Skip to content

EKS: actions-runner-controller readme update for dockerhub auth #1010

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Apr 3, 2024
Merged

EKS: actions-runner-controller readme update for dockerhub auth #1010

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
93ca543
update readme
Benbentwo Apr 2, 2024
fd0fe05
Update modules/eks/actions-runner-controller/README.md
Benbentwo Apr 2, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
57 changes: 57 additions & 0 deletions modules/eks/actions-runner-controller/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -247,6 +247,63 @@ Store this key in AWS SSM under the same path specified by `ssm_github_webhook_s
ssm_github_webhook_secret_token_path: "/github_runners/github_webhook_secret"
```

### Dockerhub Authentication

Authenticating with Dockerhub is optional but when enabled can ensure stability by increasing the number of pulls
allowed from your runners.

To get started set `docker_config_json_enabled` to `true` and `ssm_docker_config_json_path` to the SSM path where the
credentials are stored, for example `github_runners/docker`.

To create the credentials file, fill out a JSON file locally with the following content:

```json
{
"auths": {
"https://index.docker.io/v1/": {
"username": "your_username",
"password": "your_password",
"email": "your_email",
"auth": "$(echo "your_username: your_password" | base64)"
}
}
}
```

Then write the file to SSM with the following Atmos Workflow:

```yaml
save/docker-config-json:
description: Prompt for uploading Docker Config JSON to the AWS SSM Parameter Store
steps:
- type: shell
command: |-
echo "Please enter the Docker Config JSON file path"
echo "See https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry for information on how to create the file"
read -p "Docker Config JSON file path: " -r DOCKER_CONFIG_JSON_FILE_PATH
if [ -z "DOCKER_CONFIG_JSON_FILE_PATH" ]
then
echo 'Inputs cannot be blank please try again!'
exit 0
fi

DOCKER_CONFIG_JSON=$(<$DOCKER_CONFIG_JSON_FILE_PATH);
ENCODED_DOCKER_CONFIG_JSON=$(echo "$DOCKER_CONFIG_JSON" | base64 -w 0 );

echo $DOCKER_CONFIG_JSON
echo $ENCODED_DOCKER_CONFIG_JSON

AWS_PROFILE=acme-core-gbl-auto-admin

set -e

chamber write github_runners/docker config-json -- "$ENCODED_DOCKER_CONFIG_JSON"

echo 'Saved Docker Config JSON to the AWS SSM Parameter Store'
```

Don't forget to update the AWS Profile in the script.

### Using Runner Groups

GitHub supports grouping runners into distinct
Expand Down