GitHub Actions Runner Controller (ARC) configuration note

发表于 更新于 分类于 Disqus:

Important
First thing first, for personal use only. I am not responsible for the content or its consequences.

Introduction

First contact with Kubernetes and GitHub Actions Runner Controller (ARC). Feels a little painful at the beginning :).

Special thanks to Bassem Dghaidi’s awesome video. You can find the link in the References section.

Prerequisites

  • Kubernetes
  • Helm 3
  • minikube (optional)
  • GitHub Organization account

Registering a GitHub App for ARC

Create a new GitHub Apps

Go to https://github.com/organizations/OmicoDev/settings/apps/new

Note
Replace OmicoDev with your organization name.

Then, follow the instructions to create a new GitHub App.

Install the GitHub App to your organization

Go to https://github.com/organizations/OmicoDev/settings/apps/omico-actions-runner-controller/installations and then click Install to install the GitHub App to your organization.

Note
Replace OmicoDev with your organization name.
Replace omico-actions-runner-controller with your GitHub App name.

Install ARC

Create new minikube cluster (optional)

1
minikube start -p arc --cpus=12 --memory=32G --mount

Note
You should modify the parameters according to your needs.

Installing Actions Runner Controller

1
2
3
4
helm install arc \
  --namespace arc-systems \
  --create-namespace \
  oci://ghcr.io/actions/actions-runner-controller-charts/gha-runner-scale-set-controller

Configuring a runner scale set

1
2
3
4
5
6
7
8
9
10
INSTALLATION_NAME="arc-ubuntu-latest"
SECRET_NAME="omico-actions-runner-controller"
GITHUB_CONFIG_URL="https://github.com/OmicoDev"
helm install "$INSTALLATION_NAME" \
  --namespace arc-runners \
  --create-namespace \
  --set githubConfigUrl="$GITHUB_CONFIG_URL" \
  --set githubConfigSecret="$SECRET_NAME" \
  --set minRunners=3 \
  oci://ghcr.io/actions/actions-runner-controller-charts/gha-runner-scale-set

Note
Replace OmicoDev with your organization name.
Replace arc-ubuntu-latest with your runner installation name.
Replace omico-actions-runner-controller with your GitHub App name.
minRunners is optional, you can modify it according to your needs.
For more configurations, please refer to values.yaml of gha-runner-scale-set.

Create a secret for the GitHub App

1
2
3
4
5
6
7
8
9
SECRET_NAME="omico-actions-runner-controller"
GITHUB_APP_ID="114514"
GITHUB_APP_INSTALLATION_ID="114514"
GITHUB_APP_PRIVATE_KEY=$(cat omico-actions-runner-controller.private-key.pem)
kubectl create secret generic "$SECRET_NAME" \
  --namespace=arc-runners \
  --from-literal=github_app_id=${GITHUB_APP_ID} \
  --from-literal=github_app_installation_id=${GITHUB_APP_INSTALLATION_ID} \
  --from-literal=github_app_private_key=${GITHUB_APP_PRIVATE_KEY}

Note
Replace omico-actions-runner-controller with your GitHub App name.
Replace 114514 with your GitHub App ID and Installation ID.
Replace omico-actions-runner-controller.private-key.pem with your private key file name. (You can get it from the GitHub App settings page. See Create a new GitHub Apps)

Verify the installation

1
kubectl get pods -n arc-systems

If you see the following pods, then the installation is successful.

1
2
3
NAME                                    READY   STATUS    RESTARTS      AGE
arc-gha-rs-controller-c8d75c47f-9j7st   1/1     Running   2 (65m ago)   172m
arc-ubuntu-latest-754b578d-listener     1/1     Running   0             46m

If the listener pod is missing, please check the logs of arc-gha-rs-controller pod.

1
kubectl logs -n arc-systems $(kubectl get pods -n arc-systems -o=name | grep "pod/arc-gha-rs-controller")

Good luck for debugging :)

Useful commands

Install Dashboard for minikube

1
2
minikube -p arc addons enable metrics-server
minikube -p arc dashboard

Delete the minikube cluster

1
minikube delete -p arc

Delete the runner scale set

1
2
INSTALLATION_NAME="arc-ubuntu-latest"
helm uninstall "$INSTALLATION_NAME" --namespace arc-runners

Get basic information of the ARC secret

1
2
SECRET_NAME="omico-actions-runner-controller"
kubectl describe secret "$SECRET_NAME" --namespace arc-runners

Get ARC secret private key

Note
Be careful with the private key.

1
2
SECRET_NAME="omico-actions-runner-controller"
kubectl get "secrets/${SECRET_NAME}" --template="{{.data.github_app_private_key}}" --namespace arc-runners | base64 -d

Delete the ARC secret

1
2
SECRET_NAME="omico-actions-runner-controller"
kubectl delete secret "$SECRET_NAME" --namespace=arc-runners

References