Puppet Class: github_actions_runner

Defined in:
manifests/init.pp

Summary

Manages actions_runner service and configuration

Overview

Parameters:

  • ensure (Enum['present', 'absent']) (defaults to: 'present')

    Determine if to add or remove the resource.

  • base_dir_name (Stdlib::Absolutepath) (defaults to: '/opt/actions-runner')

    Location of the base directory for actions runner to be installed.

  • org_name (Optional[String[1]]) (defaults to: undef)

    actions runner org name.

  • enterprise_name (Optional[String[1]]) (defaults to: undef)

    enterprise name for global runners

  • personal_access_token (Optional[Variant[Sensitive[String[1]], String[1]]]) (defaults to: undef)

    GitHub PAT with admin permission on the repositories or the origanization.

  • package_name (String[1]) (defaults to: 'actions-runner-linux-x64')

    GitHub Actions runner offical package name.

  • package_ensure (String[1]) (defaults to: '2.331.0')

    GitHub Actions runner version to be used.

  • repository_url (String[1]) (defaults to: 'https://github.com/actions/runner/releases/download')

    URL to download GitHub actions runner.

  • user (String[1]) (defaults to: 'root')

    User to be used in Service and directories.

  • group (String[1]) (defaults to: 'root')

    Group to be used in Service and directories.

  • instances (Hash[String[1], Hash]) (defaults to: {})

    Github Runner Instances to be managed.

  • github_domain (String[1]) (defaults to: 'https://github.com')

    Base URL for Github Domain.

  • github_api (String[1]) (defaults to: 'https://api.github.com')

    Base URL for Github API.

  • http_proxy (Optional[String[1]]) (defaults to: undef)

    Proxy URL for HTTP traffic. More information at docs.github.com/en/actions/hosting-your-own-runners/using-a-proxy-server-with-self-hosted-runners.

  • https_proxy (Optional[String[1]]) (defaults to: undef)

    Proxy URL for HTTPS traffic. More information at docs.github.com/en/actions/hosting-your-own-runners/using-a-proxy-server-with-self-hosted-runners

  • no_proxy (Optional[String[1]]) (defaults to: undef)

    Comma separated list of hosts that should not use a proxy. More information at docs.github.com/en/actions/hosting-your-own-runners/using-a-proxy-server-with-self-hosted-runners

  • disable_update (Boolean) (defaults to: false)

    toggle for disabling automatic runner updates.

  • logoutput (Boolean) (defaults to: true)

    Enable or disable output logging for the configure_install_runner.sh script. When enabled, stdout/stderr are visible in Puppet logs. Default: true

  • path (Optional[Array[String]]) (defaults to: undef)

    List of paths to be used as PATH env in the instance runner. If not defined, file “.path” will be kept as created by the runner scripts. Default value: undef

  • env (Optional[Hash[String, String]]) (defaults to: undef)

    List of variables to be used as env variables in the instance runner. If not defined, file “.env” will be kept as created by the runner scripts. (Default: Value set by github_actions_runner Class)

  • version_in_path (Boolean) (defaults to: true)

    Include package version in the root directory path. When false, enables runner self-updates without re-registration. Default: true (for backwards compatibility)

  • users (Hash[String[1], Hash]) (defaults to: {})

    Hash of users to create for running GitHub Actions runners. Key is username, value is hash of user attributes.



27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
 
# File 'manifests/init.pp', line 27

class github_actions_runner (
  Enum['present', 'absent']                           $ensure                = 'present',
  Stdlib::Absolutepath                                $base_dir_name         = '/opt/actions-runner',
  String[1]                                           $package_name          = 'actions-runner-linux-x64',
  # renovate: datasource=github-releases depName=actions/runner
  String[1]                                           $package_ensure        = '2.331.0',
  String[1]                                           $repository_url        = 'https://github.com/actions/runner/releases/download',
  String[1]                                           $user                  = 'root',
  String[1]                                           $group                 = 'root',
  Hash[String[1], Hash]                               $instances             = {},
  String[1]                                           $github_domain         = 'https://github.com',
  String[1]                                           $github_api            = 'https://api.github.com',
  Boolean                                             $disable_update        = false,
  Boolean                                             $logoutput             = true,
  Boolean                                             $version_in_path       = true,
  Hash[String[1], Hash]                               $users                 = {},
  Optional[Variant[Sensitive[String[1]], String[1]]] $personal_access_token = undef,
  Optional[String[1]]                                 $enterprise_name       = undef,
  Optional[String[1]]                                 $org_name              = undef,
  Optional[String[1]]                                 $http_proxy            = undef,
  Optional[String[1]]                                 $https_proxy           = undef,
  Optional[String[1]]                                 $no_proxy              = undef,
  Optional[Array[String]]                             $path                  = undef,
  Optional[Hash[String, String]]                      $env                   = undef,
) {
  $root_dir = $version_in_path ? {
    true  => "${github_actions_runner::base_dir_name}-${github_actions_runner::package_ensure}",
    false => $github_actions_runner::base_dir_name,
  }

  $ensure_directory = $github_actions_runner::ensure ? {
    'present' => directory,
    'absent'  => absent,
  }

  # Create users for runner instances
  $users.each |String $username, Hash $user_config| {
    $user_defaults = {
      ensure     => 'present',
      gid        => $username,
      home       => "/home/${username}",
      managehome => true,
      shell      => '/bin/bash',
      system     => true,
      comment    => 'GitHub Actions Runner user',
    }

    # Create group first
    group { $username:
      ensure => pick($user_config['ensure'], 'present'),
      system => true,
    }

    # Create user with merged config
    user { $username:
      *       => $user_defaults + $user_config,
      require => Group[$username],
    }
  }

  file { $github_actions_runner::root_dir:
    ensure => $ensure_directory,
    mode   => '0750',
    owner  => $github_actions_runner::user,
    group  => $github_actions_runner::group,
    force  => true,
  }

  # Create instances with proper dependencies on managed users
  $github_actions_runner::instances.each |String $instance_name, Hash $instance_config| {
    # Check if this instance uses a managed user
    $instance_user = $instance_config['user'] ? {
      undef   => $github_actions_runner::user,
      default => $instance_config['user'],
    }

    $user_dependency = ($instance_user in $github_actions_runner::users) ? {
      true  => [User[$instance_user]],
      false => [],
    }

    github_actions_runner::instance { $instance_name:
      *       => $instance_config,
      require => $user_dependency,
    }
  }
}