Adds a Woodpecker Agent with LXC support as systemd service

Adds missing plugin-git binary Adds autostart to Woodpecker agent LXC systemd service Use woodpecker-forgejo-server image Adds platform label to agent Always restart the systemd service Re-add Docker-based Woodpecker agent Changes agent image to forgejo one + explicitely set the backend to use plugin-git: Always download latest release from GitHub Typo in name
2023-02-05 13:00:55 +01:00 · 2023-02-05 13:00:55 +01:00 · eeb29be95b
parent 3ed0c58eeb
commit eeb29be95b
4 changed files with 108 additions and 7 deletions
--- a/roles/apt-packages/tasks/main.yml
+++ b/roles/apt-packages/tasks/main.yml
@ -33,3 +33,4 @@
      - fio
      - lm-sensors
      - dos2unix
+      - jq
--- a/roles/woodpecker-dc/tasks/main.yml
+++ b/roles/woodpecker-dc/tasks/main.yml
@ -18,7 +18,7 @@
  with_items:
    - docker-compose.yml

- name: Copy ENV file
+- name: Copy ENV file to docker compose stack
  ansible.builtin.template:
    src: "{{ item }}.j2"
    dest: /srv/docker-compose/woodpecker/{{ item }}
@ -31,3 +31,83 @@
    project_src: /srv/docker-compose/woodpecker/
    files:
      - docker-compose.yml
+
+- name: Install LXC dependencies
+  ansible.builtin.apt:
+      pkg:
+        - lxc
+        - git
+        - git-lfs
+        - debootstrap
+        - lxc-templates
+
+- name: Get plugin-git release assets from GitHub API
+  ansible.builtin.get_url:
+    url: https://api.github.com/repos/woodpecker-ci/plugin-git/releases/latest
+    force: yes
+    headers:
+      Accept: "application/vnd.github.v3+json"
+    dest: "/tmp/plugin-git.response.txt"
+
+- name: Get plugin-git download URL
+  ansible.builtin.shell: |
+    cat "/tmp/plugin-git.response.txt" | jq '.assets | .[] | select(.browser_download_url | contains("linux-amd64_plugin-git")) | .url' | sed -e 's/^"//' -e 's/"$//'
+  register: "download_url_plugin_git"
+
+- name: Show plugin-git download URL
+  ansible.builtin.debug:
+    msg: "{{ download_url_plugin_git.stdout }}"
+
+- name: Download latest plugin-git release
+  ansible.builtin.get_url:
+    url: "{{ download_url_plugin_git.stdout }}"
+    dest: /usr/local/bin/plugin-git
+    tmp_dest: /tmp/
+    force: yes
+    headers:
+      Accept: "application/octet-stream"
+
+- name: Remove tmp file
+  ansible.builtin.file:
+    path: /tmp/plugin-git.response.txt
+    state: absent
+
+- name: Changing permission of plugin-git binary
+  file:
+    dest: /usr/local/bin/plugin-git
+    mode: a+x
+
+- name: Create agent directory
+  ansible.builtin.file:
+    path: /opt/woodpecker
+    state: directory
+    mode: '0755'
+
+- name: Get woodpecker agent binary with LXC backend support
+  ansible.builtin.command: "{{ item }}"
+  with_items:
+    - docker rm -f agent
+    - docker pull codeberg.org/forgejo-contrib/woodpecker-forgejo-agent:next
+    - docker create --name agent codeberg.org/forgejo-contrib/woodpecker-forgejo-agent:next
+    - docker cp agent:/bin/woodpecker-agent /opt/woodpecker/woodpecker-agent
+    - docker rm -f agent
+
+- name: Changing permission of woodpecker-agent binary
+  file:
+    dest: /opt/woodpecker/woodpecker-agent
+    mode: a+x
+
+- name: Install woodpecker-agent LXC systemd service file
+  ansible.builtin.template:
+    src: "{{ item }}.j2"
+    dest: /etc/systemd/system/{{ item }}
+    mode: 0644
+  with_items:
+   - woodpecker-agent-lxc.service
+
+- name: Restart woodpecker-agent LXC systemd service
+  ansible.builtin.systemd:
+    state: restarted
+    name: woodpecker-agent-lxc
+    daemon_reload: yes
+    enabled: true
--- a/roles/woodpecker-dc/templates/docker-compose.yml.j2
+++ b/roles/woodpecker-dc/templates/docker-compose.yml.j2
@ -3,9 +3,9 @@ version: '3'

 services:
  woodpecker-server:
-    image: woodpeckerci/woodpecker-server:latest
-#    ports:
-#      - 8000:8000
+    image: codeberg.org/forgejo-contrib/woodpecker-forgejo-server:next
+    ports:
+      - "127.0.0.1:9000:9000"
    volumes:
      - ./data:/var/lib/woodpecker/
    restart: unless-stopped
@ -30,7 +30,7 @@ services:
      - woodpecker-database

  woodpecker-agent:
-    image: woodpeckerci/woodpecker-agent:latest
+    image: codeberg.org/forgejo-contrib/woodpecker-forgejo-agent:next
    command: agent
    restart: unless-stopped
    depends_on:
@ -40,6 +40,7 @@ services:
    environment:
      - WOODPECKER_SERVER=woodpecker-server:9000
      - WOODPECKER_AGENT_SECRET=${WOODPECKER_AGENT_SECRET:?WOODPECKER_AGENT_SECRET not set}
+      - WOODPECKER_BACKEND=docker
    networks:
      - woodpecker-net

@ -49,8 +50,6 @@ services:
    environment:
      - POSTGRES_USER=postgres
      - POSTGRES_PASSWORD=postgres
-#    ports:
-#      - '5432:5432'
    volumes: 
      - ./db:/var/lib/postgresql/data
    networks:
--- a/roles/woodpecker-dc/templates/woodpecker-agent-lxc.service.j2
+++ b/roles/woodpecker-dc/templates/woodpecker-agent-lxc.service.j2
@ -0,0 +1,21 @@
+[Unit]
+Description=LXC Woodpecker agent instance
+
+Requires=docker.service
+After=docker.service
+
+[Service]
+Type=simple
+Environment=WOODPECKER_SERVER=127.0.0.1:9000
+Environment=WOODPECKER_AGENT_SECRET="{{ woodpecker_config.agent_secret }}"
+Environment=WOODPECKER_BACKEND=lxc
+Environment=WOODPECKER_FILTER_LABELS=platform=lxc
+ExecStart=/opt/woodpecker/woodpecker-agent
+Restart=always
+RestartSec=10
+ExecReload=/bin/kill -HUP $MAINPID
+User=root
+Group=root
+
+[Install]
+WantedBy=multi-user.target