ci: add github actions workflow to test self hosted runner #282
Conversation
.github/workflows/hosted-runner.yaml
Outdated
| name: Test Self hosted runner addition | ||
|
|
||
| on: | ||
| workflow_call: |
There was a problem hiding this comment.
We will need a strategy based on workflow_run to get access to secrets and test the binary build from the forked repo, with the current build you have here it will build it form the head of the main instead of from the PR
There was a problem hiding this comment.
Similar to https://github.com/crc-org/ci-definitions/blob/70d016f5fd15e7cbdf8e3056c500654b0196a049/.github/workflows/crc-builder-pusher.yml#L18 stragtey for build / push
There was a problem hiding this comment.
we also have to store the backend in a cloud storage to be able to destroy the created resources later
There was a problem hiding this comment.
@anjannath ^^ Just added all required secrets for this:
- ARM_TENANT_ID
- ARM_SUBSCRIPTION_ID
- ARM_CLIENT_ID
- ARM_CLIENT_SECRET
- AZURE_STORAGE_ACCOUNT
- AZURE_STORAGE_KEY
Also to use the remote storage for backed-url the url would be something like (notice base name should exactly match mapt-gh-runner-mapt-state):
--backed-url azblob://mapt-gh-runner-mapt-state/${{ github.repository }}-${{ github.run_id }}
There was a problem hiding this comment.
Note: This event will only trigger a workflow run if the workflow file is on the default branch.
It seems workflow_run only works when the workflow is already in the main branch, so need to test this first on my fork and then update the PR, we'll have to initially merge something and then create follow up PR to fix if any issues found
anjannath
force-pushed
the
ghc-runner
branch
5 times, most recently
from
0b56135 to
ec4f431
Compare
anjannath
force-pushed
the
ghc-runner
branch
4 times, most recently
from
46188ca to
ccf8ed1
Compare
|
Hey can we test selfhosted runner running crc on it. I am curious on the user running the agent. I mean when I set up ssh I had to trick the user starting the service, as with default setup it is a system user (privileged) as so crc is not working. How is working with the gh agent? |
still not able to run jobs on the self-hosted runner from this repo, currently i am stuck with getting a runner registration token (this is a temporary token and only valid for 60mins) we need to have a way to fetch this token from withing the job itself, so we need to add a personal access token which has the permission to fetch the runner registration token for this repository in the latest push i've added workflows to handle the above but still need to test, i'll need to first test the entire flow on my fork
the github runner agent is running as service using the will have to try running |
|
Yeah my point is, if that is the case may we need to trick the agent (if possible) to start as a user process on startup |
anjannath
force-pushed
the
ghc-runner
branch
3 times, most recently
from
4ee2cfb to
52d854b
Compare
|
@adrianriobo the so currently this PR adds to re-usable workflows, the build-on-hosted-runner workflow additionally has to fetch a runner registration token which is needed to add a self hosted runner and is an input for the provision_hosted_runner workflow |
anjannath
changed the title
adrianriobo
changed the title
this adds a workflow to provision a self hosted runner using mapt on azure and run a simple job on that runner to test self-hosted runner feature of mapt
anjannath
changed the title
|
@adrianriobo this is finally ready for review again, got some successful runs on my fork, https://github.com/anjannath/mapt/actions/runs/11698979004 the new |
There was a problem hiding this comment.
^^ @anjannath About your comment you can add a filter on PRs were any file of the util/ghactions is modified i.e. https://github.com/crc-org/ci-definitions/blob/main/.github/workflows/crc-builder-builder.yaml#L6C3-L8C79
Beyond that LGTM
| --install-ghactions-runner --ghactions-runner-name "az-runner-${{inputs.operating_system}}-${{github.event.workflow_run.id}}" \ | ||
| --ghactions-runner-repo "${{inputs.runner_repo}}" --ghactions-runner-token ${{steps.fetch_token.outputs.runner_token}} | ||
|
|
||
| - name: wait for runner to start accepting jobs |
There was a problem hiding this comment.
Out of curiosity why is this needed? I was expecting when it is ready the job test_run_selfhosted_runner will be executed
There was a problem hiding this comment.
during testing i found that when the job executed immediately the runner would never pick it up, couldn't figure out why this was happening
i just tried opening a second PR just to test by running a different workflow targeting that runner then it'd work and it'd also pickup the pending test_run_selfhosted_runner job, so figured that if there's a bit of delay between the runner getting added and the next job getting triggered it all works
actually this cannot be used, since we trigger the |
mapt destroyjob to remove provisioned instance