windows/runner
1
1
Fork 0
forked from forgejo/runner
Code Issues Pull requests Activity
This repository is a source for Windows specific fixes to the forgejo/runner. It does not include the build pipeline, which is hosted on Github directly: https://github.com/Crown0815/Forgejo-runner-windows-builder
2,140 commits 4 branches 73 tags 11 MiB
  • Go 85.8%
  • JavaScript 12.3%
  • Shell 1.4%
  • Makefile 0.3%
  • Dockerfile 0.1%
Find a file
Exact
Mario Minardi a7167b588d feat: add OIDC workload identity federation support (#1232) 
Add support for OIDC workload identity federation in a shape similar to
what GitHub supports.

Add a new workflow and job-level setting named "allow-generating-id-tokens"
that enables ID token generation at the workflow or specific job level.

Export ACTIONS_ID_TOKEN_REQUEST_TOKEN and ACTIONS_ID_TOKEN_REQUEST_URL in
the runner environment. These are populated from the task context keys
forgejo_actions_id_token_request_token and
forgejo_actions_id_token_request_url respectively which are only set when
the aforementioned "allow-generating-id-tokens" setting is enabled.

Required by https://codeberg.org/forgejo/forgejo/pulls/10481

Signed-off-by: Mario Minardi <[email protected]>

<!--start release-notes-assistant-->
<!--URL:https://code.forgejo.org/forgejo/runner-->
- features
  - [PR](forgejo/runner#1232): <!--number 1232 --><!--line 0 --><!--description ZmVhdDogYWRkIE9JREMgd29ya2xvYWQgaWRlbnRpdHkgZmVkZXJhdGlvbiBzdXBwb3J0-->feat: add OIDC workload identity federation support<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: forgejo/runner#1232
Reviewed-by: Mathieu Fenniak <[email protected]>
Co-authored-by: Mario Minardi <[email protected]>
Co-committed-by: Mario Minardi <[email protected]>
2026-01-07 01:39:34 +00:00
.forgejo feat: include all integration tests in make integration-test (#1247) 2025-12-28 20:53:04 +00:00
act feat: add OIDC workload identity federation support (#1232) 2026-01-07 01:39:34 +00:00
contrib Restore contrib/forgejo-runner.service (#772) 2025-07-30 22:16:05 +00:00
examples Update forgejo-runner to v12.3.1 (#1242) 2025-12-26 21:58:57 +00:00
internal feat: add OIDC workload identity federation support (#1232) 2026-01-07 01:39:34 +00:00
release-notes feat: add the runner validate subcommand (#757) 2025-07-31 05:37:12 +00:00
testutils feat: add the runner validate subcommand (#757) 2025-07-31 05:37:12 +00:00
.dockerignore [FORGEJO] build forgejo-runner 2023-08-23 14:44:47 +02:00
.editorconfig Add .editorconfig and .gitattributes (#186) 2023-05-13 23:51:22 +08:00
.gitattributes Add .editorconfig and .gitattributes (#186) 2023-05-13 23:51:22 +08:00
.gitignore chore: remove unused code and comments including gitea 2025-07-03 18:58:11 +02:00
.golangci.yml test: run lint-check during CI, add forbidigo, cleanup linter exclusions (#1181) 2025-11-23 15:01:52 +00:00
.pre-commit-hooks.yaml fix(pre-commit): don’t default verbose to on (#1015) 2025-09-18 12:02:07 +00:00
Dockerfile Update data.forgejo.org/oci/golang Docker tag to v1.25 (#1110) 2025-10-24 06:37:56 +00:00
go.mod feat: request up to capacity jobs from Forgejo in one API call (#1245) 2025-12-28 20:49:09 +00:00
go.sum Update module code.forgejo.org/forgejo/actions-proto to v0.6.0 (#1246) 2025-12-28 05:54:51 +00:00
LICENSE chore: change the license to GPLv3-or-later (#773) 2025-09-04 09:26:12 +00:00
main.go fix: unrecoverable errors in artifactcache should have non-zero exit code (#1222) 2025-12-15 14:50:17 +00:00
Makefile feat: include all integration tests in make integration-test (#1247) 2025-12-28 20:53:04 +00:00
README.md chore: change the license to GPLv3-or-later (#773) 2025-09-04 09:26:12 +00:00
RELEASE-NOTES.md chore: release notes are now published together with the release (#775) 2025-07-31 08:02:20 +00:00
renovate.json chore(renovate): group runner updates 2025-09-10 09:51:22 +02:00

README.md

Forgejo Runner

A daemon that connects to a Forgejo instance and runs jobs for continuous integration. The installation and usage instructions are part of the Forgejo documentation.

Reporting security-related issues

Sensitive security-related issues should be reported to [email protected] using encryption.

License

The Forgejo runner is distributed under the terms of the GPL version 3.0 or any later version.

Architectures & OS

The Forgejo runner is supported and tested on amd64 and arm64 (binaries and containers) on Operating Systems based on the Linux kernel.

Work may be in progress for other architectures and you can browse the corresponding issues to figure out how they make progress. If you are interested in helping them move forward, open an issue. The most challenging part is to setup and maintain a native runner long term. Once it is supported by Forgejo, the runner is expected to be available 24/7 which can be challenging. Otherwise debugging any architecture specific problem won't be possible.

Hacking

The Forgejo runner is a dependency of the setup-forgejo action. See the full dependency graph for a global view.

Building

  • Install Go and make(1)
  • make build

Linting

  • make lint-check
  • make lint # will fix some lint errors

Testing

The workflow that runs in the CI uses similar commands.

Without a Forgejo instance

  • Install Docker
  • make test integration-test

The TestRunner_RunEvent test suite contains most integration tests with real-world workflows and is time-consuming to run. During development, it is helpful to run a specific test through a targeted command such as this:

  • go test -count=1 -run='TestRunner_RunEvent$/local-action-dockerfile$' ./act/runner

With a Forgejo instance

  • Run a Forgejo instance locally (for instance at http://0.0.0.0:8080) and create as shared secret
export FORGEJO_RUNNER_SECRET='AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
export FORGEJO_URL=http://0.0.0.0:8080
forgejo forgejo-cli actions register --labels docker --name therunner --secret $FORGEJO_RUNNER_SECRET
  • make test integration-test # which will run addional tests because FORGEJO_URL is set

end-to-end

  • Follow the instructions from the end-to-end tests to run actions tests locally.
  • ./end-to-end.sh actions_teardown # stop the Forgejo and runner daemons running in the end-to-end environment
  • ( cd ~/clone-of-the-runner-repo ; make build ; cp forgejo-runner /tmp/forgejo-end-to-end/forgejo-runner ) # install the runner built from sources
  • ./end-to-end.sh actions_setup 13.0 # start Forgejo v13.0 and the runner daemon in the end-to-end environment
  • ./end-to-end.sh actions_verify_example echo # run the echo workflow
  • xdg-open http://127.0.0.1:3000/root/example-echo/actions/runs/1 # see the logs workflow
  • less /tmp/forgejo-end-to-end/forgejo-runner.log # analyze the runner logs
  • less /tmp/forgejo-end-to-end/forgejo-work-path/log/forgejo.log # analyze the Forgejo logs