From 9b4ee605411d38843ad488adb64754acf44b308b Mon Sep 17 00:00:00 2001
From: Silvija Tovernic <s.tovernic@reply.de>
Date: Wed, 18 Sep 2024 11:59:21 +0200
Subject: [PATCH] add: image factory runner container image

---
 images/docker/image-factory-runner/Dockerfile | 51 +++++++++++++++++++
 .../scripts/start-github-runner.sh            | 27 ++++++++++
 2 files changed, 78 insertions(+)
 create mode 100644 images/docker/image-factory-runner/Dockerfile
 create mode 100644 images/docker/image-factory-runner/scripts/start-github-runner.sh

diff --git a/images/docker/image-factory-runner/Dockerfile b/images/docker/image-factory-runner/Dockerfile
new file mode 100644
index 00000000..08a8923f
--- /dev/null
+++ b/images/docker/image-factory-runner/Dockerfile
@@ -0,0 +1,51 @@
+FROM ubuntu:22.04
+
+ARG RUNNER_VERSION=2.319.1
+ARG RUNNER_ARCH=arm64
+
+ENV DEBIAN_FRONTEND=noninteractive \
+  USER_NAME=gha \
+  USER_GROUP=gha \
+  USER_UID=1001 \
+  USER_GID=1001 \
+  USER_HOME=/opt/gha
+
+# Update and install packadges and dependencies
+RUN apt-get update -y && \
+  apt-get upgrade -y && \
+  apt-get install --no-install-recommends -y \
+  ca-certificates \
+  curl \
+  wget \
+  unzip \
+  vim \
+  git \
+  jq
+
+
+# Create runner user
+RUN mkdir -p ${USER_HOME} && \
+  groupadd -g ${USER_GID} ${USER_GROUP} && \
+  useradd -r -u ${USER_UID} -g ${USER_GID} -d ${USER_HOME} -s /sbin/nologin -c "GitHub Actions User" ${USER_NAME} && \
+  chown ${USER_GROUP}:${USER_NAME} ${USER_HOME}
+
+WORKDIR ${USER_HOME}
+
+# Download GitHub Actions runner
+RUN mkdir actions-runner && \
+  cd actions-runner && \
+  curl -o actions-runner-linux-${RUNNER_ARCH}-${RUNNER_VERSION}.tar.gz -L https://github.com/actions/runner/releases/download/v${RUNNER_VERSION}/actions-runner-linux-${RUNNER_ARCH}-${RUNNER_VERSION}.tar.gz && \
+  tar xzf ./actions-runner-linux-${RUNNER_ARCH}-${RUNNER_VERSION}.tar.gz
+
+# Install additional dependencies
+RUN actions-runner/bin/installdependencies.sh
+
+# Add start script and make it executable
+ADD scripts/start-github-runner.sh start-github-runner.sh
+RUN chmod +x start-github-runner.sh
+
+# Set runner user
+USER ${USER_NAME}
+
+# Set start script as an entrypoint
+ENTRYPOINT ["./start-github-runner.sh"]
diff --git a/images/docker/image-factory-runner/scripts/start-github-runner.sh b/images/docker/image-factory-runner/scripts/start-github-runner.sh
new file mode 100644
index 00000000..11a5d409
--- /dev/null
+++ b/images/docker/image-factory-runner/scripts/start-github-runner.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+
+GITHUB_OWNER=$GITHUB_OWNER
+GITHUB_REPOSITORY=$GITHUB_REPOSITORY
+GITHUB_TOKEN=$(cat /.pat/.token)
+GITHUB_RUNNER_NAME=$(hostname)
+
+echo "Getting runner registration token from GitHub..."
+REG_TOKEN=$(curl -sX POST -H "Accept: application/vnd.github.v3+json" -H "Authorization: token ${GITHUB_TOKEN}" https://api.github.com/repos/${GITHUB_OWNER}/${GITHUB_REPOSITORY}/actions/runners/registration-token | jq .token --raw-output)
+
+# Add this part once PAT token generation is set up on the runner host VM - new PAT token will be generated on each start
+#
+# echo "Removing PAT token from runner filesystem"
+# rm -rf /.pat/.token
+
+echo "Connect runner to GitHub:"
+cd actions-runner
+./config.sh \
+  --url https://github.com/${GITHUB_OWNER}/${GITHUB_REPOSITORY} \
+  --token ${REG_TOKEN} \
+  --name ${RUNNER_NAME} \
+  --unattended \
+  --ephemeral \
+  --replace \
+  --disableupdate
+
+./run.sh & wait $!
\ No newline at end of file