diff --git a/home/.chezmoi.yaml.tmpl b/home/.chezmoi.yaml.tmpl index 77f40877..fcd05ce4 100644 --- a/home/.chezmoi.yaml.tmpl +++ b/home/.chezmoi.yaml.tmpl @@ -201,6 +201,7 @@ data: coreProject: "{{ $gcloudCoreProject }}" email: "{{ $gcloudEmail }}" github: + runnerOrg: megabyte-labs username: "{{ $githubUsername }}" gitomatic: - git: "{{ default "git@github.com:megabyte-labs/install.doctor.git" (env "START_REPO") }}" diff --git a/home/.chezmoidata.yaml b/home/.chezmoidata.yaml index 64d9627d..920641fc 100644 --- a/home/.chezmoidata.yaml +++ b/home/.chezmoidata.yaml @@ -244,6 +244,7 @@ softwareGroups: - argo-cli - drone-cli - fpm + - github-runner - gitlab-runner - glen - tart diff --git a/home/.chezmoiscripts/universal/run_onchange_after_46-github-runner.sh.tmpl b/home/.chezmoiscripts/universal/run_onchange_after_46-github-runner.sh.tmpl new file mode 100644 index 00000000..1f35219e --- /dev/null +++ b/home/.chezmoiscripts/universal/run_onchange_after_46-github-runner.sh.tmpl @@ -0,0 +1,73 @@ +{{- if and (ne .host.distro.family "windows") (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "GITHUB_RUNNER_TOKEN"))) (env "GITHUB_RUNNER_TOKEN"))) -}} +#!/usr/bin/env bash +# @file GitHub Runner Registration +# @brief Registers a GitHub action runner with GitHub +# @description +# This script registers the host as a self-hosted GitHub runner with scope set +# in the `.user.github.runnerOrg` input in the `.chezmoi.yaml.tmpl` file. If your organization is `megabyte-labs`, then +# the value of `.user.github.runnerOrg` should be `megabyte-labs`. A self-hosted runner is an application +# that that allows you to run tasks from GitHub CI. +# +# This script adds 3 labels to the runner: self-hosted, _hostname_, and _operating-system family_. +# +# The script automatically acquires the GitHub Action runner token (as long as you specify your `.user.github.runnerOrg` value in `.chezmoi.yaml.tmpl`). +# In order to authenticate with GitHub, you should have the `GITHUB_TOKEN` environment variable in place with the appropriate permissions +# specified when you generate the token. +# +# ## Links +# +# * [Secrets / Environment variables documentation](https://install.doctor/docs/customization/secrets) + +{{ includeTemplate "universal/profile" }} +{{ includeTemplate "universal/logg" }} + +GH_RUNNER_PATH="$HOME/.local/github-runner" + +### Check if GitHub runner is installed +if [ -f "$GH_RUNNER_PATH/config.sh" ]; then + if [ -f "$GH_RUNNER_PATH/.runner" ]; then + logg info "GitHub Actions runner is already configured ($GH_RUNNER_PATH/.runner file is present)" + else + logg info 'Creating runner configuration' + + ### Configure labels + LABELS="self-hosted,{{ .chezmoi.hostname }},{{ .host.distro.family }}" + if [ '{{ .host.distro.family }}' != '{{ .host.distro.id }}' ]; then + LABELS="${LABELS},{{ .host.distro.id }}" + fi + if command -v VirtualBox > /dev/null; then + LABELS="${LABELS},virtualbox" + fi + if command -v docker > /dev/null; then + LABELS="${LABELS},docker" + fi + + if [ -n "$GITHUB_TOKEN" ]; then + if command -v jq > /dev/null; then + ### Acquire token + logg info 'Acquiring runner token' + RUNNER_TOKEN="$(curl -sSL -X POST -H "Accept: application/vnd.github+json" -H "Authorization: Bearer $GITHUB_TOKEN" -H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/orgs/{{ .user.github.runnerOrg }}/actions/runners/registration-token | jq -r '.token')" + + ### Generate the configuration + logg info 'Joining GitHub runner to https://github.com/{{ .user.github.runnerOrg }}' + "$GH_RUNNER_PATH/config.sh" --unattended --url https://github.com/{{ .user.github.runnerOrg }} --token "$RUNNER_TOKEN" --labels "$LABELS" || EXIT_CODE=$? + if [ -n "$EXIT_CODE" ]; then + logg error 'GitHub runner configuration failed' && exit 1 + fi + + ### Install / start the service + logg info 'Configuring runner service' + "$GH_RUNNER_PATH/svc.sh" install && logg success 'Successfully installed the GitHub Actions runner service' + logg info 'Starting runner service' + "$GH_RUNNER_PATH/svc.sh" start && logg success 'Started the GitHub Actions runner service' + else + logg warn '`jq` is required by the GitHub runner configuration script' + fi + else + logg warn 'The GITHUB_TOKEN environment variable is not present' + fi + fi +else + logg info "The GitHub Actions runner installation is not present at $GH_RUNNER_PATH" +fi +{{- end }} diff --git a/software.yml b/software.yml index e45e6cbd..df367148 100644 --- a/software.yml +++ b/software.yml @@ -9461,6 +9461,23 @@ softwarePackages: ansible:windows: professormanhattan.visualstudio cask: visual-studio choco: visualstudio2022community + github-runner: + _desc: '[GitHub Runner](https://docs.github.com/en/actions/hosting-your-own-runners) is a system that you deploy and manage to execute jobs from GitHub Actions on GitHub.com.' + _docs: https://docs.github.com/en/actions/hosting-your-own-runners + _github: https://github.com/actions/runner + _home: https://docs.github.com/en/actions/hosting-your-own-runners + _name: GitHub Runner + _when: '! test -f "$HOME/.local/github-runner/.runner"' + script: | + RELEASES="$(curl -sSL --compressed --header "Authorization: Bearer $GITHUB_TOKEN" "https://api.github.com/repos/actions/runner/releases/latest")" + LATEST_VERSION="$(echo "$RELEASES" | grep -o '"tag_name": "[^"]*' | grep -o '[^"]*$')" + ARCHITECTURE="$(uname -m | sed 's/86_//' | sed 's/v7l//')" + OS_FAMILY="$(test -d /Applications && echo osx || echo linux)" + curl -sSL "https://github.com/actions/runner/releases/download/$LATEST_VERSION/actions-runner-${OS_FAMILY}-${ARCHITECTURE}-${LATEST_VERSION:1}.tar.gz" > "/tmp/actions-runner-${OS_FAMILY}-${ARCHITECTURE}-${LATEST_VERSION:1}.tar.gz" + mkdir -p "$HOME/.local/github-runner" + tar xzf "/tmp/actions-runner-${OS_FAMILY}-${ARCHITECTURE}-${LATEST_VERSION:1}.tar.gz" -C "$HOME/.local/github-runner" + chown -Rf "$USER" "$HOME/.local/github-runner" + rm -f "/tmp/actions-runner-${OS_FAMILY}-${ARCHITECTURE}-${LATEST_VERSION:1}.tar.gz" vscodium: _bin: codium _snapClassic: true