✧✦Catherine✦✧the expectation of being able to run docker whenever in CI jobs is probably the single worst outcome of free GitHub Actions minutes because reproducing it in a bring-your-own-compute environment is borderline impossible unless you make every machine single-tenant
even if you make every machine single-tenant, most configurations of Forgejo Actions runners would enable malware to escape the build container, persist itself and infect all future releases
it's possible that LXC or firecracker-containerd would solve my problem here
Danielle Crawford@whitequark i followed the very so-so documentation for non-docker build environments in gitlab and was able to get nested working on incus, formerly LXD. It did require a fair amount of tinkering on the container side to get it the way i wanted.
Having experimented with running docker images on incus, there was also middling success there.
All this to say it works well as infrastructure but you’d likely have a not insignificant amount of tuning before your build scripts ran satisfactorily. 🤷🏻♀️
Having experimented with running docker images on incus, there was also middling success there.
All this to say it works well as infrastructure but you’d likely have a not insignificant amount of tuning before your build scripts ran satisfactorily. 🤷🏻♀️
@aizuchi thanks for confirmation; I'm fine with fiddling with this thing, I've sunk a week or two of FTE equivalent into it already, what's another week...
@whitequark lol i hear that. And if forgejo supposedly works with it on their end, it might go more smoothly?
Good luck!
Good luck!