Skip to content

Commit

Permalink
feat(config): support generic backend provider
Browse files Browse the repository at this point in the history 
Custom AWS instance profile is not available anymore. Any backend
profile must come from a slab.toml file in repository that
uses the action. Now only the name of the provider and the name
of the profile is needed.
  • Loading branch information
@soonum
soonum committed Mar 11, 2024
1 parent 8562abb commit 64d481b
Show file tree
Hide file tree
Showing 8 changed files with 96 additions and 317 deletions.
32 changes: 4 additions & 28 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,11 +57,10 @@ jobs:
with:
mode: start
github-token: ${{ secrets.SLAB_ACTION_TOKEN }}
slab-url: ${{ secrets.SLAB_BASE_URL }}
slab-url: ${{ secrets.SLAB_BASE_URL_PRE_PROD }}
job-secret: ${{ secrets.JOB_SECRET }}
region: eu-west-3
ec2-image-id: ami-01d21b7be69801c2f # Ubuntu 22.04
ec2-instance-type: t3.2xlarge
backend: aws
profile: ci-test

- name: Test stop instance
id: test-stop
Expand All @@ -70,29 +69,6 @@ jobs:
with:
mode: stop
github-token: ${{ secrets.SLAB_ACTION_TOKEN }}
slab-url: ${{ secrets.SLAB_BASE_URL }}
slab-url: ${{ secrets.SLAB_BASE_URL_PRE_PROD }}
job-secret: ${{ secrets.JOB_SECRET }}
region: eu-west-3
label: ${{ steps.test-start.outputs.label }}

- name: Test start instance with profile
id: test-start-profile
uses: ./
with:
mode: start
github-token: ${{ secrets.SLAB_ACTION_TOKEN }}
slab-url: ${{ secrets.SLAB_BASE_URL }}
job-secret: ${{ secrets.JOB_SECRET }}
profile: ci-test

- name: Test stop instance with profile
id: test-stop-profile
if: ${{ always() }}
uses: ./
with:
mode: stop
github-token: ${{ secrets.SLAB_ACTION_TOKEN }}
slab-url: ${{ secrets.SLAB_BASE_URL }}
job-secret: ${{ secrets.JOB_SECRET }}
profile: ci-test
label: ${{ steps.test-start-profile.outputs.label }}
83 changes: 14 additions & 69 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,80 +21,25 @@ See [below](#example) the YAML code of the depicted workflow.

### Inputs

| Name | Required | Description |
|----------------------|-------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `mode` | Always required. | Specify here which mode you want to use: `start` to start a new runner, `stop` to stop the previously created runner. |
| `github-token` | Always required. | GitHub Personal Access Token with the `repo` scope assigned. |
| `slab-url` | Always required. | URL to Slab CI server. |
| `job-secret` | Always required. | Secret key used by Slab to perform HMAC computation. |
| `profile` | Optional. | Profile to use as described slab.toml file in repository that uses the action. |
| `region` | Required if you don't use `profile`. | AWS deploy region. |
| `ec2-image-id` | Required if you don't use `profile` with `start` mode. | EC2 Image ID (AMI).The new runner will be launched from this image. The action is compatible with Amazon Linux 2 images. |
| `ec2-instance-type` | Required if you don't use `profile` with `start` mode. | EC2 Instance Type. |
| `subnet-id` | Optional. Used only if you don't use `profile` with `start` mode. | VPC Subnet ID.The subnet should belong to the same VPC as the specified security group. |
| `security-group-ids` | Optional. Used only if you don't use `profile` with `start` mode. | EC2 Security Group IDs.The security group should belong to the same VPC as the specified subnet.Only the outbound traffic for port 443 should be allowed. No inbound traffic is required. |
| `label` | Required if you don't use `profile` with `stop` mode. | Name of the unique label assigned to the runner.The label is provided by the output of the action in the `start` mode.The label is used to remove the runner from GitHub when the runner is not needed anymore. |
| Name | Required | Description |
|----------------|-----------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `mode` | Always required. | Specify here which mode you want to use: `start` to start a new runner, `stop` to stop the previously created runner. |
| `github-token` | Always required. | GitHub Personal Access Token with the `repo` scope assigned. |
| `slab-url` | Always required. | URL to Slab CI server. |
| `job-secret` | Always required. | Secret key used by Slab to perform HMAC computation. |
| `backend` | Required with `start` mode. | Backend provider name to look for in slab.toml file in repository that uses the action. |
| `profile` | Required with `start` mode. | Profile to use as described slab.toml file in repository that uses the action. |
| `label` | Required with `stop` mode. | Name of the unique label assigned to the runner.The label is provided by the output of the action in the `start` mode.The label is used to remove the runner from GitHub when the runner is not needed anymore. |

### Outputs

| Name | Description |
|-------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `label` | Name of the unique label assigned to the runner. The label is used in two cases: to use as the input of `runs-on` property for the following jobs and to remove the runner from GitHub when it is not needed anymore. |
| `ec2-instance-id` | EC2 Instance ID of the created runner.The ID is used to terminate the EC2 instance when the runner is not needed anymore. |
| Name | Description |
|---------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `label` | Name of the unique label assigned to the runner. The label is used in two cases: to use as the input of `runs-on` property for the following jobs and to remove the runner from GitHub when it is not needed anymore. |

### Examples

The workflow showed in the picture above and declared in `do-the-job.yml` looks like this:

```yml
name: do-the-job
on: pull_request
jobs:
start-runner:
name: Start self-hosted EC2 runner
runs-on: ubuntu-latest
outputs:
label: ${{ steps.start-ec2-runner.outputs.label }}
ec2-instance-id: ${{ steps.start-ec2-runner.outputs.ec2-instance-id }}
steps:
- name: Start EC2 runner
id: start-ec2-runner
uses: zama-ai/slab-github-runner@v1
with:
mode: start
github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}
region: eu-west-3
ec2-image-id: ami-123
ec2-instance-type: t3.nano
subnet-id: subnet-123 # Optional
security-group-id: sg-123 # Optional

do-the-job:
name: Do the job on the runner
needs: start-runner # required to start the main job when the runner is ready
runs-on: ${{ needs.start-runner.outputs.label }} # run the job on the newly created runner
steps:
- name: Hello World
run: echo 'Hello World!'

stop-runner:
name: Stop self-hosted EC2 runner
needs:
- start-runner # required to get output from the start-runner job
- do-the-job # required to wait when the main job is done
runs-on: ubuntu-latest
if: ${{ always() }} # required to stop the runner even if the error happened in the previous jobs
steps:
- name: Stop EC2 runner
uses: zama-ai/slab-github-runner@v1
with:
mode: stop
github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}
region: eu-west-3
label: ${{ needs.start-runner.outputs.label }}
```
Here's the same workflow but using a profile declared in `ci/slab.toml` within the calling repository
Here's an example workflow. It uses a backend profile declared in `ci/slab.toml` within the calling repository

```yml
name: do-the-job
Expand All @@ -113,6 +58,7 @@ jobs:
with:
mode: start
github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}
backend: aws
profile: cpu-test

do-the-job:
Expand All @@ -131,7 +77,6 @@ jobs:
with:
mode: stop
github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}
profile: cpu-test
label: ${{ needs.start-runner.outputs.label }}
```
Expand Down
38 changes: 4 additions & 34 deletions action.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,52 +23,22 @@ inputs:
description: >-
Secret key used by Slab to perform HMAC computation.
required: true
profile:
description: >-
Profile to use as described slab.toml file in repository that uses the action.
required: false
region:
description: >-
AWS deployment region.
Mutually exclusive with 'profile' input.
required: false
ec2-image-id:
description: >-
EC2 Image Id (AMI). The new runner will be launched from this image.
This input is required if you use the 'start' mode.
Mutually exclusive with 'profile' input.
required: false
ec2-instance-type:
backend:
description: >-
EC2 Instance Type.
Backend provider name to look for in slab.toml file in repository that uses the action.
This input is required if you use the 'start' mode.
Mutually exclusive with 'profile' input.
required: false
subnet-id:
profile:
description: >-
VPC Subnet Id. The subnet should belong to the same VPC as the specified security group.
Profile to use as described slab.toml file in repository that uses the action.
This input is required if you use the 'start' mode.
Mutually exclusive with 'profile' input.
required: false
security-group-ids:
description: >-
EC2 Security Group Ids.
The security group should belong to the same VPC as the specified subnet.
The runner doesn't require any inbound traffic. However, outbound traffic should be allowed.
Mutually exclusive with 'profile' input.
required: false
label:
description: >-
Name of the unique label assigned to the runner.
The label is used to remove the runner from GitHub when the runner is not needed anymore.
This input is required if you use the 'stop' mode.
required: false
ec2-instance-id:
description: >-
EC2 Instance Id of the created runner.
The id is used to terminate the EC2 instance when the runner is not needed anymore.
This input is required if you use the 'stop' mode.
required: false

outputs:
label:
Expand Down
10 changes: 4 additions & 6 deletions ci/slab.toml
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,9 @@
# This profile is dedicated to test action behavior by replicating
#profiles that can be found on repository using this workflow.
[profile.ci-test]
# profiles that can be found on repository using this workflow.
[backend.aws.ci-test]
region = "eu-west-3"
image_id = "ami-01d21b7be69801c2f" # Ubuntu 22.04
instance_type = "t3.2xlarge"

[command.placeholder]
workflow = "no-workflow.yml"
profile = "ci-test"
check_run_name = "Placeholder command to test slab action"
[profile]
[command]
Loading

0 comments on commit 64d481b

Please sign in to comment.