Earl Warren 0348074eee
All checks were successful
checks / build and test (pull_request) Successful in 39s
checks / runner exec tests (pull_request) Successful in 36s
/ example-docker-compose (pull_request) Successful in 3m29s
/ cascade (pull_request) Has been skipped
docker-compose example: use node:20-bookworm instead of the default
2024-04-07 20:48:31 +02:00
compose-demo-workflow.yml docker-compose example: do not use depends_on 2024-04-07 20:34:23 +02:00
compose-forgejo-and-runner.yml docker-compose example: use node:20-bookworm instead of the default 2024-04-07 20:48:31 +02:00 docker-compose example: documentation updates 2024-04-07 20:30:41 +02:00

Docker compose with docker-in-docker

The compose-forgejo-and-runner.yml compose file runs a Forgejo instance and registers a Forgejo runner. A docker server is also launched within a container (using dind) and will be used by the Forgejo runner to execute the workflows.

Quick start

rm -fr /srv/runner-data /srv/forgejo-data
secret=$(openssl rand -hex 20)
sed -i -e "s/{SHARED_SECRET}/$secret/" compose-forgejo-and-runner.yml
docker compose -f compose-forgejo-and-runner.yml up -d

Visit with login root and password {ROOT_PASSWORD} and see the runner is registered with the label docker.

NOTE: the Your ROOT_URL in app.ini is "http://localhost:3000/", it's unlikely matching the site you are visiting. message is a warning that can be ignored in the context of this example.

docker compose -f compose-forgejo-and-runner.yml -f compose-demo-workflow.yml up demo-workflow

Visit and see that the job ran.


Create a shared secret with:

openssl rand -hex 20

Replace all occurences of {SHARED_SECRET} in compose-forgejo-and-runner.yml.

NOTE: a token obtained from the Forgejo web interface cannot be used as a shared secret.

Replace {ROOT_PASSWORD} with a secure password in compose-forgejo-and-runner.yml.

docker compose -f compose-forgejo-and-runner.yml up
Creating docker-compose_docker-in-docker_1 ... done
Creating docker-compose_forgejo_1          ... done
Creating docker-compose_runner-register_1  ... done
docker-in-docker_1  | time="2023-08-24T10:22:15.023338461Z" level=warning msg="WARNING: API is accessible on
forgejo_1           | 2023/08/24 10:22:14 ...s/graceful/server.go:75:func1() [D] Starting server on tcp: (PID: 19)
runner-daemon_1     | time="2023-08-24T10:22:16Z" level=info msg="Starting runner daemon"

Manual testing

To login the Forgejo instance:

Forgejo Actions is enabled by default when creating a repository.

Tests workflow

The compose-demo-workflow.yml compose file runs two demo workflows:

  • one to verify the Forgejo runner can pick up a task from the Forgejo instance and run it to completion.
  • one to verify docker can be run inside the Forgejo runner container.

A new repository is created in root/test with the following workflows:


on: [push]
    runs-on: docker
      - run: echo All Good


on: [push]
    runs-on: ubuntu-22.04
      - run: docker info

A wait loop expects the status of the check associated with the commit in Forgejo to show "success" to assert the workflow was run.


$ docker-compose -f compose-forgejo-and-runner.yml -f compose-demo-workflow.yml up demo-workflow
demo-workflow_1     | To http://forgejo:3000/root/test
demo-workflow_1     |  + 5ce134e...261cc79 main -> main (forced update)
demo-workflow_1     | branch 'main' set up to track 'http://root:admin1234@forgejo:3000/root/test/main'.
demo-workflow_1     | running