feat(docker): add Docker setup for GitHub Actions runner

winromulus · winromulus · commit 2a47dc70d375 · 2025-07-30T08:55:49.000+03:00
- Introduces a setup script and YAML configuration to automate the installation of essential tools for the GitHub Actions runner.
- Implements scripts for installing Python, PowerShell, Azure CLI, AzCopy, and Ansible, ensuring all installations include verification steps.
- Establishes a multi-architecture Docker image with proper error handling and logging during the setup process.

Provides users a streamlined experience for setting up the development environment.
diff --git a/CLAUDE.md b/CLAUDE.md
@@ -0,0 +1,81 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Repository Overview
+
+This repository contains Docker images for GitHub Actions self-hosted runners with additional tools pre-installed. The main image is based on the official GitHub Actions runner image and includes Python, PowerShell, Azure CLI, AzCopy, and Ansible.
+
+## Architecture
+
+- **Base Image**: Built on `ghcr.io/actions/actions-runner:2.327.1`
+- **Additional Tools**: Multiple tools installed via a YAML-driven setup system
+- **Setup System**: Uses `setup.yaml` to define installation steps with `setup.sh` orchestrator
+- **Multi-Architecture Support**: Supports both AMD64 and ARM64 architectures
+- **CI/CD**: Uses GitHub Actions for automated building and releasing
+
+## Key Commands
+
+### Building the Docker Image
+
+```bash
+# Build locally
+docker build -t github-actions-runner -f src/Dockerfile src/
+
+# Build with specific platform
+docker buildx build --platform linux/amd64 -t github-actions-runner -f src/Dockerfile src/
+```
+
+### Adding New Tools
+
+To add a new tool to the image:
+1. Create an installation script in `src/scripts/` (e.g., `install-newtool.sh`)
+2. Add a step to `src/setup.yaml`:
+   ```yaml
+   - name: "Install New Tool"
+     script: "scripts/install-newtool.sh"
+     description: "Description of what this installs"
+   ```
+   OR use inline commands:
+   ```yaml
+   - name: "Install New Tool"
+     command: "apt-get install -y newtool"
+     description: "Description of what this installs"
+   ```
+
+### GitHub Actions Workflow
+
+The repository uses GitVersion for semantic versioning. The pipeline is triggered on:
+- Push to any branch
+- Pull requests
+- Manual workflow dispatch
+
+## Project Structure
+
+- `src/Dockerfile`: Main Dockerfile that builds the runner image
+- `src/setup.yaml`: YAML configuration defining all installation steps
+- `src/setup.sh`: Main orchestrator that reads setup.yaml and executes steps
+- `src/scripts/`: Installation scripts for various tools
+  - `install-python.sh`: Installs Python3, pip, pip3, and pipx
+  - `install-powershell.sh`: Installs PowerShell Core
+  - `install-azure-cli.sh`: Installs Azure CLI
+  - `install-azcopy.sh`: Installs AzCopy with architecture detection
+- `.github/workflows/pipeline.yaml`: Main CI/CD pipeline
+- `GitVersion.yaml`: Semantic versioning configuration
+
+## Versioning Strategy
+
+The project uses GitVersion with:
+- Main branch: Continuous deployment mode
+- Develop branch: Minor version increments
+- Release branches: RC pre-releases
+- Feature branches: Named pre-releases
+- Commit messages control version bumps (+semver:major/minor/patch)
+
+## Container Registries
+
+Images are published to:
+- Docker Hub: `emberstack/github-actions-runner`
+- GitHub Container Registry: `ghcr.io/emberstack/github-actions-runner`
+
+Both registries receive multi-architecture manifests supporting AMD64 and ARM64.
diff --git a/src/Dockerfile b/src/Dockerfile
@@ -2,22 +2,26 @@ FROM ghcr.io/actions/actions-runner:2.327.1
 
 USER root
 
-# Install required dependencies
+# Install required dependencies including yq and jq
 RUN apt-get update && \
     apt-get install -y --no-install-recommends \
     wget \
     curl \
     ca-certificates \
+    jq \
     && rm -rf /var/lib/apt/lists/*
 
+# Install yq
+RUN wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 && \
+    chmod +x /usr/local/bin/yq
+
 WORKDIR /install
 
 COPY /scripts /scripts
+COPY setup.yaml /
+COPY setup.sh /
 
-RUN for script in /scripts/install*.sh; do \
-        echo "Running $script"; \
-        bash -e $script || { echo "Script $script failed" >&2; exit 1; }; \
-    done && \
-    rm -rf /scripts
+# Run setup script with proper error handling
+RUN bash -e /setup.sh
 
 USER runner
diff --git a/src/scripts/install-ansible.sh b/src/scripts/install-ansible.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+
+# Install Ansible using pip
+
+# Install ansible globally using pip
+pip install ansible
+
+# Verify installation
+echo "Checking installed ansible executables:"
+ls -la /usr/local/bin/ansible* 2>/dev/null || echo "Ansible binaries not in /usr/local/bin"
+
+# Verify installation
+echo "Verifying Ansible installation..."
+if ! command -v ansible &> /dev/null; then
+    echo "ERROR: ansible command not found after installation"
+    echo "PATH: $PATH"
+    # Try to find where pip installed it
+    echo "Searching for ansible executable..."
+    find /usr -name "ansible" -type f 2>/dev/null | head -5
+    exit 1
+fi
+
+# Check for ansible-playbook which is commonly used
+if ! command -v ansible-playbook &> /dev/null; then
+    echo "ERROR: ansible-playbook command not found after installation"
+    exit 1
+fi
+
+echo "Ansible version:"
+ansible --version
+
+echo "Ansible installation completed successfully!"
diff --git a/src/scripts/install-azcopy.sh b/src/scripts/install-azcopy.sh
@@ -32,5 +32,20 @@ ln -sf /usr/local/bin/azcopy /usr/local/bin/azcopy10
 # Cleanup
 rm -f azcopy.tar.gz
 
+# Verify installation
+echo "Verifying AzCopy installation..."
+if ! command -v azcopy &> /dev/null; then
+    echo "ERROR: azcopy command not found after installation"
+    exit 1
+fi
+
+if ! command -v azcopy10 &> /dev/null; then
+    echo "ERROR: azcopy10 symlink not created properly"
+    exit 1
+fi
+
+echo "AzCopy version:"
+azcopy --version
 azcopy10 --version
-azcopy --version
+
+echo "AzCopy installation completed successfully!"
diff --git a/src/scripts/install-azure-cli.sh b/src/scripts/install-azure-cli.sh
@@ -32,4 +32,13 @@ apt-get update
 apt-get install -y azure-cli
 
 # Verify installation
-az --version
+echo "Verifying Azure CLI installation..."
+if ! command -v az &> /dev/null; then
+    echo "ERROR: az command not found after installation"
+    exit 1
+fi
+
+echo "Azure CLI version:"
+az --version
+
+echo "Azure CLI installation completed successfully!"
diff --git a/src/scripts/install-powershell.sh b/src/scripts/install-powershell.sh
@@ -0,0 +1,50 @@
+#!/bin/bash
+
+# Install PowerShell following official documentation
+# https://learn.microsoft.com/en-us/powershell/scripting/install/install-ubuntu
+
+# Update packages and install required dependencies
+apt-get update
+apt-get install -y --no-install-recommends \
+    wget \
+    apt-transport-https \
+    software-properties-common
+
+# Detect architecture and Ubuntu version
+ARCH=$(uname -m)
+UBUNTU_VERSION=$(lsb_release -rs)
+
+# Download the Microsoft repository GPG keys
+wget -q "https://packages.microsoft.com/config/ubuntu/${UBUNTU_VERSION}/packages-microsoft-prod.deb"
+
+# Register the Microsoft repository GPG keys
+dpkg -i packages-microsoft-prod.deb
+
+# Delete the Microsoft repository GPG keys file
+rm packages-microsoft-prod.deb
+
+# Update the list of packages after we added packages.microsoft.com
+apt-get update
+
+# Install PowerShell
+apt-get install -y powershell
+
+# Create a symbolic link for 'powershell' command
+ln -sf /usr/bin/pwsh /usr/bin/powershell
+
+# Verify installation
+echo "Verifying PowerShell installation..."
+if ! command -v pwsh &> /dev/null; then
+    echo "ERROR: pwsh command not found after installation"
+    exit 1
+fi
+
+if ! command -v powershell &> /dev/null; then
+    echo "ERROR: powershell symlink not created properly"
+    exit 1
+fi
+
+echo "PowerShell version:"
+pwsh --version
+
+echo "PowerShell installation completed successfully!"
diff --git a/src/scripts/install-python.sh b/src/scripts/install-python.sh
@@ -0,0 +1,46 @@
+#!/bin/bash
+
+# Install Python and pip
+
+# Update packages and install Python3 and pip
+apt-get update
+apt-get install -y --no-install-recommends \
+    python3 \
+    python3-pip \
+    python3-venv \
+    python3-dev
+
+# Create symbolic links for pip (if not already present)
+if [ ! -f /usr/bin/pip ]; then
+    ln -s /usr/bin/pip3 /usr/bin/pip
+fi
+
+# Upgrade pip to latest version
+python3 -m pip install --upgrade pip
+
+# Verify installations
+echo "Verifying Python installation..."
+if ! command -v python3 &> /dev/null; then
+    echo "ERROR: python3 command not found after installation"
+    exit 1
+fi
+echo "Python version:"
+python3 --version
+
+echo "Verifying pip installation..."
+if ! command -v pip &> /dev/null; then
+    echo "ERROR: pip command not found after installation"
+    exit 1
+fi
+echo "pip version:"
+pip --version
+
+echo "Verifying pip3 installation..."
+if ! command -v pip3 &> /dev/null; then
+    echo "ERROR: pip3 command not found after installation"
+    exit 1
+fi
+echo "pip3 version:"
+pip3 --version
+
+echo "Python and pip installation completed successfully!"
diff --git a/src/setup.sh b/src/setup.sh
@@ -0,0 +1,79 @@
+#!/bin/bash
+set -e  # Exit on error
+set -o pipefail  # Exit on pipe failure
+
+# Colors for output
+RED='\033[0;31m'
+GREEN='\033[0;32m'
+BLUE='\033[0;34m'
+NC='\033[0m' # No Color
+
+# Function to log with timestamp
+log() {
+    echo -e "${BLUE}[$(date +'%Y-%m-%d %H:%M:%S')]${NC} $1"
+}
+
+# Function to log errors
+error() {
+    echo -e "${RED}[ERROR]${NC} $1" >&2
+}
+
+# Function to log success
+success() {
+    echo -e "${GREEN}[SUCCESS]${NC} $1"
+}
+
+# Change to root directory where setup.yaml is located
+cd /
+
+# Check if setup.yaml exists
+if [ ! -f "setup.yaml" ]; then
+    error "setup.yaml not found in root directory"
+    exit 1
+fi
+
+log "Starting setup process..."
+
+# Parse and execute each step
+# Get the number of steps
+step_count=$(yq eval '.setup.steps | length' setup.yaml)
+
+# Iterate through each step by index
+for ((i=0; i<$step_count; i++)); do
+    # Extract step properties
+    name=$(yq eval ".setup.steps[$i].name" setup.yaml)
+    script=$(yq eval ".setup.steps[$i].script" setup.yaml)
+    command=$(yq eval ".setup.steps[$i].command" setup.yaml)
+    description=$(yq eval ".setup.steps[$i].description" setup.yaml)
+    
+    log "Starting: $name"
+    if [ "$description" != "null" ]; then
+        log "Description: $description"
+    fi
+    
+    # Execute based on precedence (script > command)
+    if [ "$script" != "null" ]; then
+        log "Executing script: $script"
+        if bash -e "$script"; then
+            success "Completed: $name"
+        else
+            error "Failed: $name (script: $script)"
+            exit 1
+        fi
+    elif [ "$command" != "null" ]; then
+        log "Executing command..."
+        if bash -e -c "$command"; then
+            success "Completed: $name"
+        else
+            error "Failed: $name"
+            exit 1
+        fi
+    else
+        error "Step '$name' has no script or command defined"
+        exit 1
+    fi
+    
+    echo ""  # Empty line between steps
+done
+
+success "All setup steps completed successfully!"
diff --git a/src/setup.yaml b/src/setup.yaml
