WIP FELT: Builds on GitHub Actions

Author: Alexandre Lissy

.github/actions/create-linux-vm/action.yml

@@ -0,0 +1,95 @@
+name: "Create linux VM"
+description: "gcloud instance"
+inputs:
+  instance_kind:
+    description: "Base name for the instance"
+    required: true
+  gcp_credentials:
+    description: "Credentials for GCP"
+    required: true
+  github_runner_token:
+    description: "Personnal Access Token to register Runner"
+    required: true
+  extra_labels:
+    description: "Comma-separated extra labels for the Runner. Starts with a comma"
+    required: true
+outputs:
+  instance_name:
+    description: "Computed instance name"
+    value: ${{ steps.instance_name.outputs.name }}
+runs:
+  using: "composite"
+  steps:
+    - name: 'GCP Instance name'
+      id: 'instance_name'
+      run: echo "name=${{ inputs.instance_kind }}-$(uuidgen)" >> "$GITHUB_OUTPUT"
+      shell: bash
+
+    - name: 'Google Auth'
+      id: 'auth'
+      uses: 'google-github-actions/auth@v2'
+      with:
+        credentials_json: '${{ inputs.gcp_credentials }}'
+
+    - name: 'Set up Cloud SDK'
+      uses: 'google-github-actions/setup-gcloud@v3'
+      with:
+        version: '>= 363.0.0'
+
+    - name: 'Get startup script'
+      uses: actions/checkout@v5
+      with:
+        sparse-checkout: |
+          .github/workflows/ubuntu-startup.sh
+        sparse-checkout-cone-mode: false
+        clean: false
+        path: repo-checkout
+
+    - name: 'Generate startup script'
+      run: >
+        token_output=$(curl -sS --request POST
+        --url  https://api.github.com/repos/$GITHUB_REPOSITORY/actions/runners/registration-token
+        --header 'Authorization: Bearer ${{ inputs.github_runner_token }}'
+        --header 'Accept: application/vnd.github+json' | grep token | cut -d':' -f2| cut -d'"' -f2) &&
+        sed -ri -e "s/##GH_RUNNER_TOKEN##/$token_output/g" -e "s|##GH_REPO_URL##|https://github.com/$GITHUB_REPOSITORY|g" -e "s|##GH_INSTANCE_NAME##|${{ steps.instance_name.outputs.name }}|g" -e "s|##GH_LABELS##|${{ steps.instance_name.outputs.name }},${{ inputs.extra_labels }}|g" repo-checkout/.github/workflows/ubuntu-startup.sh
+      shell: bash
+
+    - name: 'Create instance'
+      run: >
+        gcloud compute instances create
+        ${{ steps.instance_name.outputs.name }}
+        --project=enterprise-gha-runners
+        --zone=europe-west1-b
+        --machine-type=c4d-standard-96
+        --network-interface=network-tier=STANDARD,nic-type=GVNIC,stack-type=IPV4_ONLY,subnet=enterprise-gha-runners
+        --metadata-from-file=startup-script=./repo-checkout/.github/workflows/ubuntu-startup.sh
+        --no-restart-on-failure
+        --maintenance-policy=TERMINATE
+        --provisioning-model=SPOT
+        --instance-termination-action=DELETE
+        --max-run-duration=7200s
+        --service-account=firefox-enterprise-gha-runners@enterprise-gha-runners.iam.gserviceaccount.com
+        --scopes=https://www.googleapis.com/auth/devstorage.read_only,https://www.googleapis.com/auth/logging.write,https://www.googleapis.com/auth/monitoring.write,https://www.googleapis.com/auth/service.management.readonly,https://www.googleapis.com/auth/servicecontrol,https://www.googleapis.com/auth/trace.append
+        --create-disk=auto-delete=yes,boot=yes,device-name=${{ steps.instance_name.outputs.name }},image=projects/enterprise-gha-runners/global/images/disk-2404-noble-amd64-v20250818-20250903101056,mode=rw,provisioned-iops=3480,provisioned-throughput=260,size=80,type=hyperdisk-balanced
+        --no-shielded-secure-boot
+        --shielded-vtpm
+        --shielded-integrity-monitoring
+        --labels=goog-ec-src=vm_add-gcloud
+        --reservation-affinity=none
+      shell: bash
+
+    - name: 'Waiting for Runner'
+      run: >
+        for i in $(seq 30); do
+          echo "Sleeping 30s" && sleep 30
+          RUNNER_STATUS=$(curl -sS --request GET \
+          --url  https://api.github.com/repos/$GITHUB_REPOSITORY/actions/runners?name=${{ steps.instance_name.outputs.name }} \
+          --header 'Authorization: Bearer ${{ inputs.github_runner_token }}' \
+          --header 'Accept: application/vnd.github+json' | grep "status" | cut -d':' -f2 | cut -d'"' -f2)
+          echo "RUNNER: ${RUNNER_STATUS}"
+          if [ "$RUNNER_STATUS" = "online" ]; then
+            exit 0;
+          fi
+        done;
+        exit 1
+      shell: bash

.github/actions/delete-linux-vm/action.yml

@@ -0,0 +1,39 @@
+name: "Delete linux VM"
+description: "gcloud instance"
+inputs:
+  instance_name:
+    description: "Instance to target"
+    required: true
+  gcp_credentials:
+    description: "Credentials for GCP"
+    required: true
+  github_runner_token:
+    description: "Personnal Access Token to register Runner"
+    required: true
+runs:
+  using: "composite"
+  steps:
+    - name: 'Google Auth'
+      id: 'auth'
+      uses: 'google-github-actions/auth@v2'
+      with:
+        credentials_json: '${{ inputs.gcp_credentials }}'
+
+    - name: 'Set up Cloud SDK'
+      uses: 'google-github-actions/setup-gcloud@v3'
+      with:
+        version: '>= 363.0.0'
+
+    - name: 'Delete instance'
+      run: >
+        (yes | gcloud compute instances delete ${{ inputs.instance_name }} --delete-disks=all --zone=europe-west1-b) || true
+      shell: bash
+
+    - name: 'Delete runner'
+      run: >
+        curl -v --request DELETE
+        --url  https://api.github.com/repos/$GITHUB_REPOSITORY/actions/runners/${{ inputs.instance_name}}
+        --header 'Authorization: Bearer ${{ inputs.github_runner_token }}'
+        --header 'Accept: application/vnd.github+json'
+        --fail
+      shell: bash