Zum Inhalt der Seite gehen

mastodon

Help from #podman or #docker users welcome!

We have started to offer open alpha access to a hosted Forgejo Actions CI runner. Unfortunately, there are many jobs that can crash the runner for every user reliably, and many users execute them inadvertently.

To save cost and disk wear, we want to keep temporary writes inside the CI builds in RAM and only store the images persistently.

However, the setup is apparently incorrect and we need help figuring it out.

See codeberg.org/actions/meta/issu…


Help with the setup appreciated

Currently, I am the only person actively maintaining the setup, with occasional help from some others for debugging. However, the setup turned out to be more complicated than I anticipated and I would be happy to receive assistance.
Codeberg.org
#podman #docker
Als Antwort auf Codeberg.org

Ilkka Tengvall
mastodon
Ilkka Tengvall
I'd recommend to create an issue to podman github. I have received good help from there when I was in trouble. They have matrix channel too.
Als Antwort auf Codeberg.org

David Chisnall (*Now with 50% more sarcasm!*)
mastodon
David Chisnall (*Now with 50% more sarcasm!*)
I’d be very nervous using that for tenant isolation. Is there a reason not to use ephemeral VMs (which have a much smaller attack surface than a Linux kernel) for CI as other providers do? I’m not sure what your host infrastructure looks like, but creating ZFS clones of base VM images should be as fast as creating a container filesystem and a modern OS can boot in under a second (FreeBSD on Firecracher can boot in under 25ms, I think Linux is a bit slower but a similar ballpark, so there’s no noticeable latency for users).

Diese Webseite verwendet Cookies. Durch die weitere Benutzung der Webseite stimmst du dieser Verwendung zu. https://inne.city/tos