fix: drop openrc in runner images: missing pids in cgroups setup

Runner.Dockerfile

@@ -20,7 +20,7 @@ RUN --mount=type=cache,id=golang,target=/go/pkg make build
 FROM docker.io/library/alpine
 
 WORKDIR /app
-RUN apk --no-cache add tzdata ca-certificates bash openrc \
+RUN apk --no-cache add tzdata ca-certificates bash tini \
                    containerd nerdctl
 
 # sources
@@ -29,4 +29,5 @@ COPY --from=builder /builder/config.docker.yaml /app
 COPY --from=builder /builder/docker-entrypoint.sh /app
 COPY --from=builder /builder/woj /app
 
-ENTRYPOINT ["/app/docker-entrypoint.sh"]
+# reap zombies from containerd-shim
+ENTRYPOINT ["/sbin/tini", "/app/docker-entrypoint.sh"]

docker-entrypoint.sh

@@ -118,11 +118,19 @@ function generate_config() {
 }
 
 startup_containerd() {
-    rc-status
+    # taken from https://github.com/moby/moby/blob/ee6cbc540e9c62feb143c2a8d3f0c86d2a468767/hack/dind#L59-L69
-    touch /run/openrc/softlevel
+    # cgroup v2: enable nesting
-    rc-update add containerd default
+    if [ -f /sys/fs/cgroup/cgroup.controllers ]; then
-    rc-service containerd start
+    	# move the processes from the root group to the /init group,
-    rc-service containerd status
+    	# otherwise writing subtree_control fails with EBUSY.
+    	# An error during moving non-existent process (i.e., "cat") is ignored.
+    	mkdir -p /sys/fs/cgroup/init
+    	xargs -rn1 < /sys/fs/cgroup/cgroup.procs > /sys/fs/cgroup/init/cgroup.procs || :
+    	# enable controllers
+    	sed -e 's/ / +/g' -e 's/^/+/' < /sys/fs/cgroup/cgroup.controllers \
+    		> /sys/fs/cgroup/cgroup.subtree_control
+    fi
+    nohup containerd &
     log_info 'containerd started'
 }