The base actions runner is meant to be minimal. It is build from fedora:35, and contains the GitHub Actions Runner and all its dependencies. At image build time, the latest runner version is downloaded, and the runner self-updates when it is connected to GitHub.
On OpenShift, containers run as a dynamically assigned user ID You can read about this on the OpenShift blog. This image contains logic to assign that user ID to the runner user and make sure the home directory and other required files are have the necessary permissions.
The entrypoint.sh acquires a GitHub Self Hosted Runner token using your GitHub PAT. The token is used to register the runner with GitHub, and connect to start listening for jobs on the organization or repository you specify.
Some basic CLI tools are installed in addition to what's in the parent Fedora image.
curlfindutils(find)githostnamejqopensslprocps(ps,pgrep)which
You can create your own runner image based on this one, and install any runtimes and tools your workflows need.
- Create your own Containerfile, with
FROM quay.io/redhat-github-actions/runner:<tag>. - Edit the Containerfile to install and set up your tools, environment, etc.
- If you have to use root in your Containerfile, use
USER rootand convert back toUSER $UIDbefore the end of the Containerfile. - The
UIDenvironment variable is set in the base Containerfile. - Do not override the
ENTRYPOINT.
- If you have to use root in your Containerfile, use
- Build and push your new runner image.
- Install the OpenShift Action Runner Chart. Set the value
runnerImageto your image, andrunnerTagto your tag.
Remember to pull the base image before running the container build to make sure you are building from an up-to-date image.
For example, one could build a runner image that includes a Node runtime in just four lines.
FROM quay.io/redhat-github-actions/runner:latest as runner
USER root
RUN dnf module install -y nodejs:14/default
USER $UIDJust like that, we have created the Node runner image.