Merge branch 'configuration-directory-fix' into 'main'

Update runner installation and attempt to fix storage volume errors

See merge request qontainers/pipglr!51

.gitlab-ci.yml

@@ -44,6 +44,7 @@ build:
     - saas-linux-medium-amd64
   stage: deploy
   variables:
+    FF_GITLAB_REGISTRY_HELPER_IMAGE: 0
     BUILDAH_FORMAT: docker
     BUILDAH_ISOLATION: chroot
     STORAGE_DRIVER: vfs

Containerfile

@@ -70,6 +70,7 @@ ARG ENABLE_FIPS=true
 # may be changed if you know what you're doing.
 LABEL register="podman run -it --rm \
  --secret=REGISTRATION_TOKEN,type=env \
+ --user=root \
  -v ./config.toml:/etc/gitlab-runner/config.toml:Z \
  -e REGISTER_NON_INTERACTIVE=true \
  -e CI_SERVER_URL=${GITLAB_URL} \
@@ -95,6 +96,7 @@ LABEL setupcache="podman volume create --opt o=uid=1000,gid=1001 pipglr-cache"
 
 # Helper to extract the current configuration secret to allow editing.
 LABEL dumpconfig="podman run -it --rm \
+ --user=root \
  --secret config.toml --entrypoint=/bin/cat \
  \$IMAGE /var/run/secrets/config.toml"
 
@@ -103,6 +105,7 @@ LABEL dumpconfig="podman run -it --rm \
 # Note: The contents of the volumes are not critical, they may be removed
 # and re-created (see above) to quickly free-up disk space.
 LABEL run="podman run -dt --name pipglr \
+ --user=root \
  --secret config.toml,uid=1001,gid=1001 \
  -v pipglr-storage:/home/podman/.local/share/containers \
  -v pipglr-cache:/cache \

root/setup.sh

@@ -51,6 +51,7 @@ function main() {
   setup_service_podman
   setup_service_runner
   setup_gitlab_config
+  setup_volumes
 
   finalize_ownership
 }
@@ -75,14 +76,19 @@ function install_packages() {
   # Gitlab-runner package contains scriptlets which do not function properly inside a
   # container-build environment where systemd is not active/running.
   if [[ ${ENABLE_FIPS} == true && $(cat /proc/sys/crypto/fips_enabled) == 1 ]]; then
-    PACKAGE_FILE="gitlab-runner_${TARGETARCH}-fips.rpm"
+    PACKAGE_FILES=(
+      "https://s3.dualstack.us-east-1.amazonaws.com/gitlab-runner-downloads/$RUNNER_VERSION/rpm/gitlab-runner_${TARGETARCH}-fips.rpm"
+    )
   else
-    PACKAGE_FILE="gitlab-runner_${TARGETARCH}.rpm"
+    PACKAGE_FILES=(
+      "https://s3.dualstack.us-east-1.amazonaws.com/gitlab-runner-downloads/$RUNNER_VERSION/rpm/gitlab-runner_${TARGETARCH}.rpm"
+      "https://s3.dualstack.us-east-1.amazonaws.com/gitlab-runner-downloads/$RUNNER_VERSION/rpm/gitlab-runner-helper-images.rpm"
+    )
   fi
 
   "${dnf[@]}" "${exclude_args[@]}" \
     --setopt=tsflags=noscripts install \
-    "https://gitlab-runner-downloads.s3.amazonaws.com/$RUNNER_VERSION/rpm/${PACKAGE_FILE}"
+    ${PACKAGE_FILES[@]}
 
   # Also don't start unnecessary or broken
   # systemd services, like anything kernel related or login gettys.
@@ -148,9 +154,11 @@ function setup_user() {
 function setup_volumes() {
   # Host volume mount necessary for nested-podman to use overlayfs2 for container & volume storage.
   mkdir -p /home/podman/.local/share/containers
+  touch /home/podman/.local/share/containers/.placeholder
 
   # Nested-container's local container-cache volume mount, recommended by gitlab-runner docs.
   mkdir -p /cache
+  touch /cache/.placeholder
 
   # Both the gitlab-runner and podman need access to the cache directory / volume mount.
   chown podman:runner /cache