GitHub Actions (DevZero Workspace)

Running Github Actions using the runner binary on a DevZero Workspace (similar to AWS EC2).

Pre-built recipe templates are available here.

Intended Audience

This page is for platform engineers looking to solve one or multiple of the following:

Growing costs related to GitHub Actions use (either GitHub-hosted, or self-hosted).
Challenges around supporting/maintaining self-hosted runners.
- Managing the lifecycle of the runners (ensuring they're up-to-date)
- Supporting various shapes of runner pools/groups (by CPU, memory, preinstalled toolset etc.)
- Cloud infrastructure costs of operating self-hosted runners
Strong security isolation between concurrently running jobs on a given node.
Shortening test run durations when using GitHub-hosted runners.

Using DevZero's Actions Runner Controller

Using a self-hosted runner

Self-Hosted runners are more like persistent VMs that you individually register with GitHub. See GitHub's docs for more background.

Launch a new workspace on DevZero
Visit your GitHub organization/repo settings page.
Go to Actions > Runners.

For organization-wide runners: https://github.com/organizations/ORGANIZATION/settings/actions/runners
For repository-wide runners: https://github.com/ORGANIZATION/REPO/settings/actions/runners

Click on "New runner" and select "New self-hosted runner".
Select "Linux" and set "x64" as architecture.
Follow the instructions from GitHub provided on the page, which are similar to:

Download

# Create a folder
mkdir actions-runner && cd actions-runner# Download the latest runner package
# download the binary
curl -o actions-runner-linux-x64-2.320.0.tar.gz -L https://github.com/actions/runner/releases/download/v2.319.0/actions-runner-linux-x64-2.320.0.tar.gz
# Optional: Validate the hash
echo "93ac1b7ce743ee85b5d386f5c1787385ef07b3d7c728ff66ce0d3813d5f46900  actions-runner-linux-x64-2.320.0.tar.gz" | shasum -a 256 -c
# Extract the installer
tar xzf ./actions-runner-linux-x64-2.320.0.tar.gz

Configure

The $TOKEN_FROM_GITHUB will be in the UI when you create the new runner.

You may use the default settings or customize values as you'd like when going through the prompts

# Create the runner and start the configuration experience
export TOKEN_FROM_GITHUB="" # insert token
# for organization wide runners
./config.sh --url https://github.com/ORGANIZATION --token $TOKEN_FROM_GITHUB
# for a specific repo
# ./config.sh --url https://github.com/ORGANIZATION/REPO --token $TOKEN_FROM_GITHUB

The token from GitHub wll expire in about an hour and is unique for your instance. You can also get the registration token non-interactively by sending a http request using curl:

curl \
    -X POST \
    -H "Accept: application/vnd.github+json" \
    -H "Authorization: Bearer "${{ GITHUB_PAT }}"" \
    https://api.github.com/repos/ORGANIZATION/REPO/actions/runners/registration-token

Install and Start

# Installs the actions service to run in background using systemd and runs as root user
sudo ./svc.sh install root && sudo ./svc.sh start

Verify that the runner was added to your repo/org and is either in "Idle" or "Online" state.

Tip: The runner name should be same as the DevBox hostname.

Run a GitHub Action on the self-hosted runner to verify that it passes successfully, set runs-on: self-hosted:

name: Actions Demo
on: push
jobs:
  Explore-GitHub-Actions:
-    runs-on: ubuntu-latest
+    runs-on: self-hosted
    steps:
    - run: echo "🎉 This job uses self-hosted runners!"

Video Walkthrough

Here's a five minute video to see the process from end to end.