actions/renovatebot-github
1
0
Fork 0
mirror of https://github.com/renovatebot/github-action.git synced 2025-12-18 09:52:35 +00:00
Code Issues Projects Releases Packages Wiki Activity

chore(release): merge main (27aefbbfa2)

Browse source
This commit is contained in:
github-actions[bot] 2023-03-10 13:15:30 +00:00
commit 77b7d37a11
3 changed files with 6 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

2
example/renovate.json
View file

@ -1,6 +1,6 @@
{ {
"branchPrefix": "test-renovate/", "branchPrefix": "test-renovate/",
"dryRun": true, "dryRun": "full",
"username": "renovate-release", "username": "renovate-release",
"gitAuthor": "Renovate Bot <bot@renovateapp.com>", "gitAuthor": "Renovate Bot <bot@renovateapp.com>",
"onboarding": false, "onboarding": false,

2
src/docker.ts
View file

@ -1,7 +1,7 @@
import type { Input } from './input'; import type { Input } from './input';
// renovate: datasource=docker depName=renovate/renovate versioning=docker // renovate: datasource=docker depName=renovate/renovate versioning=docker
const tag = '34.159.2-slim'; const tag = '35.0.0-slim';
class Docker { class Docker {
private static readonly repository = 'renovate/renovate'; private static readonly repository = 'renovate/renovate';

38
src/renovate.ts
View file

@ -2,10 +2,10 @@ import Docker from './docker';
import { Input } from './input'; import { Input } from './input';
import { exec } from '@actions/exec'; import { exec } from '@actions/exec';
import fs from 'fs'; import fs from 'fs';
import os from 'os';
import path from 'path'; import path from 'path';
class Renovate { class Renovate {
private dockerGroupName = 'docker';
private configFileMountDir = '/github-action'; private configFileMountDir = '/github-action';
private docker: Docker; private docker: Docker;
@ -17,8 +17,6 @@ class Renovate {
} }
async runDockerContainer(): Promise<void> { async runDockerContainer(): Promise<void> {
const renovateDockerUser = '1000';
const dockerArguments = this.input const dockerArguments = this.input
.toEnvironmentVariables() .toEnvironmentVariables()
.map((e) => `--env ${e.key}`) .map((e) => `--env ${e.key}`)
@ -33,10 +31,11 @@ class Renovate {
); );
} }
const user = os.userInfo();
dockerArguments.push( dockerArguments.push(
'--volume /var/run/docker.sock:/var/run/docker.sock',
'--volume /tmp:/tmp', '--volume /tmp:/tmp',
`--user ${renovateDockerUser}:${this.getDockerGroupId()}`, `--user ${user.uid}:0`,
'--rm', '--rm',
this.docker.image() this.docker.image()
); );
@ -49,35 +48,6 @@ class Renovate {
} }
} }
/**
* Fetch the host docker group of the GitHub Action runner.
*
* The Renovate container needs access to this group in order to have the
* required permissions on the Docker socket.
*/
private getDockerGroupId(): string {
const groupFile = '/etc/group';
const groups = fs.readFileSync(groupFile, {
encoding: 'utf-8',
});
/**
* The group file has `groupname:group-password:GID:username-list` as
* structure and we're interested in the `GID` (the group ID).
*
* Source: https://www.thegeekdiary.com/etcgroup-file-explained/
*/
const re = new RegExp(`^${this.dockerGroupName}:x:([1-9][0-9]*):`, 'm');
const match = re.exec(groups);
if (!match || match.length < 2) {
throw new Error(
`Could not find group '${this.dockerGroupName}' in ${groupFile}`
);
}
return match[1];
}
private validateArguments(): void { private validateArguments(): void {
if (/\s/.test(this.input.token.value)) { if (/\s/.test(this.input.token.value)) {
throw new Error('Token MUST NOT contain whitespace'); throw new Error('Token MUST NOT contain whitespace');