Merge pull request #11 from MonolithProjects/develop

MonolithProjects · web-flow · commit 9f221368fdaf · 2020-04-18T20:19:42.000+02:00
Fix reinstallation Former-commit-id: 2782e9f
diff --git a/README.md b/README.md
@@ -1,16 +1,14 @@
-GitHub Actions Runner
-=========
+# GitHub Actions Runner
 
 [![Galaxy Quality](https://img.shields.io/ansible/quality/47375?style=flat&logo=ansible)](https://galaxy.ansible.com/monolithprojects/github_actions_runner)
 [![Role version](https://img.shields.io/github/v/release/MonolithProjects/ansible-github_actions_runner)](https://galaxy.ansible.com/monolithprojects/github_actions_runner)
 [![Role downloads](https://img.shields.io/ansible/role/d/47375)](https://galaxy.ansible.com/monolithprojects/github_actions_runner)
 [![GitHub Actions](https://github.com/MonolithProjects/ansible-github_actions_runner/workflows/molecule%20test/badge.svg?branch=master)](https://github.com/MonolithProjects/ansible-github_actions_runner/actions)
 [![License](https://img.shields.io/github/license/MonolithProjects/ansible-github_actions_runner)](https://github.com/MonolithProjects/ansible-github_actions_runner/blob/master/LICENSE)
 
-This role will deploy or redeploy or uninstall and register or unregister local GitHub Actions Runner (version you specified).
+This role will deploy or redeploy or uninstall and register or unregister local GitHub Actions Runner.
 
-Requirements
-------------
+## Requirements
 
 * Supported Linux distros:
   * CentOS/RHEL 7,8
@@ -20,23 +18,24 @@ Requirements
 
 * System must have access to the GitHub.
 
+* The role require Personal Access Token for the GitHub user. The token has to be a value of `PERSONAL_ACCESS_TOKEN` variable.
+Export the token to the local host environment. The token has to have admin rights for the repo.  
+Personal Access Token for GitHub account can be created [here](https://github.com/settings/tokens).  
+**Note:** Never store you personal access token in the GitHub repository. Use [GitHub Secrets](https://help.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets) or some different secrets service.
+
 * Runner user has to be pre-created.  
   Recommended role: `monolithprojects.user_management`
 
 * CentOS/Fedora systems require EPEL repository.  
   Recommended role: `robertdebock.epel`
 
-* `PERSONAL_ACCESS_TOKEN` variable needs to be exported to your environment. The token has to have admin rights for the repo.  
-Personal Access Token for your GitHub account can be created [here](https://github.com/settings/tokens).
-
-Role Variables
---------------
+## Role Variables
 
 This is a copy from `defaults/main.yml`
 
 ```yaml
 # Runner user - user under which is the local runner service running
-runner_user: runner
+runner_user: "{{ lookup('env','USER') }}"
 
 # Directory where the local runner will be installed
 runner_dir: /opt/actions-runner
@@ -63,8 +62,23 @@ github_server: "https://github.com"
 # github_repo: "yourrepo"
 ```
 
-Example Playbook
-----------------
+## Example Playbook 
+
+In this example the role will deploy (or redeploy) the GitHub Actions runner service (latest available version) and register the runner for the GitHub repo.
+Runner service will run under the same user as the Ansible is using for ssh connection (*ansible*).
+
+```yaml
+---
+- name: GitHub Actions Runner
+  hosts: all
+  user: ansible
+  become: yes
+  vars:
+    - github_account: my-github-user
+    - github_repo: my_awesome_repo
+  roles:
+    - role: monolithprojects.github_actions_runner
+```
 
 In this example the role will deploy (or redeploy) the GitHub Actions runner service (version 2.165.2) and register the runner for the GitHub repo.
 
@@ -75,8 +89,8 @@ In this example the role will deploy (or redeploy) the GitHub Actions runner ser
   become: yes
   vars:
     - runner_version: "2.165.2"
-    - runner_user: ansible
-    - github_account: myuser
+    - runner_user: runner-user
+    - github_account: my-github-user
     - github_repo: my_awesome_repo
   roles:
     - role: monolithprojects.github_actions_runner
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -1,6 +1,6 @@
 ---
 # Runner user - user under which is the local runner service running
-runner_user: runner
+runner_user: "{{ lookup('env','USER') }}"
 
 # Directory where the local runner will be installed
 runner_dir: /opt/actions-runner
diff --git a/meta/main.yml b/meta/main.yml
@@ -30,4 +30,5 @@
       - runner
       - cicd
   dependencies:
-    - robertdebock.epel
+    - robertdebock.epel
+    - monolithprojects.user_management
diff --git a/molecule/default/converge.yml b/molecule/default/converge.yml
@@ -4,7 +4,6 @@
   hosts: all
   become: yes
   vars:
-    - runner_version: "2.168.0"
     - runner_user: ansible
     - github_repo: ansible-github_actions_runner-testrepo
     - github_account: monolithprojects
diff --git a/molecule/default/requirements.yml b/molecule/default/requirements.yml
@@ -1,3 +1,5 @@
 ---
 - role: robertdebock.epel
+  version: master
+- role: monolithprojects.user_management
   version: master
diff --git a/tasks/install_runner.yml b/tasks/install_runner.yml
@@ -10,7 +10,7 @@
   tags:
     - install
 
-- name: Find the latest runner version
+- name: Find the latest runner version (RUN ONCE)
   uri:
     url: "https://api.github.com/repos/actions/runner/releases/latest"
     url_username: "{{ github_account }}"
@@ -32,7 +32,7 @@
     runner_version: "{{ api_response.json.tag_name | regex_replace('^v', '') }}"
   when: runner_version == "latest"
 
-- name: Download runner package version - "{{ runner_version }}"
+- name: Download runner package version - "{{ runner_version }}" (RUN ONCE)
   get_url:
     url: "https://github.com/actions/runner/releases/download/v{{ runner_version }}/actions-runner-linux-x64-{{ runner_version }}.tar.gz"
     dest: "./actions-runner-linux-{{ runner_version }}.tar.gz"
@@ -57,7 +57,7 @@
     chdir: "{{ runner_dir }}"
   become: yes
   become_user: "{{ runner_user }}"
-  no_log: "{{ hide_sensitive_logs }}"
+  no_log: "{{ hide_sensitive_logs | bool }}"
   when: ansible_hostname not in registered_runners.json.runners|map(attribute='name')|list
   tags:
     - install
@@ -69,7 +69,7 @@
     chdir: "{{ runner_dir }}"
   become: yes
   become_user: "{{ runner_user }}"
-  no_log: "{{ hide_sensitive_logs }}"
+  no_log: "{{ hide_sensitive_logs | bool }}"
   when: replace_runner and ansible_hostname in registered_runners.json.runners|map(attribute='name')|list
   tags:
     - install
diff --git a/tasks/uninstall_runner.yml b/tasks/uninstall_runner.yml
@@ -8,11 +8,6 @@
   tags:
     - uninstall
 
-- name: Refresh services facts
-  service_facts:
-  tags:
-    - uninstall
-
 - name: Remove GitHub Actions Runner service
   file:
     path: "{{ item }}"
@@ -29,6 +24,11 @@
   tags:
     - uninstall
 
+- name: Refresh services facts
+  service_facts:
+  tags:
+    - uninstall
+
 - name: Check GitHub Actions runner file
   stat:
     path: "{{ runner_dir }}/.runner"
@@ -42,7 +42,7 @@
     chdir: "{{ runner_dir }}"
   become: yes
   become_user: "{{ runner_user }}"
-  no_log: "{{ hide_sensitive_logs }}"
+  no_log: "{{ hide_sensitive_logs | bool }}"
   when: ansible_hostname in registered_runners.json.runners|map(attribute='name')|list and runner_file.stat.exists
   tags:
     - uninstall
