github-runners: init module #859
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Adds a new module which allows to configure multiple GitHub self-hosted runners on Darwin. The module is heavily inspired by the nixpkgs NixOS module. Its implementation differs in some ways: - There's currently no way to configure the user/group which runs the runner. All configured runners share the same user and group. - No automatic cleanup. - No advanced sandboxing apart from user/group isolation
veehaitch
force-pushed
the
github-runner
branch
from
8b9158e to
21b92ad
Compare
domenkozar
approved these changes
Feb 18, 2024
veehaitch
added a commit
to yaxitech/nix-darwin
that referenced
this pull request
Feb 19, 2024
While LnL7#859 added basic support for configuring GitHub runners through nix-darwin, it did not yet support all of the options the NixOS option offers. This is a rather big overhaul: - Copies the `options.nix` from the NixOS module with only minor adaptations. - Respect the `workDir` config option. So far, the implementation didn't even read the value of the option. - Allow configuring a custom user and group. If both are `null`, nix-darwin manages the `github-runner` user shared among all instances. Take care of creating your own users if that's not what you want.
veehaitch
added a commit
to yaxitech/nix-darwin
that referenced
this pull request
Feb 20, 2024
While LnL7#859 added basic support for configuring GitHub runners through nix-darwin, it did not yet support all of the options the NixOS option offers. I am aware that this is a rather big overhaul. I think, however, that it's worth it: - Copies the `options.nix` from the NixOS module with only minor adaptations. This should help to keep track of any changes to it. - Respect the `workDir` config option. So far, the implementation didn't even read the value of the option. - Allow configuring a custom user and group. If both are `null`, nix-darwin manages the `github-runner` user shared among all instances. Take care of creating your own users if that's not what you want. - Also creates the necessary directories for state, logs and the working directory (unless `workDir != null`).
veehaitch
added a commit
to yaxitech/nix-darwin
that referenced
this pull request
Feb 22, 2024
While LnL7#859 added basic support for configuring GitHub runners through nix-darwin, it did not yet support all of the options the NixOS option offers. I am aware that this is a rather big overhaul. I think, however, that it's worth it: - Copies the `options.nix` from the NixOS module with only minor adaptations. This should help to keep track of any changes to it. - Respect the `workDir` config option. So far, the implementation didn't even read the value of the option. - Allow configuring a custom user and group. If both are `null`, nix-darwin manages the `github-runner` user shared among all instances. Take care of creating your own users if that's not what you want. - Also creates the necessary directories for state, logs and the working directory (unless `workDir != null`).
veehaitch
added a commit
to yaxitech/nix-darwin
that referenced
this pull request
Feb 26, 2024
While LnL7#859 added basic support for configuring GitHub runners through nix-darwin, it did not yet support all of the options the NixOS option offers. I am aware that this is a rather big overhaul. I think, however, that it's worth it: - Copies the `options.nix` from the NixOS module with only minor adaptations. This should help to keep track of any changes to it. - Respect the `workDir` config option. So far, the implementation didn't even read the value of the option. - Allow configuring a custom user and group. If both are `null`, nix-darwin manages the `github-runner` user shared among all instances. Take care of creating your own users if that's not what you want. - Also creates the necessary directories for state, logs and the working directory (unless `workDir != null`).
veehaitch
added a commit
to yaxitech/nix-darwin
that referenced
this pull request
Feb 26, 2024
While LnL7#859 added basic support for configuring GitHub runners through nix-darwin, it did not yet support all of the options the NixOS option offers. I am aware that this is a rather big overhaul. I think, however, that it's worth it: - Copies the `options.nix` from the NixOS module with only minor adaptations. This should help to keep track of any changes to it. - Respect the `workDir` config option. So far, the implementation didn't even read the value of the option. - Allow configuring a custom user and group. If both are `null`, nix-darwin manages the `github-runner` user shared among all instances. Take care of creating your own users if that's not what you want. - Also creates the necessary directories for state, logs and the working directory (unless `workDir != null`). - Warn if a `tokenFile` points to the Nix store.
veehaitch
added a commit
to yaxitech/nix-darwin
that referenced
this pull request
Feb 26, 2024
While LnL7#859 added basic support for configuring GitHub runners through nix-darwin, it did not yet support all of the options the NixOS module offers. I am aware that this is a rather big overhaul. I think, however, that it's worth it: - Copies the `options.nix` from the [NixOS module] with only minor adaptations. This should help to keep track of any changes to it. - Respect the `workDir` config option. So far, the implementation didn't even read the value of the option. - Allow configuring a custom user and group. If both are `null`, nix-darwin manages the `github-runner` user shared among all instances. Take care of creating your own users if that's not what you want. - Also creates the necessary directories for state, logs and the working directory (unless `workDir != null`). It uses the following locations: * state: `/var/lib/github-runners/${name}` * logs: `/var/log/github-runners/${name}` * work: The value of `workDir` or `/var/run/github-runners/${name}` if (`workDir == null`). We have to create the logs directory before starting the service since launchd expects that the `Standard{Error,Out}Path` exist. We do this by prepending to `system.activationScripts.launchd.text`. All directories belong to the configured `user` and `group`. - Warn if a `tokenFile` points to the Nix store. [NixOS module]: https://github.com/NixOS/nixpkgs/blob/3c30c56/nixos/modules/services/continuous-integration/github-runner/options.nix [`activationScripts.launchd.text`]: https://github.com/LnL7/nix-darwin/blob/bbde06b/modules/system/launchd.nix#L99-L123
veehaitch
added a commit
to yaxitech/nix-darwin
that referenced
this pull request
Feb 26, 2024
While LnL7#859 added basic support for configuring GitHub runners through nix-darwin, it did not yet support all of the options the NixOS module offers. I am aware that this is a rather big overhaul. I think, however, that it's worth it: - Copies the `options.nix` from the [NixOS module] with only minor adaptations. This should help to keep track of any changes to it. - Respect the `workDir` config option. So far, the implementation didn't even read the value of the option. - Allow configuring a custom user and group. If both are `null`, nix-darwin manages the `_github-runner` user shared among all instances. Take care of creating your own users if that's not what you want. - Also creates the necessary directories for state, logs and the working directory (unless `workDir != null`). It uses the following locations: * state: `/var/lib/github-runners/${name}` * logs: `/var/log/github-runners/${name}` * work: The value of `workDir` or `/var/run/github-runners/${name}` if (`workDir == null`). We have to create the logs directory before starting the service since launchd expects that the `Standard{Error,Out}Path` exist. We do this by prepending to [`system.activationScripts.launchd.text`]. All directories belong to the configured `user` and `group`. - Warn if a `tokenFile` points to the Nix store. [NixOS module]: https://github.com/NixOS/nixpkgs/blob/3c30c56/nixos/modules/services/continuous-integration/github-runner/options.nix [`system.activationScripts.launchd.text`]: https://github.com/LnL7/nix-darwin/blob/bbde06b/modules/system/launchd.nix#L99-L123
veehaitch
added a commit
to yaxitech/nix-darwin
that referenced
this pull request
Feb 28, 2024
While LnL7#859 added basic support for configuring GitHub runners through nix-darwin, it did not yet support all of the options the NixOS module offers. I am aware that this is a rather big overhaul. I think, however, that it's worth it: - Copies the `options.nix` from the [NixOS module] with only minor adaptations. This should help to keep track of any changes to it. - Respect the `workDir` config option. So far, the implementation didn't even read the value of the option. - Allow configuring a custom user and group. If both are `null`, nix-darwin manages the `_github-runner` user shared among all instances. Take care of creating your own users if that's not what you want. - Also creates the necessary directories for state, logs and the working directory (unless `workDir != null`). It uses the following locations: * state: `/var/lib/github-runners/${name}` * logs: `/var/log/github-runners/${name}` * work: The value of `workDir` or `/var/run/github-runners/${name}` if (`workDir == null`). We have to create the logs directory before starting the service since launchd expects that the `Standard{Error,Out}Path` exist. We do this by prepending to [`system.activationScripts.launchd.text`]. All directories belong to the configured `user` and `group`. - Warn if a `tokenFile` points to the Nix store. [NixOS module]: https://github.com/NixOS/nixpkgs/blob/3c30c56/nixos/modules/services/continuous-integration/github-runner/options.nix [`system.activationScripts.launchd.text`]: https://github.com/LnL7/nix-darwin/blob/bbde06b/modules/system/launchd.nix#L99-L123
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds a new module which allows to configure multiple GitHub self-hosted runners on Darwin. The module is heavily inspired by the nixpkgs NixOS module. Its implementation differs in some ways:
Closes #582