Merge branch 'fix_maintenance' into 'main'
Fix maintenance task See merge request qontainers/pipglr!7
This commit is contained in:
Chris Evich
@@ -122,7 +122,10 @@ ARG PRIVILEGED_RUNNER="true"
|
||||
ARG RUNNER_TAGS="podman-in-podman"
|
||||
# Permit running jobs without any tag at all
|
||||
ARG RUNNER_UNTAGGED="true"
|
||||
ENV REGISTER_NON_INTERACTIVE="true" \
|
||||
# Adjust based on usage and storage size to prevent ENOSPACE problems
|
||||
ARG CLEAN_INTERVAL="24h"
|
||||
ENV CLEAN_INTERVAL="$CLEAN_INTERVAL" \
|
||||
REGISTER_NON_INTERACTIVE="true" \
|
||||
RUNNER_TAG_LIST="$RUNNER_TAGS" \
|
||||
REGISTER_RUN_UNTAGGED="$RUNNER_UNTAGGED" \
|
||||
REGISTER_ACCESS_LEVEL="ref_protected" \
|
||||
|
||||
@@ -154,6 +154,10 @@ Several build arguments are available to control the output image:
|
||||
exact podman version. Possible values include, `latest`, `vX`, `vX.Y`,
|
||||
and `vX.Y.Z` (where, `X`, `Y`, and `Z` represent the podman semantic
|
||||
version numbers). It's also possible to specify an image SHA.
|
||||
* `CLEAN_INTERVAL` - A `sleep` (command) compatible time-argument that
|
||||
determines how often to clean out podman storage of disused containers and
|
||||
images. Defaults to 24-hours, but should be adjusted based on desired caching-effect
|
||||
versus available storage space and rate of job execution.
|
||||
* `EXCLUDE_PACKAGES` - A space-separated list of RPM packages to prevent
|
||||
their existence in the final image. This is intended as a security measure
|
||||
to limit the attack-surface should a gitlab-runner process escape it's
|
||||
|
||||
@@ -4,16 +4,23 @@
|
||||
# a podman-in-podman gitlab runner container. Any usage
|
||||
# outside that context is not supported and may cause harm.
|
||||
|
||||
set -e
|
||||
set -eo pipefail
|
||||
|
||||
maintain_podman() {
|
||||
# Two days seems to be a good happy-medium beween filling up
|
||||
# about 40gig of storage space from moderate CI activity,
|
||||
# and maintaining a useful level of caching.
|
||||
while sleep 2d; do
|
||||
while sleep "$CLEAN_INTERVAL"; do
|
||||
if [[ -n "$PODMAN_RUNNER_DEBUG" ]]; then
|
||||
echo "$(date --iso-8601=second) ${BASH_SOURCE[0] performing podman maintenance}"
|
||||
fi
|
||||
podman system prune --all --force
|
||||
done
|
||||
}
|
||||
|
||||
if [[ -z "$CLEAN_INTERVAL" ]]; then
|
||||
echo "ERROR: Empty/unset \$CLEAN_INTERVAL"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
maintain_podman
|
||||
|
||||
Reference in New Issue
Block a user