Add option for manually-generated Runner Token

closes redhat-actions#10
fridim · Jan 27, 2023 · 5106675 · 5106675
1 parent b2361b8
commit 5106675
Show file tree

Hide file tree

Showing 4 changed files with 38 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -64,6 +64,8 @@ export GITHUB_PAT=c0ffeeface1234567890
 export GITHUB_APP_ID=123456
 export GITHUB_APP_INSTALL_ID=7890123
 export GITHUB_APP_PEM='----------BEGIN RSA PRIVATE KEY...'
+# OR, Github Runner Token
+export GITHUB_RUNNER_TOKEN=123456
 
 # For an org runner, this is the org.
 # For a repo runner, this is the repo owner (org or user).
@@ -94,6 +96,12 @@ helm install $RELEASE_NAME openshift-actions-runner/actions-runner \
     --set-string githubRepository=$GITHUB_REPO \
 && echo "---------------------------------------" \
 && helm get manifest $RELEASE_NAME | kubectl get -f -
+
+# OR, Installing using Github Runner Token
+helm install $RELEASE_NAME openshift-actions-runner/actions-runner \
+    --set-string githubRunnerToken=$GITHUB_RUNNER_TOKEN \
+    --set-string githubOwner=$GITHUB_OWNER \
+    --set-string githubRepository=$GITHUB_REPO \
 ```
 5. You can re-run step 4 if you want to add runners with different images, labels, etc. You can leave out the `githubPat` or `githubApp*` strings on subsequent runs, since the chart will re-use an existing secret.
 

diff --git a/templates/deployment.yaml b/templates/deployment.yaml
@@ -113,6 +113,14 @@ spec:
                   name: {{ .Values.secretName }}
                   key: {{ .Values.secretKey }}
             {{- end }}
+            # or, github Runner Token
+            {{- if .Values.githubRunnerToken }}
+            - name: RUNNER_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.runnerTokenSecretName }}
+                  key: {{ .Values.runnerTokenSecretKey }}
+            {{- end }}
 
               # Any injected env values from values.yaml will go here
               {{- range .Values.runnerEnv }}

diff --git a/templates/runner-token-secret.yaml b/templates/runner-token-secret.yaml
@@ -0,0 +1,19 @@
+{{- if .Values.githubRunnerToken }}
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ .Values.runnerTokenSecretName }}
+  labels:
+    app.kubernetes.io/component: deployment
+    app.kubernetes.io/instance: {{ .Release.Name }}
+    app.kubernetes.io/managed-by: {{ .Release.Service }}
+    app.kubernetes.io/name: {{ .Values.appName }}
+    app.kubernetes.io/version: {{ .Chart.Version | quote }}
+    helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+type: Opaque
+data:
+  {{- $encodedRunnerToken := (required ".Values.githubRunnerToken must be set" .Values.githubRunnerToken) | b64enc | quote }}
+  {{ .Values.runnerTokenSecretKey }}: {{ $encodedRunnerToken }}
+
+{{- end }}
diff --git a/values.yaml b/values.yaml
@@ -42,6 +42,9 @@ githubAppInstallId: ""
 githubAppPem: ""
 
 ### End App Auth
+### Github Runner Token
+runnerTokenSecretName: github-runner-token
+runnerTokenSecretKey: "github-runner-token"
 
 # Pass labels using array syntax, which is curly braces surrounding comma-separated items.
 # --set runnerLabels="{ label1, label2 }" results in the labels "label1" and "label2".