feat: gitea-act-runner

gitea-act-runner/.SRCINFO

@@ -0,0 +1,20 @@
+pkgbase = gitea-act-runner
+	pkgdesc = A runner for Gitea based on act.
+	pkgver = 0.0.1
+	pkgrel = 1
+	url = https://gitea.io
+	arch = x86_64
+	license = MIT
+	makedepends = go
+	makedepends = git
+	options = !lto
+	source = act_runner-main.tar.gz
+	source = gitea-act-runner.service
+	source = gitea-act-runner.sysusers
+	source = gitea-act-runner.tmpfiles
+	sha256sums = b74701384fda52a0125f2a4f38cdbec25e32bd1a481cfd98dded1db5f0389607
+	sha256sums = cab13dc302bba635aa003657fd33166354147ee2993d87366f05753d3ff1a988
+	sha256sums = 2a59d9fb29fc93c14bce7a8c34f454a44e5a84e0eebaa60fea00b74961dd82d6
+	sha256sums = 93bf08efe2c7c669ee3a15fb281cc004441ddb6c60bdda9237cfd0ebd29113d1
+
+pkgname = gitea-act-runner

gitea-act-runner/PKGBUILD

@@ -0,0 +1,49 @@
+pkgname=gitea-act-runner
+pkgver=0.0.1
+pkgrel=1
+pkgdesc="A runner for Gitea based on act."
+arch=(x86_64)
+url="https://gitea.io"
+license=(MIT)
+makedepends=(go git)
+options=(!lto)
+source=(#git+https://gitea.com/gitea/act_runner.git
+        https://nyyu.dev/sources/act_runner-main.tar.gz
+        gitea-act-runner.service
+        gitea-act-runner.sysusers
+        gitea-act-runner.tmpfiles)
+sha256sums=('2743717b64d597f3dd5b8f161dcc310dd94209469ca3c99ca7d221dc81fa320d'
+            '50691e625cb8ecc54b2014ca23d75355ffc40c26537e1fc17acea3a94b66d10d'
+            '2a59d9fb29fc93c14bce7a8c34f454a44e5a84e0eebaa60fea00b74961dd82d6'
+            '93bf08efe2c7c669ee3a15fb281cc004441ddb6c60bdda9237cfd0ebd29113d1')
+
+#pkgver() {
+#  cd act_runner
+#  printf "r%s.%s" "$(git rev-list --count HEAD)" "$(git rev-parse --short=7 HEAD)"
+#}
+
+build() {
+  cd ${srcdir}/act_runner
+  export CGO_CPPFLAGS="${CPPFLAGS}"
+  export CGO_CFLAGS="${CFLAGS}"
+  export CGO_CXXFLAGS="${CXXFLAGS}"
+  export CGO_LDFLAGS="${LDFLAGS}"
+  export EXTRA_GOFLAGS="-buildmode=pie -trimpath -mod=readonly -modcacherw"
+  export TAGS="netgo osusergo"
+  unset LDFLAGS
+  make -j1
+}
+
+check() {
+  cd ${srcdir}/act_runner
+  make test
+}
+
+package() {
+  cd ${srcdir}/act_runner
+  install -Dm755 act_runner -T "${pkgdir}"/usr/bin/${pkgname}
+  install -Dm644 LICENSE -t "${pkgdir}"/usr/share/licenses/${pkgname}/
+  install -Dm644 ../${pkgname}.service -t "${pkgdir}"/usr/lib/systemd/system/
+  install -Dm644 ../${pkgname}.tmpfiles "${pkgdir}"/usr/lib/tmpfiles.d/${pkgname}.conf
+  install -Dm644 ../${pkgname}.sysusers "${pkgdir}"/usr/lib/sysusers.d/${pkgname}.conf
+}

gitea-act-runner/gitea-act-runner.service

@@ -0,0 +1,44 @@
+[Unit]
+Description=Gitea Act Runner
+After=network.target docker.service
+
+[Service]
+User=gitea-act-runner
+Group=gitea-act-runner
+SupplementaryGroups=docker
+Type=simple
+WorkingDirectory=~
+Environment="GITEA_RUNNER_CAPACITY=4"
+StateDirectory=gitea-act-runner
+ExecStart=/usr/bin/gitea-act-runner daemon
+Restart=always
+RestartSec=2s
+AmbientCapabilities=
+CapabilityBoundingSet=
+LockPersonality=true
+MemoryDenyWriteExecute=true
+NoNewPrivileges=True
+#SecureBits=noroot-locked
+PrivateDevices=true
+PrivateTmp=true
+PrivateUsers=true
+ProtectClock=true
+ProtectControlGroups=true
+ProtectHome=true
+ProtectHostname=true
+ProtectKernelLogs=true
+ProtectKernelModules=true
+ProtectKernelTunables=true
+ProtectProc=invisible
+ProtectSystem=strict
+RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK AF_UNIX
+RestrictNamespaces=true
+RestrictRealtime=true
+RestrictSUIDSGID=true
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+SystemCallErrorNumber=EPERM
+ReadWritePaths=/var/run/docker.sock
+
+[Install]
+WantedBy=multi-user.target

gitea-act-runner/gitea-act-runner.sysusers

@@ -0,0 +1 @@
+u gitea-act-runner - "Gitea act runner daemon user" /var/lib/gitea-act-runner /bin/bash

gitea-act-runner/gitea-act-runner.tmpfiles

@@ -0,0 +1,2 @@
+d /var/lib/gitea-act-runner 0700
+Z /var/lib/gitea-act-runner - gitea-act-runner gitea-act-runner