aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorQuentin Dufour <quentin@deuxfleurs.fr>2021-10-19 12:55:51 +0200
committerQuentin Dufour <quentin@deuxfleurs.fr>2021-10-19 12:55:51 +0200
commitc51b654dd6b545137e61bafd2054cba60b0f0906 (patch)
treeb59fa2159a6373b0d9e1464f000a6ec9cfdfb200
parent6093ec74f2f48e8b536530bd8d9c2ecec30fe546 (diff)
downloadinfrastructure-c51b654dd6b545137e61bafd2054cba60b0f0906.tar.gz
infrastructure-c51b654dd6b545137e61bafd2054cba60b0f0906.zip
Add a docker compose for runners
-rw-r--r--app/drone-ci/integration/README.md58
-rw-r--r--app/drone-ci/integration/docker-compose.yml32
2 files changed, 90 insertions, 0 deletions
diff --git a/app/drone-ci/integration/README.md b/app/drone-ci/integration/README.md
new file mode 100644
index 0000000..0509771
--- /dev/null
+++ b/app/drone-ci/integration/README.md
@@ -0,0 +1,58 @@
+## Install Debian
+
+We recommend Debian Bullseye
+
+## Install Docker CE from docker.io
+
+Do not use the docker engine shipped by Debian
+
+Doc:
+
+ - https://docs.docker.com/engine/install/debian/
+ - https://docs.docker.com/compose/install/
+
+On a fresh install, as root:
+
+```bash
+apt-get remove -y docker docker-engine docker.io containerd runc
+apt-get update
+apt-get install apt-transport-https ca-certificates curl gnupg lsb-release
+curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
+ echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
+apt-get update
+apt-get install -y docker-ce docker-ce-cli containerd.io
+
+curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
+chmod +x /usr/local/bin/docker-compose
+```
+
+## Prepare the runner
+
+Nix folder must be populated before launching any build.
+
+```bash
+docker run --rm -it -v /var/lib/drone/nix:/mnt nixpkgs/nix:nixos-21.05 cp -r /nix/{store,var} /mnt/
+```
+
+This folder will grow over time and might need to be garbage collected.
+As a rule of thumb, after running a full release of Garage, this folder will require 10GB.
+Consider provisioning it with at least 20GB.
+
+## Launch the runner
+
+Because we use a shared nix folder, we set the number of concurrent builds to 1.
+For more details and customizations, see `docker-compose.yml`.
+
+```bash
+DRONE_NAME=lheureduthe DRONE_OWNER=quentin DRONE_SECRET=xxx docker-compose up -d
+```
+
+That's all folks.
+
+## Random note
+
+This setup is done mainly to allow nix builds with some cache.
+To use the cache in Drone, you must set your repository as trusted.
+The command line tool does not work (it says it successfully set your repository as trusted but it did nothing):
+the only way to set your repository as trusted is to connect on the DB and set the `repo_trusted` field of your repo to true.
+
diff --git a/app/drone-ci/integration/docker-compose.yml b/app/drone-ci/integration/docker-compose.yml
new file mode 100644
index 0000000..1e37255
--- /dev/null
+++ b/app/drone-ci/integration/docker-compose.yml
@@ -0,0 +1,32 @@
+version: '3.4'
+services:
+ drone-runner:
+ image: drone/drone-runner-docker:latest
+ restart: always
+ environment:
+ - DRONE_RPC_PROTO=https
+ - DRONE_RPC_HOST=drone.deuxfleurs.fr
+ - DRONE_RPC_SECRET=${DRONE_SECRET}
+ - DRONE_RUNNER_CAPACITY=1
+ - DRONE_DEBUG=true
+ - DRONE_LOGS_TRACE=true
+ - DRONE_RPC_DUMP_HTTP=true
+ - DRONE_RPC_DUMP_HTTP_BODY=true
+ - DRONE_RUNNER_NAME=${DRONE_NAME}
+ - DRONE_RUNNER_LABELS=nix:1
+ #- DRONE_RUNNER_VOLUMES=/var/lib/drone/nix:/nix
+ ports:
+ - "3000:3000/tcp"
+ volumes:
+ - "/var/run/docker.sock:/var/run/docker.sock"
+ - "/var/lib/drone/nix:/var/lib/drone/nix"
+
+ drone-gc:
+ image: drone/gc:latest
+ restart: always
+ environment:
+ - GC_DEBUG=true
+ - GC_CACHE=10gb
+ - GC_INTERVAL=10m
+ volumes:
+ - "/var/run/docker.sock:/var/run/docker.sock"