gha-runner-scale-set-controller

Signed-off-by: Batuhan Apaydin <[email protected]>
Co-authored-by: Furkan Turkal <[email protected]>
Signed-off-by: Batuhan Apaydin <[email protected]>

generated.tf

@@ -410,6 +410,11 @@ module "gcc-glibc" {
   target_repository = "${var.target_repository}/gcc-glibc"
 }
 
+module "gha-runner-scale-set-controller" {
+  source            = "./images/gha-runner-scale-set-controller"
+  target_repository = "${var.target_repository}/gha-runner-scale-set-controller"
+}
+
 module "gitlab" {
   source            = "./images/gitlab"
   target_repository = "${var.target_repository}/gitlab"
@@ -1786,6 +1791,10 @@ output "summary_gcc-glibc" {
   value = module.gcc-glibc.summary
 }
 
+output "summary_gha-runner-scale-set-controller" {
+  value = module.gha-runner-scale-set-controller.summary
+}
+
 output "summary_gitlab" {
   value = module.gitlab.summary
 }

images/gha-runner-scale-set-controller/README.md

@@ -0,0 +1,33 @@
+<!--monopod:start-->
+# gha-runner-scale-set-controller
+| | |
+| - | - |
+| **OCI Reference** | `cgr.dev/chainguard/gha-runner-scale-set-controller` |
+
+
+* [View Image in Chainguard Academy](https://edu.chainguard.dev/chainguard/chainguard-images/reference/gha-runner-scale-set-controller/overview/)
+* [View Image Catalog](https://console.enforce.dev/images/catalog) for a full list of available tags.
+* [Contact Chainguard](https://www.chainguard.dev/chainguard-images) for enterprise support, SLAs, and access to older tags.*
+
+---
+<!--monopod:end-->
+
+<!--overview:start-->
+Kubernetes controller for GitHub Actions self-hosted runners
+<!--overview:end-->
+
+<!--getting:start-->
+## Download this Image
+The image is available on `cgr.dev`:
+
+```
+docker pull cgr.dev/chainguard/gha-runner-scale-set-controller:latest
+```
+<!--getting:end-->
+
+<!--body:start-->
+
+## Usage
+
+You can find more information about how to use this controller in the [TESTING.md](https://github.com/chainguard-images/images/tree/main/images/gha-runner-scale-set-controller/TESTING.md).
+<!--body:end-->

images/gha-runner-scale-set-controller/TESTING.md

@@ -0,0 +1,79 @@
+# Testing GHA Runner Scale Set Controller
+
+This document outlines how to test our `gha-runner-scale-set-controller` image. You can set up ARC on Kubernetes using Helm, then create and run a workflow that uses runner scale sets. 
+
+For more information about runner scale sets, you should refer to the official documentation, [_Quickstart for Actions Runner Controller_](https://docs.github.com/en/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/quickstart-for-actions-runner-controller#installing-actions-runner-controller).
+
+## Prerequisites
+
+You can find a detailed list of prerequisites in the official documentation, (here)[https://docs.github.com/en/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/quickstart-for-actions-runner-controller#prerequisites).
+
+But for the sake of simplicity, all you need is:
+- A Kubernetes cluster
+- Helm 3
+- A GitHub repository with a workflow that uses runner scale sets
+
+that's all.
+
+## Testing
+
+To test the `gha-runner-scale-set-controller` image, you can follow these steps:
+
+1. Install the Actions Runner Controller on your Kubernetes cluster using Helm. You can find the installation instructions [here](https://docs.github.com/en/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/quickstart-for-actions-runner-controller#installing-actions-runner-controller).
+
+```shell
+NAMESPACE="arc-systems"
+helm install arc \
+    --namespace "${NAMESPACE}" \
+    --create-namespace \
+    oci://ghcr.io/actions/actions-runner-controller-charts/gha-runner-scale-set-controller \
+    --set image.repository=cgr.dev/chainguard/gha-runner-scale-set-controller \
+    --set image.tag=latest
+```
+
+> ⚠️ Please ensure that the `arc-gha-rs-controller` pod is running in the `arc-system` namespace before proceeding to the next step.
+
+2. To configure the runner scale set, you can follow the official documentation [here](https://docs.github.com/en/actions/hosting-your-own-runners/managing-self-hosted-runners-with-actions-runner-controller/quickstart-for-actions-runner-controller#configuring-a-runner-scale-set).
+
+For that, you will need two things:
+- A GitHub repository with a workflow that uses runner scale sets
+- A runner registration token which we refer `GITHUB_PAT`
+
+```shell
+INSTALLATION_NAME="arc-runner-set"
+NAMESPACE="arc-runners"
+GITHUB_CONFIG_URL="https://github.com/<org/repo/enterprise>" # make sure to replace this with your GitHub repository URL or GitHub Enterprise URL
+GITHUB_PAT="<PAT>" # make sure to replace this with your GitHub PAT
+
+helm install "${INSTALLATION_NAME}" \
+    --namespace "${NAMESPACE}" \
+    --create-namespace \
+    --set githubConfigUrl="${GITHUB_CONFIG_URL}" \
+    --set githubConfigSecret.github_token="${GITHUB_PAT}" \
+    oci://ghcr.io/actions/actions-runner-controller-charts/gha-runner-scale-set
+```
+
+> ⚠️ Please ensure that the `arc-runner-set` pod is running in the `arc-runners` namespace before proceeding to the next step.
+
+> ⚠️ The GITHUB_PAT is not the only way to authenticate with GitHub. You can use other methods like GitHub App. You can check the values.yaml file for more information: https://github.com/actions/actions-runner-controller/blob/master/charts/gha-runner-scale-set/values.yaml
+
+Once you did that you can create and run a workflow that uses runner scale sets like the following:
+
+> 🤖 You can see the self-hosted runner that you registered within the project's runners tab:
+> https://github.com/<your_enterprise/org/repo>/actions/runners?tab=self-hosted
+
+```yaml
+name: Actions Runner Controller Demo
+on:
+  workflow_dispatch:
+
+jobs:
+  Explore-GitHub-Actions:
+    # You need to use the INSTALLATION_NAME from the previous step
+    runs-on: arc-runner-set
+    steps:
+    - run: echo "🎉 This job uses runner scale set runners!"
+
+```
+
+That's it! You have successfully tested the `gha-runner-scale-set-controller` image.

images/gha-runner-scale-set-controller/config/main.tf

@@ -0,0 +1,28 @@
+terraform {
+  required_providers {
+    apko = { source = "chainguard-dev/apko" }
+  }
+}
+
+variable "extra_packages" {
+  description = "The additional packages to install"
+  default = [
+    "actions-runner-controller",
+    "actions-runner-controller-compat",
+  ]
+}
+
+module "accts" { source = "../../../tflib/accts" }
+
+output "config" {
+  value = jsonencode({
+    contents = {
+      packages = var.extra_packages
+    }
+    accounts = module.accts.block
+    entrypoint = {
+      command = "/manager"
+    }
+  })
+}
+

images/gha-runner-scale-set-controller/generated.tf

@@ -0,0 +1,13 @@
+# DO NOT EDIT - this file is autogenerated by tfgen
+
+output "summary" {
+  value = merge(
+    {
+      basename(path.module) = {
+        "ref"    = module.gha-runner-scale-set-controller.image_ref
+        "config" = module.gha-runner-scale-set-controller.config
+        "tags"   = ["latest"]
+      }
+  })
+}
+

images/gha-runner-scale-set-controller/main.tf

@@ -0,0 +1,39 @@
+terraform {
+  required_providers {
+    oci = { source = "chainguard-dev/oci" }
+  }
+}
+
+variable "target_repository" {
+  description = "The docker repo into which the image and attestations should be published."
+}
+
+module "config" { source = "./config" }
+
+module "gha-runner-scale-set-controller" {
+  source            = "../../tflib/publisher"
+  name              = basename(path.module)
+  target_repository = var.target_repository
+  config            = module.config.config
+
+  build-dev = true
+
+}
+
+module "test" {
+  source = "./tests"
+  digest = module.gha-runner-scale-set-controller.image_ref
+}
+
+resource "oci_tag" "latest" {
+  depends_on = [module.test]
+  digest_ref = module.gha-runner-scale-set-controller.image_ref
+  tag        = "latest"
+}
+
+resource "oci_tag" "latest-dev" {
+  depends_on = [module.test]
+  digest_ref = module.gha-runner-scale-set-controller.dev_ref
+  tag        = "latest-dev"
+}
+

images/gha-runner-scale-set-controller/metadata.yaml

@@ -0,0 +1,10 @@
+name: gha-runner-scale-set-controller
+image: cgr.dev/chainguard/gha-runner-scale-set-controller
+logo: https://storage.googleapis.com/chainguard-academy/logos/gha-runner-scale-set-controller.svg
+endoflife: ""
+console_summary: ""
+short_description: Kubernetes controller for GitHub Actions self-hosted runners
+compatibility_notes: ""
+readme_file: README.md
+upstream_url: https://github.com/actions/actions-runner-controller
+keywords: []

images/gha-runner-scale-set-controller/tests/main.tf

@@ -0,0 +1,70 @@
+terraform {
+  required_providers {
+    oci       = { source = "chainguard-dev/oci" }
+    imagetest = { source = "chainguard-dev/imagetest" }
+  }
+}
+
+variable "digest" {
+  description = "The image digest to run tests over."
+}
+
+data "oci_string" "ref" {
+  input = var.digest
+}
+
+data "imagetest_inventory" "this" {}
+
+resource "imagetest_harness_k3s" "this" {
+  name      = "gha-runner-scale-set-controller"
+  inventory = data.imagetest_inventory.this
+
+  sandbox = {
+    mounts = [
+      {
+        source      = path.module
+        destination = "/tests"
+      }
+    ]
+  }
+}
+
+module "helm" {
+  source    = "../../../tflib/imagetest/helm"
+  chart     = "oci://ghcr.io/actions/actions-runner-controller-charts/gha-runner-scale-set-controller"
+  name      = "gha-runner-scale-set-controller"
+  namespace = "arc-systems"
+  values = {
+
+    image = {
+      repository = data.oci_string.ref.registry_repo
+      tag        = data.oci_string.ref.pseudo_tag
+    }
+
+  }
+}
+
+resource "imagetest_feature" "basic" {
+  harness     = imagetest_harness_k3s.this
+  name        = "Basic"
+  description = "Basic functionality of the image."
+
+  steps = [
+    {
+      name = "Helm install"
+      cmd  = module.helm.install_cmd
+    },
+    {
+      name  = "Wait for controller pod to be ready"
+      cmd   = <<EOF
+kubectl wait --for=condition=ready pod -n arc-systems -l app.kubernetes.io/name=gha-rs-controller --timeout=5m
+      EOF
+      retry = { attempts = 10, delay = "1s" }
+    },
+  ]
+
+  labels = {
+    type = "k8s"
+  }
+}
+