From 4528a35f5c49aa339f267f94db08a30df0d069da Mon Sep 17 00:00:00 2001
From: eksrha <58111764+eksrha@users.noreply.github.com>
Date: Thu, 25 Aug 2022 11:13:53 +0200
Subject: [PATCH] add enterprises support + update gh runner
---
README.md | 21 ++++++++++++++-------
images/base/Dockerfile | 2 +-
images/base/helper-scripts/gh-entrypoint.sh | 12 +++++++-----
3 files changed, 22 insertions(+), 13 deletions(-)
diff --git a/README.md b/README.md
index f03fdea..54bac87 100644
--- a/README.md
+++ b/README.md
@@ -2,6 +2,7 @@
[](https://github.com/fullstack-devops/github-actions-runner/actions/workflows/anchore.yml)
# GitHub Actions Custom Runner
+
Container images with Github Actions Runner. Different flavoured images with preinstalled tools and software for builds with limited internet access and non root privileges (exception for kaniko).
With a focus on already installed software to avoid a subsequent installation by a `setup-action`.
@@ -13,8 +14,9 @@ Support: If you need help or a feature just open an issue!
Package / Images: `ghcr.io/fullstack-devops/github-actions-runner`
Available Tags:
+
| Name (tag) | Installed Tools/ Software | Dockerfile | Description |
-|---------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------|----------------------------------------------------------------------------------------------------|
+| ------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------ | -------------------------------------------------------------------------------------------------- |
| `latest-base` | libffi-dev, libicu-dev, build-essential, libssl-dev, ca-certificates, jq, sed, grep, git, curl, wget, zip, [awesome-ci](https://github.com/fullstack-devops/awesome-ci), [alpaca](https://github.com/samuong/alpaca) | [Dockerfile](images/base/Dockerfile) | Base runner with nothing fancy installed, but with internet connection more tools can be installed |
| `latest-kaniko-sidecar` | kaniko | [Dockerfile](images/kaniko-sidecar/Dockerfile) | Sidecar used by other runner images to build containers |
| `latest-ansible-k8s` | base-image + ansible, helm, kubectl, skopeo | [Dockerfile](images/ansible-k8s/Dockerfile) | Runner specializing in automated k8s deployments via Ansible in your cluster |
@@ -32,20 +34,19 @@ Available Tags:
### Required environmental variables
-| Variable | Type | Description |
-|-------------------|--------|-------------------------------------------------------------------------------------------------------------------|
-| `GH_ORG` | string | Points to the GitHub Organisation where the runner should be installed |
-| `GH_ACCESS_TOKEN` | string | Developer Token vor the GitHub Organisation
This Token can be personal and is onlv needed during installation |
+| Variable | Type | Description |
+| -------------------------------------- | ------ | ----------------------------------------------------------------------------------------------------------------- |
+| `GH_ORG`, `GH_REPO` or `GH_ENTERPRISE` | string | Points to the GitHub enterprise, organisation or repo where the runner should be installed |
+| `GH_ACCESS_TOKEN` | string | Developer Token vor the GitHub Organisation
This Token can be personal and is onlv needed during installation |
### Optional environmental variables
For the helm values see the [values.yaml](https://github.com/fullstack-devops/helm-charts/blob/main/charts/github-actions-runner/values.yaml), section `envValues`
| Variable | Type | Default | Description |
-|-------------------|--------|--------------------------|----------------------------------------------------------------------|
+| ----------------- | ------ | ------------------------ | -------------------------------------------------------------------- |
| `GH_URL` | string | `https://github.com` | For GitHub Enterprise support |
| `GH_API_ENDPOINT` | string | `https://api.github.com` | For GitHub Enterprise support eg.: `https://git.example.com/api/v3/` |
-| `GH_REPO` | string | | installing a runner to a spezific repository |
| `KANIKO_ENABLED` | bool | `false` | enable builds with kaniko (works only with kaniko-sidecar) |
---
@@ -57,11 +58,13 @@ For the helm values see the [values.yaml](https://github.com/fullstack-devops/he
If you are using `docker` or `podman` the options and commands are basically the same.
Run registerd to an Organisation:
+
```bash
docker run -e GH_ORG=fullstack-devops -e GH_ACCESS_TOKEN=ghp_**** ghcr.io/fullstack-devops/github-actions-runner:latest-base
```
Run registerd to an Organisation and Repo:
+
```bash
docker run -e GH_ORG=fullstack-devops -e GH_REPO=github-runner-testing -e GH_ACCESS_TOKEN=ghp_**** ghcr.io/fullstack-devops/github-actions-runner:latest-base
```
@@ -78,11 +81,13 @@ docker-compose up -d
### podman
Setup exchange directory (only nessesarry until podman supports emptyDir volumes)
+
```bash
mkdir /tmp/delme
```
Starting GitHub runner with podman
+
```bash
cd examples/podman
@@ -90,6 +95,7 @@ podman play kube deployment.yml
```
Removing GitHub runner an dumps
+
```bash
podman pod rm gh-runner-kaniko -f
rm -rf /tmp/delme
@@ -133,4 +139,5 @@ spec:
```
### helm
+
https://github.com/fullstack-devops/helm-charts/tree/main/charts/github-actions-runner
diff --git a/images/base/Dockerfile b/images/base/Dockerfile
index 59841ba..f6d260b 100644
--- a/images/base/Dockerfile
+++ b/images/base/Dockerfile
@@ -13,7 +13,7 @@ ENV GH_RUNNER_WORKDIR="/home/${USERNAME}"
ENV GH_KANIKO_WORKDIR="/kaniko/workspace"
# https://github.com/actions/runner/releases
-ENV GH_RUNNER_VERSION=2.295.0
+ENV GH_RUNNER_VERSION=2.296.0
ENV GH_RUNNER_LABELS=ubuntu-20.04
# https://github.com/fullstack-devops/awesome-ci/releases
diff --git a/images/base/helper-scripts/gh-entrypoint.sh b/images/base/helper-scripts/gh-entrypoint.sh
index ebbc45d..379f44f 100755
--- a/images/base/helper-scripts/gh-entrypoint.sh
+++ b/images/base/helper-scripts/gh-entrypoint.sh
@@ -11,15 +11,17 @@ readonly _GH_API_ENDPOINT="${GH_API_ENDPOINT:-https://api.github.com}"
# Org/ Repo details
if [ -z "$GH_ORG" ]; then
- echo "Please provide Organisation detail by setting GH_ORG"
- exit 255
-fi
-if [ -z "$GH_REPO" ]; then
readonly RUNNER_URL="${_GH_URL}/${GH_ORG}"
readonly RUNNER_REG_TOKEN_URL="${_GH_API_ENDPOINT}/orgs/${GH_ORG}/actions/runners/registration-token"
-else
+elif [ -z "$GH_REPO" ]; then
readonly RUNNER_URL="${_GH_URL}/${GH_ORG}/${GH_REPO}"
readonly RUNNER_REG_TOKEN_URL="${_GH_API_ENDPOINT}/repos/${GH_ORG}/${GH_REPO}/actions/runners/registration-token"
+elif [ -z "$GH_ENTERPRISE" ]; then
+ readonly RUNNER_URL="${_GH_URL}/${GH_ENTERPRISE}"
+ readonly RUNNER_REG_TOKEN_URL="${_GH_API_ENDPOINT}/enterprises/${GH_ENTERPRISEs}/actions/runners/registration-token"
+else
+ echo "Please provide Organisation detail by setting GH_ORG"
+ exit 255
fi
# access details