MonolithProjects/ansible-github_actions_runner MonolithProjects/ansible-github_actions_runner

  • Stars
    star
    142
  • Rank 258,495 (Top 6 %)
  • Language
  • License
    MIT License
  • Created almost 5 years ago
  • Updated about 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
MonolithProjects/ansible-github_actions_runner
github

MonolithProjects

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Ansible Role to deploy GitHub Actions self-hosted runner

GitHub Actions Runner

awesome-runners Galaxy Quality Role version Role downloads Molecule test License

This role will deploy/redeploy/uninstall and register/unregister local GitHub Actions Runner on Linux and macOS Systems (see compatibility list ). It supports Enterprise, Organization and Repository Runners.

Requirements

  • System must have access to the GitHub API.

  • The role require Personal Access Token to access the GitHub. The token can be set as PERSONAL_ACCESS_TOKEN environment variable.

Note
The token must have the repo scope (when creating a repo runner), the admin:org scope (when creating a runner for an organization), the manage_runners:enterprise scope (when creating a enterprise runner). Personal Access Token for GitHub account can be created here.

Warning
Never store you personal access token in the GitHub repository. Use GitHub Secrets or some different secrets service.

  • Runner user has to be pre-created. Recommended role: monolithprojects.user_management

  • CentOS systems require EPEL repository. Recommended role: robertdebock.epel

Supported CPU architecture

  • ARM, ARM64 (dependencies installation is not covered by this role)
  • AMD64, x86_64

Supported Operating Systems

  • Red Hat Enterprise Linux 7
  • CentOS 7
  • Rocky Linux 8+
  • Fedora 29+
  • Debian 9+
  • Ubuntu 16.04+
  • macOS High Sierra +

Weekly tested on:

  • Debian 11
  • Fedora 37
  • Rocky Linux 8
  • Ubuntu 20,22

Role Variables

This is a copy from defaults/main.yml

---
# Runner user - user under which is the local runner service running
runner_user: "{{ lookup('env','USER') }}"

# Directory where the local runner will be installed
runner_dir: /opt/actions-runner

# Version of the GitHub Actions Runner
runner_version: "latest"

# State in which the runner service will be after the role is done (started, stopped, absent)
runner_state: "started"

# If found on the server, delete already existing runner service and install it again
reinstall_runner: no

# Do not show Ansible logs which may contain sensitive data (registration token)
hide_sensitive_logs: yes

# GitHub address
github_url: "https://github.com"

# GitHub API
github_api_url: "https://api.github.com"

# Personal Access Token for your GitHub account
access_token: "{{ lookup('env', 'PERSONAL_ACCESS_TOKEN') }}"

# Is it the runner for organization or not?
runner_org: no

# Labels to apply to the runner
runner_labels: []

# Group to add organization runner to
runner_group: ""

# GitHub Actions Runner repository (change it if you want to use custom Actions Runner fork)
runner_download_repository: "actions/runner"

# Extra arguments to pass to `config.sh`.
# Several arguments muste be set as one string (i.e. "--ephemeral --my_special_fork")
runner_extra_config_args: ""

# Name to assign to this runner in GitHub (System hostname as default)
runner_name: "{{ ansible_hostname }}"

# GitHub Repository user or Organization owner used for Runner registration
# github_account: "youruser"

# GitHub repository owner name (if other than github_account)
# github_owner: "yourorg"

# Github repository name
# github_repo: "yourrepo"

# GitHub Enterprise name
# github_enterprise: "yourenterprise"

# Configuring a custom .env file
# custom_env: |
# http_proxy=YOUR_URL_HERE
# ftp_proxy=YOUR_URL_HERE
# HTTPS_PROXY=YOUR_URL_HERE
# https_proxy=YOUR_URL_HERE
# no_proxy=localhost,127.0.0.1,127.0.0.2
# HTTP_PROXY=

Example Playbooks

In this example the Ansible role will install (or update) the GitHub Actions Runner service (latest available version). The runner will be registered for my_awesome_repo GitHub repo. Runner service will be stated and will run under the same user as the Ansible is using for ssh connection (ansible).

---
- name: Install GitHub Actions Runner
  hosts: all
  user: ansible
  become: yes
  vars:
    - github_account: github-access-user
    - github_repo: my_awesome_repo
  roles:
    - role: monolithprojects.github_actions_runner

Same example as above, but runner will be added to an organization and deployed on GitHub Enterprise Server.

---
- name: Install GitHub Actions Runner
  hosts: all
  user: ansible
  become: yes
  vars:
    - github_account: my_awesome_org
    - runner_org: yes
    - runner_on_ghes: yes
  roles:
    - role: monolithprojects.github_actions_runner

If you have a Github Enterprise Cloud license and you want to manage all the self-hosted runners from the enterprise:

---
- name: Install GitHub Actions Runner
  hosts: all
  user: automation
  become: yes
  vars:
    - github_enterprise: my_awesome_enterprise
    - runner_org: no
  roles:
    - role: monolithprojects.github_actions_runner

In this example the Ansible role will deploy (or update) the GitHub Actions runner service (version 2.165.2) and register the runner for the GitHub repo. Runner service will run under the user runner-user. Runner will be registered with two labels. The runner service will be stopped and disabled. Runner will use custom environment variables (from file named .env in the self-hosted runner application directory).

---
- name: Stop GitHub Actions Runner
  hosts: all
  become: yes
  vars:
    - runner_version: "2.165.2"
    - runner_user: runner-user
    - github_account: github-access-user
    - github_repo: my_awesome_repo
    - runner_state: "stopped"
    - runner_labels:
        - production
        - west
    - custom_env: |
        HTTP_PROXY=http://proxy.local:8080
        http_proxy=http://proxy.local:8080
        HTTPS_PROXY=http://proxy.local:8080
        https_proxy=http://proxy.local:8080
        no_proxy=localhost,127.0.0.1,127.0.0.2

  roles:
    - role: monolithprojects.github_actions_runner

In this example the Ansible role will uninstall the runner service and unregister it from the GitHub Repository.

---
- name: Uninstall GitHub Actions Runner
  hosts: all
  become: yes
  vars:
    - github_account: github-access-user
    - github_repo: my_awesome_repo
    - runner_state: "absent"
  roles:
    - role: monolithprojects.github_actions_runner

License

MIT

Author Information

Created in 2020 by Michal Muransky

More Repositories

1

terraform-libvirt-vm

Terraform module for KVM/Libvirt Virtual Machine.
HCL
28
star
2

hassio_docker-compose

Hass.io docker-compose file for x86_64
18
star
3

action-molecule

GitHub Action for Ansible roles testing using Molecule
Dockerfile
6
star
4

ansible-hassio

This Ansible role installs Hass.io. Hass.io is an operating system that will take care of installing and updating Home Assistant, is managed from the Home Assistant UI, allows creating/restoring snapshots of your configuration and can easily be extended using Hass.io add-ons including Google Assistant and Let’s Encrypt.
5
star
5

ansible-kasm_server

Kasm server installation
5
star
6

ansible-homebrew

Ansible Role to deploy Homebrew for Linux and to install formulae.
4
star
7

ansible-hashicorp_tools

Ansible Role used for Hashicorp tools installation/update/uninstallation
4
star
8

docker-tailscale-up

Tailscale-up is a container image which extends the original tailscale/tailscale image by building-in a script for automatic execution of `tailscaled` and `tailscale up` CLI command (including all "up" arguments which can be set as a container environment variables).
Shell
4
star
9

docker-systemd-centos8

Systemd enabled CentOS8 docker image with pre-created ansible user
Dockerfile
3
star
10

ansible-user_management

Ansible role for users and ssh keys management on Linux machines
Jinja
3
star
11

ansible-tfvars2facts

This role will help you to use the Terraform variables (tfvars) as Ansible local facts.
Python
2
star
12

docker-systemd-fedora36

Fedora 36 docker image with systemd enabled and pre-created ansible user
Dockerfile
2
star
13

SimpleOSbackup

Tool used for creating bootable Linux OS backup.
Shell
2
star
14

ansible-homeassistant_compliance

Ansible Role to configure Debian 11 Operating System to make it compliant with Home Assistant Supervisor
1
star
15

ansible-laptop

Just my personal laptop settings (Fedora Linux)
Jinja
1
star
16

home.apps

1
star
17

ansible-nexus_config

This Ansible Role will configure Sonatype Nexus Repository Manager
Jinja
1
star
18

docker-systemd-ubuntu22

Systemd enabled Ubuntu 22.04 LTS Docker image and pre-created ansible user
Dockerfile
1
star
19

docker-systemd-rockylinux8

Rocky Linux 8 docker image with systemd enabled and pre-created ansible user
Dockerfile
1
star
20

vbox-EPcheck

Script will align the VBox Extension Pack with currently installed VBox version. Good idea to run it after VBox update or run it automatically after system boot-up ;-)
Shell
1
star
21

ansible-http_proxy_client

This Ansible role will setup HTTP/HTTPS/FTP Proxy client.
1
star
22

docker-systemd-fedora35

Fedora 35 docker image with systemd enabled and pre-created ansible user
Dockerfile
1
star
23

docker-systemd-ubuntu20

Ubuntu 20 docker image with systemd enabled and pre-created ansible user
Dockerfile
1
star
24

docker-systemd-debian11

Debian 11 docker image with systemd enabled and pre-created ansible user
Dockerfile
1
star
25

docker-systemd-fedora37

Fedora 37 docker image with systemd enabled and pre-created ansible
Dockerfile
1
star
26

home.base

Base repository for my Home System
HCL
1
star