cerc-io/hosting
17
0
Fork 0
Code Issues 7 Pull Requests 2 Packages Projects Releases Wiki Activity
16e167bcfd
hosting/gitea/act-runner.md
Roy Crihfield 16e167bcfd readme fixes
2024-04-19 17:08:43 +08:00

3.2 KiB
Raw Blame History

Deploying Action Runners

IMPORTANT NOTE: you should be aware that anyone with the ability to modify code run under a CI job in the host Gitea (this includes anyone with commit rights; anyone with the ability to modify any dependency; anyone with the ability to modify dependent components such as base container images) CAN POTENTIALLY COMPROMISE (hack, take over, steal data from) the machine hosting a runner. Proceed with caution.

Releases

Gitea publishes binary releases of gitea/act_runner for many platform and architectures, which can be used to deploy new action runners simply.

The following example uses gitea/act_runner 0.2.6 to deploy a runner on macOS Ventura 13.3 x64.

Registration Token

Note: Runners can be registered globally for an entire Gitea instance, for a specific organization, or for a single repo. This example registers globally.

Before executing the runner, first obtain a registration token by visiting /admin/actions/runners, clicking the 'Create new Runner' button, and copying the displayed registration token, for example, FTyMBkcK9ErmD0wm8LfBzfXOUUlQA7dBJF6BB64Z.

Runner Registration and Startup

After you have obtained a registration token, download the gitea/act_runner release matching your platform and architecture and run it as follows:

# Download latest gitea/act_runner release for your platform.
$ wget https://gitea.com/gitea/act_runner/releases/download/latest/act_runner-0.2.6-darwin-amd64 && chmod a+x act_runner-0.2.6-darwin-amd64

# Register the runner with the Gitea instance using the token obtained above.
$ ./act_runner-0.2.6-darwin-amd64 register \
    --instance http://gitea.local:3000 \
    --labels 'darwin-latest-amd64:host,darwin-13-amd64:host' \
    --name 'darwin-amd64-001' \
    --token "FTyMBkcK9ErmD0wm8LfBzfXOUUlQA7dBJF6BB64Z" \
    --no-interactive

# Launch it in daemon mode, waiting for jobs.
$ ./act_runner-0.2.6-darwin-amd64 daemon

Labels

The most important detail in this example is the label. For the Ubuntu runner which is deployed automatically with this project, the label ubuntu-latest:docker://cerc/act-runner-task-executor:local is used, which instructs gitea/act_runner that a task which runs-on: ubuntu-latest should be executed inside an instance of the cerc/act-runner-task-executor:local Docker container. In this example, the label is darwin-latest-amd64:host. This means that a task which runs-on: darwin-latest-amd64 will be executed natively on the host machine. Since there are additional security implications when executing tasks on the host, only trusted repositories with strict access controls should be allowed to schedule CI jobs on the runner.

Example Workflow

This very simple workflow will schedule jobs on both macOS (darwin-latest-amd64) and Linux (ubuntu-latest) runners.

name: macOS test

on:
  push:
    branches:
      - main

jobs:
  test-macos:
    name: "Run on macOS"
    runs-on: darwin-latest-amd64
    steps:
      - name: "uname"
        run: uname -a
  test-linux:
    name: "Run on Ubuntu"
    runs-on: ubuntu-latest
    steps:
      - name: "uname"
        run: uname -a