Skip to content

Commit

Permalink
Init
Browse files Browse the repository at this point in the history
  • Loading branch information
@n0vad3v
n0vad3v committed Apr 14, 2022
0 parents commit 8b409cf
Show file tree
Hide file tree
Showing 9 changed files with 434 additions and 0 deletions.
141 changes: 141 additions & 0 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,141 @@
name: Build Runner Image

on:
workflow_dispatch:
inputs:
github-runner-version:
description: 'Version on github runner(in https://github.com/actions/runner), e.g: 2.290.0'
required: true
default: '2.290.0'

jobs:
build-arm64-version:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3

- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: knatnetwork
password: ${{ secrets.GITHUB_TOKEN }}

- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: knatnetwork
password: ${{ secrets.DOCKERHUB_PASSWD }}

- name: Set up QEMU
uses: docker/setup-qemu-action@v1

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1

- name: Cache Docker layers
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-arm64-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-arm64
- name: Build and push ARM64 Version
uses: docker/build-push-action@v2
with:
context: ./arm64/
file: ./arm64/Dockerfile
platforms: linux/arm64
push: true
build-args: GITHUB_RUNNER_VERSION=${{ github.event.inputs.github-runner-version }}
tags: |
ghcr.io/knatnetwork/github-runner-arm64:focal-${{ github.event.inputs.github-runner-version }}
knatnetwork/github-runner-arm64:focal-${{ github.event.inputs.github-runner-version }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max

- name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
build-amd64-version:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3

- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: knatnetwork
password: ${{ secrets.GITHUB_TOKEN }}

- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: knatnetwork
password: ${{ secrets.DOCKERHUB_PASSWD }}

- name: Set up QEMU
uses: docker/setup-qemu-action@v1

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1

- name: Cache Docker layers
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-amd64-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-amd64
- name: Build and push AMD64 Version
uses: docker/build-push-action@v2
with:
context: ./amd64/
file: ./amd64/Dockerfile
platforms: linux/amd64
push: true
build-args: GITHUB_RUNNER_VERSION=${{ github.event.inputs.github-runner-version }}
tags: |
ghcr.io/knatnetwork/github-runner-amd64:focal-${{ github.event.inputs.github-runner-version }}
knatnetwork/github-runner-amd64:focal-${{ github.event.inputs.github-runner-version }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max

- name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
combine-two-images:
runs-on: ubuntu-latest
needs:
- build-arm64-version
- build-amd64-version
steps:
- name: Login to GitHub Container Registry
uses: docker/login-action@v1
with:
registry: ghcr.io
username: knatnetwork
password: ${{ secrets.GITHUB_TOKEN }}

- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: knatnetwork
password: ${{ secrets.DOCKERHUB_PASSWD }}

- name: Combine two images
run: |
docker manifest create knatnetwork/github-runner:focal-${{ github.event.inputs.github-runner-version }} --amend knatnetwork/github-runner-amd64:focal-${{ github.event.inputs.github-runner-version }} --amend knatnetwork/github-runner-arm64:focal-${{ github.event.inputs.github-runner-version }}
docker manifest create ghcr.io/knatnetwork/github-runner:focal-${{ github.event.inputs.github-runner-version }} --amend ghcr.io/knatnetwork/github-runner-amd64:focal-${{ github.event.inputs.github-runner-version }} --amend ghcr.io/knatnetwork/github-runner-arm64:focal-${{ github.event.inputs.github-runner-version }}
docker manifest push knatnetwork/github-runner:focal-${{ github.event.inputs.github-runner-version }}
docker manifest push ghcr.io/knatnetwork/github-runner:focal-${{ github.event.inputs.github-runner-version }}
21 changes: 21 additions & 0 deletions LICENSE.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
MIT License

Copyright (c) 2020 Sander Knape

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
70 changes: 70 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,70 @@
# Simple Self-Hosted GitHub Actions Runner

No Operator, No CRD, No need to blindly apply a `yml` to K8s cluster, only a simple self-hosted GitHub Actions Runner that just works!

## Images

This repo provides the following images, both are Multi-Arch(amd64/arm64 supported):

* `knatnetwork/github-runner:focal-2.290.0`
* `ghcr.io/knatnetwork/github-runner:focal-2.290.0`

## Specs

* Images are based on Ubuntu 20.04

## Usage

1. Prepare your GitHub Personal Access Token, which looks like `ghp_xxxxxxxxxxxxx` with `admin:org` permission(If you'd like to register runner to repo, your user must have Admin permission on the related repo), if you don't know how to do it, you can refer to [Creating a personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)
2. If you'd like to register runner on a single machine, you can follow the quick start below.
3. If you need to spread multiple runners on multiple nodes using K8s, please take a look at the [documentation](https://runner.knat.network).

### Docker compose Quick Start

This is a quick start template for people to register a runner on single machine using Docker Compose.

First you need to create a `docker-compose.yml` file and write the following content.

```yml
version: '3'

services:
runner:
image: knatnetwork/github-runner:bionic-2.290.0
restart: always
environment:
RUNNER_REGISTER_TO: 'knatnetwork'
RUNNER_LABELS: 'docker,knat'
KMS_SERVER_ADDR: 'http://kms:3000/'
GOPROXY: 'http://goproxy.knat.network,https://proxy.golang.org,direct'
ADDITIONAL_FLAGS: '--ephemeral'
volumes:
- /var/run/docker.sock:/var/run/docker.sock

kms:
image: knatnetwork/github-runner-kms:latest
restart: always
volumes:
- ./config.json:/usr/src/app/config.json
```
Then create a `config.json` and write down Org-PAT pair, example as below:

```json
{
"cloudflare": "ghp_bFLPOxxxxxxxxxxxxxxxxxxxxxxx",
"rust-lang": "ghp_JGIGxxxxxxxxxxxxxxxxxxxOij4"
}
```

After that you can use `docker-compose up -d` to start the runner, and now the runner should be registered on `knatnetwork` Org now.

Notes:

* If you want to run runner without docker support inside it, just delete the `volumes`
* If you don't want ephemeral runner(ref: [GitHub Actions: Ephemeral self-hosted runners & new webhooks for auto-scaling](https://github.blog/changelog/2021-09-20-github-actions-ephemeral-self-hosted-runners-new-webhooks-for-auto-scaling/), just remove `ADDITIONAL_FLAGS: '--ephemeral'` line.)
* If you want to register runner to a repo only, you can just change value of `RUNNER_REGISTER_TO` to `<org_name>/<repo_name>`

## Further Reading

For more instructions, please take a look at the [documentation](https://runner.knat.network).
44 changes: 44 additions & 0 deletions amd64/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
FROM ubuntu:20.04 as env

ARG GITHUB_RUNNER_VERSION=2.286.1
ARG DEBIAN_FRONTEND=noninteractive

WORKDIR /root
RUN apt-get update && apt install wget -y
RUN wget https://github.com/actions/runner/releases/download/v${GITHUB_RUNNER_VERSION}/actions-runner-linux-x64-${GITHUB_RUNNER_VERSION}.tar.gz \
&& tar xzf ./actions-runner-linux-x64-${GITHUB_RUNNER_VERSION}.tar.gz && rm -f actions-runner-linux-x64-${GITHUB_RUNNER_VERSION}.tar.gz \
&& sed -i '3,9d' ./config.sh \
&& sed -i '3,8d' ./run.sh

FROM ubuntu:20.04 as runner

ARG DEBIAN_FRONTEND=noninteractive
ENV KMS_SERVER_ADDR ""
ENV RUNNER_REGISTER_TO ""
ENV RUNNER_WORKDIR "_work"
ENV RUNNER_LABELS ""
ENV ADDITIONAL_PACKAGES ""
ENV ADDITIONAL_FLAGS ""
ENV GOPROXY ""

RUN apt-get update \
&& apt-get install -y curl sudo jq iputils-ping zip libssl-dev libcurl4-gnutls-dev zlib1g-dev gettext make build-essential python3-pip wget cmake clang perl psmisc \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* \
&& wget https://mirrors.edge.kernel.org/pub/software/scm/git/git-2.28.0.tar.gz && tar -xvzf git-2.28.0.tar.gz && cd git-2.28.0 && ./configure --prefix=/usr/ && make -j 8 && make install \
&& cd && rm -rf git-2.28.0.tar.gz git-2.28.0 \
&& curl https://download.docker.com/linux/static/stable/x86_64/docker-20.10.14.tgz --output docker-20.10.14.tgz \
&& tar xvfz docker-20.10.14.tgz \
&& mv docker/* /usr/bin/ \
&& rm -f docker-20.10.14.tgz

USER root
WORKDIR /root/

COPY --from=env /root/ /root/
RUN /root/bin/installdependencies.sh

COPY entrypoint.sh runsvc.sh ./
RUN sudo chmod u+x ./entrypoint.sh ./runsvc.sh

ENTRYPOINT ["./entrypoint.sh"]
36 changes: 36 additions & 0 deletions amd64/entrypoint.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
#!/bin/bash

if [ -n "${ADDITIONAL_PACKAGES}" ]; then
TO_BE_INSTALLED=$(echo ${ADDITIONAL_PACKAGES} | tr "," " " )
echo "Installing additional packages: ${TO_BE_INSTALLED}"
sudo apt-get update && sudo apt-get install -y ${TO_BE_INSTALLED} && sudo apt-get clean
fi

if [ -z "${RUNNER_NAME}" ]; then
RUNNER_NAME=$(hostname)
fi

if [[ "${RUNNER_REGISTER_TO}" == *\/* ]]; then
# Contain "/", to Repo
./config.sh --unattended --url https://github.com/${RUNNER_REGISTER_TO} --token $(curl ${KMS_SERVER_ADDR}/repo/${RUNNER_REGISTER_TO}/registration-token) ${ADDITIONAL_FLAGS} --labels "${RUNNER_LABELS}" --disableupdate
else
# Not contain "/", to Org
./config.sh --unattended --url https://github.com/${RUNNER_REGISTER_TO} --token $(curl ${KMS_SERVER_ADDR}/${RUNNER_REGISTER_TO}/registration-token) ${ADDITIONAL_FLAGS} --labels "${RUNNER_LABELS}" --disableupdate
fi

remove() {
if [[ "${RUNNER_REGISTER_TO}" == *\/* ]]; then
# Contain "/", to Org
./config.sh remove --unattended --token $(curl ${KMS_SERVER_ADDR}/repo/${RUNNER_REGISTER_TO}/remove-token)
else
# Not contain "/", to Repo
./config.sh remove --unattended --token $(curl ${KMS_SERVER_ADDR}/${RUNNER_REGISTER_TO}/remove-token)
fi
}

trap 'remove; exit 130' INT
trap 'remove; exit 143' TERM

./runsvc.sh "$*" &

wait $!
20 changes: 20 additions & 0 deletions amd64/runsvc.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
#!/bin/bash

# convert SIGTERM signal to SIGINT
# for more info on how to propagate SIGTERM to a child process see: http://veithen.github.io/2014/11/16/sigterm-propagation.html
trap 'kill -INT $PID' TERM INT

if [ -f ".path" ]; then
# configure
export PATH=`cat .path`
echo ".path=${PATH}"
fi

# insert anything to setup env when running as a service

# run the host process which keep the listener alive
./externals/node12/bin/node ./bin/RunnerService.js &
PID=$!
wait $PID
trap - TERM INT
wait $PID
46 changes: 46 additions & 0 deletions arm64/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
FROM ubuntu:20.04 as env

ARG GITHUB_RUNNER_VERSION=2.286.1
ARG DEBIAN_FRONTEND=noninteractive

WORKDIR /root
RUN apt-get update && apt install wget -y
RUN wget https://github.com/actions/runner/releases/download/v${GITHUB_RUNNER_VERSION}/actions-runner-linux-arm64-${GITHUB_RUNNER_VERSION}.tar.gz \
&& tar xzf ./actions-runner-linux-arm64-${GITHUB_RUNNER_VERSION}.tar.gz && rm -f actions-runner-linux-arm64-${GITHUB_RUNNER_VERSION}.tar.gz \
&& sed -i '3,9d' ./config.sh \
&& sed -i '3,8d' ./run.sh

FROM ubuntu:20.04

ARG DEBIAN_FRONTEND=noninteractive
ENV KMS_SERVER_ADDR ""
ENV RUNNER_REGISTER_TO ""
ENV RUNNER_WORKDIR "_work"
ENV RUNNER_LABELS ""
ENV ADDITIONAL_PACKAGES ""
ENV ADDITIONAL_FLAGS ""
ENV GOPROXY ""

RUN apt-get update \
&& apt-get install -y curl sudo jq iputils-ping zip gcc libssl-dev libcurl4-gnutls-dev zlib1g-dev make gettext wget docker-compose cmake clang perl psmisc \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* \
&& wget https://mirrors.edge.kernel.org/pub/software/scm/git/git-2.28.0.tar.gz && tar -xvzf git-2.28.0.tar.gz && cd git-2.28.0 && ./configure --prefix=/usr/ && make -j 8 && make install \
&& cd && rm -rf git-2.28.0.tar.gz git-2.28.0 \
&& wget https://github.com/Kitware/CMake/releases/download/v3.21.3/cmake-3.21.3.tar.gz \
&& tar xf cmake-3.21.3.tar.gz && cd cmake-3.21.3 && ./configure && make -j 8 && make install \
&& curl https://download.docker.com/linux/static/stable/aarch64/docker-20.10.14.tgz --output docker-20.10.14.tgz \
&& tar xvfz docker-20.10.14.tgz \
&& mv docker/* /usr/bin/ \
&& rm -f docker-20.10.14.tgz

USER root
WORKDIR /root/

COPY --from=env /root/ /root/
RUN /root/bin/installdependencies.sh

COPY entrypoint.sh runsvc.sh ./
RUN sudo chmod u+x ./entrypoint.sh ./runsvc.sh

ENTRYPOINT ["./entrypoint.sh"]
Loading

0 comments on commit 8b409cf

Please sign in to comment.