-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 8b409cf
Showing
9 changed files
with
434 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,141 @@ | ||
name: Build Runner Image | ||
|
||
on: | ||
workflow_dispatch: | ||
inputs: | ||
github-runner-version: | ||
description: 'Version on github runner(in https://github.com/actions/runner), e.g: 2.290.0' | ||
required: true | ||
default: '2.290.0' | ||
|
||
jobs: | ||
build-arm64-version: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v3 | ||
|
||
- name: Login to GitHub Container Registry | ||
uses: docker/login-action@v1 | ||
with: | ||
registry: ghcr.io | ||
username: knatnetwork | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Login to Docker Hub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: knatnetwork | ||
password: ${{ secrets.DOCKERHUB_PASSWD }} | ||
|
||
- name: Set up QEMU | ||
uses: docker/setup-qemu-action@v1 | ||
|
||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v1 | ||
|
||
- name: Cache Docker layers | ||
uses: actions/cache@v3 | ||
with: | ||
path: /tmp/.buildx-cache | ||
key: ${{ runner.os }}-buildx-arm64-${{ github.sha }} | ||
restore-keys: | | ||
${{ runner.os }}-buildx-arm64 | ||
- name: Build and push ARM64 Version | ||
uses: docker/build-push-action@v2 | ||
with: | ||
context: ./arm64/ | ||
file: ./arm64/Dockerfile | ||
platforms: linux/arm64 | ||
push: true | ||
build-args: GITHUB_RUNNER_VERSION=${{ github.event.inputs.github-runner-version }} | ||
tags: | | ||
ghcr.io/knatnetwork/github-runner-arm64:focal-${{ github.event.inputs.github-runner-version }} | ||
knatnetwork/github-runner-arm64:focal-${{ github.event.inputs.github-runner-version }} | ||
cache-from: type=local,src=/tmp/.buildx-cache | ||
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max | ||
|
||
- name: Move cache | ||
run: | | ||
rm -rf /tmp/.buildx-cache | ||
mv /tmp/.buildx-cache-new /tmp/.buildx-cache | ||
build-amd64-version: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v3 | ||
|
||
- name: Login to GitHub Container Registry | ||
uses: docker/login-action@v1 | ||
with: | ||
registry: ghcr.io | ||
username: knatnetwork | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Login to Docker Hub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: knatnetwork | ||
password: ${{ secrets.DOCKERHUB_PASSWD }} | ||
|
||
- name: Set up QEMU | ||
uses: docker/setup-qemu-action@v1 | ||
|
||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v1 | ||
|
||
- name: Cache Docker layers | ||
uses: actions/cache@v3 | ||
with: | ||
path: /tmp/.buildx-cache | ||
key: ${{ runner.os }}-buildx-amd64-${{ github.sha }} | ||
restore-keys: | | ||
${{ runner.os }}-buildx-amd64 | ||
- name: Build and push AMD64 Version | ||
uses: docker/build-push-action@v2 | ||
with: | ||
context: ./amd64/ | ||
file: ./amd64/Dockerfile | ||
platforms: linux/amd64 | ||
push: true | ||
build-args: GITHUB_RUNNER_VERSION=${{ github.event.inputs.github-runner-version }} | ||
tags: | | ||
ghcr.io/knatnetwork/github-runner-amd64:focal-${{ github.event.inputs.github-runner-version }} | ||
knatnetwork/github-runner-amd64:focal-${{ github.event.inputs.github-runner-version }} | ||
cache-from: type=local,src=/tmp/.buildx-cache | ||
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max | ||
|
||
- name: Move cache | ||
run: | | ||
rm -rf /tmp/.buildx-cache | ||
mv /tmp/.buildx-cache-new /tmp/.buildx-cache | ||
combine-two-images: | ||
runs-on: ubuntu-latest | ||
needs: | ||
- build-arm64-version | ||
- build-amd64-version | ||
steps: | ||
- name: Login to GitHub Container Registry | ||
uses: docker/login-action@v1 | ||
with: | ||
registry: ghcr.io | ||
username: knatnetwork | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Login to Docker Hub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: knatnetwork | ||
password: ${{ secrets.DOCKERHUB_PASSWD }} | ||
|
||
- name: Combine two images | ||
run: | | ||
docker manifest create knatnetwork/github-runner:focal-${{ github.event.inputs.github-runner-version }} --amend knatnetwork/github-runner-amd64:focal-${{ github.event.inputs.github-runner-version }} --amend knatnetwork/github-runner-arm64:focal-${{ github.event.inputs.github-runner-version }} | ||
docker manifest create ghcr.io/knatnetwork/github-runner:focal-${{ github.event.inputs.github-runner-version }} --amend ghcr.io/knatnetwork/github-runner-amd64:focal-${{ github.event.inputs.github-runner-version }} --amend ghcr.io/knatnetwork/github-runner-arm64:focal-${{ github.event.inputs.github-runner-version }} | ||
docker manifest push knatnetwork/github-runner:focal-${{ github.event.inputs.github-runner-version }} | ||
docker manifest push ghcr.io/knatnetwork/github-runner:focal-${{ github.event.inputs.github-runner-version }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
MIT License | ||
|
||
Copyright (c) 2020 Sander Knape | ||
|
||
Permission is hereby granted, free of charge, to any person obtaining a copy | ||
of this software and associated documentation files (the "Software"), to deal | ||
in the Software without restriction, including without limitation the rights | ||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||
copies of the Software, and to permit persons to whom the Software is | ||
furnished to do so, subject to the following conditions: | ||
|
||
The above copyright notice and this permission notice shall be included in all | ||
copies or substantial portions of the Software. | ||
|
||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | ||
SOFTWARE. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,70 @@ | ||
# Simple Self-Hosted GitHub Actions Runner | ||
|
||
No Operator, No CRD, No need to blindly apply a `yml` to K8s cluster, only a simple self-hosted GitHub Actions Runner that just works! | ||
|
||
## Images | ||
|
||
This repo provides the following images, both are Multi-Arch(amd64/arm64 supported): | ||
|
||
* `knatnetwork/github-runner:focal-2.290.0` | ||
* `ghcr.io/knatnetwork/github-runner:focal-2.290.0` | ||
|
||
## Specs | ||
|
||
* Images are based on Ubuntu 20.04 | ||
|
||
## Usage | ||
|
||
1. Prepare your GitHub Personal Access Token, which looks like `ghp_xxxxxxxxxxxxx` with `admin:org` permission(If you'd like to register runner to repo, your user must have Admin permission on the related repo), if you don't know how to do it, you can refer to [Creating a personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token) | ||
2. If you'd like to register runner on a single machine, you can follow the quick start below. | ||
3. If you need to spread multiple runners on multiple nodes using K8s, please take a look at the [documentation](https://runner.knat.network). | ||
|
||
### Docker compose Quick Start | ||
|
||
This is a quick start template for people to register a runner on single machine using Docker Compose. | ||
|
||
First you need to create a `docker-compose.yml` file and write the following content. | ||
|
||
```yml | ||
version: '3' | ||
|
||
services: | ||
runner: | ||
image: knatnetwork/github-runner:bionic-2.290.0 | ||
restart: always | ||
environment: | ||
RUNNER_REGISTER_TO: 'knatnetwork' | ||
RUNNER_LABELS: 'docker,knat' | ||
KMS_SERVER_ADDR: 'http://kms:3000/' | ||
GOPROXY: 'http://goproxy.knat.network,https://proxy.golang.org,direct' | ||
ADDITIONAL_FLAGS: '--ephemeral' | ||
volumes: | ||
- /var/run/docker.sock:/var/run/docker.sock | ||
|
||
kms: | ||
image: knatnetwork/github-runner-kms:latest | ||
restart: always | ||
volumes: | ||
- ./config.json:/usr/src/app/config.json | ||
``` | ||
Then create a `config.json` and write down Org-PAT pair, example as below: | ||
|
||
```json | ||
{ | ||
"cloudflare": "ghp_bFLPOxxxxxxxxxxxxxxxxxxxxxxx", | ||
"rust-lang": "ghp_JGIGxxxxxxxxxxxxxxxxxxxOij4" | ||
} | ||
``` | ||
|
||
After that you can use `docker-compose up -d` to start the runner, and now the runner should be registered on `knatnetwork` Org now. | ||
|
||
Notes: | ||
|
||
* If you want to run runner without docker support inside it, just delete the `volumes` | ||
* If you don't want ephemeral runner(ref: [GitHub Actions: Ephemeral self-hosted runners & new webhooks for auto-scaling](https://github.blog/changelog/2021-09-20-github-actions-ephemeral-self-hosted-runners-new-webhooks-for-auto-scaling/), just remove `ADDITIONAL_FLAGS: '--ephemeral'` line.) | ||
* If you want to register runner to a repo only, you can just change value of `RUNNER_REGISTER_TO` to `<org_name>/<repo_name>` | ||
|
||
## Further Reading | ||
|
||
For more instructions, please take a look at the [documentation](https://runner.knat.network). |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
FROM ubuntu:20.04 as env | ||
|
||
ARG GITHUB_RUNNER_VERSION=2.286.1 | ||
ARG DEBIAN_FRONTEND=noninteractive | ||
|
||
WORKDIR /root | ||
RUN apt-get update && apt install wget -y | ||
RUN wget https://github.com/actions/runner/releases/download/v${GITHUB_RUNNER_VERSION}/actions-runner-linux-x64-${GITHUB_RUNNER_VERSION}.tar.gz \ | ||
&& tar xzf ./actions-runner-linux-x64-${GITHUB_RUNNER_VERSION}.tar.gz && rm -f actions-runner-linux-x64-${GITHUB_RUNNER_VERSION}.tar.gz \ | ||
&& sed -i '3,9d' ./config.sh \ | ||
&& sed -i '3,8d' ./run.sh | ||
|
||
FROM ubuntu:20.04 as runner | ||
|
||
ARG DEBIAN_FRONTEND=noninteractive | ||
ENV KMS_SERVER_ADDR "" | ||
ENV RUNNER_REGISTER_TO "" | ||
ENV RUNNER_WORKDIR "_work" | ||
ENV RUNNER_LABELS "" | ||
ENV ADDITIONAL_PACKAGES "" | ||
ENV ADDITIONAL_FLAGS "" | ||
ENV GOPROXY "" | ||
|
||
RUN apt-get update \ | ||
&& apt-get install -y curl sudo jq iputils-ping zip libssl-dev libcurl4-gnutls-dev zlib1g-dev gettext make build-essential python3-pip wget cmake clang perl psmisc \ | ||
&& apt-get clean \ | ||
&& rm -rf /var/lib/apt/lists/* \ | ||
&& wget https://mirrors.edge.kernel.org/pub/software/scm/git/git-2.28.0.tar.gz && tar -xvzf git-2.28.0.tar.gz && cd git-2.28.0 && ./configure --prefix=/usr/ && make -j 8 && make install \ | ||
&& cd && rm -rf git-2.28.0.tar.gz git-2.28.0 \ | ||
&& curl https://download.docker.com/linux/static/stable/x86_64/docker-20.10.14.tgz --output docker-20.10.14.tgz \ | ||
&& tar xvfz docker-20.10.14.tgz \ | ||
&& mv docker/* /usr/bin/ \ | ||
&& rm -f docker-20.10.14.tgz | ||
|
||
USER root | ||
WORKDIR /root/ | ||
|
||
COPY --from=env /root/ /root/ | ||
RUN /root/bin/installdependencies.sh | ||
|
||
COPY entrypoint.sh runsvc.sh ./ | ||
RUN sudo chmod u+x ./entrypoint.sh ./runsvc.sh | ||
|
||
ENTRYPOINT ["./entrypoint.sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
#!/bin/bash | ||
|
||
if [ -n "${ADDITIONAL_PACKAGES}" ]; then | ||
TO_BE_INSTALLED=$(echo ${ADDITIONAL_PACKAGES} | tr "," " " ) | ||
echo "Installing additional packages: ${TO_BE_INSTALLED}" | ||
sudo apt-get update && sudo apt-get install -y ${TO_BE_INSTALLED} && sudo apt-get clean | ||
fi | ||
|
||
if [ -z "${RUNNER_NAME}" ]; then | ||
RUNNER_NAME=$(hostname) | ||
fi | ||
|
||
if [[ "${RUNNER_REGISTER_TO}" == *\/* ]]; then | ||
# Contain "/", to Repo | ||
./config.sh --unattended --url https://github.com/${RUNNER_REGISTER_TO} --token $(curl ${KMS_SERVER_ADDR}/repo/${RUNNER_REGISTER_TO}/registration-token) ${ADDITIONAL_FLAGS} --labels "${RUNNER_LABELS}" --disableupdate | ||
else | ||
# Not contain "/", to Org | ||
./config.sh --unattended --url https://github.com/${RUNNER_REGISTER_TO} --token $(curl ${KMS_SERVER_ADDR}/${RUNNER_REGISTER_TO}/registration-token) ${ADDITIONAL_FLAGS} --labels "${RUNNER_LABELS}" --disableupdate | ||
fi | ||
|
||
remove() { | ||
if [[ "${RUNNER_REGISTER_TO}" == *\/* ]]; then | ||
# Contain "/", to Org | ||
./config.sh remove --unattended --token $(curl ${KMS_SERVER_ADDR}/repo/${RUNNER_REGISTER_TO}/remove-token) | ||
else | ||
# Not contain "/", to Repo | ||
./config.sh remove --unattended --token $(curl ${KMS_SERVER_ADDR}/${RUNNER_REGISTER_TO}/remove-token) | ||
fi | ||
} | ||
|
||
trap 'remove; exit 130' INT | ||
trap 'remove; exit 143' TERM | ||
|
||
./runsvc.sh "$*" & | ||
|
||
wait $! |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
#!/bin/bash | ||
|
||
# convert SIGTERM signal to SIGINT | ||
# for more info on how to propagate SIGTERM to a child process see: http://veithen.github.io/2014/11/16/sigterm-propagation.html | ||
trap 'kill -INT $PID' TERM INT | ||
|
||
if [ -f ".path" ]; then | ||
# configure | ||
export PATH=`cat .path` | ||
echo ".path=${PATH}" | ||
fi | ||
|
||
# insert anything to setup env when running as a service | ||
|
||
# run the host process which keep the listener alive | ||
./externals/node12/bin/node ./bin/RunnerService.js & | ||
PID=$! | ||
wait $PID | ||
trap - TERM INT | ||
wait $PID |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
FROM ubuntu:20.04 as env | ||
|
||
ARG GITHUB_RUNNER_VERSION=2.286.1 | ||
ARG DEBIAN_FRONTEND=noninteractive | ||
|
||
WORKDIR /root | ||
RUN apt-get update && apt install wget -y | ||
RUN wget https://github.com/actions/runner/releases/download/v${GITHUB_RUNNER_VERSION}/actions-runner-linux-arm64-${GITHUB_RUNNER_VERSION}.tar.gz \ | ||
&& tar xzf ./actions-runner-linux-arm64-${GITHUB_RUNNER_VERSION}.tar.gz && rm -f actions-runner-linux-arm64-${GITHUB_RUNNER_VERSION}.tar.gz \ | ||
&& sed -i '3,9d' ./config.sh \ | ||
&& sed -i '3,8d' ./run.sh | ||
|
||
FROM ubuntu:20.04 | ||
|
||
ARG DEBIAN_FRONTEND=noninteractive | ||
ENV KMS_SERVER_ADDR "" | ||
ENV RUNNER_REGISTER_TO "" | ||
ENV RUNNER_WORKDIR "_work" | ||
ENV RUNNER_LABELS "" | ||
ENV ADDITIONAL_PACKAGES "" | ||
ENV ADDITIONAL_FLAGS "" | ||
ENV GOPROXY "" | ||
|
||
RUN apt-get update \ | ||
&& apt-get install -y curl sudo jq iputils-ping zip gcc libssl-dev libcurl4-gnutls-dev zlib1g-dev make gettext wget docker-compose cmake clang perl psmisc \ | ||
&& apt-get clean \ | ||
&& rm -rf /var/lib/apt/lists/* \ | ||
&& wget https://mirrors.edge.kernel.org/pub/software/scm/git/git-2.28.0.tar.gz && tar -xvzf git-2.28.0.tar.gz && cd git-2.28.0 && ./configure --prefix=/usr/ && make -j 8 && make install \ | ||
&& cd && rm -rf git-2.28.0.tar.gz git-2.28.0 \ | ||
&& wget https://github.com/Kitware/CMake/releases/download/v3.21.3/cmake-3.21.3.tar.gz \ | ||
&& tar xf cmake-3.21.3.tar.gz && cd cmake-3.21.3 && ./configure && make -j 8 && make install \ | ||
&& curl https://download.docker.com/linux/static/stable/aarch64/docker-20.10.14.tgz --output docker-20.10.14.tgz \ | ||
&& tar xvfz docker-20.10.14.tgz \ | ||
&& mv docker/* /usr/bin/ \ | ||
&& rm -f docker-20.10.14.tgz | ||
|
||
USER root | ||
WORKDIR /root/ | ||
|
||
COPY --from=env /root/ /root/ | ||
RUN /root/bin/installdependencies.sh | ||
|
||
COPY entrypoint.sh runsvc.sh ./ | ||
RUN sudo chmod u+x ./entrypoint.sh ./runsvc.sh | ||
|
||
ENTRYPOINT ["./entrypoint.sh"] |
Oops, something went wrong.