public_git
/
actions-runner-controller
mirror of https://github.com/actions-runner-controller/actions-runner-controller.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Bumping runner to Ubuntu 20.04 (#438) 

Images for `actions-runner:v${VERSION}` and `actions-runner:latest` tags are upgraded to Ubuntu 20.04.

If you would like not to upgrade Ubuntu in the runner image in the future, migrate to new tags suffixed with `-ubuntu-20.04` like`actions-runner:v${VERSION}-ubuntu-20.04`.

We also keep publishing the existing Ubuntu 18.04 images with new `actions-runner:v${VERSION}-ubuntu-18.04` tags. Please use it when it turned out that you had workflows dependent on Ubuntu 18.04.

Co-authored-by: Yusuke Kuoka <ykuoka@gmail.com>
This commit is contained in:
callum-tait-pbx 2021-04-17 09:02:03 +01:00 committed by GitHub
parent b42b8406a2
commit f2680b2f2d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 316 additions and 83 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
.github/workflows/build-and-release-runners.yml vendored
View File

@ -13,7 +13,8 @@ on:
paths: paths:
- runner/patched/* - runner/patched/*
- runner/Dockerfile - runner/Dockerfile
- runner/dindrunner.Dockerfile - runner/Dockerfile.ubuntu.1804
- runner/Dockerfile.dindrunner
- runner/entrypoint.sh - runner/entrypoint.sh
- .github/workflows/build-and-release-runners.yml - .github/workflows/build-and-release-runners.yml
@ -25,9 +26,14 @@ jobs:
matrix: matrix:
include: include:
- name: actions-runner - name: actions-runner
os-version: 20.04
dockerfile: Dockerfile dockerfile: Dockerfile
- name: actions-runner
os-version: 18.04
dockerfile: Dockerfile.ubuntu.1804
- name: actions-runner-dind - name: actions-runner-dind
dockerfile: dindrunner.Dockerfile os-version: 20.04
dockerfile: Dockerfile.dindrunner
env: env:
RUNNER_VERSION: 2.277.1 RUNNER_VERSION: 2.277.1
DOCKER_VERSION: 19.03.12 DOCKER_VERSION: 19.03.12
@ -55,7 +61,7 @@ jobs:
username: ${{ github.repository_owner }} username: ${{ github.repository_owner }}
password: ${{ secrets.DOCKER_ACCESS_TOKEN }} password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
- name: Build and Push - name: Build and Push Versioned Tags
uses: docker/build-push-action@v2 uses: docker/build-push-action@v2
with: with:
context: ./runner context: ./runner
@ -66,6 +72,18 @@ jobs:
RUNNER_VERSION=${{ env.RUNNER_VERSION }} RUNNER_VERSION=${{ env.RUNNER_VERSION }}
DOCKER_VERSION=${{ env.DOCKER_VERSION }} DOCKER_VERSION=${{ env.DOCKER_VERSION }}
tags: | tags: |
${{ env.DOCKERHUB_USERNAME }}/${{ matrix.name }}:v${{ env.RUNNER_VERSION }} ${{ env.DOCKERHUB_USERNAME }}/${{ matrix.name }}:v${{ env.RUNNER_VERSION }}-ubuntu-${{ matrix.os-version }}
${{ env.DOCKERHUB_USERNAME }}/${{ matrix.name }}:v${{ env.RUNNER_VERSION }}-${{ steps.vars.outputs.sha_short }} ${{ env.DOCKERHUB_USERNAME }}/${{ matrix.name }}:v${{ env.RUNNER_VERSION }}-ubuntu-${{ matrix.os-version }}-${{ steps.vars.outputs.sha_short }}
- name: Build and Push Latest Tag
uses: docker/build-push-action@v2
with:
context: ./runner
file: ./runner/Dockerfile
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
build-args: |
RUNNER_VERSION=${{ env.RUNNER_VERSION }}
DOCKER_VERSION=${{ env.DOCKER_VERSION }}
tags: |
${{ env.DOCKERHUB_USERNAME }}/${{ matrix.name }}:latest ${{ env.DOCKERHUB_USERNAME }}/${{ matrix.name }}:latest

11
README.md
View File

@ -45,8 +45,8 @@ Install the custom resource and actions-runner-controller with `kubectl` or `hel
`kubectl`: `kubectl`:
```shell ```shell
# REPLACE "v0.17.0" with the version you wish to deploy # REPLACE "v0.18.2" with the version you wish to deploy
kubectl apply -f https://github.com/summerwind/actions-runner-controller/releases/download/v0.17.0/actions-runner-controller.yaml kubectl apply -f https://github.com/summerwind/actions-runner-controller/releases/download/v0.18.2/actions-runner-controller.yaml
``` ```
`helm`: `helm`:
@ -61,7 +61,7 @@ helm upgrade --install -n actions-runner-system actions-runner-controller/action
If you use either Github Enterprise Cloud or Server, you can use **actions-runner-controller** with those, too. If you use either Github Enterprise Cloud or Server, you can use **actions-runner-controller** with those, too.
Authentication works same way as with public Github (repo and organization level). Authentication works same way as with public Github (repo and organization level).
The minimum version of Github Enterprise Server is 3.0.0 (or rc1/rc2). The minimum version of Github Enterprise Server is 3.0.0 (or rc1/rc2).
__**NOTE : The maintainers do not have an Enterprise environment to be able to test changes and so are reliant on the community for testing, support is a best endeavors basis only and is community driven**__ __**NOTE : The maintainers do not have an Enterprise environment to be able to test changes and so this feature is community driven. Support is on a best endeavors basis.**__
```shell ```shell
kubectl set env deploy controller-manager -c manager GITHUB_ENTERPRISE_URL=<GHEC/S URL> --namespace actions-runner-system kubectl set env deploy controller-manager -c manager GITHUB_ENTERPRISE_URL=<GHEC/S URL> --namespace actions-runner-system
@ -747,6 +747,7 @@ Your base64'ed PAT token has a new line at the end, it needs to be created witho
# Developing # Developing
**The Controller**<br />
If you'd like to modify the controller to fork or contribute, I'd suggest using the following snippet for running If you'd like to modify the controller to fork or contribute, I'd suggest using the following snippet for running
the acceptance test: the acceptance test:
@ -783,6 +784,10 @@ NAME=$DOCKER_USER/actions-runner-controller \
make docker-build docker-push \ make docker-build docker-push \
acceptance/setup acceptance/tests acceptance/setup acceptance/tests
``` ```
**Runner Tests**<br />
A set of example pipelines (./acceptance/pipelines) are provided in this repository which you can use to validate your runners are working as expected. When raising a PR please run the relevant suites to prove your change hasn't broken anything.
# Alternatives # Alternatives
The following is a list of alternative solutions that may better fit you depending on your use-case: The following is a list of alternative solutions that may better fit you depending on your use-case:

36
acceptance/pipelines/eks-integration-tests.yaml Normal file
View File

@ -0,0 +1,36 @@
name: EKS Integration Tests
on:
workflow_dispatch:
env:
IRSA_ROLE_ARN:
ASSUME_ROLE_ARN:
AWS_REGION:
jobs:
assume-role-in-runner-test:
runs-on: ['self-hosted', 'Linux']
steps:
- name: Test aws-actions/configure-aws-credentials Action
uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: ${{ env.AWS_REGION }}
role-to-assume: ${{ env.ASSUME_ROLE_ARN }}
role-duration-seconds: 900
assume-role-in-container-test:
runs-on: ['self-hosted', 'Linux']
container:
image: amazon/aws-cli
env:
AWS_WEB_IDENTITY_TOKEN_FILE: /var/run/secrets/eks.amazonaws.com/serviceaccount/token
AWS_ROLE_ARN: ${{ env.IRSA_ROLE_ARN }}
volumes:
- /var/run/secrets/eks.amazonaws.com/serviceaccount/token:/var/run/secrets/eks.amazonaws.com/serviceaccount/token
steps:
- name: Test aws-actions/configure-aws-credentials Action in container
uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: ${{ env.AWS_REGION }}
role-to-assume: ${{ env.ASSUME_ROLE_ARN }}
role-duration-seconds: 900

83
acceptance/pipelines/runner-integration-tests.yaml Normal file
View File

@ -0,0 +1,83 @@
name: Runner Integration Tests
on:
workflow_dispatch:
env:
ImageOS: ubuntu18 # Used by ruby/setup-ruby action | Update me for the runner OS version you are testing against
jobs:
run-step-in-container-test:
runs-on: ['self-hosted', 'Linux']
container:
image: alpine
steps:
- name: Test we are working in the container
run: |
if [[ $(sed -n '2p' < /etc/os-release | cut -d "=" -f2) != "alpine" ]]; then
echo "::error ::Failed OS detection test, could not match /etc/os-release with alpine. Are we really running in the container?"
echo "/etc/os-release below:"
cat /etc/os-release
exit 1
fi
setup-python-test:
runs-on: ['self-hosted', 'Linux']
steps:
- name: Print native Python environment
run: |
which python
python --version
- uses: actions/setup-python@v2
with:
python-version: 3.9
- name: Test actions/setup-python works
run: |
VERSION=$(python --version 2>&1 | cut -d ' ' -f2 | cut -d '.' -f1-2)
if [[ $VERSION != '3.9' ]]; then
echo "Python version detected : $(python --version 2>&1)"
echo "::error ::Detected python failed setup version test, could not match version with version specified in the setup action"
exit 1
else
echo "Python version detected : $(python --version 2>&1)"
fi
setup-node-test:
runs-on: ['self-hosted', 'Linux']
steps:
- uses: actions/setup-node@v2
with:
node-version: '12'
- name: Test actions/setup-node works
run: |
VERSION=$(node --version | cut -c 2- | cut -d '.' -f1)
if [[ $VERSION != '12' ]]; then
echo "Node version detected : $(node --version 2>&1)"
echo "::error ::Detected node failed setup version test, could not match version with version specified in the setup action"
exit 1
else
echo "Node version detected : $(node --version 2>&1)"
fi
setup-ruby-test:
runs-on: ['self-hosted', 'Linux']
steps:
- uses: ruby/setup-ruby@v1
with:
ruby-version: 3.0
bundler-cache: true
- name: Test ruby/setup-ruby works
run: |
VERSION=$(ruby --version | cut -d ' ' -f2 | cut -d '.' -f1-2)
if [[ $VERSION != '3.0' ]]; then
echo "Ruby version detected : $(ruby --version 2>&1)"
echo "::error ::Detected ruby failed setup version test, could not match version with version specified in the setup action"
exit 1
else
echo "Ruby version detected : $(ruby --version 2>&1)"
fi
python-shell-test:
runs-on: ['self-hosted', 'Linux']
steps:
- name: Test Python shell works
run: |
import os
print(os.environ['PATH'])
shell: python

2
acceptance/testdata/runnerdeploy.yaml vendored
View File

@ -15,6 +15,6 @@ spec:
#image: mumoshu/actions-runner-dind:dev #image: mumoshu/actions-runner-dind:dev
# #
# Set the MTU used by dockerd-managed network interfaces (including docker-build) # Set the MTU used by dockerd-managed network interfaces (including docker-build-ubuntu)
# #
#dockerMTU: 1450 #dockerMTU: 1450

4
runner/Dockerfile
View File

@ -1,4 +1,4 @@
FROM ubuntu:18.04 FROM ubuntu:20.04
ARG TARGETPLATFORM ARG TARGETPLATFORM
ARG RUNNER_VERSION=2.274.2 ARG RUNNER_VERSION=2.274.2
@ -37,7 +37,7 @@ RUN apt update -y \
wget \ wget \
zip \ zip \
zstd \ zstd \
&& cd /usr/bin && ln -sf python3 python \ python-is-python3 \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
RUN export ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \ RUN export ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \

13
runner/dindrunner.Dockerfile → runner/Dockerfile.dindrunner
View File

@ -1,11 +1,12 @@
FROM ubuntu:20.04 FROM ubuntu:20.04
ENV DEBIAN_FRONTEND=noninteractive ENV DEBIAN_FRONTEND=noninteractive
# Dev + DinD dependencies RUN apt update -y \
RUN apt update \
&& apt install -y software-properties-common \ && apt install -y software-properties-common \
&& add-apt-repository -y ppa:git-core/ppa \ && add-apt-repository -y ppa:git-core/ppa \
&& apt install -y \ && apt update -y \
&& apt install -y --no-install-recommends \
software-properties-common \
build-essential \ build-essential \
curl \ curl \
ca-certificates \ ca-certificates \
@ -13,7 +14,6 @@ RUN apt update \
ftp \ ftp \
git \ git \
iproute2 \ iproute2 \
iptables \
iputils-ping \ iputils-ping \
jq \ jq \
libunwind8 \ libunwind8 \
@ -21,11 +21,9 @@ RUN apt update \
netcat \ netcat \
openssh-client \ openssh-client \
parallel \ parallel \
python-is-python3 \
rsync \ rsync \
shellcheck \ shellcheck \
sudo \ sudo \
supervisor \
telnet \ telnet \
time \ time \
tzdata \ tzdata \
@ -34,6 +32,9 @@ RUN apt update \
wget \ wget \
zip \ zip \
zstd \ zstd \
python-is-python3 \
iptables \
supervisor \
&& rm -rf /var/lib/apt/list/* && rm -rf /var/lib/apt/list/*
# Runner user # Runner user

91
runner/Dockerfile.ubuntu.1804 Normal file
View File

@ -0,0 +1,91 @@
FROM ubuntu:18.04
ARG TARGETPLATFORM
ARG RUNNER_VERSION=2.274.2
ARG DOCKER_VERSION=19.03.12
RUN test -n "$TARGETPLATFORM" || (echo "TARGETPLATFORM must be set" && false)
ENV DEBIAN_FRONTEND=noninteractive
RUN apt update -y \
&& apt install -y software-properties-common \
&& add-apt-repository -y ppa:git-core/ppa \
&& apt update -y \
&& apt install -y --no-install-recommends \
build-essential \
curl \
ca-certificates \
dnsutils \
ftp \
git \
iproute2 \
iputils-ping \
jq \
libunwind8 \
locales \
netcat \
openssh-client \
parallel \
rsync \
shellcheck \
sudo \
telnet \
time \
tzdata \
unzip \
upx \
wget \
zip \
zstd \
&& cd /usr/bin && ln -sf python3 python \
&& rm -rf /var/lib/apt/lists/*
RUN export ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
&& curl -L -o /usr/local/bin/dumb-init https://github.com/Yelp/dumb-init/releases/download/v1.2.2/dumb-init_1.2.2_${ARCH} \
&& chmod +x /usr/local/bin/dumb-init
# Docker download supports arm64 as aarch64 & amd64 as x86_64
RUN set -vx; \
export ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
&& if [ "$ARCH" = "arm64" ]; then export ARCH=aarch64 ; fi \
&& if [ "$ARCH" = "amd64" ]; then export ARCH=x86_64 ; fi \
&& curl -L -o docker.tgz https://download.docker.com/linux/static/stable/${ARCH}/docker-${DOCKER_VERSION}.tgz \
&& tar zxvf docker.tgz \
&& install -o root -g root -m 755 docker/docker /usr/local/bin/docker \
&& rm -rf docker docker.tgz \
&& adduser --disabled-password --gecos "" --uid 1000 runner \
&& groupadd docker \
&& usermod -aG sudo runner \
&& usermod -aG docker runner \
&& echo "%sudo ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers
ENV RUNNER_ASSETS_DIR=/runnertmp
# Runner download supports amd64 as x64. Externalstmp is needed for making mount points work inside DinD.
#
# libyaml-dev is required for ruby/setup-ruby action.
# It is installed after installdependencies.sh and before removing /var/lib/apt/lists
# to avoid rerunning apt-update on its own.
RUN export ARCH=$(echo ${TARGETPLATFORM} | cut -d / -f2) \
&& if [ "$ARCH" = "amd64" ]; then export ARCH=x64 ; fi \
&& mkdir -p "$RUNNER_ASSETS_DIR" \
&& cd "$RUNNER_ASSETS_DIR" \
&& curl -L -o runner.tar.gz https://github.com/actions/runner/releases/download/v${RUNNER_VERSION}/actions-runner-linux-${ARCH}-${RUNNER_VERSION}.tar.gz \
&& tar xzf ./runner.tar.gz \
&& rm runner.tar.gz \
&& ./bin/installdependencies.sh \
&& mv ./externals ./externalstmp \
&& apt-get install -y libyaml-dev \
&& rm -rf /var/lib/apt/lists/*
RUN echo AGENT_TOOLSDIRECTORY=/opt/hostedtoolcache > .env \
&& mkdir /opt/hostedtoolcache \
&& chgrp docker /opt/hostedtoolcache \
&& chmod g+rwx /opt/hostedtoolcache
COPY entrypoint.sh /
COPY --chown=runner:docker patched $RUNNER_ASSETS_DIR/patched
USER runner
ENTRYPOINT ["/usr/local/bin/dumb-init", "--"]
CMD ["/entrypoint.sh"]

13
runner/Makefile
View File

@ -2,7 +2,7 @@ NAME ?= summerwind/actions-runner
DIND_RUNNER_NAME ?= ${NAME}-dind DIND_RUNNER_NAME ?= ${NAME}-dind
TAG ?= latest TAG ?= latest
RUNNER_VERSION ?= 2.274.2 RUNNER_VERSION ?= 2.277.1
DOCKER_VERSION ?= 19.03.12 DOCKER_VERSION ?= 19.03.12
# default list of platforms for which multiarch image is built # default list of platforms for which multiarch image is built
@ -22,16 +22,15 @@ else
export PUSH_ARG="--push" export PUSH_ARG="--push"
endif endif
docker-build: docker-build-ubuntu:
docker build --build-arg TARGETPLATFORM=amd64 --build-arg RUNNER_VERSION=${RUNNER_VERSION} --build-arg DOCKER_VERSION=${DOCKER_VERSION} -t ${NAME}:${TAG} . docker build --build-arg TARGETPLATFORM=amd64 --build-arg RUNNER_VERSION=${RUNNER_VERSION} --build-arg DOCKER_VERSION=${DOCKER_VERSION} -t ${NAME}:${TAG} .
docker build --build-arg TARGETPLATFORM=amd64 --build-arg RUNNER_VERSION=${RUNNER_VERSION} --build-arg DOCKER_VERSION=${DOCKER_VERSION} -t ${DIND_RUNNER_NAME}:${TAG} -f dindrunner.Dockerfile . docker build --build-arg TARGETPLATFORM=amd64 --build-arg RUNNER_VERSION=${RUNNER_VERSION} --build-arg DOCKER_VERSION=${DOCKER_VERSION} -t ${DIND_RUNNER_NAME}:${TAG} -f Dockerfile.dindrunner .
docker-push-ubuntu:
docker-push:
docker push ${NAME}:${TAG} docker push ${NAME}:${TAG}
docker push ${DIND_RUNNER_NAME}:${TAG} docker push ${DIND_RUNNER_NAME}:${TAG}
docker-buildx: docker-buildx-ubuntu:
export DOCKER_CLI_EXPERIMENTAL=enabled export DOCKER_CLI_EXPERIMENTAL=enabled
@if ! docker buildx ls | grep -q container-builder; then\ @if ! docker buildx ls | grep -q container-builder; then\
docker buildx create --platform ${PLATFORMS} --name container-builder --use;\ docker buildx create --platform ${PLATFORMS} --name container-builder --use;\
@ -46,5 +45,5 @@ docker-buildx:
--build-arg RUNNER_VERSION=${RUNNER_VERSION} \ --build-arg RUNNER_VERSION=${RUNNER_VERSION} \
--build-arg DOCKER_VERSION=${DOCKER_VERSION} \ --build-arg DOCKER_VERSION=${DOCKER_VERSION} \
-t "${DIND_RUNNER_NAME}:latest" \ -t "${DIND_RUNNER_NAME}:latest" \
-f dindrunner.Dockerfile \ -f Dockerfile.dindrunner \
. ${PUSH_ARG} . ${PUSH_ARG}