forked from stgraber/lxd-github-actions
-
Notifications
You must be signed in to change notification settings - Fork 2
/
respawn
85 lines (69 loc) · 3.15 KB
/
respawn
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
#!/bin/bash
LXD_CONTAINER=$1
SPAWN_COUNT=$2
RUNNER_URL=$3
GITHUB_ACCESS_TOKEN=$4
LABELS=$5
SCOPE="repos"
#Disk space is not freed up automatically when a container is removed.
#Free up disk space for any github- runner that is not active
for container in $(lxc storage volume list docker | grep "github-.*| 0" |awk '{print $4}'); do lxc storage volume delete docker $container; done
#Get currently running instances by repository and spawn new instances if they are below SPAWN_COUNT for that repository
#Exit early to prevent unnecessary calls to github api when no new runner is needed.
#TODO: ALERT if lxc command fails meaning lxd servcie is down
#Get runner_count for current RUNNER_URL:
#Get all started gh-runners and lookup the registered repo in the containers github-actions.service and match it with RUNNER_URL
CURRENT_REPO_RUNNER_COUNT=$(for c in $(lxc ls |grep github-.*RUNNING.*EPHEMERAL |awk '{print $2}'); do lxc exec $c cat /etc/systemd/system/github-actions.service | grep 'ExecStartPre.*--url.*' | awk '{print $7}'; done | grep "$RUNNER_URL" | wc -l)
#CURRENT_RUNNER_COUNT=$(lxc ls | grep github-.*RUNNING.*EPHEMERAL | wc -l)
if [ $((( $SPAWN_COUNT - $CURRENT_REPO_RUNNER_COUNT ))) -le 0 ]
then
exit 0
else
SPAWN_COUNT=$((($SPAWN_COUNT - $CURRENT_REPO_RUNNER_COUNT)))
fi
# This is done outside the scope of the LXD container because exporting variables is not working as expected
_PROTO="$(echo "${RUNNER_URL}" | grep :// | sed -e's,^\(.*://\).*,\1,g')"
_URL="$(echo "${RUNNER_URL/${_PROTO}/}")"
_PATH="$(echo "${_URL}" | grep / | cut -d/ -f2-)"
#Create the github runner service
(
cat << EOF
#echo "Exchanging the GitHub Access Token with a Runner Token (scope: ${SCOPE})..."
GH_RUNNER_TOKEN="$(curl -XPOST -fsSL \
-H "Authorization: token ${GITHUB_ACCESS_TOKEN}" \
-H "Accept: application/vnd.github.v3+json" \
"https://api.github.com/${SCOPE}/${_PATH}/actions/runners/registration-token" \
| jq -r '.token')"
# Setup the systemd unit
(
cat << EOG
[Unit]
Description=github - Actions runner
Requires=network-online.target
After=network-online.target
[Service]
Type=oneshot
WorkingDirectory=/srv/github-actions/
ExecStartPre=/usr/bin/sudo -u ubuntu -i /srv/github-actions/config.sh --url $RUNNER_URL --token \$GH_RUNNER_TOKEN --unattended --ephemeral --labels "$LABELS"
ExecStart=-/usr/bin/sudo -u ubuntu -i /srv/github-actions/run.sh
ExecStartPost=/usr/sbin/poweroff
[Install]
WantedBy=multi-user.target
EOG
) > /etc/systemd/system/github-actions.service
systemctl enable github-actions
echo NEW TOKEN \$GH_RUNNER_TOKEN RECEIVED AND DEPLOYED
EOF
) | lxc exec $LXD_CONTAINER /bin/sh
#ephemeral github runners will be delisted (on github.com) after 1 day of being offline
for i in $(seq ${SPAWN_COUNT})
do
NAME=$(mktemp -u github-XXXXXXXX)
lxc copy ${LXD_CONTAINER} "${NAME}" --ephemeral
lxc start "${NAME}"
lxc storage volume create docker "${NAME}"
lxc config device add "${NAME}" docker disk pool=docker source="${NAME}" path=/var/lib/docker
lxc config set "${NAME}" security.nesting=true security.syscalls.intercept.mknod=true security.syscalls.intercept.setxattr=true
lxc restart "${NAME}"
echo "spanwed container ${NAME}"
done