Installation
Actions-runner-controller
We use self-hosted runners for tasks where we need to access services inside our private network.
To deploy self-hosted runners we use helm chart for actions-runner-controller. It’s deployed with ArgoCD ApplicationSet to every apps cluster.
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: actions-runner-controller
spec:
generators:
- clusters:
selector:
matchLabels:
cluster: apps
template:
metadata:
name: '{{name}}-actions-runner-controller'
annotations:
argocd.argoproj.io/manifest-generate-paths: .
spec:
project: dev-infra
source:
repoURL: 'https://github.com/SafiBank/SaFiMono.git'
path: devops/argocd/environments/common/infra/actions-runner-controller
targetRevision: HEAD
plugin:
name: helm-argocd-vault-replacer
destination:
server: '{{server}}'
namespace: actions-runner-controller
syncPolicy:
automated:
prune: true
syncOptions:
- CreateNamespace=true
retry:
limit: 5
backoff:
duration: 5s
factor: 2
maxDuration: 3m
values.yaml
To be able to access Github repo you need to get token and save it in Vault.
actions-runner-controller:
authSecret:
create: true
github_token: <secret:secret/data/cicd/actions-runner-controller~GITHUB_TOKEN>
Actions-runner
After actions runner controller is deployed we can deploy runner with CRD RunnerDeployment and HorizontalRunnerAutoscaler.
For every cluster we deploy the same HorizontalRunnerAutoscaler which scale number of runners from 1 to 50 based on number of workflows in queue.
apiVersion: actions.summerwind.dev/v1alpha1
kind: HorizontalRunnerAutoscaler
metadata:
name: runner-deployment-autoscaler
spec:
scaleTargetRef:
name: runner-deployment
minReplicas: 1
maxReplicas: 50
metrics:
- type: TotalNumberOfQueuedAndInProgressWorkflowRuns
repositoryNames:
- SafiBank/SaFiMono
And for every cluster we deploy different RunnerDeployment so that we able to label runners based on environment. Also we put nodeSelector and tolerations to run runners on separate nodepool.
For example for brave:
apiVersion: actions.summerwind.dev/v1alpha1
kind: RunnerDeployment
metadata:
name: runner-deployment
spec:
template:
spec:
repository: SafiBank/SaFiMono
labels:
- brave
resources:
limits:
cpu: "2"
memory: "4Gi"
requests:
cpu: "500m"
memory: "2Gi"
nodeSelector:
cloud.google.com/gke-role: "github-runner"
tolerations:
- key: "safi_nodegroup_class"
operator: Equal
value: "github_runner"
effect: NoSchedule
After deployment you can verify that your runners are up and running in repository settings.
Usage
https://docs.github.com/en/actions/hosting-your-own-runners/using-self-hosted-runners-in-a-workflow
To run workflow on selfhosted runners we need to specify runs-on: parameter in job.
For example:
jobs:
Sonarqube-Test:
runs-on: [ brave ]
steps:
- name: Check out repository code
uses: actions/checkout@v3
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17.0.5+8'
distribution: 'temurin'
- name: Run Sonarqube tests
working-directory: services/${{ inputs.microservice_name }}
run: >
./gradlew sonarqube
-Dsonar.projectKey=${{ inputs.microservice_name }}
-Dsonar.host.url=${{ secrets.SONARQUBE_NEW_ADDRESS }}
-Dsonar.login=${{ secrets.SONARQUBE_NEW_TOKEN }}
