gce-github-runner/action.yml at main · gitpod-io/gce-github-runner · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: "Ephemeral GCE GitHub self-hosted runner"
description: >-
  Creates ephemeral GCE based GitHub Action self-hosted runner.
  It uses startup script to bootstrap the VM.
branding:
  icon: triangle
  color: purple
inputs:
  runner_token:
    description: >-
      GitHub auth token, needs `repo`/`public_repo` scope: https://docs.github.com/en/rest/reference/actions#self-hosted-runners.
    required: true
  project_id:
    description: >-
      ID of the Google Cloud Platform project. If provided, this will configure gcloud to use this project ID.
    required: false
    default: public-github-runners
  machine_zone:
    description: GCE zone
    default: "europe-west1-b"
    required: false
  machine_type:
    description: GCE machine type; https://cloud.google.com/compute/docs/machine-types
    default: "n2d-standard-32"
    required: true
  disk_size:
    description: VM disk size.
    required: false
    default: 500GB
  image_project:
    description: >
      The Google Cloud project against which all image and image family references will be resolved.
    required: false
    default: public-github-runners
  image:
    description: Specifies the name of the image that the disk will be initialized with. If not provided, will use the latest gh-runner-* image.
    required: false
  image_family:
    description: The image family for the operating system that the boot disk will be initialized with.
    required: false
  label:
    description: >-
      Runner label. Can be set to override the VM name to recreate a runner with a specific label,
      e.g. to replace a runner that was shutdown. If set, 'task' will be ignored.
    required: false
  scopes:
    description: Scopes granted to the VM, defaults to full access (cloud-platform).
    default: cloud-platform
    required: true
  shutdown_timeout:
    description: "Shutdown grace period (in seconds)."
    default: 30s
    required: true
  task:
    description: Additional context about the workflow
    default: default
    required: true
  gcp_credentials:
    description: GCP JSON credentials
    required: true

outputs:
  label:
    description: >-
      Unique runner label. This label can be used to request a specific
      runner for the workflow job.
    value: ${{ steps.gce-github-runner-script.outputs.label }}
  machine-zone:
    description: >-
      VM availability zone
    value: ${{ steps.gce-github-runner-script.outputs.machine-zone }}
runs:
  using: "composite"
  steps:
    - name: Check if we are allowed to run
      id: check-repository
      if: github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name
      shell: bash
      run: |
        echo "❌ Job actions are not allowed to run in forks" >> $GITHUB_STEP_SUMMARY
        exit 1
    - name: Checkout repository
      uses: actions/checkout@v4
    - name: Authenticate to Google Cloud
      id: auth
      if: github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name
      uses: google-github-actions/auth@v1
      with:
        credentials_json: ${{ inputs.gcp_credentials }}
    - name: Activate GCP service account
      id: gcloud-auth
      if: github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name
      shell: bash
      run: |
        gcloud auth activate-service-account --key-file ${{ steps.auth.outputs.credentials_file_path }}
    - name: Get latest runner image
      id: get-image
      if: github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name && inputs.image == ''
      shell: bash
      run: |
        LATEST_IMAGE=$(gcloud compute images list \
          --project=${{ inputs.image_project }} \
          --filter="name~'gh-runner-.*'" \
          --sort-by="~creationTimestamp" \
          --format="value(name)" \
          --limit=1)
        echo "image=${LATEST_IMAGE}" >> $GITHUB_OUTPUT
        echo "Using latest image: ${LATEST_IMAGE}"
    - name: Create GCE VM
      id: gce-github-runner-script
      if: github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name
      shell: bash
      run: |
        set -x

        IMAGE_TO_USE="${{ inputs.image }}"
        if [ -z "${IMAGE_TO_USE}" ]; then
          IMAGE_TO_USE="${{ steps.get-image.outputs.image }}"
        fi

        ${{ github.action_path }}/action.sh \
          --command=start \
          --runner_token=${{ inputs.runner_token }} \
          --project_id=${{ inputs.project_id }} \
          --machine_zone=${{ inputs.machine_zone }} \
          --machine_type=${{ inputs.machine_type }} \
          --disk_size=${{ inputs.disk_size }} \
          --scopes=${{ inputs.scopes }} \
          --shutdown_timeout=${{ inputs.shutdown_timeout }} \
          --image_project=${{ inputs.image_project }} \
          --image="${IMAGE_TO_USE}" \
          --image_family=${{ inputs.image_family }} \
          --label=${{ inputs.label }} \
          --boot_disk_type=pd-ssd \
          --task=${{ inputs.task }}