actions/renovatebot-github
1
0
Fork 0
mirror of https://github.com/renovatebot/github-action.git synced 2025-12-16 17:02:36 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

chore(release): 35.0.0

Browse source
This commit is contained in:
github-actions[bot] 2023-03-10 13:15:51 +00:00
parent 77b7d37a11
commit ad0da5aa3d
3 changed files with 22 additions and 29 deletions
Download patch file Download diff file Expand all files Collapse all files

17
CHANGELOG.md
View file

@ -2,6 +2,23 @@
All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
## [35.0.0](https://github.com/renovatebot/github-action/compare/v34.159.2...v35.0.0) (2023-03-10)
### ⚠ BREAKING CHANGES
* **deps:** update renovate/renovate docker tag to v35 (#702)
* remove docker socket and change to current user (#700)
### Features
* remove docker socket and change to current user ([#700](https://github.com/renovatebot/github-action/issues/700)) ([827e518](https://github.com/renovatebot/github-action/commit/827e51874a2f7544d608b0bd2f70df46ec1bb2d3))
### Bug Fixes
* **deps:** update renovate/renovate docker tag to v35 ([#702](https://github.com/renovatebot/github-action/issues/702)) ([fedfacb](https://github.com/renovatebot/github-action/commit/fedfacb882fd7868a046812a437c6175928bcfd3))
### [34.159.2](https://github.com/renovatebot/github-action/compare/v34.159.1...v34.159.2) (2023-03-09) ### [34.159.2](https://github.com/renovatebot/github-action/compare/v34.159.1...v34.159.2) (2023-03-09)

32
dist/index.js vendored
View file

@ -3962,7 +3962,7 @@ exports["default"] = _default;
Object.defineProperty(exports, "__esModule", ({ value: true })); Object.defineProperty(exports, "__esModule", ({ value: true }));
// renovate: datasource=docker depName=renovate/renovate versioning=docker // renovate: datasource=docker depName=renovate/renovate versioning=docker
const tag = '34.159.2-slim'; const tag = '35.0.0-slim';
class Docker { class Docker {
constructor(input) { constructor(input) {
this.fullTag = input.useSlim() ? tag : tag.replace(Docker.tagSuffix, ''); this.fullTag = input.useSlim() ? tag : tag.replace(Docker.tagSuffix, '');
@ -4147,17 +4147,16 @@ Object.defineProperty(exports, "__esModule", ({ value: true }));
const docker_1 = __importDefault(__nccwpck_require__(512)); const docker_1 = __importDefault(__nccwpck_require__(512));
const exec_1 = __nccwpck_require__(514); const exec_1 = __nccwpck_require__(514);
const fs_1 = __importDefault(__nccwpck_require__(147)); const fs_1 = __importDefault(__nccwpck_require__(147));
const os_1 = __importDefault(__nccwpck_require__(37));
const path_1 = __importDefault(__nccwpck_require__(17)); const path_1 = __importDefault(__nccwpck_require__(17));
class Renovate { class Renovate {
constructor(input) { constructor(input) {
this.input = input; this.input = input;
this.dockerGroupName = 'docker';
this.configFileMountDir = '/github-action'; this.configFileMountDir = '/github-action';
this.validateArguments(); this.validateArguments();
this.docker = new docker_1.default(input); this.docker = new docker_1.default(input);
} }
async runDockerContainer() { async runDockerContainer() {
const renovateDockerUser = '1000';
const dockerArguments = this.input const dockerArguments = this.input
.toEnvironmentVariables() .toEnvironmentVariables()
.map((e) => `--env ${e.key}`) .map((e) => `--env ${e.key}`)
@ -4167,37 +4166,14 @@ class Renovate {
const mountPath = path_1.default.join(this.configFileMountDir, baseName); const mountPath = path_1.default.join(this.configFileMountDir, baseName);
dockerArguments.push(`--env ${this.input.configurationFile().key}=${mountPath}`, `--volume ${this.input.configurationFile().value}:${mountPath}`); dockerArguments.push(`--env ${this.input.configurationFile().key}=${mountPath}`, `--volume ${this.input.configurationFile().value}:${mountPath}`);
} }
dockerArguments.push('--volume /var/run/docker.sock:/var/run/docker.sock', '--volume /tmp:/tmp', `--user ${renovateDockerUser}:${this.getDockerGroupId()}`, '--rm', this.docker.image()); const user = os_1.default.userInfo();
dockerArguments.push('--volume /tmp:/tmp', `--user ${user.uid}:0`, '--rm', this.docker.image());
const command = `docker run ${dockerArguments.join(' ')}`; const command = `docker run ${dockerArguments.join(' ')}`;
const code = await (0, exec_1.exec)(command); const code = await (0, exec_1.exec)(command);
if (code !== 0) { if (code !== 0) {
new Error(`'docker run' failed with exit code ${code}.`); new Error(`'docker run' failed with exit code ${code}.`);
} }
} }
/**
* Fetch the host docker group of the GitHub Action runner.
*
* The Renovate container needs access to this group in order to have the
* required permissions on the Docker socket.
*/
getDockerGroupId() {
const groupFile = '/etc/group';
const groups = fs_1.default.readFileSync(groupFile, {
encoding: 'utf-8',
});
/**
* The group file has `groupname:group-password:GID:username-list` as
* structure and we're interested in the `GID` (the group ID).
*
* Source: https://www.thegeekdiary.com/etcgroup-file-explained/
*/
const re = new RegExp(`^${this.dockerGroupName}:x:([1-9][0-9]*):`, 'm');
const match = re.exec(groups);
if (!match || match.length < 2) {
throw new Error(`Could not find group '${this.dockerGroupName}' in ${groupFile}`);
}
return match[1];
}
validateArguments() { validateArguments() {
if (/\s/.test(this.input.token.value)) { if (/\s/.test(this.input.token.value)) {
throw new Error('Token MUST NOT contain whitespace'); throw new Error('Token MUST NOT contain whitespace');

2
package.json
View file

@ -1,6 +1,6 @@
{ {
"name": "github-action", "name": "github-action",
"version": "34.159.2", "version": "35.0.0",
"description": "GitHub Action to run Renovate self-hosted.", "description": "GitHub Action to run Renovate self-hosted.",
"private": true, "private": true,
"main": "src/index.ts", "main": "src/index.ts",