Update the README for aarch64 runner

aiidalab · Sep 11, 2023 · 0124f6f · 0124f6f
1 parent 3266e81
commit 0124f6f
Show file tree

Hide file tree

Showing 2 changed files with 93 additions and 12 deletions.
diff --git a/aarch64-runner/README.md b/aarch64-runner/README.md
@@ -0,0 +1,41 @@
+# Self-hosted runners
+
+For building `aarch64` images, we use self-hosted GitHub runners.
+The runner is hosted on the apple silicon machine in PSI.
+
+Configure your runner:
+
+1. Run under `root`:
+
+    XXX: change the xx to the correct repo name after merged
+   ```bash
+   /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/xx/HEAD/aarch64-runner/setup.sh)"
+   ```
+
+   This will perform the initial runner setup and create a user `runner-user`.
+
+2. Run under `root`, Start docker service, we use [`colima`](https://github.com/abiosoft/colima) as the container runtime:
+
+   ```bash
+   colima start
+   ```
+
+3. Setup new GitHub Runner under `runner-user` using [GitHub Instructions](https://docs.github.com/en/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners).
+   **Do not `./run.sh` yet**.
+   **In the first step, use folder `actions-runner-aiidalab` to distinguish from the other runners.**
+
+4. Run under `runner-user`, install the runner as a service:
+
+   ```bash
+   cd /Users/runner-user/actions-runner-aiidalab/ && ./svc.sh install
+   ```
+   This will create the plist file for the runner service, it is not able to run it with the non-gui user. 
+   As shown in the [issue](https://github.com/actions/runner/issues/1056#issuecomment-1237426462), real services start on boot, not on login so on macOS this means the service needs to be a `LaunchDaemon` and not a `LaunchAgent`.
+
+   ```bash
+   sudo mv /Users/runner-user/Library/LaunchAgents/actions.runner.*.plist /Library/LaunchDaemons/
+   sudo chown root:wheel /Library/LaunchDaemons/actions.runner.*.plist
+   sudo /bin/launchctl load /Library/LaunchDaemons/actions.runner.aiidalab.Jusong-MacBook-Air.plist
+   ```
+
+5. Reboot the VM to apply all updates and run GitHub runner.
diff --git a/aarch64-runner/setup.sh b/aarch64-runner/setup.sh
@@ -3,27 +3,67 @@ set -ex
 
 GITHUB_RUNNER_USER="runner-user"
 
-if [ "$EUID" -ne 0 ]; then
-    echo "Please run as root"
-    exit 1
-fi
+if  [ $UID -ne 0 ] ; then echo "Please run $0 as root." && exit 1; fi
+
+getHiddenUserUid()
+{
+    local __UIDS=$(dscl . -list /Users UniqueID | awk '{print $2}' | sort -ugr)
+
+    #echo $__UIDS
+    local __NewUID
+    for __NewUID in $__UIDS
+    do
+        if [[ $__NewUID -lt 499 ]] ; then
+            break;
+        fi
+    done
 
-# Install homebrew
-/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)"
+    echo $((__NewUID+1))
+}
+
+getInteractiveUserUid()
+{
+    # Find out the next available user ID
+    local __MAXID=$(dscl . -list /Users UniqueID | awk '{print $2}' | sort -ug | tail -1)
+    echo $((__MAXID+1))
+}
 
 
 echo "Setting up runner-user, who will run GitHub Actions runner"
-adduser --disabled-password --gecos "" ${GITHUB_RUNNER_USER}
-mkdir /home/${GITHUB_RUNNER_USER}/.ssh/
-cp "/home/${SUDO_USER}/.ssh/authorized_keys" "/home/${GITHUB_RUNNER_USER}/.ssh/authorized_keys"
-chown --recursive ${GITHUB_RUNNER_USER}:${GITHUB_RUNNER_USER} /home/${GITHUB_RUNNER_USER}/.ssh
 
+# Create the user account by running dscl (normally you would have to do each of these commands one
+# by one in an obnoxious and time consuming way.
+
+FULLNAME="Runner User"
+USERID=$(getInteractiveUserUid)
+GROUPID=20
+
+read -s -p "Enter a password for this user: " PASSWORD
+echo
+read -s -p "Validate a password: " PASSWORD_VALIDATE
+echo
+
+if [[ $PASSWORD != $PASSWORD_VALIDATE ]] ; then
+    echo "Passwords do not match!"
+    exit 1;
+fi
+
+sysadminctl -addUser ${GITHUB_RUNNER_USER} -fullName "${FULLNAME}" -UID ${USERID} -GID ${GROUPID} -password "${PASSWORD}" -home /Users/${GITHUB_RUNNER_USER} -admin
+
+mkdir -p /Users/${GITHUB_RUNNER_USER}/.ssh/
+cp "/Users/${SUDO_USER}/.ssh/authorized_keys" "/Users/${GITHUB_RUNNER_USER}/.ssh/authorized_keys" || true
+chown -R $USERID:$GROUPID /Users/${GITHUB_RUNNER_USER}/.ssh
+
+# Install homebrew (as runner-user)
+echo "Setting up homebrew"
+sudo -i -u ${GITHUB_RUNNER_USER} bash << EOF
+curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh
 echo "Setting up python3"
 brew install python3
 curl -sS https://bootstrap.pypa.io/get-pip.py | python3
-
 echo "Setting up docker"
 brew install docker
+brew install colima
+EOF
 
-usermod -aG docker ${GITHUB_RUNNER_USER}
 chmod 666 /var/run/docker.sock