Merge bc35ad6fe9 into fb9b96bf75

2025-03-17 20:19:00 +00:00 · 2025-03-17 20:19:00 +00:00 · 48b7319e0b
parent fb9b96bf75 bc35ad6fe9
commit 48b7319e0b
5 changed files with 64 additions and 0 deletions
--- a/charts/gha-runner-scale-set/templates/_helpers.tpl
+++ b/charts/gha-runner-scale-set/templates/_helpers.tpl
@ -66,6 +66,10 @@ app.kubernetes.io/instance: {{ include "gha-runner-scale-set.scale-set-name" . }
  {{- end }}
 {{- end }}

+{{- define "gha-runner-scale-set.hookTemplate" -}}
+{{- include "gha-runner-scale-set.fullname" . }}-hook-template
+{{- end }}
+
 {{- define "gha-runner-scale-set.noPermissionServiceAccountName" -}}
 {{- include "gha-runner-scale-set.fullname" . }}-no-permission
 {{- end }}
@ -170,6 +174,12 @@ volumeMounts:
  {{- end }}
 {{- end }}

+{{- define "gha-runner-scale-set.hook-template-volume" -}}
+- name: hook-template
+  configMap:
+    name: {{ include "gha-runner-scale-set.hookTemplate" . }}
+{{- end }}
+
 {{- define "gha-runner-scale-set.non-runner-containers" -}}
  {{- range $i, $container := .Values.template.spec.containers }}
    {{- if ne $container.name "runner" }}
@ -277,6 +287,7 @@ volumeMounts:

 {{- define "gha-runner-scale-set.kubernetes-mode-runner-container" -}}
 {{- $tlsConfig := (default (dict) .Values.githubServerTLS) }}
+{{- $hookTemplate := .Values.hookTemplate }}
 {{- range $i, $container := .Values.template.spec.containers }}
  {{- if eq $container.name "runner" }}
    {{- range $key, $val := $container }}
@ -341,6 +352,10 @@ env:
    {{- if $tlsConfig.runnerMountPath }}
      {{- $mountGitHubServerTLS = 1 }}
    {{- end }}
+    {{- if $hookTemplate }}
+  - name: ACTIONS_RUNNER_CONTAINER_HOOK_TEMPLATE
+    value: /home/runner/hookTemplate.yaml
+    {{- end }}
 volumeMounts:
    {{- with $container.volumeMounts }}
      {{- range $i, $volMount := . }}
@ -362,6 +377,12 @@ volumeMounts:
    mountPath: {{ clean (print $tlsConfig.runnerMountPath "/" $tlsConfig.certificateFrom.configMapKeyRef.key) }}
    subPath: {{ $tlsConfig.certificateFrom.configMapKeyRef.key }}
    {{- end }}
+    {{- if $hookTemplate }}
+  - name: hook-template
+    mountPath: /home/runner/hookTemplate.yaml
+    subPath: hookTemplate.yaml
+    readOnly: true
+    {{- end }}
  {{- end }}
 {{- end }}
 {{- end }}
--- a/charts/gha-runner-scale-set/templates/autoscalingrunnerset.yaml
+++ b/charts/gha-runner-scale-set/templates/autoscalingrunnerset.yaml
@ -175,6 +175,7 @@ spec:
        {{- else if eq $containerMode.type "kubernetes" }}
          {{- include "gha-runner-scale-set.kubernetes-mode-work-volume" . | nindent 6 }}
          {{- include "gha-runner-scale-set.non-work-volumes" . | nindent 6 }}
+          {{- include "gha-runner-scale-set.hook-template-volume" . | nindent 6 }}
        {{- else }}
          {{- with .Values.template.spec.volumes }}
        {{- toYaml . | nindent 6 }}
--- a/charts/gha-runner-scale-set/templates/kube_mode_pod_template.yaml
+++ b/charts/gha-runner-scale-set/templates/kube_mode_pod_template.yaml
@ -0,0 +1,14 @@
+{{- if (.Values.hookTemplate) }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "gha-runner-scale-set.hookTemplate" . }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    {{- include "gha-runner-scale-set.labels" . | nindent 4 }}
+  finalizers:
+    - actions.github.com/cleanup-protection
+data:
+  hookTemplate.yaml: |
+    {{- .Values.hookTemplate | toYaml | nindent 4 -}}
+{{- end}}
--- a/charts/gha-runner-scale-set/tests/values_extra_hook_template.yaml
+++ b/charts/gha-runner-scale-set/tests/values_extra_hook_template.yaml
@ -0,0 +1,15 @@
+githubConfigUrl: https://github.com/actions/actions-runner-controller
+githubConfigSecret:
+  github_token: test
+hookTemplate:
+  apiVersion: v1
+  kind: PodTemplate
+  spec:
+    containers:
+    - name: $job
+      resources:
+        requests:
+          cpu: 1
+          memory: 1Gi
+containerMode:
+  type: kubernetes
--- a/charts/gha-runner-scale-set/values.yaml
+++ b/charts/gha-runner-scale-set/values.yaml
@ -206,6 +206,19 @@ template:
        image: ghcr.io/actions/actions-runner:latest
        command: ["/home/runner/run.sh"]

+## hookTemplate is the podTemplate definition of the worker in containerMode.type=kubernetes
+## For reference: https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-template-v1/#PodTemplate
+# hookTemplate:
+#   apiVersion: v1
+#   kind: PodTemplate
+#   spec:
+#     containers:
+#     - name: $job
+#       resources:
+#         requests:
+#           cpu: 32
+#           memory: 32Gi
+
 ## Optional controller service account that needs to have required Role and RoleBinding
 ## to operate this gha-runner-scale-set installation.
 ## The helm chart will try to find the controller deployment and its service account at installation time.