From a30abd9e3fe79e97aa92a298d47d11d8a094cca1 Mon Sep 17 00:00:00 2001 From: MaddoScientisto Date: Sat, 14 Mar 2026 17:52:37 +0100 Subject: [PATCH] Enhance Docker CLI setup in workflow: resolve DOCKER_HOST dynamically and update README --- .forgejo/workflows/publish-container.yml | 36 ++++++++++++++++++++++-- README.md | 12 ++++++-- 2 files changed, 42 insertions(+), 6 deletions(-) diff --git a/.forgejo/workflows/publish-container.yml b/.forgejo/workflows/publish-container.yml index a808873..44b7698 100644 --- a/.forgejo/workflows/publish-container.yml +++ b/.forgejo/workflows/publish-container.yml @@ -16,9 +16,8 @@ jobs: publish: runs-on: docker env: - # Keep the runner-provided DOCKER_HOST when available. - # For common dind sidecar setups, this default works out of the box. - DOCKER_HOST: ${{ vars.DOCKER_HOST != '' && vars.DOCKER_HOST || 'tcp://forgejo-docker-in-docker:2375' }} + # Allow explicit override from Forgejo variables. + DOCKER_HOST: ${{ vars.DOCKER_HOST }} steps: - name: Checkout @@ -66,6 +65,37 @@ jobs: echo "${HOME}/.local/bin" >> "${GITHUB_PATH}" "${HOME}/.local/bin/docker" --version + - name: Resolve Docker daemon endpoint + run: | + set -eu + + if [ -n "${DOCKER_HOST:-}" ]; then + echo "Using configured DOCKER_HOST=${DOCKER_HOST}" + exit 0 + fi + + if [ -S /var/run/docker.sock ]; then + echo "DOCKER_HOST=unix:///var/run/docker.sock" >> "${GITHUB_ENV}" + echo "Resolved DOCKER_HOST from local docker socket" + exit 0 + fi + + if getent hosts forgejo-docker-in-docker >/dev/null 2>&1; then + echo "DOCKER_HOST=tcp://forgejo-docker-in-docker:2375" >> "${GITHUB_ENV}" + echo "Resolved DOCKER_HOST from compose service DNS" + exit 0 + fi + + GATEWAY_IP="$(ip route | awk '/default/ { print $3; exit }')" + if [ -n "${GATEWAY_IP}" ]; then + echo "DOCKER_HOST=tcp://${GATEWAY_IP}:2375" >> "${GITHUB_ENV}" + echo "Resolved DOCKER_HOST from container default gateway: ${GATEWAY_IP}" + exit 0 + fi + + echo "Could not determine a reachable Docker daemon endpoint. Set vars.DOCKER_HOST explicitly." + exit 1 + - name: Check Docker daemon connectivity run: | set -eu diff --git a/README.md b/README.md index dec7372..32b860d 100644 --- a/README.md +++ b/README.md @@ -59,7 +59,13 @@ The workflow in `.forgejo/workflows/publish-container.yml` runs on pushes to `ma If the runner image does not contain the `docker` binary, the workflow bootstraps a Docker CLI in user space before login/build/push. -For dind-based runners, ensure the job can reach your daemon over `DOCKER_HOST`. -With your compose topology, the default `tcp://forgejo-docker-in-docker:2375` should work. +For dind-based runners, the workflow resolves `DOCKER_HOST` in this order: -If you still get connection failures after the CLI bootstrap step, set a repo variable named `DOCKER_HOST` to the correct daemon endpoint for your runner network. +- `vars.DOCKER_HOST` if explicitly set +- `/var/run/docker.sock` if mounted into the job +- `tcp://forgejo-docker-in-docker:2375` if that DNS name is visible inside the job container +- `tcp://:2375` as a fallback for nested Docker bridge setups + +If you still get connection failures after the CLI bootstrap step, set a repo variable named `DOCKER_HOST` to the daemon endpoint that is reachable from inside the job container. + +Important: the Compose service name `forgejo-docker-in-docker` is often only resolvable from the outer runner container, not from the inner job container created by the Docker daemon. In that case, use the gateway-based fallback or set `DOCKER_HOST` explicitly.