Using docker hooks in self-hosted container breaks trivy action behind corporate proxy

[dnewhook]

Hi, coming back to this topic as I wanted to use a bespoke DOCKER_HOST socket in my self-hosted runner. It seems like the default code hard codes /var/run/docker.sock and I wanted to try and change that behaviour. I played with this a while back in https://github.com/actions/runner-container-hooks/issues/39.

My env file is as follows....

XDG_RUNTIME_DIR=/tmp/podman-run-1001
DOCKER_HOST=unix:///tmp/podman-run-1001/podman/podman.sock
ACTIONS_RUNNER_CONTAINER_HOOKS=/home/runner/docker/index.js

A first observation is that using the index.js from this repo seems to change the workflow order. The dockerfile action is not built beforehand - is this expected behaviour?

Without the docker container hooks (default):

Using index.js from this repo (0.5.0)....

The main issue is that the introduction of the container hooks seems to wipe out the forward proxy settings that are configured for the container. I could put these values in the runner env file but I prefer to pass them dynamically via override values to the helm gha-runner-scale-set:

  set {
    name  = "template.spec.containers[0].env[0].name"
    value = "HTTPS_PROXY"
  }

  set {
    name  = "template.spec.containers[0].env[0].value"
    value = "http://squid-service.${var.forwardproxy_namespace}:3128"
  }

  set {
    name  = "template.spec.containers[0].env[1].name"
    value = "HTTP_PROXY"
  }

  set {
    name  = "template.spec.containers[0].env[1].value"
    value = "http://squid-service.${var.forwardproxy_namespace}:3128"
  }

Any suggestions welcome thankyou!

[nikola-jokic]

Hey @dnewhook,

It seems to me that only the environment variables that are related to the docker itself are exposed, which is a problem.

Thank you for reporting it!