Self-Hosted Github Actions Runner on Docker Container

docker-compose.yml

services:

  repositoryfactory:
    image: mustafasalih/github-action-runner
    container_name: repositoryfactory
    restart: "on-failure"
    privileged: true
    environment:
      - TESTCONTAINERS_HOST_OVERRIDE=host.docker.internal
      - DOCKER_HOST=tcp://host.docker.internal:2375
      - GITHUB_OWNER=msx752
      - GITHUB_REPO=SampleDotnet.RepositoryFactory
      - GITHUB_PAT=TOKEN_HERE
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    build:
     context: .
     dockerfile: Dockerfile

Dockerfile

# Use the official Ubuntu as a parent image
FROM ubuntu:20.04

ENV DEBIAN_FRONTEND=noninteractive

# Install dependencies
RUN apt-get update && \
    apt-get install -y curl git libicu66 sudo apt-transport-https ca-certificates gnupg lsb-release jq && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*

# Add Docker repository
RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg && \
    echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

# Create a non-root user
RUN useradd -m nonrootuser

# Grant sudo privileges to the non-root user
RUN echo "nonrootuser ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers

# Give the non-root user permission to the /usr/share directory
RUN chown -R nonrootuser:nonrootuser /usr/share

# Switch to the non-root user
USER nonrootuser

# Set the working directory to the non-root user's home directory
WORKDIR /home/nonrootuser

# Create a directory for the runner and set correct permissions
RUN mkdir actions-runner

# Switch to the actions-runner directory
WORKDIR /home/nonrootuser/actions-runner

# Download and extract the GitHub Actions runner
RUN curl -o actions-runner-linux-x64-2.319.1.tar.gz -L https://github.com/actions/runner/releases/download/v2.319.1/actions-runner-linux-x64-2.319.1.tar.gz && \
    echo "3f6efb7488a183e291fc2c62876e14c9ee732864173734facc85a1bfb1744464  actions-runner-linux-x64-2.319.1.tar.gz" | sha256sum -c && \
    tar xzf actions-runner-linux-x64-2.319.1.tar.gz && \
    rm actions-runner-linux-x64-2.319.1.tar.gz

COPY register_selfhost_runner.sh register_selfhost_runner.sh

CMD ["./register_selfhost_runner.sh"]

github_action_workflow_dotnet.yml

name: .NET


on:
  pull_request:
    branches: ["main"]

jobs:
  build:
    runs-on: self-hosted
    strategy:
      matrix:
        dotnet-version: ['8.0.x']
    permissions:
      actions: read
      contents: read
      security-events: write

    steps:
    - uses: actions/checkout@v4

    - name: Setup .NET Core SDK ${{ matrix.dotnet-version }}
      uses: actions/setup-dotnet@v4
      with:
        dotnet-version: ${{ matrix.dotnet-version }}

    - name: Install Docker
      run: |
        sudo apt-get update
        sudo apt-get install -y docker-ce docker-ce-cli containerd.io
        sudo usermod -aG docker nonrootuser

    - name: Restore dependencies
      run: dotnet restore

    - name: Build
      run: dotnet build -c Release --no-restore

    - name: Test
      run: dotnet test test/SampleDotnet.RepositoryFactory.Tests/SampleDotnet.RepositoryFactory.Tests.csproj --no-restore --verbosity normal

    - name: Publish
      id: SampleDotnet_RepositoryFactory
      uses: alirezanet/[email protected]
      with:
        PROJECT_FILE_PATH: src/SampleDotnet.RepositoryFactory/SampleDotnet.RepositoryFactory.csproj
        NUGET_KEY: ${{ secrets.NUGET_KEY }}

register_selfhost_runner.sh

#!/bin/bash

# Check if necessary environment variables are set
if [ -z "$GITHUB_OWNER" ] || [ -z "$GITHUB_REPO" ] || [ -z "$GITHUB_PAT" ]; then
  echo "Error: One or more required environment variables (GITHUB_OWNER, GITHUB_REPO, GITHUB_PAT) are not set."
  exit 1
fi

# Path to store and read the registration token
TOKEN_FILE="storedtoken.txt"

# Function to create a registration token
create_registration_token() {
  echo "Requesting registration token for $GITHUB_OWNER/$GITHUB_REPO..."

  response=$(curl -s -L \
    -X POST \
    -H "Accept: application/vnd.github+json" \
    -H "Authorization: Bearer $GITHUB_PAT" \
    -H "X-GitHub-Api-Version: 2022-11-28" \
    "https://api.github.com/repos/$GITHUB_OWNER/$GITHUB_REPO/actions/runners/registration-token")

  # Extract token from the response
  REGISTRATION_TOKEN=$(echo $response | jq -r .token)

  if [ "$REGISTRATION_TOKEN" == "null" ]; then
    echo "Failed to obtain registration token. Response was: $response"
    exit 1
  fi

  echo "Registration token received."
}

# Function to configure the runner
configure_runner() {
  echo "Configuring the self-hosted runner with the obtained token..."

  if [ -f "$TOKEN_FILE" ]; then
    # Read token from file if it exists
    PREVIOUS_TOKEN=$(cat "$TOKEN_FILE")
    echo "Removing previous runner configuration."
    ./config.sh remove --token "$PREVIOUS_TOKEN"
  fi

  ./config.sh --url https://github.com/$GITHUB_OWNER/$GITHUB_REPO --token $REGISTRATION_TOKEN

  if [ $? -ne 0 ]; then
    echo "Failed to configure the runner."
    exit 1
  fi

  echo "Runner configured successfully."

  # Store the registration token in a file if it has a value
  if [ -n "$REGISTRATION_TOKEN" ]; then
    echo "$REGISTRATION_TOKEN" > $TOKEN_FILE
    echo "Registration token saved to $TOKEN_FILE"
  fi
}

# Function to start the runner
startrunner() {
  echo "Starting the self-hosted runner..."
  ./run.sh
}

# Main script execution
create_registration_token
configure_runner
startrunner