feat: add gitea runner role

- ensure docker is configured - create runner user/group - deploy config.yaml from hiera hash - install runner from url - register the runner with the gitea instance - manage the act_runner service
2024-09-07 16:31:09 +10:00 · 2024-09-07 16:31:09 +10:00 · 0210d849c7
commit 0210d849c7
parent 42d8047043
5 changed files with 148 additions and 0 deletions
--- a/hieradata/roles/infra/git/runner.eyaml
+++ b/hieradata/roles/infra/git/runner.eyaml
@ -0,0 +1 @@
+profiles::gitea::runner::registration_token: ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAOL/ug4IPhEW1n+Lq+SsMSEJUYsDDK2s0+oNF3unxcbH3QDqWo7kuYKkDWQ+W3otcxvuRlbC8+0W2fO2udhF7sSGrF93INsTCDqWlLnaaAgxlgNSXthA4OCJlI8DCLeD/Sr0TTCchUdpQrIpDo6Gh0EUjgRv5574q26or7c/vvtQ4nfLVQOqEV9UpsCgEYiQvXVcf55LEpgaDp4mFL0qCnfzDnGNbZ0GUo6552ka19IocqOqILPnZO0qDcEoLbQ90sP197+5Jw611i1Akx1C4lFP81bazFMpbdiEP0V4Ax+33LfZEb0KnXuMbKOF23vIwwwfpFJaSOAjA5YehA3xM2zBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDPJHB2uL+VEyntgZocyoMXgDBJ1dnRWiJM77XomzbNdDUO+ktIHLOTL5do0m4CkXZ1s42KtaAwWL+/EGdxg80UMC8=]
--- a/hieradata/roles/infra/git/runner.yaml
+++ b/hieradata/roles/infra/git/runner.yaml
@ -0,0 +1,46 @@
+---
+hiera_include:
+  - docker
+  - profiles::gitea::runner
+
+docker::version: latest
+docker::curl_ensure: false
+
+profiles::gitea::runner::home: /data/runner
+profiles::gitea::runner::version: '0.2.10'
+profiles::gitea::runner::source: "https://gitea.com/gitea/act_runner/releases/download/v%{hiera('profiles::gitea::runner::version')}/act_runner-%{hiera('profiles::gitea::runner::version')}-linux-amd64"
+profiles::gitea::runner::config:
+  log:
+    level: info
+  runner:
+    file: "%{hiera('profiles::gitea::runner::home')}/.runner"
+    capacity: 2
+    envs:
+      A_TEST_ENV_NAME_1: a_test_env_value_1
+      A_TEST_ENV_NAME_2: a_test_env_value_2
+    env_file: .env
+    timeout: 3h
+    insecure: false
+    fetch_timeout: 5s
+    fetch_interval: 2s
+    labels:
+      - "almalinux-latest"
+      - "almalinux-8:docker"
+      - "almalinux-8.10:docker"
+  cache:
+    enabled: true
+    dir: "%{hiera('profiles::gitea::runner::home')}/.cache/actcache"
+    host: ""
+    port: 0
+    external_server: ""
+  container:
+    network: ""
+    privileged: false
+    options:
+    workdir_parent: /workspace
+    valid_volumes: []
+    docker_host: ""
+    force_pull: true
+    force_rebuild: false
+  host:
+    workdir_parent: "%{hiera('profiles::gitea::runner::home')}/.cache/act"
--- a/site/profiles/manifests/gitea/runner.pp
+++ b/site/profiles/manifests/gitea/runner.pp
@ -0,0 +1,73 @@
+# profiles::gitea::init
+class profiles::gitea::runner (
+  String $registration_token,
+  Stdlib::HTTPSUrl $source,
+  String $user = 'runner',
+  String $group = 'runner',
+  Stdlib::Absolutepath $home = '/data/runner',
+  Hash $config = {},
+  Stdlib::HTTPSUrl $instance = 'https://git.query.consul',
+  String $version = '0.2.10',
+) {
+
+  group { $group:
+    ensure => 'present',
+  }
+
+  user { $user:
+    ensure     => 'present',
+    home       => $home,
+    managehome => true,
+    forcelocal => true,
+    groups     => ['docker'],
+    gid        => $group,
+    require    => Group[$group],
+  }
+
+  file { "${home}/config.yaml":
+    ensure  => file,
+    content => to_yaml($config),
+    owner   => $user,
+    group   => $group,
+    require => User[$user],
+  }
+
+  archive { '/usr/local/bin/act_runner':
+    ensure  => present,
+    extract => false,
+    source  => $source,
+    creates => '/usr/local/bin/act_runner',
+    cleanup => true,
+  }
+
+  file { '/usr/local/bin/act_runner':
+    ensure  => 'file',
+    mode    => '0755',
+    owner   => 'root',
+    group   => 'root',
+    require => Archive['/usr/local/bin/act_runner'],
+  }
+
+  exec {'register_act_runner':
+    command => "/usr/local/bin/act_runner register \
+                --no-interactive \
+                --instance ${instance} \
+                --token ${registration_token} \
+                --name ${facts['networking']['hostname']} \
+                --config ${home}/config.yaml",
+    creates => "${home}/.runner",
+    cwd     => $home,
+    user    => $user,
+    group   => $group,
+    require => [
+      File['/usr/local/bin/act_runner'],
+      File["${home}/config.yaml"],
+    ],
+  }
+
+  systemd::unit_file {'act_runner.service':
+    enable  => true,
+    active  => true,
+    content => template('profiles/gitea/act_runner.service.erb'),
+  }
+}
--- a/site/profiles/templates/gitea/act_runner.service.erb
+++ b/site/profiles/templates/gitea/act_runner.service.erb
@ -0,0 +1,17 @@
+[Unit]
+Description=Gitea Actions runner
+Documentation=https://gitea.com/gitea/act_runner
+After=docker.service
+
+[Service]
+ExecStart=/usr/local/bin/act_runner daemon --config <%= @home %>/config.yaml
+ExecReload=/bin/kill -s HUP $MAINPID
+WorkingDirectory=<%= @home %>
+TimeoutSec=0
+RestartSec=10
+Restart=always
+User=<%= @user %>
+Group=<%= @group %>
+
+[Install]
+WantedBy=multi-user.target
--- a/site/roles/manifests/infra/git/runner.pp
+++ b/site/roles/manifests/infra/git/runner.pp
@ -0,0 +1,11 @@
+# a role to deploy the gitea runner
+class roles::infra::git::runner {
+  if $facts['firstrun'] {
+    include profiles::defaults
+    include profiles::firstrun::init
+  }else{
+    include profiles::defaults
+    include profiles::base
+    include profiles::base::datavol
+  }
+}
				`@ -0,0 +1 @@`
				profiles::gitea::runner::registration_token: ENC[PKCS7,MIIBmQYJKoZIhvcNAQcDoIIBijCCAYYCAQAxggEhMIIBHQIBADAFMAACAQEwDQYJKoZIhvcNAQEBBQAEggEAOL/ug4IPhEW1n+Lq+SsMSEJUYsDDK2s0+oNF3unxcbH3QDqWo7kuYKkDWQ+W3otcxvuRlbC8+0W2fO2udhF7sSGrF93INsTCDqWlLnaaAgxlgNSXthA4OCJlI8DCLeD/Sr0TTCchUdpQrIpDo6Gh0EUjgRv5574q26or7c/vvtQ4nfLVQOqEV9UpsCgEYiQvXVcf55LEpgaDp4mFL0qCnfzDnGNbZ0GUo6552ka19IocqOqILPnZO0qDcEoLbQ90sP197+5Jw611i1Akx1C4lFP81bazFMpbdiEP0V4Ax+33LfZEb0KnXuMbKOF23vIwwwfpFJaSOAjA5YehA3xM2zBcBgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBDPJHB2uL+VEyntgZocyoMXgDBJ1dnRWiJM77XomzbNdDUO+ktIHLOTL5do0m4CkXZ1s42KtaAwWL+/EGdxg80UMC8=]