From c51b654dd6b545137e61bafd2054cba60b0f0906 Mon Sep 17 00:00:00 2001 From: Quentin Dufour Date: Tue, 19 Oct 2021 12:55:51 +0200 Subject: [PATCH] Add a docker compose for runners --- app/drone-ci/integration/README.md | 58 +++++++++++++++++++++ app/drone-ci/integration/docker-compose.yml | 32 ++++++++++++ 2 files changed, 90 insertions(+) create mode 100644 app/drone-ci/integration/README.md create mode 100644 app/drone-ci/integration/docker-compose.yml diff --git a/app/drone-ci/integration/README.md b/app/drone-ci/integration/README.md new file mode 100644 index 0000000..0509771 --- /dev/null +++ b/app/drone-ci/integration/README.md @@ -0,0 +1,58 @@ +## Install Debian + +We recommend Debian Bullseye + +## Install Docker CE from docker.io + +Do not use the docker engine shipped by Debian + +Doc: + + - https://docs.docker.com/engine/install/debian/ + - https://docs.docker.com/compose/install/ + +On a fresh install, as root: + +```bash +apt-get remove -y docker docker-engine docker.io containerd runc +apt-get update +apt-get install apt-transport-https ca-certificates curl gnupg lsb-release +curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg + echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null +apt-get update +apt-get install -y docker-ce docker-ce-cli containerd.io + +curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose +chmod +x /usr/local/bin/docker-compose +``` + +## Prepare the runner + +Nix folder must be populated before launching any build. + +```bash +docker run --rm -it -v /var/lib/drone/nix:/mnt nixpkgs/nix:nixos-21.05 cp -r /nix/{store,var} /mnt/ +``` + +This folder will grow over time and might need to be garbage collected. +As a rule of thumb, after running a full release of Garage, this folder will require 10GB. +Consider provisioning it with at least 20GB. + +## Launch the runner + +Because we use a shared nix folder, we set the number of concurrent builds to 1. +For more details and customizations, see `docker-compose.yml`. + +```bash +DRONE_NAME=lheureduthe DRONE_OWNER=quentin DRONE_SECRET=xxx docker-compose up -d +``` + +That's all folks. + +## Random note + +This setup is done mainly to allow nix builds with some cache. +To use the cache in Drone, you must set your repository as trusted. +The command line tool does not work (it says it successfully set your repository as trusted but it did nothing): +the only way to set your repository as trusted is to connect on the DB and set the `repo_trusted` field of your repo to true. + diff --git a/app/drone-ci/integration/docker-compose.yml b/app/drone-ci/integration/docker-compose.yml new file mode 100644 index 0000000..1e37255 --- /dev/null +++ b/app/drone-ci/integration/docker-compose.yml @@ -0,0 +1,32 @@ +version: '3.4' +services: + drone-runner: + image: drone/drone-runner-docker:latest + restart: always + environment: + - DRONE_RPC_PROTO=https + - DRONE_RPC_HOST=drone.deuxfleurs.fr + - DRONE_RPC_SECRET=${DRONE_SECRET} + - DRONE_RUNNER_CAPACITY=1 + - DRONE_DEBUG=true + - DRONE_LOGS_TRACE=true + - DRONE_RPC_DUMP_HTTP=true + - DRONE_RPC_DUMP_HTTP_BODY=true + - DRONE_RUNNER_NAME=${DRONE_NAME} + - DRONE_RUNNER_LABELS=nix:1 + #- DRONE_RUNNER_VOLUMES=/var/lib/drone/nix:/nix + ports: + - "3000:3000/tcp" + volumes: + - "/var/run/docker.sock:/var/run/docker.sock" + - "/var/lib/drone/nix:/var/lib/drone/nix" + + drone-gc: + image: drone/gc:latest + restart: always + environment: + - GC_DEBUG=true + - GC_CACHE=10gb + - GC_INTERVAL=10m + volumes: + - "/var/run/docker.sock:/var/run/docker.sock"