chore: use c/s mode

Author: soulteary

.dockerignore

@@ -5,8 +5,10 @@
 .gitignore
 .dockerignore
 runner-manager
+runner-agent
 *.exe
 runners
+config.yaml
 .env
 *.test
 *.out

.env.example

@@ -0,0 +1,18 @@
+# 复制为 .env 后按需修改
+# cp .env.example .env
+#
+# docker-compose 会读取 .env，以下变量可选：
+#
+# Manager 镜像（与 docker-compose 中 runner-manager.image 对应）
+# MANAGER_IMAGE=ghcr.io/soulteary/runner-fleet:main
+# 使用本仓库 CI 推送的镜像时改为：ghcr.io/<owner>/<repo>:main 或 :<tag>
+#
+# 宿主机映射端口，默认 8080
+# MANAGER_PORT=8080
+#
+# Job 内 Docker 使用 DinD（仅非容器模式时有效）：取消下一行注释
+# DOCKER_HOST=tcp://runner-dind:2375
+#
+# 容器模式且 Manager 在容器内时，config.yaml 中 runners.volume_host_path 需为宿主机 runners 的绝对路径，例如：
+#   realpath runners
+#   echo "$(cd . && pwd)/runners"

.github/workflows/build.yml

@@ -26,6 +26,12 @@ jobs:
       - name: Vet
         run: go vet ./...
 
+      - name: Lint
+        uses: golangci/golangci-lint-action@v9
+        with:
+          version: latest
+          args: --max-same-issues=100000
+
       - name: Run tests
         run: go test -v ./...
 
@@ -49,10 +55,13 @@ jobs:
           VERSION=$(git describe --tags --abbrev=0 2>/dev/null || echo "dev-$(git rev-parse --short HEAD)")
           echo "version=$VERSION" >> $GITHUB_OUTPUT
 
-      - name: Build
+      - name: Build Manager
         run: |
           go build -ldflags "-s -w -X main.Version=${{ steps.version.outputs.version }}" -o runner-manager .
 
+      - name: Build Runner Agent (container mode)
+        run: go build -o runner-agent ./cmd/runner-agent
+
       - name: Init example config
         run: cp config.yaml.example config.yaml
 

.github/workflows/publish-image.yml

@@ -74,7 +74,7 @@ jobs:
       - name: Prepare config for image
         run: cp config.yaml.example config.yaml
 
-      - name: Build and push
+      - name: Build and push Manager image
         uses: docker/build-push-action@v6
         with:
           context: .
@@ -87,3 +87,22 @@ jobs:
           platforms: linux/amd64,linux/arm64
           cache-from: type=gha
           cache-to: type=gha,mode=max
+
+      - name: Prepare Runner tags (same image, tag suffix -runner)
+        id: runner-tags
+        run: |
+          echo "tags<<EOF" >> "$GITHUB_OUTPUT"
+          echo "${{ steps.meta.outputs.tags }}" | sed '/./s/\(:.*\)$/\1-runner/' >> "$GITHUB_OUTPUT"
+          echo "EOF" >> "$GITHUB_OUTPUT"
+
+      - name: Build and push Runner image (container mode)
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: ./Dockerfile.runner
+          push: true
+          tags: ${{ steps.runner-tags.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          platforms: linux/amd64,linux/arm64
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

.github/workflows/release.yml

@@ -76,19 +76,25 @@ jobs:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Extract metadata
+      - name: Compute canonical image name (lowercase for GHCR)
+        id: vars
+        run: |
+          CANONICAL="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}"
+          echo "canonical=${CANONICAL,,}" >> "$GITHUB_OUTPUT"
+
+      - name: Extract metadata (Manager image)
         id: meta
         uses: docker/metadata-action@v5
         with:
-          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          images: ${{ steps.vars.outputs.canonical }}
           tags: |
             type=ref,event=tag
             type=semver,pattern={{version}}
             type=semver,pattern={{major}}.{{minor}}
             type=semver,pattern={{major}}
             type=raw,value=latest,enable=true
 
-      - name: Build and push Docker image
+      - name: Build and push Manager Docker image
         uses: docker/build-push-action@v6
         with:
           context: .
@@ -102,6 +108,25 @@ jobs:
           cache-to: type=gha,mode=max
           platforms: linux/amd64,linux/arm64
 
+      - name: Prepare Runner tags (same image, tag suffix -runner)
+        id: runner-tags
+        run: |
+          echo "tags<<EOF" >> "$GITHUB_OUTPUT"
+          echo "${{ steps.meta.outputs.tags }}" | sed '/./s/\(:.*\)$/\1-runner/' >> "$GITHUB_OUTPUT"
+          echo "EOF" >> "$GITHUB_OUTPUT"
+
+      - name: Build and push Runner Docker image (container mode)
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: ./Dockerfile.runner
+          push: true
+          tags: ${{ steps.runner-tags.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          platforms: linux/amd64,linux/arm64
+
       - name: Create Release
         uses: softprops/action-gh-release@v2
         with:
@@ -116,8 +141,13 @@ jobs:
 
             ### Docker 镜像 (GHCR)
 
+            - Manager（管理服务）:
+            ```bash
+            docker pull ${{ steps.vars.outputs.canonical }}:${{ steps.version.outputs.tag }}
+            ```
+            - Runner 容器镜像（容器模式，同镜像名，tag 带 -runner 后缀）:
             ```bash
-            docker pull ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.tag }}
+            docker pull ${{ steps.vars.outputs.canonical }}:${{ steps.version.outputs.tag }}-runner
             ```
 
             ### 二进制

.gitignore

@@ -1,5 +1,6 @@
 # 可执行文件
 runner-manager
+runner-agent
 *.exe
 
 # Runner 数据目录（按需取消注释）

Dockerfile

@@ -1,4 +1,4 @@
-# 多阶段构建：编译 + Ubuntu 运行时（避免 Alpine 导致 GitHub Runner 运行异常）
+# Runner Fleet Manager：多阶段构建，编译 + Ubuntu 运行时（避免 Alpine 导致 GitHub Runner 运行异常）
 FROM golang:1.26-bookworm AS builder
 WORKDIR /app
 COPY go.mod go.sum ./
@@ -8,7 +8,10 @@ ARG VERSION=dev
 RUN CGO_ENABLED=0 go build -ldflags "-X main.Version=${VERSION}" -o runner-manager .
 
 FROM ubuntu:24.04
-# GitHub Actions Runner 需 .NET Core 6.0 依赖（libicu 等），与 installdependencies.sh 一致
+LABEL org.opencontainers.image.title="Runner Fleet Manager" \
+      org.opencontainers.image.description="GitHub Actions Runner 管理服务"
+
+# GitHub Actions Runner 需 .NET Core 6.0 依赖（libicu 等）
 RUN apt-get update && apt-get install -y --no-install-recommends \
     ca-certificates \
     curl \
@@ -19,27 +22,31 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
     zlib1g \
     && rm -rf /var/lib/apt/lists/*
 
-# Docker CLI：DinD 模式下 Job 内 docker/setup-qemu-action、docker build 等需在容器内调用 docker 命令，通过 DOCKER_HOST 连接 DinD 守护进程
-# 基础镜像是 ubuntu:24.04，对应 codename noble
+# Docker CLI：Job 内 docker build 等通过 DOCKER_HOST 连接 DinD 或宿主机 Docker
 RUN install -m 0755 -d /etc/apt/keyrings \
     && curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc \
     && chmod 644 /etc/apt/keyrings/docker.asc \
     && echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu noble stable" > /etc/apt/sources.list.d/docker.list \
     && apt-get update && apt-get install -y --no-install-recommends docker-ce-cli \
     && rm -rf /var/lib/apt/lists/*
 
-# 使用非 root 用户运行，避免 GitHub Actions Runner 报 "Must not run with sudo"
-# UID/GID 1001 挂载 runners 卷时可按需 chown
+# 非 root 运行，避免 Runner 报 "Must not run with sudo"；挂载卷时宿主机建议 chown 1001:1001
 RUN groupadd -g 1001 app && useradd -r -u 1001 -g app -d /app -s /bin/bash app
 
 WORKDIR /app
 COPY --from=builder /app/runner-manager .
-COPY --from=builder /app/config.yaml ./config.yaml
+
+# 默认配置：基于 example 生成，base_path 设为 /app/runners（与下方卷挂载一致）；运行时可挂载自己的 config.yaml 覆盖
+COPY config.yaml.example ./config.yaml
+RUN sed -i 's|base_path: ./runners|base_path: /app/runners|' config.yaml
+
 RUN mkdir -p /app/scripts /app/runners
 COPY scripts/install-runner.sh /app/scripts/install-runner.sh
 RUN chmod +x /app/scripts/install-runner.sh && chown -R app:app /app
 
 USER app
 EXPOSE 8080
+HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
+    CMD curl -fsS http://127.0.0.1:8080/health || exit 1
 ENTRYPOINT ["./runner-manager"]
-CMD ["-config", "config.yaml"]
+CMD ["-config", "/app/config.yaml"]

Dockerfile.runner

@@ -0,0 +1,43 @@
+# Runner 容器镜像（容器模式用）：仅包含 Agent + Runner 运行依赖，Runner 目录由 Manager 挂载到 /runner
+FROM golang:1.26.0-bookworm AS builder
+WORKDIR /app
+COPY go.mod go.sum ./
+RUN go mod download
+COPY . .
+RUN CGO_ENABLED=0 go build -o runner-agent ./cmd/runner-agent
+
+FROM ubuntu:24.04
+LABEL org.opencontainers.image.title="Runner Fleet Runner" \
+      org.opencontainers.image.description="GitHub Actions Runner 单实例容器，内含 Agent 供 Manager 控制"
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    ca-certificates \
+    curl \
+    libicu74 \
+    libkrb5-3 \
+    liblttng-ust1 \
+    libssl3 \
+    zlib1g \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN install -m 0755 -d /etc/apt/keyrings \
+    && curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc \
+    && chmod 644 /etc/apt/keyrings/docker.asc \
+    && echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu noble stable" > /etc/apt/sources.list.d/docker.list \
+    && apt-get update && apt-get install -y --no-install-recommends docker-ce-cli \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN groupadd -g 1001 app && useradd -r -u 1001 -g app -d /runner -s /bin/bash app
+
+WORKDIR /runner
+COPY --from=builder /app/runner-agent /runner/runner-agent
+RUN chown -R app:app /runner
+
+ENV RUNNER_INSTALL_DIR=/runner
+ENV AGENT_PORT=8081
+
+USER app
+EXPOSE 8081
+HEALTHCHECK --interval=30s --timeout=5s --start-period=5s --retries=3 \
+    CMD curl -fsS http://127.0.0.1:8081/health || exit 1
+ENTRYPOINT ["/runner/runner-agent"]

Makefile

@@ -2,10 +2,13 @@
 BINARY  := runner-manager
 VERSION ?= dev
 
-.PHONY: build test run docker-build docker-run docker-stop clean help
+# 本地构建 Runner 镜像的默认 tag；使用 CI 推送的镜像时为同仓库名、tag 带 -runner，如 ghcr.io/<owner>/<repo>:main-runner
+RUNNER_IMAGE ?= ghcr.io/soulteary/runner-fleet-runner:main
+
+.PHONY: build test run docker-build docker-build-runner docker-run docker-stop clean help
 
 help:
-	@echo "targets: build test run docker-build docker-run docker-stop clean"
+	@echo "targets: build test run docker-build docker-build-runner docker-run docker-stop clean"
 
 build:
 	go build -ldflags "-X main.Version=$(VERSION)" -o $(BINARY) .
@@ -19,6 +22,9 @@ run: build
 docker-build:
 	docker build --build-arg VERSION=$(VERSION) -t runner-manager:$(VERSION) .
 
+docker-build-runner:
+	docker build -f Dockerfile.runner -t $(RUNNER_IMAGE) .
+
 docker-run: docker-stop
 	docker run -d --name runner-manager -p 8080:8080 \
 		-v $(PWD)/config.yaml:/app/config.yaml \

README.md

@@ -3,7 +3,7 @@
 基于 Golang Echo 的 HTTP 管理界面，在一台机器上查看和管理多个 GitHub Actions 自托管 Runner。使用 YAML 配置，无需数据库。
 
 许可证：MIT，见 [LICENSE](LICENSE)。  
-CI：push 到 `main`/`master` 时通过 [GitHub Actions](.github/workflows/build.yml) 自动执行 vet、测试与构建。
+CI：push 到 `main`/`master` 时通过 [GitHub Actions](.github/workflows/build.yml) 执行检查与构建；[publish-image](.github/workflows/publish-image.yml) 会构建并推送 Manager 与 Runner 容器镜像到 GHCR。
 
 ## 功能
 
@@ -12,6 +12,7 @@ CI：push 到 `main`/`master` 时通过 [GitHub Actions](.github/workflows/build
 - **快速添加**：名称 + 目标（组织/仓库）+ 可选 Token，一键添加并可自动注册
 - **删除**：从配置中移除（不删磁盘目录）
 - **启停**：对已注册 Runner 启动/停止
+- **容器模式**（可选）：每个 Runner 运行在独立容器中，Manager 通过 C/S 控制并获取状态；Runner 与 Manager 同镜像名，CI 推送 tag 带 `-runner` 后缀（如 `:main-runner`、`:1.0.0-runner`）
 
 ## 快速开始