"adapt" dockerfile to ephemeral jobs

pagopa · Sep 21, 2023 · 64760e9 · 64760e9
1 parent 884a13e
commit 64760e9
Show file tree

Hide file tree

Showing 3 changed files with 58 additions and 36 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -2,15 +2,24 @@
 FROM ubuntu:22.04@sha256:965fbcae990b0467ed5657caceaec165018ef44a4d2d46c7cdea80a9dff0d1ea
 
 # see readme to understand wich version and use to use
-ENV ENV_GITHUB_RUNNER_VERSION="2.308.0"
-ENV ENV_GITHUB_RUNNER_VERSION_SHA=9f994158d49c5af39f57a65bf1438cbae4968aec1e4fec132dd7992ad57c74fa
+ENV ENV_GITHUB_RUNNER_VERSION="2.309.0"
+ENV ENV_GITHUB_RUNNER_VERSION_SHA=2974243bab2a282349ac833475d241d5273605d3628f0685bd07fb5530f9bb1a
 # https://github.com/Azure/kubelogin/blob/master/CHANGELOG.md
 ENV ENV_KUBELOGIN_VERSION=0.0.31
 ENV ENV_YQ_VERSION="v4.30.6"
 ENV NODE_MAJOR_VERSION="20"
 
 WORKDIR /
 
+RUN apt-get update && \
+    apt-get install -y curl jq && \
+    apt-get -y install curl git vim && \
+    apt-get -y install zip unzip && \
+    apt-get -y install ca-certificates curl wget apt-transport-https lsb-release gnupg && \
+    apt-get satisfy "python3-pip  (<= 22.1)" -y && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
+
 COPY dockerfile-setup.sh dockerfile-setup.sh
 RUN bash dockerfile-setup.sh
 
@@ -30,4 +39,4 @@ RUN whoami && \
   npm --version && \
   yarn --version
 
-ENTRYPOINT ["/github-runner-entrypoint.sh"]
+ENTRYPOINT ["/github-runner-entrypoint.sh"]
diff --git a/dockerfile-setup.sh b/dockerfile-setup.sh
@@ -2,13 +2,15 @@
 
 echo "✅ Start apt get install base packages"
 
-apt-get update \
-    && apt-get -y install curl git vim \
-    && apt-get -y install zip unzip \
-    && apt-get -y install ca-certificates curl wget apt-transport-https lsb-release gnupg \
-    && apt-get -y install jq \
-    && apt-get satisfy "python3-pip  (<= 22.1)" -y
-    # install jq from https://stedolan.github.io/jq/download/
+# apt-get update \
+#     && apt-get -y install curl git vim \
+#     && apt-get -y install zip unzip \
+#     && apt-get -y install ca-certificates curl wget apt-transport-https lsb-release gnupg \
+#     && apt-get -y install jq \
+#     && apt-get satisfy "python3-pip  (<= 22.1)" -y
+#     # install jq from https://stedolan.github.io/jq/download/
+
+# 1) 554mb
 
 # Test whoami
 whoami
@@ -22,15 +24,16 @@ mkdir -p actions-runner
 cd actions-runner || exit
 
 # from https://github.com/actions/runner/releases
-GITHUB_RUNNER_VERSION="${ENV_GITHUB_RUNNER_VERSION:-2.305.0}"
-GITHUB_RUNNER_VERSION_SHA="${ENV_GITHUB_RUNNER_VERSION_SHA:-737bdcef6287a11672d6a5a752d70a7c96b4934de512b7eb283be6f51a563f2f}"
+GITHUB_RUNNER_VERSION="${ENV_GITHUB_RUNNER_VERSION:-2.309.0}"
+GITHUB_RUNNER_VERSION_SHA="${ENV_GITHUB_RUNNER_VERSION_SHA:-2974243bab2a282349ac833475d241d5273605d3628f0685bd07fb5530f9bb1a}"
 curl -o actions-runner-linux-x64-${GITHUB_RUNNER_VERSION}.tar.gz -L https://github.com/actions/runner/releases/download/v${GITHUB_RUNNER_VERSION}/actions-runner-linux-x64-${GITHUB_RUNNER_VERSION}.tar.gz
 echo "${GITHUB_RUNNER_VERSION_SHA}  actions-runner-linux-x64-${GITHUB_RUNNER_VERSION}.tar.gz" | sha256sum -c
 tar xzf ./actions-runner-linux-x64-${GITHUB_RUNNER_VERSION}.tar.gz
 rm actions-runner-linux-x64-${GITHUB_RUNNER_VERSION}.tar.gz
-
+# 2) 1.09GB
 bash bin/installdependencies.sh
 echo "✅ Installed > github action runner"
+# 3) 1.13GB
 
 #
 # AZCLI
@@ -48,7 +51,7 @@ az config set extension.use_dynamic_install=yes_without_prompt
 az --version
 echo "✅ Installed > azcli"
 
-## Node and Yarn install 
+## Node and Yarn install
 curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/trusted.gpg.d/nodesource.gpg
 NODE_MAJOR_VERSION="${ENV_NODE_MAJOR_VERSION:-20}"
 echo "deb [signed-by=/etc/apt/trusted.gpg.d/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR_VERSION.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list

diff --git a/github-runner-entrypoint.sh b/github-runner-entrypoint.sh
@@ -28,27 +28,37 @@ if [ -z "$WORK_DIR" ]; then
 	export WORK_DIR=".workdir"
 fi
 
-# Calculate runner replacement policy.
-REPLACEMENT_POLICY="\n\n\n"
-REPLACEMENT_POLICY_LABEL="FALSE"
-if [ "$(echo "$REPLACE_EXISTING_RUNNER" | tr '[:upper:]' '[:lower:]')" == "true" ]; then
-	REPLACEMENT_POLICY="Y\n\n"
-	REPLACEMENT_POLICY_LABEL="TRUE"
-fi
+# # Calculate runner replacement policy.
+# REPLACEMENT_POLICY="\n\n\n"
+# REPLACEMENT_POLICY_LABEL="FALSE"
+# if [ "$(echo "$REPLACE_EXISTING_RUNNER" | tr '[:upper:]' '[:lower:]')" == "true" ]; then
+# 	REPLACEMENT_POLICY="Y\n\n"
+# 	REPLACEMENT_POLICY_LABEL="TRUE"
+# fi
 
-# Configure runner interactively, or with the given replacement policy.
-printf "Configuring GitHub Runner for %s\n\t" "$GITHUB_REPOSITORY_BANNER"
-printf "Runner Name: %s\n\t" "$RUNNER_NAME"
-printf "Working Directory: %s\n\t" "$WORK_DIR"
-printf "Replace Existing Runners: %s\n" "$REPLACEMENT_POLICY_LABEL"
-
-# actions-runner is a folder inside the github runner zip
-if [ "$INTERACTIVE" == "FALSE" ]; then
-	echo -ne "$REPLACEMENT_POLICY" | ./actions-runner/config.sh --url "$GITHUB_REPOSITORY" --token "$GITHUB_TOKEN" --name "$RUNNER_NAME" --work "$WORK_DIR" --labels "$LABELS" --disableupdate
-else
-	./actions-runner/config.sh --url "$GITHUB_REPOSITORY" --token "$GITHUB_TOKEN" --name "$RUNNER_NAME" --work "$WORK_DIR" --labels "$LABELS" --disableupdate
-fi
+# # Configure runner interactively, or with the given replacement policy.
+# printf "Configuring GitHub Runner for %s\n\t" "$GITHUB_REPOSITORY_BANNER"
+# printf "Runner Name: %s\n\t" "$RUNNER_NAME"
+# printf "Working Directory: %s\n\t" "$WORK_DIR"
+# printf "Replace Existing Runners: %s\n" "$REPLACEMENT_POLICY_LABEL"
+
+# # actions-runner is a folder inside the github runner zip
+# if [ "$INTERACTIVE" == "FALSE" ]; then
+# 	echo -ne "$REPLACEMENT_POLICY" | ./actions-runner/config.sh --url "$GITHUB_REPOSITORY" --token "$GITHUB_TOKEN" --name "$RUNNER_NAME" --work "$WORK_DIR" --labels "$LABELS" --disableupdate
+# else
+# 	./actions-runner/config.sh --url "$GITHUB_REPOSITORY" --token "$GITHUB_TOKEN" --name "$RUNNER_NAME" --work "$WORK_DIR" --labels "$LABELS" --disableupdate
+# fi
+
+# # Start the runner.
+# printf "Executing GitHub Runner for %s\n" "$GITHUB_REPOSITORY"
+# ./actions-runner/run.sh
+
+# Retrieve a short lived runner registration token using the PAT
+REGISTRATION_TOKEN="$(curl -X POST -fsSL \
+  -H 'Accept: application/vnd.github.v3+json' \
+  -H "Authorization: Bearer $GITHUB_PAT" \
+  -H 'X-GitHub-Api-Version: 2022-11-28' \
+  "$REGISTRATION_TOKEN_API_URL" \
+  | jq -r '.token')"
 
-# Start the runner.
-printf "Executing GitHub Runner for %s\n" "$GITHUB_REPOSITORY"
-./actions-runner/run.sh
+./config.sh --url $GITHUB_REPOSITORY --token $REGISTRATION_TOKEN --unattended --ephemeral --disableupdate && ./run.sh