konvenit · RubenMakandra · Jan 21, 2025 · Jan 27, 2025
diff --git a/.github/workflows/compose_push.yaml b/.github/workflows/compose_push.yaml
@@ -25,21 +25,26 @@ env:
 
 jobs:
   compose_push:
-    runs-on: ubuntu-22.04
+    runs-on: selfhosted-github-runner
 
     steps:
     - name: Checkout
       uses: actions/checkout@v1
 
-    - name: Set up Ruby
-      uses: ruby/setup-ruby@v1
-
     - name: Log in to Docker Hub
       run: |
-        docker login -u ${{ secrets.dockerhub_user }} -p ${{ secrets.dockerhub_pass }}
+        docker login miceportal.nexus-registry-mice.boreus.de -u ${{ secrets.nexus_user }} -p ${{ secrets.nexus_pass }}
+        sudo apt update
+        sudo apt install libyaml-dev libgmp-dev -y
+        mkdir -p ~/.docker/cli-plugins/
+        curl -SL https://github.com/docker/compose/releases/download/v2.32.1/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose
+        chmod +x ~/.docker/cli-plugins/docker-compose
+
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
 
     - name: Compose up
-      uses: konvenit/workflowator/.github/actions/compose@v12
+      uses: konvenit/workflowator/.github/actions/compose@MP-50534_Add_Action_Runner_Controller_helm_chart_values
       with:
         application-name: ${{ inputs.application-name }}
 

diff --git a/.github/workflows/compose_run.yaml b/.github/workflows/compose_run.yaml
@@ -42,21 +42,26 @@ env:
 
 jobs:
   compose_run:
-    runs-on: ubuntu-22.04
+    runs-on: selfhosted-github-runner
 
     steps:
     - name: Checkout
       uses: actions/checkout@v1
 
-    - name: Set up Ruby
-      uses: ruby/setup-ruby@v1
-
     - name: Log in to Docker Hub
       run: |
-        docker login -u ${{ secrets.dockerhub_user }} -p ${{ secrets.dockerhub_pass }}
+        docker login miceportal.nexus-registry-mice.boreus.de -u ${{ secrets.nexus_user }} -p ${{ secrets.nexus_pass }}
+        sudo apt update
+        sudo apt install libyaml-dev libgmp-dev -y
+        mkdir -p ~/.docker/cli-plugins/
+        curl -SL https://github.com/docker/compose/releases/download/v2.32.1/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose
+        chmod +x ~/.docker/cli-plugins/docker-compose
+
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
 
     - name: Compose up
-      uses: konvenit/workflowator/.github/actions/compose@v12
+      uses: konvenit/workflowator/.github/actions/compose@MP-50534_Add_Action_Runner_Controller_helm_chart_values
       with:
         application-name: ${{ inputs.application-name }}
 

diff --git a/.github/workflows/sample.yaml b/.github/workflows/sample.yaml
@@ -14,7 +14,7 @@ on:
 jobs:
   sample-action:
     name: Sample action
-    runs-on: ubuntu-22.04
+    runs-on: selfhosted-github-runner
 
     steps:
       - name: Checkout repo

diff --git a/helm/action_runner_controller/install.sh b/helm/action_runner_controller/install.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+# See https://docs.github.com/en/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/quickstart-for-actions-runner-controller#installing-actions-runner-controller
+NAMESPACE="github-worker" # provided by WIIT
+VERSION="0.10.1"
+helm install arc \
+    --namespace "${NAMESPACE}" \
+    --values values_controller.yaml \
+    --version "${VERSION}" \
+    oci://ghcr.io/actions/actions-runner-controller-charts/gha-runner-scale-set-controller
diff --git a/helm/action_runner_controller/values_controller.yaml b/helm/action_runner_controller/values_controller.yaml
@@ -0,0 +1,12 @@
+# https://github.com/actions/actions-runner-controller/blob/master/charts/gha-runner-scale-set-controller/values.yaml
+tolerations: [
+  {
+    "key": "ci",
+    "operator": "Equal",
+    "value": "true",
+    "effect": "NoSchedule"
+  }
+]
+nodeSelector: {
+  "ci": "true"
+}
diff --git a/helm/scale_set/install.sh b/helm/scale_set/install.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+# A Secret called github-pat containing a PAT needs to exist for this to work.
+NAMESPACE="github-worker"
+helm install "selfhosted-github-runner" \
+    --namespace "${NAMESPACE}" \
+    --version "0.10.1" \
+    --values "values_scale_set_dind.yaml" \
+    oci://ghcr.io/actions/actions-runner-controller-charts/gha-runner-scale-set
diff --git a/helm/scale_set/values_scale_set.yaml b/helm/scale_set/values_scale_set.yaml
@@ -0,0 +1,38 @@
+# https://github.com/actions/actions-runner-controller/blob/master/charts/gha-runner-scale-set/values.yaml
+# https://github.com/<your_enterprise/org/repo>
+githubConfigUrl: "https://github.com/konvenit"
+githubConfigSecret: 'github-pat'
+template:
+  spec:
+    containers:
+      - name: runner
+        image: ghcr.io/actions/actions-runner:latest
+        command: ["/home/runner/run.sh"]
+    nodeSelector: {
+      "ci": "true"
+    }
+    tolerations: [
+      {
+        "key": "ci",
+        "operator": "Equal",
+        "value": "true",
+        "effect": "NoSchedule"
+      }
+    ]
+listenerTemplate:
+  spec:
+    containers:
+      - name: listener
+        securityContext:
+          runAsUser: 1000
+    nodeSelector: {
+      "ci": "true"
+    }
+    tolerations: [
+      {
+        "key": "ci",
+        "operator": "Equal",
+        "value": "true",
+        "effect": "NoSchedule"
+      }
+    ]
diff --git a/helm/scale_set/values_scale_set_dind.yaml b/helm/scale_set/values_scale_set_dind.yaml
@@ -0,0 +1,88 @@
+# https://github.com/actions/actions-runner-controller/blob/master/charts/gha-runner-scale-set/values.yaml
+# https://github.com/<your_enterprise/org/repo>
+githubConfigUrl: "https://github.com/konvenit"
+githubConfigSecret: github-pat
+minRunners: 2
+# maxRunners: 10
+template:
+  spec:
+    initContainers:
+    - name: init-dind-externals
+      image: ghcr.io/actions/actions-runner:latest
+      command: ["cp", "-r", "-v", "/home/runner/externals/.", "/home/runner/tmpDir/"]
+      volumeMounts:
+        - name: dind-externals
+          mountPath: /home/runner/tmpDir
+    containers:
+    - name: runner
+      image: ghcr.io/actions/actions-runner:latest
+      command: ["/home/runner/run.sh"]
+      env:
+        - name: DOCKER_HOST
+          value: unix:///var/run/docker.sock
+      volumeMounts:
+        - name: work
+          mountPath: /home/runner/_work
+        - name: dind-sock
+          mountPath: /var/run
+        - name: toolcache
+          mountPath: /opt/hostedtoolcache
+    - name: dind
+      image: docker:dind
+      args:
+        - dockerd
+        - --host=unix:///var/run/docker.sock
+        - --group=$(DOCKER_GROUP_GID)
+        - --max-concurrent-downloads=5
+        - --http-proxy=http://proxy20.boreus.de:3128/
+        - --https-proxy=http://proxy20.boreus.de:3128/
+        - --no-proxy=127.0.0.1,localhost,localhost.localdomain,cluster.local,10.43.0.1,miceportal-alpha.de,miceportal-alpha.com,miceportal.de,miceportal.com,svc.boreus.de,mice.boreus.de,registry.boreus.de,gitlab.boreus.de,*.nexus-registry-mice.boreus.de
+      env:
+        - name: DOCKER_GROUP_GID
+          value: "123"
+      securityContext:
+        privileged: true
+      volumeMounts:
+        - name: work
+          mountPath: /home/runner/_work
+        - name: dind-sock
+          mountPath: /var/run
+        - name: dind-externals
+          mountPath: /home/runner/externals
+    volumes:
+    - name: work
+      emptyDir: {}
+    - name: dind-sock
+      emptyDir: {}
+    - name: dind-externals
+      emptyDir: {}
+    - name: toolcache
+      emptyDir: {}
+    nodeSelector: {
+      "ci": "true"
+    }
+    tolerations: [
+      {
+        "key": "ci",
+        "operator": "Equal",
+        "value": "true",
+        "effect": "NoSchedule"
+      }
+    ]
+listenerTemplate:
+  spec:
+    containers:
+      - name: listener
+        securityContext:
+          runAsUser: 1000
+    nodeSelector: {
+      "ci": "true"
+    }
+    tolerations: [
+      {
+        "key": "ci",
+        "operator": "Equal",
+        "value": "true",
+        "effect": "NoSchedule"
+      }
+    ]