Github Actions, self-hosted runner: Possible to add options to 'docker create'?

Question

Summary:

GitHub Actions on self-hosted runners are executed in docker containers that are started with a bunch of options, pre-determined by the actions/runner software. How can I elegantly add custom options for docker create and docker run?

Details & Explanation

When I run a github actions workflow on a self-hosted runner, the process starts as follows:

• Set up job
• Initialize containers
  • Checking docker version
  • Clean up resources from previous jobs
  • Create local container network
  • Starting job container and HERE it becomes interesting

The job container is started with a command like this, as I can see in the log:

/usr/bin/docker create --name da928aa7e61a4a44bd8e525...ea --label d36a64 --workdir /__w/xyz/xyz --network github_network_187...1631 -e "HOME=/github/home" -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" etc. pp.

Now, I have some very special tests to run as part of my CI build in that container. And for that, I would need to specify additional options for /usr/bin/docker create so imagine me needing any option from this list. Let's say --cap-add.

How can I do this? Some options came to my mind already:

• I can hack the runners, but they are auto-updating and I do not want to repeatedly do that.
• I can also move /usr/bin/docker to a different location and replace with a smart bash script, modifying the options and then calling docker. But that would mess with docker for all users on that system.

Any other ideas?

Answer 1

I am answering my own question here:

The options can be specified as part of the workflow yml, as described here:

https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idcontainer

Example part of .github/workflows/workflow.yml

(...)
    container:
      image: contoso.azurecr.io/bionic-custom:latest
      options: --cap-add=NET_ADMIN
(...)