fix: evaluate jobs.<job_id>.container.volumes #1244

aahlenst · 2025-12-27T15:28:41Z

aahlenst commented

2025-12-27 15:28:41 +00:00

Fixes #991

bug fixes
- PR: fix: evaluate jobs.<job_id>.container.volumes

Fixes https://code.forgejo.org/forgejo/runner/issues/991   - bug fixes - [PR](https://code.forgejo.org/forgejo/runner/pulls/1244): fix: evaluate jobs.<job_id>.container.volumes

aahlenst added 2 commits

2025-12-27 15:28:42 +00:00

refactor: standardize container test names 9b9af40089

test: add tests for untested container options f32c3a29af

aahlenst changed title from ~~fix: evaluate jobs.<job_id>.container.volumes~~ to WIP: fix: evaluate jobs.<job_id>.container.volumes

2025-12-27 15:39:27 +00:00

mfenniak reviewed

2025-12-27 16:39:08 +00:00

act/runner/runner_test.go Outdated

					
				@ -293,4 +293,0 @@

						{workdir, "job-container-non-root", "push", "", platforms, secrets},

						{workdir, "job-container-invalid-credentials", "push", "failed to handle credentials: failed to interpolate container.credentials.password", platforms, secrets},

						{workdir, "job-container-env-reference", "push", "", platforms, map[string]string{"ALPINE_TAG": "3.22"}},

						{workdir, "container-hostname", "push", "", platforms, secrets},

~~Just peeking at your WIP in advance -- container-hostname might have been unintentionally removed when you moved these.~~

Ah, nevermind, I see it's moved into job-container-options.

~~Just peeking at your WIP in advance -- `container-hostname` might have been unintentionally removed when you moved these.~~ Ah, nevermind, I see it's moved into `job-container-options`.

I renamed the test because it's about options. Setting the host name is one of them. If you're not happy with the change, I can revert it.

aahlenst force-pushed container-volume-expressions from a17f55939d

checks / integration tests (docker-latest) (pull_request) Failing after 1m58s

Details

checks / integration tests (docker-stable) (pull_request) Failing after 1m56s

Details

/ example-docker-compose (pull_request) Successful in 2m43s

Details

checks / validate pre-commit-hooks file (pull_request) Successful in 1m11s

Details

checks / validate mocks (pull_request) Successful in 1m21s

Details

checks / build and test (pull_request) Successful in 4m28s

Details

checks / runner exec tests (pull_request) Successful in 36s

Details

/ example-lxc-systemd (pull_request) Successful in 9m13s

Details

issue-labels / release-notes (pull_request_target) Successful in 7s

Details

checks / runner integration tests (pull_request) Successful in 8m23s

Details

to 3766ab5242

checks / validate mocks (pull_request) Successful in 26s

Details

checks / build and test (pull_request) Successful in 37s

Details

checks / validate pre-commit-hooks file (pull_request) Successful in 34s

Details

checks / runner exec tests (pull_request) Successful in 25s

Details

/ example-docker-compose (pull_request) Successful in 1m57s

Details

checks / runner integration tests (pull_request) Successful in 5m26s

Details

/ example-lxc-systemd (pull_request) Successful in 6m40s

Details

checks / integration tests (docker-latest) (pull_request) Successful in 9m7s

Details

checks / integration tests (docker-stable) (pull_request) Successful in 11m7s

Details

cascade / forgejo (pull_request_target) Has been skipped

Details

cascade / debug (pull_request_target) Has been skipped

Details

cascade / end-to-end (pull_request_target) Has been skipped

Details

issue-labels / release-notes (pull_request_target) Successful in 4s

Details

2025-12-27 21:45:09 +00:00

Compare

aahlenst changed title from ~~WIP: fix: evaluate jobs.<job_id>.container.volumes~~ to fix: evaluate jobs.<job_id>.container.volumes

2025-12-27 22:10:35 +00:00

aahlenst commented

2025-12-27 22:11:00 +00:00

So, ready to review.

The test failures caught me off guard. I wasn't aware that make integration-test does not include go test -race -timeout 30m ./act/runner/.... Is that something we could add?

On a side note: it would probably be a good idea if we ran the test suite on a system with SELinux. There are code paths in the runner that check for the presence of SELinux. Some tests are failing right now with SELinux enabled. Running the test suite with Podman (without being root) would probably be good, too. I'd be happy to assist.

So, ready to review. The test failures caught me off guard. I wasn't aware that `make integration-test` does not include `go test -race -timeout 30m ./act/runner/...`. Is that something we could add? On a side note: it would probably be a good idea if we ran the test suite on a system with SELinux. There are code paths in the runner that check for the presence of SELinux. Some tests are failing right now with SELinux enabled. Running the test suite with Podman (without being root) would probably be good, too. I'd be happy to assist.

aahlenst reviewed

2025-12-27 22:15:08 +00:00

act/runner/run_context.go

					
				@ -158,0 +157,4 @@

							interpolatedVolumes := make([]string, 0, len(container.Volumes))

							for _, volume := range container.Volumes {

								interpolatedVolumes = append(interpolatedVolumes, rc.ExprEval.Interpolate(ctx, volume))

							}

The duplication is not great, but basically the entire method is almost a duplicate of GetServiceBindsAndMounts (and there are more cases like that). However, I don't yet feel comfortable unifying them.

The duplication is not great, but basically the entire method is almost a duplicate of `GetServiceBindsAndMounts` (and there are more cases like that). However, I don't yet feel comfortable unifying them.

mfenniak approved these changes

2025-12-27 22:24:23 +00:00

mfenniak commented

2025-12-27 22:40:16 +00:00

@aahlenst wrote in #1244 (comment):

The test failures caught me off guard. I wasn't aware that make integration-test does not include go test -race -timeout 30m ./act/runner/.... Is that something we could add?

I think this is a legacy of act being a separate repo recently, which was smashed together into the runner due to the high interdependence. Some work was done to unify the makefile, but some stuff was copied over into the CI workflows instead.

The ./act/runner/... tests are run in two docker environments in the CI with a matrix build which I'd want to preserve, so merging them would be increasing test resource utilization a bit by taking the 5m make integration-test and doing it twice. But I think it's a minor detail and possibly even one that is justified as a good integration test. So, I'd be 👍 on merging them and eliminating this hidden detail.

On a side note: it would probably be a good idea if we ran the test suite on a system with SELinux. There are code paths in the runner that check for the presence of SELinux. Some tests are failing right now with SELinux enabled. Running the test suite with Podman (without being root) would probably be good, too. I'd be happy to assist.

Adding Podman would be great, for sure. After the second Docker environment was added recently, adding a Podman test run was on my mind but I didn't complete it and I'm not planning to immediately get back to it, but I'd be happy to review it.

SELinux is an area where I know very little about, and I wasn't aware of that specialized case.

@aahlenst wrote in https://code.forgejo.org/forgejo/runner/pulls/1244#issuecomment-70909: > The test failures caught me off guard. I wasn't aware that `make integration-test` does not include `go test -race -timeout 30m ./act/runner/...`. Is that something we could add? I think this is a legacy of `act` being a separate repo recently, which was smashed together into the runner due to the high interdependence. Some work was done to unify the makefile, but some stuff was copied over into the CI workflows instead. The `./act/runner/...` tests are run in two docker environments in the CI with a matrix build which I'd want to preserve, so merging them would be increasing test resource utilization a bit by taking the 5m `make integration-test` and doing it twice. But I think it's a minor detail and possibly even one that is justified as a good integration test. So, I'd be 👍 on merging them and eliminating this hidden detail. > On a side note: it would probably be a good idea if we ran the test suite on a system with SELinux. There are code paths in the runner that check for the presence of SELinux. Some tests are failing right now with SELinux enabled. Running the test suite with Podman (without being root) would probably be good, too. I'd be happy to assist. Adding Podman would be great, for sure. After the second Docker environment was added recently, adding a Podman test run was on my mind but I didn't complete it and I'm not planning to immediately get back to it, but I'd be happy to review it. SELinux is an area where I know very little about, and I wasn't aware of that specialized case.

mfenniak added the

run-end-to-end-tests

label

2025-12-27 22:40:26 +00:00

cascading-pr referenced this pull request from actions/setup-forgejo

2025-12-27 22:40:44 +00:00

cascading-pr from https://code.forgejo.org/forgejo/runner refs/pull/1244/head to forgejo/runner-1244 #801

cascading-pr commented

2025-12-27 22:40:44 +00:00

cascading-pr updated at actions/setup-forgejo#801

cascading-pr updated at https://code.forgejo.org/actions/setup-forgejo/pulls/801

mfenniak merged commit ac3b1ca614 into main