Skip to content

Commit

Permalink
Merge pull request #222 from MonolithProjects/develop
Browse files Browse the repository at this point in the history
Develop to Master
  • Loading branch information
MonolithProjects authored Sep 30, 2024
2 parents 75ae9e5 + fcb74e4 commit b038a6a
Showing 12 changed files with 275 additions and 37 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/lint.yml
Original file line number Diff line number Diff line change
@@ -16,7 +16,7 @@ jobs:
SUITE: default
steps:
- name: Check out the codebase.
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
path: ${{ env.ANSIBLE_ROLE }}

8 changes: 2 additions & 6 deletions .github/workflows/tests.yml
Original file line number Diff line number Diff line change
@@ -2,13 +2,9 @@ name: molecule test

on:
push:
branches:
- develop
pull_request:
branches:
- master
- main
types: [opened, synchronize, reopened]
- develop
paths:
- 'defaults/**'
- 'handlers/**'
@@ -86,7 +82,7 @@ jobs:
- os: "rockylinux9"
steps:
- name: checkout
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
path: "${{ github.repository }}"

40 changes: 26 additions & 14 deletions README.md
Original file line number Diff line number Diff line change
@@ -10,15 +10,23 @@
This role will deploy/redeploy/uninstall and register/unregister local GitHub Actions Runner on Linux and macOS Systems (see [compatibility list](#supported-operating-systems) ).
It supports Enterprise, Organization and Repository Runners.

## Role Installation

**requirements.yml**
```yml
roles:
- name: monolithprojects.github_actions_runner
version: 1.21.1
src: https://github.com/MonolithProjects/ansible-github_actions_runner
```
> [!IMPORTANT]
> My Galaxy account is currently broken. Please use Github for installation source.
>
> **CLI:**
>
>```yml
>ansible-galaxy role install git+https://github.com/MonolithProjects/ansible-github_actions_runner.git,1.21.1
>```
>
>**requirements.yml:**
>
>```yml
>roles:
> - name: monolithprojects.github_actions_runner
> version: 1.21.1
> src: https://github.com/MonolithProjects/ansible-github_actions_runner
>```
## Requirements
@@ -47,13 +55,14 @@ Personal Access Token for GitHub account can be created [here](https://github.co
## Supported Operating Systems
* Red Hat Enterprise Linux 7
* CentOS 7
* Red Hat Enterprise Linux 7+
* CentOS 7+
* Rocky Linux 8+
* Fedora 29+
* Debian 9+
* Ubuntu 16.04+
* Ubuntu 18.04+
* MacOS High Sierra +
* Windows
## Weekly tested on:
@@ -72,7 +81,7 @@ This is a copy from `defaults/main.yml`
runner_user: "{{ lookup('env', 'USER') }}"
# Directory where the local runner will be installed
runner_dir: /opt/actions-runner
runner_dir: "{{ 'C:\\actions-runner' if ansible_facts.system == 'Win32NT' else '/opt/actions-runner' }}"
# Version of the GitHub Actions Runner
runner_version: "latest"
@@ -111,7 +120,7 @@ runner_group: ""
runner_download_repository: "actions/runner"
# Extra arguments to pass to `config.sh`.
# Several arguments muste be set as one string (i.e. "--ephemeral --my_special_fork")
# Several arguments must be set as one string (i.e. "--ephemeral --my_special_fork")
runner_extra_config_args: ""
# Name to assign to this runner in GitHub (System hostname as default)
@@ -132,6 +141,9 @@ all_runners_in_same_repo: true
# GitHub Enterprise name
# github_enterprise: "yourenterprise"
# Runner user Windows password - the logon password for the service user when running on windows.
# runner_user_win_password: "{{ lookup('env', 'PASS') }}"
# Configuring a custom .env file
# custom_env: |
# http_proxy=YOUR_URL_HERE
7 changes: 5 additions & 2 deletions defaults/main.yml
Original file line number Diff line number Diff line change
@@ -3,7 +3,7 @@
runner_user: "{{ lookup('env', 'USER') }}"

# Directory where the local runner will be installed
runner_dir: /opt/actions-runner
runner_dir: "{{ 'C:\\actions-runner' if ansible_facts.system == 'Win32NT' else '/opt/actions-runner' }}"

# Version of the GitHub Actions Runner
runner_version: "latest"
@@ -42,7 +42,7 @@ runner_group: ""
runner_download_repository: "actions/runner"

# Extra arguments to pass to `config.sh`.
# Several arguments muste be set as one string (i.e. "--ephemeral --my_special_fork")
# Several arguments must be set as one string (i.e. "--ephemeral --my_special_fork")
runner_extra_config_args: ""

# Name to assign to this runner in GitHub (System hostname as default)
@@ -63,6 +63,9 @@ all_runners_in_same_repo: true
# GitHub Enterprise name
# github_enterprise: "yourenterprise"

# Runner user Windows password - the logon password for the service user when running on windows.
# runner_user_win_password: "{{ lookup('env', 'PASS') }}"

# Configuring a custom .env file
# custom_env: |
# http_proxy=YOUR_URL_HERE
8 changes: 8 additions & 0 deletions tasks/assert.yml
Original file line number Diff line number Diff line change
@@ -31,3 +31,11 @@
fail_msg: "github_repo was not found or is using an invalid format."
run_once: true
when: not runner_org and github_enterprise is not defined

- name: Check runner_user_win_password (RUN ONCE)
ansible.builtin.assert:
that:
- runner_user_win_password is defined
fail_msg: "runner_user_win_password was not defined, but it is required on a windows system"
run_once: true
when: github_actions_system == "win"
12 changes: 7 additions & 5 deletions tasks/collect_info.yml
Original file line number Diff line number Diff line change
@@ -27,6 +27,8 @@
status_code: 201
force_basic_auth: true
register: registration
delegate_to: localhost
become: false
run_once: true

- name: "Check currently registered runners for repo {{ '(RUN ONCE)' if all_runners_in_same_repo else '' }}"
@@ -42,21 +44,21 @@
status_code: 200
force_basic_auth: true
register: registered_runners
delegate_to: localhost
become: false
run_once: "{{ all_runners_in_same_repo }}"

- name: Get Runner User IDs
ansible.builtin.command: id -u "{{ runner_user }}"
changed_when: false
register: runner_user_id
when: github_actions_system != "win"

- name: Get Runner Group IDs
ansible.builtin.command: id -g "{{ runner_user }}"
changed_when: false
register: runner_user_group_id

- name: Set runner_system variable
ansible.builtin.set_fact:
runner_system: "{{ 'osx' if ansible_facts.system == 'Darwin' else 'linux' }}"
when: github_actions_system != "win"

- name: Find the latest runner version (RUN ONCE)
ansible.builtin.uri:
@@ -77,4 +79,4 @@
- name: Get systemd service facts
ansible.builtin.service_facts:
register: service_facts
when: ansible_facts.system == "Linux"
when: github_actions_system == "linux"
2 changes: 1 addition & 1 deletion tasks/install_runner.yml → tasks/install_runner_unix.yml
Original file line number Diff line number Diff line change
@@ -22,7 +22,7 @@
- name: Unarchive runner package
ansible.builtin.unarchive:
src: "https://github.com/{{ runner_download_repository }}/releases/download/v{{ runner_version }}/\
actions-runner-{{ runner_system }}-{{ github_actions_architecture }}-{{ runner_version }}.tar.gz"
actions-runner-{{ github_actions_system }}-{{ github_actions_architecture }}-{{ runner_version }}.tar.gz"
dest: "{{ runner_dir }}/"
owner: "{{ runner_user_id.stdout }}"
group: "{{ runner_user_group_id.stdout }}"
142 changes: 142 additions & 0 deletions tasks/install_runner_win.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,142 @@
---
- name: Create directory
ansible.windows.win_file:
path: "{{ runner_dir }}"
state: directory

- name: Set owner of directory
ansible.windows.win_owner:
path: "{{ runner_dir }}"
user: "{{ runner_user }}"

- name: Set runner_version variable (If latest)
ansible.builtin.set_fact:
runner_version: "{{ api_response.json.tag_name | regex_replace('^v', '') }}"
when: runner_version == "latest"

- name: Check if desired version already installed
ansible.windows.win_command: "grep -i {{ runner_version }} {{ runner_dir }}\\bin\\Runner.Listener.deps.json"
register: runner_installed
check_mode: false
changed_when: false
ignore_errors: true

- name: Download runner package
ansible.windows.win_get_url:
url: "https://github.com/{{ runner_download_repository }}/releases/download/v{{ runner_version }}/\
actions-runner-{{ github_actions_system }}-{{ github_actions_architecture }}-{{ runner_version }}.zip"
dest: "%TEMP%\\actions-runner-{{ github_actions_system }}-{{ github_actions_architecture }}-{{ runner_version }}.zip"
when: runner_version not in runner_installed.stdout or reinstall_runner

- name: Unarchive runner package
community.windows.win_unzip:
src: "%TEMP%\\actions-runner-{{ github_actions_system }}-{{ github_actions_architecture }}-{{ runner_version }}.zip"
dest: "{{ runner_dir }}\\"
delete_archive: yes
when: runner_version not in runner_installed.stdout or reinstall_runner

- name: Configure custom env file if required
randrej.windows.win_blockinfile:
path: "{{ runner_dir }}\\.env"
block: "{{ custom_env }}"
create: true
marker: "# {mark} ANSIBLE MANAGED BLOCK"
marker_begin: BEGIN
marker_end: END
when: custom_env is defined

- name: Check if runner service name file exist
ansible.windows.win_stat:
path: "{{ runner_dir }}/.service"
register: runner_service_file_path

- name: Set complete GitHub url for repo runner
ansible.builtin.set_fact:
github_full_url: "{{ github_url }}/{{ github_owner | default(github_account) }}/{{ github_repo }}"
when: not runner_org and github_enterprise is not defined

- name: Set complete GitHub url for org runner
ansible.builtin.set_fact:
github_full_url: "{{ github_url }}/{{ github_owner | default(github_account) }}"
when: runner_org | bool and github_enterprise is not defined

- name: Set complete GitHub url for enterprise runner
ansible.builtin.set_fact:
github_full_url: "{{ github_url }}/enterprises/{{ github_enterprise }}"
when: github_enterprise is defined

- name: Register runner # noqa no-changed-when
environment:
RUNNER_ALLOW_RUNASROOT: "1"
ansible.windows.win_command:
"{{ runner_dir }}\\config.cmd \
--url {{ github_full_url }} \
--token {{ registration.json.token }} \
--name {{ runner_name }} \
--labels {{ runner_labels | join(',') }} \
--runnergroup {{ runner_group }} \
--runasservice \
--windowslogonaccount {{ runner_user }} \
--windowslogonpassword {{ runner_user_win_password }} \
--unattended \
{{ runner_extra_config_args }}"
args:
chdir: "{{ runner_dir }}"
changed_when: true
become_method: ansible.builtin.runas
become_user: "{{ runner_user }}"
become: true
no_log: "{{ hide_sensitive_logs | bool }}"
when: runner_name not in registered_runners.json.runners|map(attribute='name')|list

- name: Replace registered runner # noqa no-changed-when
environment:
RUNNER_ALLOW_RUNASROOT: "1"
ansible.windows.win_command:
"{{ runner_dir }}\\config.cmd \
--url {{ github_full_url }} \
--token {{ registration.json.token }} \
--name {{ runner_name }} \
--labels {{ runner_labels | join(',') }} \
--runasservice \
--windowslogonaccount {{ runner_user }} \
--windowslogonpassword {{ runner_user_win_password }} \
--unattended \
{{ runner_extra_config_args }} \
--replace"
args:
chdir: "{{ runner_dir }}"
changed_when: true
become_method: ansible.builtin.runas
become_user: "{{ runner_user }}"
become: true
no_log: "{{ hide_sensitive_logs | bool }}"
when: >
runner_name in registered_runners.json.runners|map(attribute='name')|list and
reinstall_runner
- name: Read service name from file
ansible.windows.win_command: "cat {{ runner_dir }}\\.service"
register: runner_service
changed_when: false

- name: START and enable Github Actions Runner service
ansible.windows.win_service:
name: "{{ runner_service.stdout }}"
start_mode: auto
state: started
when: runner_state|lower == "started"

- name: STOP and disable Github Actions Runner service
ansible.windows.win_service:
name: "{{ runner_service.stdout }}"
start_mode: manual
state: stopped
when: runner_state|lower == "stopped"

- name: Version changed - RESTART Github Actions Runner service
ansible.windows.win_service:
name: "{{ runner_service.stdout }}"
start_mode: auto
state: restarted
when: runner_version not in runner_installed.stdout and not runner_state|lower == "stopped"
Loading

0 comments on commit b038a6a

Please sign in to comment.