/gce-github-runner

Ephemeral GCE/GCP GitHub self-hosted runner

Primary LanguageShellApache License 2.0Apache-2.0

gce-github-runner

Pre-commit

Ephemeral GCE GitHub self-hosted runner.

Usage

jobs:
  create-runner:
    runs-on: ubuntu-latest
    outputs:
      label: ${{ steps.create-runner.outputs.label }}
    steps:
      - id: create-runner
        uses: nansen-ai/gce-github-runner@v0.13
        with:
          token: ${{ secrets.GH_SA_TOKEN }}
          project_id: ${{ secrets.GCP_PROJECT_ID }}
          service_account_key: ${{ secrets.GCP_SA_KEY }}
          image_project: ubuntu-os-cloud
          image_family: ubuntu-2004-lts

  test:
    needs: create-runner
    runs-on: ${{ needs.create-runner.outputs.label }}
    steps:
      - run: echo "This runs on the GCE VM"
  • create-runner creates the GCE VM and registers the runner with unique label
  • test uses the runner
  • the runner VM will be automatically shut down after the workflow via self-hosted runner hook

Inputs

See inputs and descriptions here.

The GCE runner image should have at least:

  • gcloud
  • git
  • (optionally) GitHub Actions Runner (see actions_preinstalled parameter)

Example Workflows

Self-hosted runner security with public repositories

From GitHub's documentation:

We recommend that you only use self-hosted runners with private repositories. This is because forks of your repository can potentially run dangerous code on your self-hosted runner machine by creating a pull request that executes the code in a workflow.

EC2/AWS action

If you need EC2/AWS self-hosted runner, check out machulav/ec2-github-runner.