Merge pull request #91 from MonolithProjects/develop

Develop to Master

README.md

@@ -8,7 +8,7 @@
 [![License](https://img.shields.io/github/license/MonolithProjects/ansible-github_actions_runner)](https://github.com/MonolithProjects/ansible-github_actions_runner/blob/main/LICENSE)
 
 
-This role will deploy/redeploy/uninstall and register/unregister local GitHub Actions Runner.  
+This role will deploy/redeploy/uninstall and register/unregister local GitHub Actions Runner.
 It supports both, Organization and Repository Runners.
 
 ## Requirements
@@ -103,6 +103,15 @@ runner_extra_config_args: ""
 
 # Github repository name
 # github_repo: "yourrepo"
+
+# Configuring a custom .env file
+# custom_env: |
+# http_proxy=YOUR_URL_HERE
+# ftp_proxy=YOUR_URL_HERE
+# HTTPS_PROXY=YOUR_URL_HERE
+# https_proxy=YOUR_URL_HERE
+# no_proxy=localhost,127.0.0.1,127.0.0.2
+# HTTP_PROXY=
 ```
 
 ## Example Playbook
@@ -139,7 +148,7 @@ Same example as above, but runner will be added to an organization.
 ```
 
 In this example the Ansible role will deploy (or update) the GitHub Actions runner service (version 2.165.2) and register the runner for the GitHub repo. Runner service will run under the user `runner-user`. Runner will be registered with two labels.
-The runner service will be *stopped* and disabled.
+The runner service will be *stopped* and disabled. Runner will use custom environment variables (from file named `.env` in the self-hosted runner application directory).
 
 ```yaml
 ---
@@ -155,6 +164,13 @@ The runner service will be *stopped* and disabled.
     - runner_labels:
         - production
         - west
+    - custom_env: |
+        HTTP_PROXY=http://proxy.local:8080
+        http_proxy=http://proxy.local:8080
+        HTTPS_PROXY=http://proxy.local:8080
+        https_proxy=http://proxy.local:8080
+        no_proxy=localhost,127.0.0.1,127.0.0.2
+
   roles:
     - role: monolithprojects.github_actions_runner
 ```

defaults/main.yml

@@ -43,7 +43,6 @@ runner_download_repository: "actions/runner"
 
 # Extra arguments to pass to `config.sh`
 runner_extra_config_args: ""
-
 # Custom service name when usign Github Enterprise server
 # service_name: actions.runner._services.{{ runner_name }}.service
 
@@ -55,3 +54,12 @@ runner_extra_config_args: ""
 
 # Github repository name
 # github_repo: "yourrepo"
+
+# Configuring a custom .env file
+# custom_env: |
+# http_proxy=YOUR_URL_HERE
+# ftp_proxy=YOUR_URL_HERE
+# HTTPS_PROXY=YOUR_URL_HERE
+# https_proxy=YOUR_URL_HERE
+# no_proxy=localhost,127.0.0.1,127.0.0.2
+# HTTP_PROXY=

molecule/custom_env/cleanup.yml

@@ -0,0 +1,12 @@
+---
+- name: Cleanup
+  user: ansible
+  hosts: all
+  become: yes
+  vars:
+    - runner_user: ansible
+    - github_repo: ansible-github_actions_runner-testrepo
+    - github_account: monolithprojects-testorg
+    - runner_state: absent
+  roles:
+    - ansible-github_actions_runner

molecule/custom_env/converge.yml

@@ -0,0 +1,20 @@
+---
+- name: Dev test playbook
+  user: ansible
+  hosts: all
+  gather_facts: yes
+  become: yes
+  vars:
+    - runner_user: ansible
+    - github_repo: ansible-github_actions_runner-testrepo
+    - github_account: monolithprojects-testorg
+    - runner_version: "latest"
+    - runner_labels:
+        - label1
+        - repo-runner
+    - custom_env: |
+      # HTTPS_PROXY=YOUR_URL_HERE
+
+  roles:
+    - robertdebock.epel
+    - ansible-github_actions_runner

molecule/custom_env/molecule.yml

@@ -0,0 +1,43 @@
+---
+provisioner:
+  name: ansible
+  config_options:
+    defaults:
+      verbosity: 0
+  playbooks:
+      converge: converge.yml
+      cleanup: cleanup.yml
+      verify: verify.yml
+dependency:
+  name: galaxy
+lint: |
+  yamllint .
+  ansible-lint .
+driver:
+  name: docker
+platforms:
+  - name: "${os:-ubuntu20}-${tag:-latest}"
+    image: "${namespace:-monolithprojects}/systemd-${os:-ubuntu20}:${tag:-latest}"
+    command: /sbin/init
+    tmpfs:
+      - /run
+      - /tmp
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+    privileged: yes
+    pre_build_image: yes
+verifier:
+  name: ansible
+scenario:
+  name: custom_env
+  test_sequence:
+    - dependency
+    - lint
+    - destroy
+    - syntax
+    - create
+    - converge
+    - idempotence
+    - verify
+    - cleanup
+    - destroy

molecule/custom_env/requirements.yml

@@ -0,0 +1,3 @@
+---
+- role: robertdebock.epel
+  version: 3.0.1

molecule/custom_env/verify.yml

@@ -0,0 +1,48 @@
+---
+- name: validate Repo runners
+  user: ansible
+  hosts: all
+  gather_facts: yes
+  become: yes
+  vars:
+    - runner_user: ansible
+    - github_repo: ansible-github_actions_runner-testrepo
+    - github_account: monolithprojects-testorg
+    - github_api_url: "https://api.github.com"
+    - access_token: "{{ lookup('env', 'PERSONAL_ACCESS_TOKEN') }}"
+    - runner_name: ubuntu16-latest
+
+  tasks:
+    - name: Check currently registered runners
+      uri:
+        url: "{{ github_api_url }}/repos/{{ github_owner | default(github_account) }}/{{ github_repo }}/actions/runners"
+        headers:
+          Authorization: "token {{ access_token }}"
+          Accept: "application/vnd.github.v3+json"
+        method: GET
+        status_code: 200
+        force_basic_auth: yes
+      register: registered_runners
+
+    - debug:
+        var: registered_runners.json.runners
+
+    - name: Check Runner
+      assert:
+        that:
+          - runner_name in registered_runners.json.runners|map(attribute='name')|list
+          - registered_runners.json.runners|map(attribute='status') == ["online"]
+        quiet: true
+
+    - name: Check Labels (skipped if labels are OK)
+      fail:
+        msg: Woops some labels differ "{{ (registered_runners.json.runners.0 | json_query('labels[*].name') | difference(['self-hosted', 'Linux', 'X64', 'label1', 'repo-runner'])) }}"
+      when: not (registered_runners.json.runners.0 | json_query('labels[*].name') | list ) == (['self-hosted', 'Linux', 'X64', 'label1', 'repo-runner'] | list)
+
+    - name: Check custom env file is configured
+      lineinfile:
+        dest: /opt/actions-runner/.env
+        line: "# HTTPS_PROXY=YOUR_URL_HERE"
+      check_mode: yes
+      register: presence
+      failed_when: presence.changed

tasks/install_runner.yml

@@ -41,7 +41,7 @@
   tags:
     - install
 
-- name:  Create temporary directory for archive
+- name: Create temporary directory for archive
   file:
     path: "{{ runner_pkg_tempdir }}"
     state: directory
@@ -56,8 +56,9 @@
 
 - name: Download runner package version - "{{ runner_version }}" (RUN ONCE)
   get_url:
-    url: "https://github.com/{{ runner_download_repository }}/releases/download/v{{ runner_version }}/\
-          actions-runner-linux-{{ github_actions_architecture }}-{{ runner_version }}.tar.gz"
+    url:
+      "https://github.com/{{ runner_download_repository }}/releases/download/v{{ runner_version }}/\
+      actions-runner-linux-{{ github_actions_architecture }}-{{ runner_version }}.tar.gz"
     dest: "{{ runner_pkg_tempdir }}/actions-runner-linux-{{ runner_version }}.tar.gz"
     force: no
   run_once: yes
@@ -77,10 +78,22 @@
   tags:
     - install
 
+- name: Configure custom env file if required
+  blockinfile:
+    path: "{{ runner_dir }}/.env"
+    block: "{{ custom_env }}"
+    owner: "{{ runner_user }}"
+    create: yes
+    mode: 0755
+    marker_begin: "# BEGIN ANSIBLE MANAGED BLOCK"
+    marker_end: "# END ANSIBLE MANAGED BLOCK"
+  when: custom_env is defined
+
 - name: Register runner (if new installation) for repo
-  command: "{{ runner_dir }}/./config.sh --url {{ github_url }}/{{ github_owner | default(github_account) }}/{{ github_repo }} \
-            --token {{ registration.json.token }} --name {{ runner_name }} --labels {{ runner_labels | join(',') }} --unattended \
-            {{ runner_extra_config_args }}"
+  command:
+    "{{ runner_dir }}/./config.sh --url {{ github_url }}/{{ github_owner | default(github_account) }}/{{ github_repo }} \
+    --token {{ registration.json.token }} --name {{ runner_name }} --labels {{ runner_labels | join(',') }} --unattended \
+    {{ runner_extra_config_args }}"
   args:
     chdir: "{{ runner_dir }}"
   become: yes
@@ -91,8 +104,9 @@
     - install
 
 - name: Register runner (if new installation) for organization
-  command: "{{ runner_dir }}/./config.sh --url {{ github_url }}/{{ github_owner | default(github_account) }} \
-            --token {{ registration.json.token }} --name {{ runner_name }} --labels {{ runner_labels | join(',') }} --unattended"
+  command:
+    "{{ runner_dir }}/./config.sh --url {{ github_url }}/{{ github_owner | default(github_account) }} \
+    --token {{ registration.json.token }} --name {{ runner_name }} --labels {{ runner_labels | join(',') }} --unattended"
   args:
     chdir: "{{ runner_dir }}"
   become: yes
@@ -103,8 +117,9 @@
     - install
 
 - name: Replace registered runner for repo
-  command: "{{ runner_dir }}/config.sh --url {{ github_url }}/{{ github_owner | default(github_account) }}/{{ github_repo }} \
-            --token {{ registration.json.token }} --name {{ runner_name }} --labels {{ runner_labels | join(',') }} --unattended --replace"
+  command:
+    "{{ runner_dir }}/config.sh --url {{ github_url }}/{{ github_owner | default(github_account) }}/{{ github_repo }} \
+    --token {{ registration.json.token }} --name {{ runner_name }} --labels {{ runner_labels | join(',') }} --unattended --replace"
   args:
     chdir: "{{ runner_dir }}"
   become: yes
@@ -115,8 +130,9 @@
     - install
 
 - name: Replace registered runner for organization
-  command: "{{ runner_dir }}/config.sh --url {{ github_url }}/{{ github_owner | default(github_account) }} \
-            --token {{ registration.json.token }} --name {{ runner_name }} --labels {{ runner_labels | join(',') }} --unattended --replace"
+  command:
+    "{{ runner_dir }}/config.sh --url {{ github_url }}/{{ github_owner | default(github_account) }} \
+    --token {{ registration.json.token }} --name {{ runner_name }} --labels {{ runner_labels | join(',') }} --unattended --replace"
   args:
     chdir: "{{ runner_dir }}"
   become: yes