Skip to content

Latest commit

 

History

History
executable file
·
61 lines (45 loc) · 2.41 KB

shell.md

File metadata and controls

executable file
·
61 lines (45 loc) · 2.41 KB
Raw

Shell

The Shell executor is a simple executor that allows you to execute builds locally to the machine that the Runner is installed. It supports all systems on which the Runner can be installed. That means that it's possible to use scripts generated for Bash, Windows PowerShell and Windows Batch.

Overview

The scripts can be run as unprivileged user if the --user is added to the alloy-runner run command. This feature is only supported by Bash.

The source project is checked out to: <working-directory>/builds/<short-token>/<concurrent-id>/<namespace>/<project-name>.

The caches for project are stored in <working-directory>/cache/<namespace>/<project-name>.

Where:

  • <working-directory> is the value of --working-directory as passed to the alloy-runner run command or the current directory where the Runner is running
  • <short-token> is a shortened version of the Runner's token (first 8 letters)
  • <concurrent-id> is a unique number, identifying the local job ID on the particular Runner in context of the project
  • <namespace> is the namespace where the project is stored on AlloyCI
  • <project-name> is the name of the project as it is stored on AlloyCI

To overwrite the <working-directory>/builds and <working-directory/cache specify the builds_dir and cache_dir options under the [[runners]] section in config.toml.

Running as unprivileged user

If AlloyCI Runner is installed on Linux from the official .deb or .rpm packages, the installer will try to use the alloy_ci_multi_runner user if found. If it is not found, it will create a alloy-runner user and use this instead.

All shell builds will be then executed as either the alloy-runner or alloy_ci_multi_runner user.

In some testing scenarios, your builds may need to access some privileged resources, like Docker Engine or VirtualBox. In that case you need to add the alloy-runner user to the respective group:

usermod -aG docker alloy-runner
usermod -aG vboxusers alloy-runner

Security

Generally it's unsafe to run tests with shell executors. The jobs are run with the user's permissions (alloy-runner) and can "steal" code from other projects that are run on this server. Use it only for running builds on a server you trust and own.