Merge pull request #1 from gitpod-io/aledbf/expand-usage

Build custom image

Author: aledbf

.gitpod.yml

@@ -0,0 +1,2 @@
+image:
+  file: Dockerfile

.pre-commit-config.yaml

@@ -1,6 +1,6 @@
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v3.1.0
+    rev: v4.0.0
     hooks:
       - id: check-merge-conflict
       - id: debug-statements

Dockerfile

@@ -0,0 +1,39 @@
+
+FROM eu.gcr.io/gitpod-core-dev/dev/dev-environment:base
+
+# leeway
+ARG LEEWAY_VERSION=0.7.6
+ENV LEEWAY_MAX_PROVENANCE_BUNDLE_SIZE=8388608
+ENV LEEWAY_CACHE_DIR=/var/tmp/cache
+ENV LEEWAY_BUILD_DIR=/var/tmp/build
+
+RUN cd /usr/bin && curl -fsSL https://github.com/gitpod-io/leeway/releases/download/v${LEEWAY_VERSION}/leeway_${LEEWAY_VERSION}_Linux_x86_64.tar.gz | sudo tar xz
+
+RUN cd /usr/bin && curl -fsSL https://github.com/mikefarah/yq/releases/download/v4.23.1/yq_linux_amd64 | sudo tee -a yq >/dev/null 2>&1 \
+    && sudo chmod +x yq
+
+### Google Cloud ###
+# not installed via repository as then 'docker-credential-gcr' is not available
+ARG GCS_DIR=/opt/google-cloud-sdk
+ENV PATH=$GCS_DIR/bin:$PATH
+RUN sudo chown gitpod: /opt \
+    && mkdir $GCS_DIR \
+    && curl -fsSL https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-420.0.0-linux-x86_64.tar.gz \
+    | tar -xzvC /opt \
+    && /opt/google-cloud-sdk/install.sh --quiet --usage-reporting=false --bash-completion=true \
+    --additional-components gke-gcloud-auth-plugin docker-credential-gcr alpha beta \
+    # needed for access to our private registries
+    && docker-credential-gcr configure-docker
+
+RUN sudo install-packages python3-pip
+
+RUN sudo python3 -m pip uninstall crcmod \
+    && sudo python3 -m pip install --no-cache-dir -U crcmod
+
+# Install pre-commit https://pre-commit.com/#install
+RUN sudo install-packages shellcheck \
+    && sudo python3 -m pip install pre-commit
+
+RUN wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg \
+    && echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list \
+    && sudo install-packages packer

action.sh

@@ -32,8 +32,6 @@ image=
 image_family=
 scopes=
 shutdown_timeout=
-preemptible=
-ephemeral=
 
 OPTLIND=1
 while getopts_long :h opt \
@@ -51,8 +49,6 @@ while getopts_long :h opt \
 	image_family optional_argument \
 	scopes required_argument \
 	shutdown_timeout required_argument \
-	preemptible required_argument \
-	ephemeral required_argument \
 	help no_argument "" "$@"; do
 	case "$opt" in
 	command)
@@ -97,12 +93,6 @@ while getopts_long :h opt \
 	shutdown_timeout)
 		shutdown_timeout=$OPTLARG
 		;;
-	preemptible)
-		preemptible=$OPTLARG
-		;;
-	ephemeral)
-		ephemeral=$OPTLARG
-		;;
 	h | help)
 		usage
 		exit 0
@@ -129,8 +119,6 @@ function start_vm {
 	image_family_flag=$([[ -z "${image_family}" ]] || echo "--image-family=${image_family}")
 	disk_size_flag=$([[ -z "${disk_size}" ]] || echo "--boot-disk-size=${disk_size}")
 	boot_disk_type_flag=$([[ -z "${boot_disk_type}" ]] || echo "--boot-disk-type=${boot_disk_type}")
-	preemptible_flag=$([[ "${preemptible}" == "true" ]] && echo "--preemptible" || echo "")
-	ephemeral_flag=$([[ "${ephemeral}" == "true" ]] && echo "--ephemeral" || echo "")
 	project_id_flag=$(echo "--project=${project_id}")
 
 	echo "The new GCE VM will be ${VM_ID}"
@@ -216,7 +204,6 @@ FILE_EOF
 		${image_project_flag} \
 		${image_flag} \
 		${image_family_flag} \
-		${preemptible_flag} \
 		--maintenance-policy="TERMINATE" \
 		--metadata-from-file="startup-script=/tmp/startup-script.sh,shutdown-script=/tmp/shutdown-script.sh" &&
 		echo "label=${VM_ID}" >>"${GITHUB_OUTPUT}"

action.yml

@@ -18,7 +18,7 @@ inputs:
   machine_zone:
     description: GCE zone
     default: "europe-west1-b"
-    required: true
+    required: false
   machine_type:
     description: GCE machine type; https://cloud.google.com/compute/docs/machine-types
     default: "n2d-standard-8"
@@ -38,18 +38,10 @@ inputs:
   image:
     description: Specifies the name of the image that the disk will be initialized with.
     required: false
-    default: gh-runner-202307162143
+    default: gh-runner-202307241508
   image_family:
     description: The image family for the operating system that the boot disk will be initialized with.
     required: false
-  preemptible:
-    description: Use GCE preemptible VM instance; https://cloud.google.com/compute/docs/instances/preemptible
-    default: false
-    required: true
-  ephemeral:
-    description: Set GitHub runner to be ephemeral; https://docs.github.com/en/actions/hosting-your-own-runners/autoscaling-with-self-hosted-runners#using-ephemeral-runners-for-autoscaling
-    default: false
-    required: true
   scopes:
     description: Scopes granted to the VM, defaults to full access (cloud-platform).
     default: cloud-platform
@@ -92,5 +84,3 @@ runs:
         --image=${{ inputs.image }}
         --image_family=${{ inputs.image_family }}
         --boot_disk_type=pd-ssd
-        --preemptible=${{ inputs.preemptible }}
-        --ephemeral=${{ inputs.ephemeral }}

create-vm.yaml

@@ -0,0 +1,34 @@
+name: Create ephemeral GCE VM
+
+on:
+  workflow_call:
+    secrets:
+      GCP_CREDENTIALS:
+        required: true
+      GH_SELF_HOSTED_RUNNER:
+        required: true
+    outputs:
+      label:
+        value: ${{ jobs.run.outputs.label }}
+
+jobs:
+  run:
+    runs-on: ubuntu-latest
+    outputs:
+      label: ${{ steps.create-runner.outputs.label }}
+    steps:
+      - uses: actions/checkout@v3
+      - id: auth
+        name: Authenticate to Google Cloud
+        uses: google-github-actions/auth@v1
+        with:
+          credentials_json: ${{ secrets.GCP_CREDENTIALS }}
+      - id: gcloud-auth
+        name: gcloud auth activate-service-account
+        shell: bash
+        run: |
+          gcloud auth activate-service-account --key-file ${{ steps.auth.outputs.credentials_file_path }}
+      - id: create-runner
+        uses: gitpod-io/gce-github-runner@main
+        with:
+          token: ${{ secrets.GH_SELF_HOSTED_RUNNER }}

delete-vm.yaml

@@ -0,0 +1,38 @@
+name: Delete ephemeral GCE VM
+
+on:
+  workflow_call:
+    inputs:
+      runner-label:
+        type: string
+        required: true
+
+    secrets:
+      GCP_CREDENTIALS:
+        required: true
+
+jobs:
+  run:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - id: auth
+        name: Authenticate to Google Cloud
+        uses: google-github-actions/auth@v1
+        with:
+          credentials_json: ${{ secrets.GCP_CREDENTIALS }}
+      - id: gcloud-auth
+        name: gcloud auth activate-service-account
+        shell: bash
+        run: |
+          if [ -z "${{ inputs.runner-label }}" ];then
+            exit 0
+          fi
+
+          gcloud auth activate-service-account --key-file ${{ steps.auth.outputs.credentials_file_path }}
+          if [ -z "$(gcloud compute instances list | grep "${{ inputs.runner-label }}")" ]; then
+            # vm is gone
+            exit 0
+          fi
+
+          gcloud compute instances delete ${{ inputs.runner-label }} --quiet --zone ${{ inputs.runner-az }}

vm/rootfs/setup-runner.sh

@@ -3,7 +3,7 @@
 set -e
 
 # go
-GO_VERSION=1.20.5
+GO_VERSION=1.20.6
 GOPATH=/home/runner/go-packages
 GOROOT=/home/runner/go
 PATH=$GOROOT/bin:$GOPATH/bin:$PATH

vm/setup.sh

@@ -6,7 +6,7 @@ export DEBIAN_FRONTEND=noninteractive
 
 RUNNER_USER="runner"
 RUNNER_DIR="/home/${RUNNER_USER}"
-RUNNER_VER=2.306.0
+RUNNER_VER=2.307.0
 
 HELM_VERSION=3.12.1