From eeb29be95b3a5cc63abc06529c610a12e360e0d6 Mon Sep 17 00:00:00 2001 From: Maximilian Kratz Date: Sun, 5 Feb 2023 13:00:55 +0100 Subject: [PATCH] Adds a Woodpecker Agent with LXC support as systemd service Adds missing plugin-git binary Adds autostart to Woodpecker agent LXC systemd service Use woodpecker-forgejo-server image Adds platform label to agent Always restart the systemd service Re-add Docker-based Woodpecker agent Changes agent image to forgejo one + explicitely set the backend to use plugin-git: Always download latest release from GitHub Typo in name --- roles/apt-packages/tasks/main.yml | 1 + roles/woodpecker-dc/tasks/main.yml | 82 ++++++++++++++++++- .../templates/docker-compose.yml.j2 | 11 ++- .../templates/woodpecker-agent-lxc.service.j2 | 21 +++++ 4 files changed, 108 insertions(+), 7 deletions(-) create mode 100644 roles/woodpecker-dc/templates/woodpecker-agent-lxc.service.j2 diff --git a/roles/apt-packages/tasks/main.yml b/roles/apt-packages/tasks/main.yml index e314a06..ae7cb63 100644 --- a/roles/apt-packages/tasks/main.yml +++ b/roles/apt-packages/tasks/main.yml @@ -33,3 +33,4 @@ - fio - lm-sensors - dos2unix + - jq diff --git a/roles/woodpecker-dc/tasks/main.yml b/roles/woodpecker-dc/tasks/main.yml index ce57fe4..f81bb1d 100644 --- a/roles/woodpecker-dc/tasks/main.yml +++ b/roles/woodpecker-dc/tasks/main.yml @@ -18,7 +18,7 @@ with_items: - docker-compose.yml -- name: Copy ENV file +- name: Copy ENV file to docker compose stack ansible.builtin.template: src: "{{ item }}.j2" dest: /srv/docker-compose/woodpecker/{{ item }} @@ -31,3 +31,83 @@ project_src: /srv/docker-compose/woodpecker/ files: - docker-compose.yml + +- name: Install LXC dependencies + ansible.builtin.apt: + pkg: + - lxc + - git + - git-lfs + - debootstrap + - lxc-templates + +- name: Get plugin-git release assets from GitHub API + ansible.builtin.get_url: + url: https://api.github.com/repos/woodpecker-ci/plugin-git/releases/latest + force: yes + headers: + Accept: "application/vnd.github.v3+json" + dest: "/tmp/plugin-git.response.txt" + +- name: Get plugin-git download URL + ansible.builtin.shell: | + cat "/tmp/plugin-git.response.txt" | jq '.assets | .[] | select(.browser_download_url | contains("linux-amd64_plugin-git")) | .url' | sed -e 's/^"//' -e 's/"$//' + register: "download_url_plugin_git" + +- name: Show plugin-git download URL + ansible.builtin.debug: + msg: "{{ download_url_plugin_git.stdout }}" + +- name: Download latest plugin-git release + ansible.builtin.get_url: + url: "{{ download_url_plugin_git.stdout }}" + dest: /usr/local/bin/plugin-git + tmp_dest: /tmp/ + force: yes + headers: + Accept: "application/octet-stream" + +- name: Remove tmp file + ansible.builtin.file: + path: /tmp/plugin-git.response.txt + state: absent + +- name: Changing permission of plugin-git binary + file: + dest: /usr/local/bin/plugin-git + mode: a+x + +- name: Create agent directory + ansible.builtin.file: + path: /opt/woodpecker + state: directory + mode: '0755' + +- name: Get woodpecker agent binary with LXC backend support + ansible.builtin.command: "{{ item }}" + with_items: + - docker rm -f agent + - docker pull codeberg.org/forgejo-contrib/woodpecker-forgejo-agent:next + - docker create --name agent codeberg.org/forgejo-contrib/woodpecker-forgejo-agent:next + - docker cp agent:/bin/woodpecker-agent /opt/woodpecker/woodpecker-agent + - docker rm -f agent + +- name: Changing permission of woodpecker-agent binary + file: + dest: /opt/woodpecker/woodpecker-agent + mode: a+x + +- name: Install woodpecker-agent LXC systemd service file + ansible.builtin.template: + src: "{{ item }}.j2" + dest: /etc/systemd/system/{{ item }} + mode: 0644 + with_items: + - woodpecker-agent-lxc.service + +- name: Restart woodpecker-agent LXC systemd service + ansible.builtin.systemd: + state: restarted + name: woodpecker-agent-lxc + daemon_reload: yes + enabled: true diff --git a/roles/woodpecker-dc/templates/docker-compose.yml.j2 b/roles/woodpecker-dc/templates/docker-compose.yml.j2 index ff1542c..42c6d77 100644 --- a/roles/woodpecker-dc/templates/docker-compose.yml.j2 +++ b/roles/woodpecker-dc/templates/docker-compose.yml.j2 @@ -3,9 +3,9 @@ version: '3' services: woodpecker-server: - image: woodpeckerci/woodpecker-server:latest -# ports: -# - 8000:8000 + image: codeberg.org/forgejo-contrib/woodpecker-forgejo-server:next + ports: + - "127.0.0.1:9000:9000" volumes: - ./data:/var/lib/woodpecker/ restart: unless-stopped @@ -30,7 +30,7 @@ services: - woodpecker-database woodpecker-agent: - image: woodpeckerci/woodpecker-agent:latest + image: codeberg.org/forgejo-contrib/woodpecker-forgejo-agent:next command: agent restart: unless-stopped depends_on: @@ -40,6 +40,7 @@ services: environment: - WOODPECKER_SERVER=woodpecker-server:9000 - WOODPECKER_AGENT_SECRET=${WOODPECKER_AGENT_SECRET:?WOODPECKER_AGENT_SECRET not set} + - WOODPECKER_BACKEND=docker networks: - woodpecker-net @@ -49,8 +50,6 @@ services: environment: - POSTGRES_USER=postgres - POSTGRES_PASSWORD=postgres -# ports: -# - '5432:5432' volumes: - ./db:/var/lib/postgresql/data networks: diff --git a/roles/woodpecker-dc/templates/woodpecker-agent-lxc.service.j2 b/roles/woodpecker-dc/templates/woodpecker-agent-lxc.service.j2 new file mode 100644 index 0000000..5c51d63 --- /dev/null +++ b/roles/woodpecker-dc/templates/woodpecker-agent-lxc.service.j2 @@ -0,0 +1,21 @@ +[Unit] +Description=LXC Woodpecker agent instance + +Requires=docker.service +After=docker.service + +[Service] +Type=simple +Environment=WOODPECKER_SERVER=127.0.0.1:9000 +Environment=WOODPECKER_AGENT_SECRET="{{ woodpecker_config.agent_secret }}" +Environment=WOODPECKER_BACKEND=lxc +Environment=WOODPECKER_FILTER_LABELS=platform=lxc +ExecStart=/opt/woodpecker/woodpecker-agent +Restart=always +RestartSec=10 +ExecReload=/bin/kill -HUP $MAINPID +User=root +Group=root + +[Install] +WantedBy=multi-user.target