add kaniko-sidecar + workflows

Author: eksrha

.github/workflows/build-pr.yml

@@ -9,7 +9,7 @@ jobs:
     secrets:
       token: ${{ secrets.GITHUB_TOKEN }}
 
-  build:
+  build_base:
     runs-on: ubuntu-latest
     needs: generate_infos
     steps:
@@ -28,11 +28,18 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v1
 
-      - name: Build github-runner-base
+      - name: Build github-actions-runner:base
         uses: docker/build-push-action@v2
         with:
-          context: ./
+          context: ./images/base
           push: false
           tags: |
-            ghcr.io/${{ github.repository_owner }}/github-runner-base:latest
-            ghcr.io/${{ github.repository_owner }}/github-runner-base:${{needs.generate_infos.outputs.version}}
+            ghcr.io/${{ github.repository_owner }}/github-actions-runner:base-pr-${{ github.event.pull_request.number }}
+
+      - name: Build github-actions-runner:kaniko-sidecar
+        uses: docker/build-push-action@v2
+        with:
+          context: ./images/kaniko-sidecar
+          push: false
+          tags: |
+            ghcr.io/${{ github.repository_owner }}/github-actions-runner:kaniko-sidecar-pr-${{ github.event.pull_request.number }}

.github/workflows/cleanup-pr.yml

@@ -0,0 +1,25 @@
+name: Cleanup PR
+
+on:
+  pull_request:
+    types: [closed]
+
+jobs:
+  purge-image:
+    name: Delete image from ghcr.io
+    runs-on: ubuntu-latest
+    steps:
+      - name: Delete base image
+        uses: bots-house/ghcr-delete-image-action@v1
+        with:
+          owner: ${{ github.repository_owner }}
+          name: github-actions-runner
+          token: ${{ secrets.GITHUB_TOKEN }}
+          tag: base-pr-${{ github.event.pull_request.number }}
+      - name: Delete kaniko-sidecar image
+        uses: bots-house/ghcr-delete-image-action@v1
+        with:
+          owner: ${{ github.repository_owner }}
+          name: github-actions-runner
+          token: ${{ secrets.GITHUB_TOKEN }}
+          tag: kaniko-sidecar-pr-${{ github.event.pull_request.number }}

README.md

@@ -21,6 +21,7 @@ For the helm values see the [values.yaml](helm/values.yaml), section `envValues`
 | `GH_URL`          | string | `https://github.com`     | For GitHub Enterprise support                                        |
 | `GH_API_ENDPOINT` | string | `https://api.github.com` | For GitHub Enterprise support eg.: `https://git.example.com/api/v3/` |
 | `GH_REPO`         | string |                          | installing a runner to a spezific repository                         |
+| `KANIKO_ENABLED`  | bool   | `false`                  | enable builds with kaniko (works only with kaniko-sidecar)           |
 
 ---
 
@@ -69,14 +70,14 @@ services:
     environment:
       GH_ORG: fullstack-devops
       GH_ACCESS_TOKEN: ghp_****
+      KANIKO_ENABLED: "true"
     volumes:
       - kaniko_workspace:/kaniko/workspace
 
   github-action-runner-kaniko:
     image: github-action-runner:kaniko-sidecar-latest
     volumes:
       - kaniko_workspace:/kaniko/workspace
-
 ```
 
 ### kubernetes pod

images/base/helper-scripts/gh-entrypoint.sh

@@ -40,7 +40,7 @@ if [ -z ${RUNNER_HOME} ]; then
     exit 1
 fi
 
-if [ "$KANIKO_ENABLED" == "1" ]; then
+if [ "$KANIKO_ENABLED" == "true" ]; then
     readonly GH_WORKDIR=$GH_KANIKO_WORKDIR
     echo "Build container via Kaniko: enabled"
 else

images/kaniko-sidecar/Dockerfile

@@ -0,0 +1,5 @@
+FROM gcr.io/kaniko-project/executor:v1.8.0-debug
+
+COPY kaniko-entrypoint.sh /kaniko/kaniko-entrypoint.sh
+WORKDIR /
+ENTRYPOINT ["/kaniko/kaniko-entrypoint.sh"]

images/kaniko-sidecar/kaniko-entrypoint.sh

@@ -0,0 +1,15 @@
+#!/busybox/sh
+while [ true ]
+do
+    echo "kaniko container waiting for pipe"
+    while [ ! -p /kaniko/workspace/log ]; do sleep 1; done
+    echo "kaniko container executing"
+    /busybox/sh /kaniko/workspace/start.sh > /kaniko/workspace/log 2>&1
+    echo $? > /kaniko/workspace/returncode
+    if [ ! -f "/busybox/sh" ]; then
+        echo "kaniko self destructed. restarting container"
+        exit 1
+    fi
+    echo "kaniko container end"
+    sleep 5
+done