrypoint.sh         |  9 ++----
 5 files changed, 74 insertions(+), 80 deletions(-)
 create mode 100644 .github/README.md

diff --git a/.github/README.md b/.github/README.md
new file mode 100644
index 0000000..ab5244a
--- /dev/null
+++ b/.github/README.md
@@ -0,0 +1,13 @@
+# Docker Daemon WoodpeckerCI Plugin
+
+[![pulls](https://img.shields.io/docker/pulls/kokuwaio/dockerd)](https://hub.docker.com/r/kokuwaio/dockerd)
+[![size](https://img.shields.io/docker/image-size/kokuwaio/dockerd)](https://hub.docker.com/r/kokuwaio/dockerd)
+[![dockerfile](https://img.shields.io/badge/source-Dockerfile%20-blue)](https://git.kokuwa.io/woodpecker/dockerd/src/branch/main/Dockerfile)
+[![license](https://img.shields.io/badge/License-EUPL%201.2-blue)](https://git.kokuwa.io/woodpecker/dockerd/src/branch/main/LICENSE)
+[![prs](https://img.shields.io/gitea/pull-requests/open/woodpecker/dockerd?gitea_url=https%3A%2F%2Fgit.kokuwa.io)](https://git.kokuwa.io/woodpecker/dockerd/pulls)
+[![issues](https://img.shields.io/gitea/issues/open/woodpecker/dockerd?gitea_url=https%3A%2F%2Fgit.kokuwa.io)](https://git.kokuwa.io/woodpecker/dockerd/issues)
+
+A [Woodpecker I](https://woodpecker-ci.org) prepared docker daemon.
+Also usable with Gitlab, Github or locally, see examples for usage.
+
+For more documention see: [git.kokuwa.io/woodpecker/dockerd](https://git.kokuwa.io/woodpecker/dockerd)
diff --git a/.woodpecker/test.yaml b/.woodpecker/test.yaml
index afb0e0e..100c65e 100644
--- a/.woodpecker/test.yaml
+++ b/.woodpecker/test.yaml
@@ -1,9 +1,8 @@
 when:
   instance: ci.kokuwa.io
   repo: woodpecker/dockerd
-  event: [manual, push, pull_request]
-  branch: main
-  path: [.woodpecker/build.yaml, Dockerfile, Dockerfile.dockerignore, entrypoint.sh]
+  event: pull_request
+  path: [.woodpecker/build.yaml, .woodpecker/test.yaml, Dockerfile, Dockerfile.dockerignore, entrypoint.sh]
 
 depends_on: [build]
 matrix:
@@ -11,26 +10,27 @@ matrix:
 labels:
   platform: linux/${PLATFORM}
 
+services:
+  - name: dockerd
+    image: registry.kokuwa.io/kokuwaio/dockerd:ci-${CI_PIPELINE_NUMBER}
+    ports: [2375]
+
 steps:
 
-  pr:
-    image: registry.kokuwa.io/kokuwaio/dockerd:ci-${CI_PIPELINE_NUMBER}
-    commands: dockerd --version
-    when:
-      event: pull_request
+  info:
+    image: kokuwaio/docker-cli
+    commands: docker info
+    environment:
+      DOCKER_HOST: tcp://dockerd:2375
 
-  kokuwa.io: &version
-    image: registry.kokuwa.io/kokuwaio/dockerd
-    pull: true
-    commands: dockerd --version
-    when:
-      event: [manual, push]
-      branch: main
+  pull:
+    image: kokuwaio/docker-cli
+    commands: docker pull bash
+    environment:
+      DOCKER_HOST: tcp://dockerd:2375
 
-  docker.io:
-    image: docker.io/kokuwaio/dockerd
-    <<: *version
-
-  ghcr.io:
-    image: ghcr.io/kokuwaio/dockerd
-    <<: *version
+  run:
+    image: kokuwaio/docker-cli
+    commands: docker run --rm bash uname -a
+    environment:
+      DOCKER_HOST: tcp://dockerd:2375
diff --git a/Dockerfile b/Dockerfile
index 44b8ab0..dced34e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -25,18 +25,23 @@ RUN ARCH=$(dpkg --print-architecture) && curl --fail --silent --parallel --remot
 
 FROM docker.io/library/debian:12.11-slim@sha256:e5865e6858dacc255bead044a7f2d0ad8c362433cfaa5acefb670c1edf54dfef
 SHELL ["/bin/bash", "-u", "-e", "-o", "pipefail", "-c"]
+RUN --mount=type=cache,target=/var/lib/apt/lists,sharing=locked \
+	--mount=type=tmpfs,target=/var/log \
+	--mount=type=tmpfs,target=/var/cache \
+	apt-get -qq update && \
+	apt-get -qq install --yes --no-install-recommends ca-certificates uidmap slirp4netns dbus-user-session iproute2 && \
+	rm -rf /etc/*- /var/lib/dpkg/*-old /var/lib/dpkg/status
 RUN --mount=type=bind,from=download,source=/tmp/docker,target=/tmp/docker \
 	--mount=type=cache,target=/var/lib/apt/lists,sharing=locked \
 	--mount=type=tmpfs,target=/var/log \
 	--mount=type=tmpfs,target=/var/cache \
-	ls -lA /tmp/docker/ && \
 	apt-get -qq update && \
-	apt-get -qq install --yes --no-install-recommends ca-certificates uidmap slirp4netns dbus-user-session iproute2 /tmp/docker/*.deb && \
+	apt-get -qq install --yes --no-install-recommends /tmp/docker/*.deb && \
 	rm -rf /etc/*- /var/lib/dpkg/*-old /var/lib/dpkg/status
 
-RUN useradd dockerd --uid 1000 --home-dir /woodpecker/docker --create-home && \
+RUN useradd dockerd --uid 1000 --home-dir /home/docker --create-home && rm /etc/*- /home/docker/.* && \
 	echo dockerd:100000:65536 >/etc/subuid && \
 	echo dockerd:100000:65536 >/etc/subgid
-USER 1000
 COPY --chmod=555 entrypoint.sh /usr/bin/entrypoint.sh
 ENTRYPOINT ["/usr/bin/entrypoint.sh"]
+USER 1000
diff --git a/README.md b/README.md
index 414a5d1..c8bdd81 100644
--- a/README.md
+++ b/README.md
@@ -1,64 +1,43 @@
 # Docker Daemon WoodpeckerCI Plugin
 
-[![pulls](https://img.shields.io/docker/pulls/kokuwaio/dockerhub-metadata)](https://hub.docker.com/repository/docker/kokuwaio/dockerhub-metadata)
-[![size](https://img.shields.io/docker/image-size/kokuwaio/dockerhub-metadata)](https://hub.docker.com/repository/docker/kokuwaio/dockerhub-metadata)
-[![dockerfile](https://img.shields.io/badge/source-Dockerfile%20-blue)](https://github.com/kokuwaio/dockerhub-metadata/blob/main/Dockerfile)
-[![license](https://img.shields.io/github/license/kokuwaio/dockerhub-metadata)](https://github.com/kokuwaio/dockerhub-metadata/blob/main/LICENSE)
-[![issues](https://img.shields.io/github/issues/kokuwaio/dockerhub-metadata)](https://github.com/kokuwaio/dockerhub-metadata/issues)
+[![pulls](https://img.shields.io/docker/pulls/kokuwaio/dockerd)](https://hub.docker.com/r/kokuwaio/dockerd)
+[![size](https://img.shields.io/docker/image-size/kokuwaio/dockerd)](https://hub.docker.com/r/kokuwaio/dockerd)
+[![dockerfile](https://img.shields.io/badge/source-Dockerfile%20-blue)](https://git.kokuwa.io/woodpecker/dockerd/src/branch/main/Dockerfile)
+[![license](https://img.shields.io/badge/License-EUPL%201.2-blue)](https://git.kokuwa.io/woodpecker/dockerd/src/branch/main/LICENSE)
+[![prs](https://img.shields.io/gitea/pull-requests/open/woodpecker/dockerd?gitea_url=https%3A%2F%2Fgit.kokuwa.io)](https://git.kokuwa.io/woodpecker/dockerd/pulls)
+[![issues](https://img.shields.io/gitea/issues/open/woodpecker/dockerd?gitea_url=https%3A%2F%2Fgit.kokuwa.io)](https://git.kokuwa.io/woodpecker/dockerd/issues)
 
-A [Woodpecker CI](https://woodpecker-ci.org) prepared docker daemon.
+A [Woodpecker I](https://woodpecker-ci.org) prepared docker daemon.
 Also usable with Gitlab, Github or locally, see examples for usage.
 
 ## Features
 
-- set full description in repository from local file
-- set short description in repository from settings
-- set categories for repository
+- includes rootless
+- configures mirror for dockerd
 
 ## Example
 
-Woodpecker:
-
 ```yaml
+
+services:
+  - name: dockerd
+    image: kokuwaio/dockerd
+    ports: [2375, 8080]
+
 steps:
-  dockerhub:
-    image: kokuwaio/dockerhub-metadata
-    depends_on: []
-    settings:
-      repository: kokuwaio/example-image
-      description-short: This image does that!
-      categories: [developer-tools, integration-and-delivery]
-      username: {from_secret: DOCKERHUB_USERNAME}
-      password: {from_secret: DOCKERHUB_PASSWORD}
-    when:
-      event: push
-      branch: main
-      path: README.md
-```
-
-Gitlab:
-
-```yaml
-dockerhub:
-  stage: deploy
-  needs: []
-  image: kokuwaio/hadolint
-  variables:
-    PLUGIN_REPOSITORY: kokuwaio/example-image
-    PLUGIN_DESCRIPTION_SHORT: This image does that!
-    PLUGIN_CATEGORIES: developer-tools,integration-and-delivery
-  rules:
-    - if: $CI_PIPELINE_SOURCE == "push"
-      changes: [README.md]
+  info:
+    image: kokuwaio/docker-cli
+    commands: docker info
+    environment:
+      DOCKER_HOST: tcp://dockerd:2375
 ```
 
 ## Settings
 
-| Settings Name       | Environment              | Default     | Description                                                 |
-| ------------------- | ------------------------ | ----------- | ----------------------------------------------------------- |
-| `repository`        | PLUGIN_DOCKER_PORT        | `none`      | Repository to update with metadata, e.g. `kokuwaio/example` |
-| `description-short` | PLUGIN_DESCRIPTION_SHORT | `none`      | Short description for repository.                           |
-| `description-file`  | PLUGIN_DESCRIPTION_FILE  | `README.md` | File to read full description from                          |
-| `categories`        | PLUGIN_CATEGORIES        | `[]`        | List of categories to set (maximum 3)                       |
-| `username`          | PLUGIN_USERNAME          | `none`      | Username for Dockerhub login                                |
-| `password`          | PLUGIN_PASSWORD          | `none`      | Password for Dockerhub login, **PAT** is not supported!     |
+| Environment               | Default | Description                                                                        |
+| ------------------------- | ------- | ---------------------------------------------------------------------------------- |
+| DOCKERD_PORT              | `2375`  | Specifies the port to listen on                                                    |
+| DOCKERD_SHUTDOWN_TIMEOUT  | `0`     | Set the default shutdown timeout                                                   |
+| DOCKERD_LOG_LEVEL         | `none`  | Set the [logging level](https://docs.docker.com/reference/cli/dockerd/#log-format) |
+| DOCKERD_REGISTRY_MIRROR   | `none`  | Specifies a list of registry mirrors.                                              |
+| DOCKERD_INSECURE_REGISTRY | `none   | Configure [insecure registry](https://docs.docker.com/reference/cli/dockerd/#insecure-registries) |
diff --git a/entrypoint.sh b/entrypoint.sh
index b96d355..0940912 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -7,10 +7,7 @@ set -e;
 ## build command to execute
 ##
 
-COMMAND="dockerd --rootless --host=0.0.0.0:${DOCKERD_PORT:-2375} --tls=false --data-root=/woodpecker/docker --shutdown-timeout=${DOCKERD_SHUTDOWN_TIMEOUT:-0} --feature=buildkit=true --feature=containerd-snapshotter=true"
-if [[ "${DOCKERD_ROOTLESS:-true}" == "true" ]]; then
-	COMMAND+=" "
-fi
+COMMAND="dockerd --rootless --host=0.0.0.0:${DOCKERD_PORT:-2375} --tls=false --data-root=/home/docker --shutdown-timeout=${DOCKERD_SHUTDOWN_TIMEOUT:-0} --feature=buildkit=true --feature=containerd-snapshotter=true"
 if [[ -n "$DOCKERD_LOG_LEVEL" ]]; then
 	COMMAND+=" --log-level=$DOCKERD_LOG_LEVEL"
 fi
@@ -28,7 +25,7 @@ fi
 ## execute command
 ##
 
-export XDG_RUNTIME_DIR=/woodpecker/docker/runtime
-COMMAND="rootlesskit --state-dir=/woodpecker/docker/rootlesskit --copy-up=/etc --copy-up=/run --propagation=rslave --disable-host-loopback --net=slirp4netns --slirp4netns-sandbox=auto --slirp4netns-seccomp=auto --port-driver=builtin $COMMAND"
+export XDG_RUNTIME_DIR=/home/docker/runtime
+COMMAND="rootlesskit --publish=0.0.0.0:2375:2375/tcp --disable-host-loopback --copy-up=/etc --copy-up=/run --net=slirp4netns --slirp4netns-sandbox=auto --slirp4netns-seccomp=auto --port-driver=builtin $COMMAND"
 echo -e "${COMMAND// --/\\n  --}\n"
 eval "$COMMAND"