Fix #2809 : replace TCP docker daemon connection with unix socket

[dm3ch]

TCP docker connection causes the following problem:

dind: fails because of "ERROR: could not create a builder instance with TLS data loaded from environment."
kubernetes: fails because of "/usr/bin/tar: ../../../.docker: Cannot mkdir: Permission denied"

This issue have been workaround on legacy work mode by using unix socket for interaction with docker daemon ( #2324 )

This PR reimplements same approach for RunnerSets.

P.S. I preferred this approach cause in this case RunnerSets can work with workflows wrote for public action runners without any changes in workflow to make it work (without adding steps to create buildx context properly)

/fix #2809

[nikola-jokic]

LGTM

[dm3ch]

Do I need to fix something or merge fresh master?

[Link-]

Need to address the concern of group id before we merge this

[Link-]

As we plan to upgrade the Docker engine of the runner image to 24.0.6 this fix is going to be a necessity for DinD mode to work.

It resolves the error from running docker/setup-buildx-action@v3:

 ERROR: could not create a builder instance with TLS data loaded from environment. Please use `docker context create <context-name>` to create a context for current environment and then create a builder instance with `docker buildx create <context-name>`

Other workarounds are discussed here: #893

[Link-]

TODO before releasing

• Create an announcement to make it clear for folks what changed and the consequences of that. The announcement should clarify that this is an opinionated approach and that folks who want to do things different are always welcome to create their own chart
• Pass E2E tests: https://github.com/actions/actions-runner-controller/actions/runs/6266116102

[shreelola]

Running containers inside containers is not working with this change.
Do you have any workaround for this?

docker: Cannot connect to the Docker daemon at unix:///run/docker.sock. Is the docker daemon running?.

[nikola-jokic]

Hey @shreelola,

Did you configure your autoscaling runner set with dind mode?

[shreelola]

Hi @nikola-jokic

Yes.
Standard docker pulls and run works with this change inside the runner pod, but when we try to run the container inside
the container, it fails.

Edit:

I delved further and discovered that the issue is not related to this change; it appears that the problem stems from the controller modification.

The old controller version was using TCP here: https://github.com/actions/actions-runner-controller/blob/v0.26.0/controllers/runner_controller.go#L1011
with the new runner version, it is using unix socket: https://github.com/actions/actions-runner-controller/blob/v0.27.5/controllers/actions.summerwind.net/runner_controller.go#L1072.

We started experiencing this issue after upgrading the runner version. Any insights would be highly appreciated. Thank you for your time.

[nikola-jokic]

The latest version uses unix sockets instead of tcp sockets. This issue references the same problem. As a workaround, may I suggest commenting out the entire containerMode object and providing the dind spec as it was described in prior releases?