diff --git a/README.md b/README.md index f256bcbb..a7580d6d 100644 --- a/README.md +++ b/README.md @@ -1066,6 +1066,9 @@ spec: # Disables the wait for the docker daemon to be available check - name: DISABLE_WAIT_FOR_DOCKER value: "true" + # Disables automatic runner updates + - name: DISABLE_RUNNER_UPDATE + value: "true" ``` ### Using IRSA (IAM Roles for Service Accounts) in EKS diff --git a/runner/Dockerfile b/runner/Dockerfile index 13daa5f0..ae7edca4 100644 --- a/runner/Dockerfile +++ b/runner/Dockerfile @@ -1,7 +1,7 @@ FROM ubuntu:20.04 ARG TARGETPLATFORM -ARG RUNNER_VERSION=2.286.0 +ARG RUNNER_VERSION=2.287.1 ARG DOCKER_CHANNEL=stable ARG DOCKER_VERSION=20.10.8 ARG DUMB_INIT_VERSION=1.2.5 diff --git a/runner/Dockerfile.dindrunner b/runner/Dockerfile.dindrunner index a893baf5..47bd2655 100644 --- a/runner/Dockerfile.dindrunner +++ b/runner/Dockerfile.dindrunner @@ -1,7 +1,7 @@ FROM ubuntu:20.04 ARG TARGETPLATFORM -ARG RUNNER_VERSION=2.286.0 +ARG RUNNER_VERSION=2.287.1 ARG DOCKER_CHANNEL=stable ARG DOCKER_VERSION=20.10.8 ARG DUMB_INIT_VERSION=1.2.5 diff --git a/runner/Dockerfile.ubuntu.1804 b/runner/Dockerfile.ubuntu.1804 index 6728727d..350251ff 100644 --- a/runner/Dockerfile.ubuntu.1804 +++ b/runner/Dockerfile.ubuntu.1804 @@ -1,7 +1,7 @@ FROM ubuntu:18.04 ARG TARGETPLATFORM -ARG RUNNER_VERSION=2.280.3 +ARG RUNNER_VERSION=2.287.1 ARG DOCKER_CHANNEL=stable ARG DOCKER_VERSION=20.10.8 ARG DUMB_INIT_VERSION=1.2.5 diff --git a/runner/Makefile b/runner/Makefile index c55e5630..8fd82b8a 100644 --- a/runner/Makefile +++ b/runner/Makefile @@ -4,7 +4,7 @@ DIND_RUNNER_NAME ?= ${DOCKER_USER}/actions-runner-dind TAG ?= latest TARGETPLATFORM ?= $(shell arch) -RUNNER_VERSION ?= 2.286.0 +RUNNER_VERSION ?= 2.287.1 DOCKER_VERSION ?= 20.10.8 # default list of platforms for which multiarch image is built diff --git a/runner/entrypoint.sh b/runner/entrypoint.sh index 1e5db3ed..24ad7e31 100755 --- a/runner/entrypoint.sh +++ b/runner/entrypoint.sh @@ -91,6 +91,10 @@ if [ "${RUNNER_FEATURE_FLAG_EPHEMERAL:-}" == "true" -a "${RUNNER_EPHEMERAL}" != config_args+=(--ephemeral) echo "Passing --ephemeral to config.sh to enable the ephemeral runner." fi +if [ "${DISABLE_RUNNER_UPDATE:-}" == "true" ]; then + config_args+=(--disableupdate) + echo "Passing --disableupdate to config.sh to disable automatic runner updates." +fi retries_left=10 while [[ ${retries_left} -gt 0 ]]; do @@ -165,4 +169,4 @@ if [ "${RUNNER_FEATURE_FLAG_EPHEMERAL:-}" != "true" -a "${RUNNER_EPHEMERAL}" != fi unset RUNNER_NAME RUNNER_REPO RUNNER_TOKEN -exec ./bin/runsvc.sh "${args[@]}" \ No newline at end of file +exec ./bin/runsvc.sh "${args[@]}" diff --git a/test/entrypoint/should_work_disable_update/config.sh b/test/entrypoint/should_work_disable_update/config.sh new file mode 100755 index 00000000..1065f616 --- /dev/null +++ b/test/entrypoint/should_work_disable_update/config.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +export LIGHTGREEN='\e[0;32m' +export LIGHTRED='\e[0;31m' +export WHITE='\e[0;97m' +export RESET='\e[0m' + +log(){ + printf "\t${WHITE}$@${RESET}\n" 2>&1 +} + +success(){ + printf "\t${LIGHTGREEN}$@${RESET}\n" 2>&1 +} + +error(){ + printf "\t${LIGHTRED}$@${RESET}\n" 2>&1 +} + +success "I'm configured normally" +touch .runner +echo "$*" > runner_config +success "created a dummy config file" +success +# Adding a counter to see how many times we've gone through the configuration step +count=`cat counter 2>/dev/null|| echo "0"` +count=$((count + 1)) +echo ${count} > counter + diff --git a/test/entrypoint/should_work_disable_update/runsvc.sh b/test/entrypoint/should_work_disable_update/runsvc.sh new file mode 100755 index 00000000..8eb268fe --- /dev/null +++ b/test/entrypoint/should_work_disable_update/runsvc.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +set -euo pipefail + +export LIGHTGREEN='\e[0;32m' +export LIGHTRED='\e[0;31m' +export WHITE='\e[0;97m' +export RESET='\e[0m' + +log(){ + printf "\t${WHITE}$@${RESET}\n" 2>&1 +} + +success(){ + printf "\t${LIGHTGREEN}$@${RESET}\n" 2>&1 +} + +error(){ + printf "\t${LIGHTRED}$@${RESET}\n" 2>&1 + exit 1 +} + +success "" +success "Running the service..." +# test if --once is present as a parameter +echo "$*" | grep -q 'once' || error "Should include --once in the parameters"j +success "...successful" +touch runsvc_ran +success "" + + diff --git a/test/entrypoint/should_work_disable_update/test.sh b/test/entrypoint/should_work_disable_update/test.sh new file mode 100755 index 00000000..c6875ae9 --- /dev/null +++ b/test/entrypoint/should_work_disable_update/test.sh @@ -0,0 +1,78 @@ +#!/bin/bash + +# UNITTEST: should work disable update +# Will simulate a scneario where disableupdate=true. expects: +# - the configuration step to be run exactly once +# - the entrypoint script to exit with no error +# - the config.sh script to run with the --disableupdate flag set to 'true'. + +source ../logging.sh + +entrypoint_log() { + while read I; do + printf "\tentrypoint.sh: $I\n" + done +} + +log "Setting up the test" +export UNITTEST=true +export RUNNER_HOME=localhome +export RUNNER_NAME="example_runner_name" +export RUNNER_REPO="myorg/myrepo" +export RUNNER_TOKEN="xxxxxxxxxxxxx" +export DISABLE_RUNNER_UPDATE="true" + +mkdir -p ${RUNNER_HOME}/bin +# add up the config.sh and runsvc.sh +ln -s ../config.sh ${RUNNER_HOME}/config.sh +ln -s ../../runsvc.sh ${RUNNER_HOME}/bin/runsvc.sh + +cleanup() { + rm -rf ${RUNNER_HOME} + unset UNITTEST + unset RUNNERHOME + unset RUNNER_NAME + unset RUNNER_REPO + unset RUNNER_TOKEN +} + +trap cleanup SIGINT SIGTERM SIGQUIT EXIT + +log "Running the entrypoint" +log "" + +../../../runner/entrypoint.sh 2> >(entrypoint_log) + +if [ "$?" != "0" ]; then + error "==========================" + error "Test completed with errors" + exit 1 +fi + +log "Testing if the configuration step was run only once" +count=`cat ${RUNNER_HOME}/counter || echo "not_found"` +if [ ${count} != "1" ]; then + error "===============================================" + error "The configuration step was not run exactly once" + exit 1 +fi +success "The configuration ran ${count} time(s)" + +log "Testing if the configuration included the --disableupdate flag" +if ! grep -q -- '--disableupdate' ${RUNNER_HOME}/runner_config; then + error "===============================================" + error "The configuration should not include the --disableupdate flag" + exit 1 +fi + +log "Testing if runsvc ran" +if [ ! -f "${RUNNER_HOME}/runsvc_ran" ]; then + error "==============================" + error "The runner service has not run" + exit 1 +fi + +success "The service ran" +success "" +success "===========================" +success "Test completed successfully"