self hosted runner

Dockerfile

FROM ubuntu:20.04

RUN apt-get update -qq && apt-get install -y \
    curl \
    jq \
    gnupg \
    && rm -rf /var/lib/apt/lists/*

RUN addgroup runner && \
    adduser \
    --system \
    --disabled-password \
    --home /home/runner \
    --ingroup runner \
    runner

WORKDIR /home/runner

RUN GITHUB_RUNNER_VERSION=${GITHUB_RUNNER_VERSION:-$(curl -s https://api.github.com/repos/actions/runner/releases/latest | jq -r .tag_name | sed 's/v//g')} \
    && curl -sSLO https://github.com/actions/runner/releases/download/v${GITHUB_RUNNER_VERSION}/actions-runner-linux-x64-${GITHUB_RUNNER_VERSION}.tar.gz \
    && tar -zxvf actions-runner-linux-x64-${GITHUB_RUNNER_VERSION}.tar.gz \
    && rm -f actions-runner-linux-x64-${GITHUB_RUNNER_VERSION}.tar.gz \
    && ./bin/installdependencies.sh \
    && chown -R runner:runner /home/runner \
    && mkdir -p /opt/hostedtoolcache \
    && chown -R runner:runner /opt/hostedtoolcache

COPY entrypoint.sh entrypoint.sh

# for ruby/setup-ruby, pg gem, google chrome
RUN curl -s https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - \
    && echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list
RUN apt-get update -qq && apt-get install -y \
    libyaml-0-2 \
    zstd \
    build-essential \
    libpq-dev \
    google-chrome-stable \
    xvfb \
    unzip \
    && rm -rf /var/lib/apt/lists/*

# Install chromedriver
RUN mkdir -p /opt/webdrivers \
    && curl -sL https://chromedriver.storage.googleapis.com/LATEST_RELEASE_$(google-chrome --product-version | cut -d. -f1) > /opt/webdrivers/chromedriver.version \
    && curl -s https://chromedriver.storage.googleapis.com/$(cat /opt/webdrivers/chromedriver.version)/chromedriver_linux64.zip -o /tmp/chromedriver_linux64.zip \
    && unzip -qq /tmp/chromedriver_linux64.zip -d /opt/webdrivers \
    && chmod +x /opt/webdrivers/chromedriver \
    && ln -s /opt/webdrivers/chromedriver /usr/bin/
ENV CHROMEWEBDRIVER /opt/webdrivers
ENV WD_INSTALL_DIR /opt/webdrivers

# Install Node.js and Yarn
RUN curl -sL https://deb.nodesource.com/setup_14.x | bash - \
    && curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \
    && echo "deb https://dl.yarnpkg.com/debian/ stable main" > /etc/apt/sources.list.d/yarn.list
RUN apt-get update -qq && apt-get install -y --no-install-recommends \
    yarn \
    nodejs \
    && rm -rf /var/lib/apt/lists/*

ENV ImageOS ubuntu20

USER runner

ENTRYPOINT ["./entrypoint.sh"]

entrypoint.sh

#!/bin/bash

RUNNER_NAME=${RUNNER_NAME:-default}
RUNNER_WORKDIR=${RUNNER_WORKDIR:-_work}

if [[ -z "${GITHUB_ACCESS_TOKEN}" || -z "${GITHUB_ACTIONS_RUNNER_CONTEXT}" ]]; then
  echo 'One of the mandatory parameters is missing. Quit!'
  exit 1
else
  AUTH_HEADER="Authorization: token ${GITHUB_ACCESS_TOKEN}"
  USERNAME=$(cut -d/ -f4 <<< ${GITHUB_ACTIONS_RUNNER_CONTEXT})
  REPOSITORY=$(cut -d/ -f5 <<< ${GITHUB_ACTIONS_RUNNER_CONTEXT})

  if [[ -z "${REPOSITORY}" ]]; then 
    TOKEN_REGISTRATION_URL="https://api.github.com/orgs/${USERNAME}/actions/runners/registration-token"
  else
    TOKEN_REGISTRATION_URL="https://api.github.com/repos/${USERNAME}/${REPOSITORY}/actions/runners/registration-token"
  fi
    
  RUNNER_TOKEN="$(curl -XPOST -fsSL \
    -H "Accept: application/vnd.github.v3+json" \
    -H "${AUTH_HEADER}" \
    "${TOKEN_REGISTRATION_URL}" \
    | jq -r '.token')"
fi

./config.sh --url "${GITHUB_ACTIONS_RUNNER_CONTEXT}" --token "${RUNNER_TOKEN}" --name "${RUNNER_NAME}" --work "${RUNNER_WORKDIR}" --ephemeral
./run.sh

Gemfile

# frozen_string_literal: true

source "https://rubygems.org"

git_source(:github) { |repo_name| "https://github.com/#{repo_name}" }

gem 'aws-sdk-ecs'
gem 'nokogiri'

runner_launcher.rb

require 'yaml'
require 'aws-sdk-ecs'
require 'pp'

creds = YAML.load(File.read('./secret.yml'))

ecs = Aws::ECS::Client.new(
  region: 'ap-northeast-1',
  access_key_id: creds['access_key_id'],
  secret_access_key: creds['secret_access_key']
)

resp = ecs.run_task({
  cluster: "aaaa",
  task_definition: "selfhostedrunner:18",
  launch_type: "FARGATE",
  network_configuration: {
    awsvpc_configuration: {
      subnets: creds['subnets'],
      assign_public_ip: "ENABLED",
    },
  },
})

pp resp.to_h

system_test.rb

RSpec.configure do |config|
  config.before(type: :system) do |example|
    caps = Selenium::WebDriver::Remote::Capabilities.chrome
    driven_by :selenium, using: :headless_chrome, options: { capabilities: caps } do |capabilities|
      capabilities.add_argument("--disable-dev-shm-usage")
      capabilities.add_argument("--no-sandbox")
    end
  end
end

test.yml

name: test

on:
  pull_request:

jobs:
  build:
    runs-on: self-hosted

    env:
      RAILS_ENV: test
      NODE_ENV: test
      DISABLE_SPRING: 1
      TZ: Asia/Tokyo
      DATABASE_URL: ${{ secrets.DATABASE_URL }}

    steps:
    - uses: actions/checkout@v2

    - uses: ruby/setup-ruby@v1
      with:
        bundler-cache: true

    - uses: actions/setup-node@v2
      with:
        node-version: 12
        cache: yarn

    - name: Setup database
      run: |
        bundle exec rails db:create db:migrate

    - name: Assets precompile
      run: |
        yarn install
        bin/webpack
        bin/rails assets:precompile

    - name: Run test
      run: bundle exec rspec