feat(chart): make DinD sidecar image configurable via values#4417
feat(chart): make DinD sidecar image configurable via values#4417frank-bee wants to merge 2 commits intoactions:masterfrom
Conversation
Add containerMode.dindImage to allow overriding the hardcoded docker:dind image in the DinD sidecar container. This enables users to provide a custom DinD image with pre-configured daemon.json (e.g., registry mirrors for pull-through caches, insecure registries) without having to abandon containerMode entirely and manually define the full pod spec. Closes actions#3709
frank-bee
requested review from
Steve-Glass,
mumoshu,
nikola-jokic,
rentziass and
toast-gear
as code owners
There was a problem hiding this comment.
Pull request overview
This PR makes the Docker-in-Docker (DinD) sidecar image configurable in the stable gha-runner-scale-set Helm chart by introducing a containerMode.dindImage value, defaulting to docker:dind for backward compatibility.
Changes:
- Add documentation in
values.yamlfor a new optionalcontainerMode.dindImagesetting. - Update the DinD container helper to render
image:fromValues.containerMode.dindImage(falling back todocker:dind).
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| charts/gha-runner-scale-set/values.yaml | Documents the new containerMode.dindImage option for overriding the DinD sidecar image. |
| charts/gha-runner-scale-set/templates/_helpers.tpl | Switches the DinD sidecar image from hardcoded docker:dind to a configurable value with a default fallback. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # ## Optional: override the default docker:dind image used for the DinD sidecar container. | ||
| # ## This is useful for using a custom image with pre-configured daemon.json | ||
| # ## (e.g., registry mirrors, insecure registries) or other customizations. | ||
| # # dindImage: "docker:dind" |
There was a problem hiding this comment.
The example line for dindImage is double-commented (# # dindImage: ...). If a user uncomments the containerMode block by removing the leading #, this line will still remain commented and the option can be missed. Use a single leading # like the other fields in this example block.
| # # dindImage: "docker:dind" | |
| # dindImage: "docker:dind" |
There was a problem hiding this comment.
Fixed — removed the extra comment level so dindImage is now single-commented like the other fields in the block.
| ## empty, and configuration should be applied to the template. | ||
| # containerMode: | ||
| # type: "dind" ## type can be set to "dind", "kubernetes", or "kubernetes-novolume" | ||
| # ## Optional: override the default docker:dind image used for the DinD sidecar container. | ||
| # ## This is useful for using a custom image with pre-configured daemon.json |
There was a problem hiding this comment.
The surrounding documentation says that if any customization is required for dind/kubernetes mode, containerMode should remain empty and users should customize via template. Adding containerMode.dindImage introduces an official customization knob under containerMode, which contradicts that guidance—please update the wording to clarify that dindImage is supported while deeper customization still requires using template.
There was a problem hiding this comment.
Good catch — updated the wording to clarify that dindImage is a supported customization knob, while deeper customization (extra env vars, volume mounts, security contexts) still requires dropping containerMode and using template directly.
|
|
||
| {{- define "gha-runner-scale-set.dind-container" -}} | ||
| image: docker:dind | ||
| image: {{ .Values.containerMode.dindImage | default "docker:dind" }} |
There was a problem hiding this comment.
This change adds new behavior (allowing users to override the DinD image). The chart has unit tests asserting the default docker:dind, but there’s no test covering the new override path. Add a unit test that sets containerMode.dindImage and asserts the rendered dind container image matches it.
There was a problem hiding this comment.
Added TestTemplateRenderedAutoScalingRunnerSet_EnableDinD_CustomImage — sets containerMode.dindImage to a custom image and asserts the rendered DinD container uses it.
- Fix double-commenting on dindImage example in values.yaml - Update containerMode docs to clarify that dindImage is a supported customization while deeper changes still require using template - Add unit test for custom dindImage rendering
Summary
containerMode.dindImagevalue togha-runner-scale-setchart to allow overriding the hardcodeddocker:dindimage in the DinD sidecardocker:dind— fully backward compatible, no behavior change for existing usersMotivation
containerMode.type: dindcurrently hardcodesdocker:dindwith no way to override it. Users who need a custom DinD image (e.g., with pre-configureddaemon.jsonfor registry mirrors or insecure registries) are forced to abandoncontainerModeentirely and manually reimplement the full DinD pod spec.The experimental chart already supports this via
runner.dind.container.image. This PR backports the same capability to the stable chart with a minimal, non-breaking change.Changes
_helpers.tpl: Changeimage: docker:dindtoimage: {{ .Values.containerMode.dindImage | default "docker:dind" }}values.yaml: Add commented-outdindImageoption undercontainerModewith documentationTest plan
helm templatewithcontainerMode.type=dindand nodindImage→ rendersimage: docker:dind(backward compat)helm templatewithcontainerMode.type=dindanddindImage: custom/dind:v1→ rendersimage: custom/dind:v1Closes #4416
Related: #3709, #3120, #2765, #3439, #3547