Le vendredi 07 mars 2025 à 02:53 +0100, Denis 'GNUtoo' Carikli a écrit : > On Thu, 06 Mar 2025 10:10:03 +0900 > Maxim Cournoyer <maxim.courno...@gmail.com> wrote: > > > > Is Docker the only current solution for runners in the CI? > This is my understanding from my discussion with neox. > > > > Having a less generic solution might be better though, like using > > > 'guix' or 'debootstrap' to build containers within the forgejo, > > > but > > > that also require volunteers to implement that. > > > > We already have Docker image generation support via 'guix pack -f > > docker', and also 'guix system image -t docker' so that should be > > feasible yes. > I'm aware of that. My point with using 'guix' or debootstrap was to > find > ways not to have to run a docker registry. > > Denis.
Hi there, really sorry about answering this late in the conversation (I was really busy with a lot of things...) If I can help by sharing Libre en Communs' experience, I'll be very happy to do so. I'll start here by explaining a bit what I have in mind. Libre en Communs needed a forge software to be able to provide means for people (both very technical such as sysadmins and less technical such as designers or writers) for collaboration. We chose Forgejo because of its stance for software freedom and because it was the best solution available at that time as compromise between usability and performance/resources. However, Forgejo is not perfect at all. We lack moderation tools to fight against e.g abusers, there are sometimes very serious bugs (this works better lately), and the default CI recipes/code depends on docker.io images and nodeJS and npm. Also, the javascript generated by Forgejo is minified, without a clear license header, making LibreJS blocking it by default (and preventing people from being able to trust it right away). About the CI, we decided to forbid using the default recipes advertized in Forgejo docs, because we can't verify that everything is free on code.forgejo.org, and we don't want our infrastructure to depend on npm for the same reasons. Currently, it's possible to use Forgejo CI on our instance with runners configured with docker (with a dedicated self-hosted docker image, like a project on our instance does) but also with ssh on a dedicated host, that can be a chroot. I did not have enough time to test with a `guix vm` but that seems doable without too much pain. Please let me know if you want explanation on how we do anything, or if I can help further. Happy hacking! -- Adrien Bourmault GNU Boot project, maintainer Free Software Foundation, associate member GPG : E23C26A5DEEEC5FA9CDDD57A57BC26A3687116F6
signature.asc
Description: This is a digitally signed message part
