Added GitHub runner logic

home/.chezmoi.yaml.tmpl

@@ -201,6 +201,7 @@ data:
       coreProject: "{{ $gcloudCoreProject }}"
       email: "{{ $gcloudEmail }}"
     github:
+      runnerOrg: megabyte-labs
       username: "{{ $githubUsername }}"
     gitomatic:
       - git: "{{ default "git@github.com:megabyte-labs/install.doctor.git" (env "START_REPO") }}"

home/.chezmoidata.yaml

@@ -244,6 +244,7 @@ softwareGroups:
     - argo-cli
     - drone-cli
     - fpm
+    - github-runner
     - gitlab-runner
     - glen
     - tart

home/.chezmoiscripts/universal/run_onchange_after_46-github-runner.sh.tmpl

@@ -0,0 +1,73 @@
+{{- if and (ne .host.distro.family "windows") (or (and (stat (joinPath .host.home ".config" "age" "chezmoi.txt")) (stat (joinPath .chezmoi.sourceDir ".chezmoitemplates" "secrets" "GITHUB_RUNNER_TOKEN"))) (env "GITHUB_RUNNER_TOKEN"))) -}}
+#!/usr/bin/env bash
+# @file GitHub Runner Registration
+# @brief Registers a GitHub action runner with GitHub
+# @description
+#     This script registers the host as a self-hosted GitHub runner with scope set
+#     in the `.user.github.runnerOrg` input in the `.chezmoi.yaml.tmpl` file. If your organization is `megabyte-labs`, then
+#     the value of `.user.github.runnerOrg` should be `megabyte-labs`. A self-hosted runner is an application
+#     that that allows you to run tasks from GitHub CI.
+#
+#     This script adds 3 labels to the runner: self-hosted, _hostname_, and _operating-system family_.
+#
+#     The script automatically acquires the GitHub Action runner token (as long as you specify your `.user.github.runnerOrg` value in `.chezmoi.yaml.tmpl`).
+#     In order to authenticate with GitHub, you should have the `GITHUB_TOKEN` environment variable in place with the appropriate permissions
+#     specified when you generate the token.
+#
+#     ## Links
+#
+#     * [Secrets / Environment variables documentation](https://install.doctor/docs/customization/secrets)
+
+{{ includeTemplate "universal/profile" }}
+{{ includeTemplate "universal/logg" }}
+
+GH_RUNNER_PATH="$HOME/.local/github-runner"
+
+### Check if GitHub runner is installed
+if [ -f "$GH_RUNNER_PATH/config.sh" ]; then
+    if [ -f "$GH_RUNNER_PATH/.runner" ]; then
+        logg info "GitHub Actions runner is already configured ($GH_RUNNER_PATH/.runner file is present)"
+    else
+        logg info 'Creating runner configuration'
+
+        ### Configure labels
+        LABELS="self-hosted,{{ .chezmoi.hostname }},{{ .host.distro.family }}"
+        if [ '{{ .host.distro.family }}' != '{{ .host.distro.id }}' ]; then
+            LABELS="${LABELS},{{ .host.distro.id }}"
+        fi
+        if command -v VirtualBox > /dev/null; then
+            LABELS="${LABELS},virtualbox"
+        fi
+        if command -v docker > /dev/null; then
+            LABELS="${LABELS},docker"
+        fi
+
+        if [ -n "$GITHUB_TOKEN" ]; then
+            if command -v jq > /dev/null; then
+                ### Acquire token
+                logg info 'Acquiring runner token'
+                RUNNER_TOKEN="$(curl -sSL -X POST -H "Accept: application/vnd.github+json" -H "Authorization: Bearer $GITHUB_TOKEN" -H "X-GitHub-Api-Version: 2022-11-28" https://api.github.com/orgs/{{ .user.github.runnerOrg }}/actions/runners/registration-token | jq -r '.token')"
+
+                ### Generate the configuration
+                logg info 'Joining GitHub runner to https://github.com/{{ .user.github.runnerOrg }}'
+                "$GH_RUNNER_PATH/config.sh" --unattended --url https://github.com/{{ .user.github.runnerOrg }} --token "$RUNNER_TOKEN" --labels "$LABELS" || EXIT_CODE=$?
+                if [ -n "$EXIT_CODE" ]; then
+                    logg error 'GitHub runner configuration failed' && exit 1
+                fi
+
+                ### Install / start the service
+                logg info 'Configuring runner service'
+                "$GH_RUNNER_PATH/svc.sh" install && logg success 'Successfully installed the GitHub Actions runner service'
+                logg info 'Starting runner service'
+                "$GH_RUNNER_PATH/svc.sh" start && logg success 'Started the GitHub Actions runner service'
+            else
+                logg warn '`jq` is required by the GitHub runner configuration script'
+            fi
+        else
+            logg warn 'The GITHUB_TOKEN environment variable is not present'
+        fi
+    fi
+else
+    logg info "The GitHub Actions runner installation is not present at $GH_RUNNER_PATH"
+fi
+{{- end }}

software.yml

@@ -9461,6 +9461,23 @@ softwarePackages:
     ansible:windows: professormanhattan.visualstudio
     cask: visual-studio
     choco: visualstudio2022community
+  github-runner:
+    _desc: '[GitHub Runner](https://docs.github.com/en/actions/hosting-your-own-runners) is a system that you deploy and manage to execute jobs from GitHub Actions on GitHub.com.'
+    _docs: https://docs.github.com/en/actions/hosting-your-own-runners
+    _github: https://github.com/actions/runner
+    _home: https://docs.github.com/en/actions/hosting-your-own-runners
+    _name: GitHub Runner
+    _when: '! test -f "$HOME/.local/github-runner/.runner"'
+    script: |
+      RELEASES="$(curl -sSL --compressed --header "Authorization: Bearer $GITHUB_TOKEN" "https://api.github.com/repos/actions/runner/releases/latest")"
+      LATEST_VERSION="$(echo "$RELEASES" | grep -o '"tag_name": "[^"]*' | grep -o '[^"]*$')"
+      ARCHITECTURE="$(uname -m | sed 's/86_//' | sed 's/v7l//')"
+      OS_FAMILY="$(test -d /Applications && echo osx || echo linux)"
+      curl -sSL "https://github.com/actions/runner/releases/download/$LATEST_VERSION/actions-runner-${OS_FAMILY}-${ARCHITECTURE}-${LATEST_VERSION:1}.tar.gz" > "/tmp/actions-runner-${OS_FAMILY}-${ARCHITECTURE}-${LATEST_VERSION:1}.tar.gz"
+      mkdir -p "$HOME/.local/github-runner"
+      tar xzf "/tmp/actions-runner-${OS_FAMILY}-${ARCHITECTURE}-${LATEST_VERSION:1}.tar.gz" -C "$HOME/.local/github-runner"
+      chown -Rf "$USER" "$HOME/.local/github-runner"
+      rm -f "/tmp/actions-runner-${OS_FAMILY}-${ARCHITECTURE}-${LATEST_VERSION:1}.tar.gz"
   vscodium:
     _bin: codium
     _snapClassic: true