Merge branch 'Telefonica:master' into update_pdk

Author: ldaneliukas

.github/workflows/pdk-test-unit.yml

@@ -3,6 +3,7 @@ name: Run pdk test unit
 on:
   - push
   - pull_request
+  - workflow_dispatch
 
 jobs:
   validating:

README.md

@@ -2,97 +2,113 @@
 
 # GitHub Actions Runner
 
-Automatic configuration for running GitHub Actions on Debian hosts as a service
+Automatic configuration for running GitHub Actions as a service
 
 #### Table of Contents
 
 1. [Description](#description)
+    - [Hiera configuration examples](#hiera-configuration-examples)
+    - [Github Enterprise examples](#github-enterprise-examples)
 2. [Limitations - OS compatibility, etc.](#limitations)
 3. [Development - Guide for contributing to the module](#development)
 
 ## Description
 
-This module will setup all of the files and configuration needed for GitHub Actions runner to work on any Debian 9 hosts.
+This module will setup all of the files and configuration needed for GitHub Actions runner to work on Debian (Stretch and Buster) and CentOS7 hosts.
 
-### hiera configuration
+### hiera configuration examples
 
-This module supports configuration through hiera. The following example
-creates repository level Actions runners.
+This module supports configuration through hiera. 
+
+#### Creating an organization level Actions runner
 
 ```yaml
 github_actions_runner::ensure: present
 github_actions_runner::base_dir_name: '/data/actions-runner'
 github_actions_runner::package_name: 'actions-runner-linux-x64'
-github_actions_runner::package_ensure: '2.272.0'
+github_actions_runner::package_ensure: '2.277.1'
 github_actions_runner::repository_url: 'https://github.com/actions/runner/releases/download'
-github_actions_runner::org_name: 'github_org'
+github_actions_runner::org_name: 'my_github_organization'
 github_actions_runner::personal_access_token: 'PAT'
 github_actions_runner::user: 'root'
 github_actions_runner::group: 'root'
 github_actions_runner::instances:
-  first_instance:
+  example_org_instance:
     labels:
       - self-hosted-custom
 ```
 
-You can also override some of the keys on the instance level
+Note, your `personal_access_token` has to contain the `admin:org` permission.
+
+#### Creating an additional repository level Actions runner
 ```yaml
-github_actions_runner::ensure: present
-github_actions_runner::base_dir_name: '/data/actions-runner'
-github_actions_runner::package_name: 'actions-runner-linux-x64'
-github_actions_runner::package_ensure: '2.272.0'
-github_actions_runner::repository_url: 'https://github.com/actions/runner/releases/download'
-github_actions_runner::org_name: 'github_org'
-github_actions_runner::personal_access_token: 'PAT'
-github_actions_runner::user: 'root'
-github_actions_runner::group: 'root'
 github_actions_runner::instances:
-  first_instance:
+  example_org_instance:
     labels:
       - self-hosted-custom1
-  second_instance:
+  example_repo_instance:
+    repo_name: myrepo
+    labels:
+      - self-hosted-custom2
+```
+
+Note, your `personal_access_token` has to contain the `repo` permission.
+    
+#### Instance level overwrites
+```yaml
+github_actions_runner::instances:
+  example_org_instance:
     ensure: absent
-  third_instance:
     labels:
-      - self-hosted-custom3
+      - self-hosted-custom1
+  example_repo_instance:
+    org_name: overwritten_orgnization
     repo_name: myrepo
-    org_name: other_org
-    personal_access_token: other_secret
+    labels:
+      - self-hosted-custom2
 ```
 
-In case you need to set proxy in one instance:
+#### Adding a global proxy and overwriting an instance level proxy
 ```yaml
-github_actions_runner::ensure: present
-github_actions_runner::base_dir_name: '/data/actions-runner'
-github_actions_runner::package_name: 'actions-runner-linux-x64'
-github_actions_runner::package_ensure: '2.272.0'
-github_actions_runner::repository_url: 'https://github.com/actions/runner/releases/download'
-github_actions_runner::org_name: 'github_org'
-github_actions_runner::personal_access_token: 'PAT'
-github_actions_runner::user: 'root'
-github_actions_runner::group: 'root'
+github_actions_runner::http_proxy: http://proxy.local
+github_actions_runner::https_proxy: http://proxy.local
 github_actions_runner::instances:
-  first_instance:
-    http_proxy: http://proxy.local
-    https_proxy: http://proxy.local
+  example_org_instance:
+    http_proxy: http://instance_specific_proxy.local
+    https_proxy: http://instance_specific_proxy.local
     no_proxy: example.com
     labels:
       - self-hosted-custom1
 ```
 
-In case you are using Github Enterprise Server , you can define these two parameters to specify the correct urls:
+### Github Enterprise examples
+To use the module with Github Enterprise Server, you have to define these parameters:
 ```yaml
 github_actions_runner::github_domain: "https://git.example.com"
 github_actions_runner::github_api: "https://git.example.com/api/v3"
 ```
 
-## Limitations
+In addition to the runner configuration examples above, you can also configure runners 
+on the enterprise level by setting a value for `enterprise_name`, for example:
+```yaml
+github_actions_runner::ensure: present
+github_actions_runner::base_dir_name: '/data/actions-runner'
+github_actions_runner::package_name: 'actions-runner-linux-x64'
+github_actions_runner::package_ensure: '2.277.1'
+github_actions_runner::repository_url: 'https://github.com/actions/runner/releases/download'
+github_actions_runner::enterprise_name: 'enterprise_name'
+github_actions_runner::personal_access_token: 'PAT'
+github_actions_runner::user: 'root'
+github_actions_runner::group: 'root'
+github_actions_runner::instances:
+```
 
-Tested on Debian 9 stretch hosts only.
-full list of operating systems support and requirements are described in `metadata.json` file.
+Note, your `personal_access_token` has to contain the `admin:enterprise` permission.
 
+## Limitations
 
-If you don't specify repository name , make sure you `Personal Access Token` is org level admin.
+Tested on Debian 9 (stretch), Debian 10 (buster) and CentOS7 hosts.
+Full list of operating systems support and requirements are described in `metadata.json` file.
 
 ## Development
 

REFERENCE.md

@@ -38,6 +38,12 @@ Data type: `String`
 
 actions runner github organization name.
 
+##### `enterprise_name`
+
+Data type: `String`
+
+enterprise name for global runners
+
 ##### `hostname`
 
 Data type: `String`
@@ -123,7 +129,15 @@ Data type: `String`
 
 actions runner github organization name.
 
-Default value: `github_actions_runner::org_name`
+Default value: `undef`
+
+##### `enterprise_name`
+
+Data type: `String`
+
+enterprise name for global runners
+
+Default value: `undef`
 
 ##### `personal_access_token`
 

data/common.yaml

@@ -4,7 +4,6 @@ github_actions_runner::base_dir_name: '/some_dir/actions-runner'
 github_actions_runner::package_name: 'actions-runner-linux-x64'
 github_actions_runner::package_ensure: '2.272.0'
 github_actions_runner::repository_url: 'https://github.com/actions/runner/releases/download'
-github_actions_runner::org_name: 'github_org'
 github_actions_runner::personal_access_token: 'PAT'
 github_actions_runner::user: 'root'
 github_actions_runner::group: 'root'

manifests/init.pp

@@ -2,7 +2,7 @@
 # ===========================
 #
 # Manages actions_runner service and configuration
-# All default Can be view at the `modules/actions_runner/data/common.yaml` file.
+# All defaults can be viewed in the `modules/actions_runner/data/common.yaml` file.
 #
 # Parameters
 # ----------
@@ -16,6 +16,9 @@
 # * org_name
 #  String, actions runner org name.
 #
+# * enterprise_name
+#  String, enterprise name for global runners
+#
 # * personal_access_token
 # String, GitHub PAT with admin permission on the repositories or the origanization.
 #
@@ -52,23 +55,23 @@
 # * no_proxy
 # Optional[String], Comma separated list of hosts that should not use a proxy. More information at https://docs.github.com/en/actions/hosting-your-own-runners/using-a-proxy-server-with-self-hosted-runners
 #
-
 class github_actions_runner (
   Enum['present', 'absent'] $ensure,
   Stdlib::Absolutepath      $base_dir_name,
-  String                    $org_name,
-  String                    $personal_access_token,
-  String                    $package_name,
-  String                    $package_ensure,
-  String                    $repository_url,
-  String                    $user,
-  String                    $group,
-  Hash[String, Hash]        $instances,
-  String                    $github_domain,
-  String                    $github_api,
-  Optional[String]          $http_proxy = undef,
-  Optional[String]          $https_proxy = undef,
-  Optional[String]          $no_proxy = undef,
+  String[1]                 $personal_access_token,
+  String[1]                 $package_name,
+  String[1]                 $package_ensure,
+  String[1]                 $repository_url,
+  String[1]                 $user,
+  String[1]                 $group,
+  Hash[String[1], Hash]     $instances,
+  String[1]                 $github_domain,
+  String[1]                 $github_api,
+  Optional[String[1]]       $enterprise_name = undef,
+  Optional[String[1]]       $org_name = undef,
+  Optional[String[1]]       $http_proxy = undef,
+  Optional[String[1]]       $https_proxy = undef,
+  Optional[String[1]]       $no_proxy = undef,
 ) {
 
   $root_dir = "${github_actions_runner::base_dir_name}-${github_actions_runner::package_ensure}"

manifests/instance.pp

@@ -6,7 +6,10 @@
 #  Enum, Determine if to add or remove the resource.
 #
 # * org_name
-# String, actions runner org name.(Default: Value set by github_actions_runner Class)
+# Optional[String], org name for organization level runners. (Default: Value set by github_actions_runner Class)
+#
+# * enterprise_name
+#  Optional[String], enterprise name for global runners. (Default: Value set by github_actions_runner Class)
 #
 # * personal_access_token
 # String, GitHub PAT with admin permission on the repositories or the origanization.(Default: Value set by github_actions_runner Class)
@@ -38,22 +41,22 @@
 # * labels
 # Optional[Array[String]], A list of costum lables to add to a runner.
 #
-
 define github_actions_runner::instance (
-  Enum['present', 'absent'] $ensure                = 'present',
-  String                    $org_name              = $github_actions_runner::org_name,
-  String                    $personal_access_token = $github_actions_runner::personal_access_token,
-  String                    $user                  = $github_actions_runner::user,
-  String                    $group                 = $github_actions_runner::group,
-  String                    $hostname              = $::facts['hostname'],
-  String                    $instance_name         = $title,
-  Optional[String]          $http_proxy            = $github_actions_runner::http_proxy,
-  Optional[String]          $https_proxy           = $github_actions_runner::https_proxy,
-  Optional[String]          $no_proxy              = $github_actions_runner::no_proxy,
-  Optional[Array[String]]   $labels                = undef,
-  Optional[String]          $repo_name             = undef,
-  String                    $github_domain         = $github_actions_runner::github_domain,
-  String                    $github_api            = $github_actions_runner::github_api,
+  Enum['present', 'absent']  $ensure                = 'present',
+  String[1]                  $personal_access_token = $github_actions_runner::personal_access_token,
+  String[1]                  $user                  = $github_actions_runner::user,
+  String[1]                  $group                 = $github_actions_runner::group,
+  String[1]                  $hostname              = $::facts['hostname'],
+  String[1]                  $instance_name         = $title,
+  String[1]                  $github_domain         = $github_actions_runner::github_domain,
+  String[1]                  $github_api            = $github_actions_runner::github_api,
+  Optional[String[1]]        $http_proxy            = $github_actions_runner::http_proxy,
+  Optional[String[1]]        $https_proxy           = $github_actions_runner::https_proxy,
+  Optional[String[1]]        $no_proxy              = $github_actions_runner::no_proxy,
+  Optional[Array[String[1]]] $labels                = undef,
+  Optional[String[1]]        $enterprise_name       = $github_actions_runner::enterprise_name,
+  Optional[String[1]]        $org_name              = $github_actions_runner::org_name,
+  Optional[String[1]]        $repo_name             = undef,
 ) {
 
   if $labels {
@@ -63,18 +66,22 @@
     $assured_labels = ''
   }
 
-  $url = $repo_name ? {
-    undef => "${github_domain}/${org_name}",
-    default => "${github_domain}/${org_name}/${repo_name}",
-  }
-
-  if $repo_name {
-    $token_url = "${github_api}/repos/${org_name}/${repo_name}/actions/runners/registration-token"
-  } else {
-    $token_url = $github_api ? {
-      'https://api.github.com' => "${github_api}/repos/${org_name}/actions/runners/registration-token",
-      default => "${github_api}/orgs/${org_name}/actions/runners/registration-token",
+  if $org_name {
+    if $repo_name {
+      $token_url = "${github_api}/repos/${org_name}/${repo_name}/actions/runners/registration-token"
+      $url = "${github_domain}/${org_name}/${repo_name}"
+    } else {
+      $token_url = $github_api ? {
+        'https://api.github.com' => "${github_api}/repos/${org_name}/actions/runners/registration-token",
+        default => "${github_api}/orgs/${org_name}/actions/runners/registration-token",
+      }
+      $url = "${github_domain}/${org_name}"
     }
+  } elsif $enterprise_name {
+    $token_url = "${github_api}/enterprises/${enterprise_name}/actions/runners/registration-token"
+    $url = "${github_domain}/enterprises/${enterprise_name}"
+  } else {
+    fail("Either 'org_name' or 'enterprise_name' is required to create runner instances")
   }
 
   $archive_name =  "${github_actions_runner::package_name}-${github_actions_runner::package_ensure}.tar.gz"

metadata.json

@@ -1,6 +1,6 @@
 {
   "name": "telefonica-github_actions_runner",
-  "version": "0.5.0",
+  "version": "0.6.0",
   "author": "Shimon Ohayon",
   "summary": "Module to configure our GitHub Actions runner on Debian hosts",
   "license": "Apache-2.0",
@@ -26,7 +26,14 @@
     {
       "operatingsystem": "Debian",
       "operatingsystemrelease": [
-        "9"
+        "9",
+        "10"
+      ]
+    },
+    {
+      "operatingsystem": "CentOS",
+      "operatingsystemrelease": [
+        "7"
       ]
     },
     {