Add selfhoted as runner label

Add correct escaping of nested double quotes
Fix image name typo.
2024-02-19 15:28:12 +01:00 · 2024-02-06 23:41:42 +01:00 · 2024-02-06 23:26:25 +01:00 · 2024-02-06 23:20:40 +01:00 · 2024-02-06 23:13:12 +01:00 · 2024-02-06 22:09:52 +01:00
2 changed files with 79 additions and 36 deletions
--- a/manifests/runner.pp
+++ b/manifests/runner.pp
@ -3,7 +3,7 @@ class podmanrunner::runner (
  Integer           $replicas         = 2,
 )
 {
-  $username='runneruser'
+  $userpostfix='runner'
  $runnerdata = lookup("runners",undef,undef,undef)
  package { 'podman':
    ensure   => installed,
@ -28,81 +28,107 @@ class podmanrunner::runner (
      group  => "root",
    }
  $runnerdata.each |$user,$userdata| {
-
+    $sdrun = "systemd-run --wait --user --machine=${user}${userpostfix}@"
-  range(1,$replicas).each |$x| {
+    user { "${user}${userpostfix}":
    user { "${username}${x}":
      ensure => present,
-      home   => "/opt/${username}${x}",
+      home   => "/opt/${user}${userpostfix}",
      shell  => '/usr/sbin/nologin',
      uid    => "${ $x + 1001}",
      managehome => true,
    }
-    file { "/opt/${username}${x}/docker-compose.yaml":
+    file { "/opt/${user}${userpostfix}/docker-compose.yaml":
      ensure  => file,
      content => template('podmanrunner/docker-compose.yaml.erb'),
-      owner   => "${username}${x}",
+      owner   => "${user}${userpostfix}",
-      group   => "${username}${x}",
+      group   => "${user}${userpostfix}",
      mode    => '0400',
    }
-    file { "/opt/${username}${x}/runnerimage":
+    file { "/opt/${user}${userpostfix}/runnerimage":
      ensure => directory,
      mode   => '0700',
-      owner  => "${username}${x}",
+      owner  => "${user}${userpostfix}",
-      group  => "${username}${x}",
+      group  => "${user}${userpostfix}",
    }
-    file { "/opt/${username}${x}/runnerimage/Containerfile":
+    file { "/opt/${user}${userpostfix}/runnerimage/Containerfile":
      ensure  => file,
      content => template('podmanrunner/runnerimage-Containerfile.erb'),
-      owner   => "${username}${x}",
+      owner   => "${user}${userpostfix}",
-      group   => "${username}${x}",
+      group   => "${user}${userpostfix}",
      mode    => '0400',
    }
-    unless find_file("/opt/${username}${x}/runnerdata") {
+    unless find_file("/opt/${user}${userpostfix}/runnerdata") {
-      file { "/opt/${username}${x}/runnerdata":
+      file { "/opt/${user}${userpostfix}/runnerdata":
        ensure => directory,
        mode   => '0700',
-        owner   => "${username}${x}",
+        owner   => "${user}${userpostfix}",
-        group   => "${username}${x}",
+        group   => "${user}${userpostfix}",
      }
    }
-    file { "/opt/${username}${x}/runnerdata/config.yml":
+    unless find_file("/opt/${user}${userpostfix}/runnerdata/config.yml") {
      file { "/opt/${user}${userpostfix}/runnerdata/config.yml":
        ensure  => file,
        source => 'puppet:///modules/podmanrunner/forgejo-runner-config.yml',
-      owner   => "${username}${x}",
+        owner   => "${user}${userpostfix}",
-      group   => "${username}${x}",
+        group   => "${user}${userpostfix}",
        mode    => '0400',
      }
    }
 # Make sure the podman user can read the /data dir
-    exec { "make-${username}${x}-own-runnerdata":
+    exec { "make-${user}${userpostfix}-own-runnerdata":
-      command  => "systemd-run --wait --user --machine=${username}${x}@ /bin/bash -c 'podman unshare chown 1000:1000 /opt/${username}${x}/runnerdata'",
+      command  => "${sdrun} /bin/bash -c 'podman unshare chown 1000:1000 /opt/${user}${userpostfix}/runnerdata'",
      path     => '/usr/bin:/usr/sbin:/bin',
      provider => shell,
      logoutput => false,
-      unless   => "systemd-run --wait --user --machine=${username}${x}@ /bin/bash -c 'podman unshare stat --format %u /opt/${username}${x}/runnerdata | grep ^1000$ && podman unshare stat --format %g /opt/${username}${x}/runnerdata | grep ^1000$'",
+      unless   => "${sdrun} /bin/bash -c 'podman unshare stat --format %u /opt/${user}${userpostfix}/runnerdata | \
                   grep ^1000$ && podman unshare stat --format %g /opt/${user}${userpostfix}/runnerdata | grep ^1000$'",
    }
-    exec { "enable-${username}${x}-linger":
+    # Make sure the podman user can read the /data/config.yml file
-      command  => "loginctl  enable-linger ${username}${x}",
+    exec { "podman-${user}${userpostfix}-own-runner-config":
      command  => "${sdrun} /bin/bash -c 'podman unshare chown 1000:1000 /opt/${user}${userpostfix}/runnerdata/config.yml'",
      path     => '/usr/bin:/usr/sbin:/bin',
      provider => shell,
      logoutput => false,
-      unless   => "test -f /var/lib/systemd/linger/${username}${x}",
+      unless   => "${sdrun} /bin/bash -c 'podman unshare stat --format %u /opt/${user}${userpostfix}/runnerdata/config.yml | \
                  grep ^1000$ && podman unshare stat --format %g /opt/${user}${userpostfix}/runnerdata/config.yml | grep ^1000$'",
    }
-    if $runnerdata and $runnerdata["${username}${x}"] and 'url' in $runnerdata["${username}${x}"] {
+    exec { "enable-${user}${userpostfix}-linger":
-      notify {"runnercontent${x}":
+      command  => "loginctl  enable-linger ${user}${userpostfix}",
-        message => $runnerdata["${username}${x}"]
+      path     => '/usr/bin:/usr/sbin:/bin',
-      }
+      provider => shell,
      logoutput => false,
      unless   => "test -f /var/lib/systemd/linger/${user}${userpostfix}",
    }
    # If required, build runner image by podman-compose
    exec { "${user}${userpostfix}-build-runner-image":
      command  => "${sdrun} /bin/bash -c 'podman-compose build'",
      path     => '/usr/bin:/usr/sbin:/bin',
      provider => shell,
      logoutput => false,
      unless   => "${sdrun} /bin/bash -c \"podman image ls | grep '^localhost/podmanrunner\s\s*3\.[0-9]\.[0-9]'\"",
    }
    # If not already done, register runner with forgejo instance.
    if $userdata and $userdata["token"] and $userdata["url"] {
      exec { "${user}${userpostfix}-register-runner":
        command  => "${sdrun} /bin/bash -c 'podman run -it --rm -u podman -v ./runnerdata:/data:Z localhost/podmanrunner:3.3.0 /bin/bash -c \
                    \"date >> /data/register.log && forgejo-runner --config /data/config.yml register --no-interactive \
                    --token  ${userdata["token"]} --name runner1 --labels self-hosted --instance ${userdata["url"]} 1>>/data/register.log 2>&1\"'",
        path     => '/usr/bin:/usr/sbin:/bin',
        provider => shell,
        logoutput => false,
        unless   => "test -f /opt/${user}${userpostfix}/runnerdata/.runner",
      }
    }
  }
 }
--- a/templates/docker-compose.yaml.erb
+++ b/templates/docker-compose.yaml.erb
@ -0,0 +1,17 @@
 version: "3"
 services:
  actionrunner:
    name: actionrunner
    image: podmanrunner:3.3.0
    build:
      context: ./runnerimage
    volumes:
     - runnerdata:/data:Z
 volumes:
  runnerdata:
    driver: local
    driver_opts:
      device: /opt/runneruser1runner/runnerdata
      o: bind
      type: none
Author	SHA1	Message	Date
Magnus Andersson	a7a807cb0a	Add selfhoted as runner label	2024-02-19 15:28:12 +01:00
Magnus Andersson	9c6981accf	Add correct escaping of nested double quotes	2024-02-06 23:41:42 +01:00
Magnus Andersson	0ffa29d6dd	Fix image name typo.	2024-02-06 23:26:25 +01:00
Magnus Andersson	47f8d11187	Fix typo	2024-02-06 23:20:40 +01:00
Magnus Andersson	457cadcc38	Build image before first register run.	2024-02-06 23:13:12 +01:00
Magnus Andersson	baa6f6e9d8	Improve formating of manifest	2024-02-06 22:09:52 +01:00
Magnus Andersson	23679447b2	Fix curly brackets	2024-02-06 15:07:23 +01:00
Magnus Andersson	b33da5a6a3	Change how we set permission for config file	2024-02-06 14:19:58 +01:00
Magnus Andersson	5814e62e55	Test of user object	2024-02-06 11:03:33 +01:00