diff --git a/runner/compose.yml b/runner/compose.yml index 5d4b192..bd3c810 100644 --- a/runner/compose.yml +++ b/runner/compose.yml @@ -28,12 +28,17 @@ services: volumes: cargoxx-cache-store: + # Explicit name disables compose's project-prefix so spawned job + # containers (which don't know about compose) can reference the + # same volume by the same name. + name: cargoxx-cache-store driver: local driver_opts: type: none o: bind device: "${PWD}/cache/store" cargoxx-cache-keys: + name: cargoxx-cache-keys driver: local driver_opts: type: none diff --git a/runner/config.yaml b/runner/config.yaml index 29030c7..c009a49 100644 --- a/runner/config.yaml +++ b/runner/config.yaml @@ -25,7 +25,12 @@ container: options: "-v cargoxx-cache-store:/srv/cargoxx-cache/store -v cargoxx-cache-keys:/srv/cargoxx-cache/keys:ro" workdir_parent: /workspace - valid_volumes: [] + # Whitelist regex of bind sources act_runner is allowed to forward to + # spawned job containers. Must include the cache + key volumes named + # in `options` above (otherwise act_runner silently strips them). + valid_volumes: + - "^cargoxx-cache-store$" + - "^cargoxx-cache-keys$" docker_host: "unix:///var/run/docker.sock" force_pull: false