Merge pull request #5 from fullstack-devops/feature/ansible-k8s

add ansible flavor + mod workflows

Author: eksrha

.github/workflows/build-pr.yml

@@ -46,3 +46,15 @@ jobs:
           push: true
           tags: |
             ${{ env.IMAGE_BASE }}:kaniko-sidecar-pr-${{ github.event.pull_request.number }}
+
+      - name: link child image to current pr
+        run: |
+          sed -i --expression "s@FROM.*@FROM ${{ env.IMAGE_BASE }}:base-pr-${{ github.event.pull_request.number }}@g" images/ansible-k8s/Dockerfile
+
+      - name: Build github-actions-runner:ansible-k8s
+        uses: docker/build-push-action@v2
+        with:
+          context: ./images/ansible-k8s
+          push: true
+          tags: |
+            ${{ env.IMAGE_BASE }}:ansible-k8s-pr-${{ github.event.pull_request.number }}

.github/workflows/cleanup-pr.yml

@@ -10,16 +10,23 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Delete base image
-        uses: bots-house/ghcr-delete-image-action@v1
+        uses: bots-house/ghcr-delete-image-action@v1.0.0
         with:
           owner: ${{ github.repository_owner }}
           name: github-actions-runner
           token: ${{ secrets.GITHUB_TOKEN }}
           tag: base-pr-${{ github.event.pull_request.number }}
       - name: Delete kaniko-sidecar image
-        uses: bots-house/ghcr-delete-image-action@v1
+        uses: bots-house/ghcr-delete-image-action@v1.0.0
         with:
           owner: ${{ github.repository_owner }}
           name: github-actions-runner
           token: ${{ secrets.GITHUB_TOKEN }}
-          tag: kaniko-sidecar-pr-${{ github.event.pull_request.number }}
+          tag: kaniko-sidecar-pr-${{ github.event.pull_request.number }}
+      - name: Delete kaniko-sidecar image
+        uses: bots-house/[email protected]
+        with:
+          owner: ${{ github.repository_owner }}
+          name: github-actions-runner
+          token: ${{ secrets.GITHUB_TOKEN }}
+          tag: ansible-k8s-pr-${{ github.event.pull_request.number }}

.github/workflows/create-release.yml

@@ -43,17 +43,31 @@ jobs:
           context: ./images/base
           push: true
           tags: |
-            ${IMAGE_BASE}:latest
-            ${IMAGE_BASE}:base-latest
-            ${IMAGE_BASE}:base-${{needs.create_release.outputs.version}}
+            ${{ env.IMAGE_BASE }}:latest
+            ${{ env.IMAGE_BASE }}:base-latest
+            ${{ env.IMAGE_BASE }}:base-${{needs.create_release.outputs.version}}
 
       - name: Build github-actions-runner:kaniko-sidecar
         uses: docker/build-push-action@v2
         with:
           context: ./images/kaniko-sidecar
           push: true
           tags: |
-            ${IMAGE_BASE}:kaniko-sidecar-${{needs.create_release.outputs.version}}
+            ${{ env.IMAGE_BASE }}:kaniko-sidecar-latest
+            ${{ env.IMAGE_BASE }}:kaniko-sidecar-${{needs.create_release.outputs.version}}
+
+      - name: link child image to current version
+        run: |
+          sed -i --expression "s@FROM.*@FROM ${{ env.IMAGE_BASE }}:base-${{ needs.create_release.outputs.version }}@g" images/ansible-k8s/Dockerfile
+
+      - name: Build github-actions-runner:ansible-k8s
+        uses: docker/build-push-action@v2
+        with:
+          context: ./images/ansible-k8s
+          push: true
+          tags: |
+            ${{ env.IMAGE_BASE }}:ansible-k8s-latest
+            ${{ env.IMAGE_BASE }}:ansible-k8s-${{needs.create_release.outputs.version}}
 
   publish_release:
     runs-on: ubuntu-latest

README.md

@@ -1,6 +1,13 @@
 # github-runner-base
 Base Image for github runner images in repo @fullstack-devops/github-runner. Can also be used as standalone image.
 
+Available Containers:
+| Name                                                                   | Description                                                                                                            |
+|------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------|
+| `ghcr.io/fullstack-devops/github-actions-runner:base-latest`           | Base runner with nothing fancy installed                                                                               |
+| `ghcr.io/fullstack-devops/github-actions-runner:kaniko-sidecar-latest` | Sidecar used by Runner to build containers without root privileges                                                     |
+| `ghcr.io/fullstack-devops/github-actions-runner:ansible-k8s-latest`    | Rrunner with ansible, kubectl and helm installed <br> For more Details see [Dockerfile](images/ansible-k8s/Dockerfile) |
+
 ---
 
 ## Environmental variables
@@ -82,7 +89,33 @@ services:
 
 ### kubernetes pod
 
-tbd
+```yaml
+apiVersion: v1
+kind: Pod
+metadata:
+  name: gha-runner-kaniko
+spec:
+  volumes:
+    - name: workspace-volume
+      emptyDir: {}
+  containers:
+    - name: github-actions-runner
+      image: ghcr.io/fullstack-devops/github-actions-runner:base-latest
+      resources: {}
+      volumeMounts:
+        - name: workspace-volume
+          mountPath: /kaniko/workspace/    
+      imagePullPolicy: Never
+      tty: true
+    - name: kaniko-sidecar
+      image: ghcr.io/fullstack-devops/github-actions-runner:kaniko-sidecar-latest
+      resources: {}
+      volumeMounts:
+        - name: workspace-volume
+          mountPath: /kaniko/workspace/
+      imagePullPolicy: Never
+  restartPolicy: Never
+```
 
 ### helm
 

images/ansible-k8s/Dockerfile

@@ -0,0 +1,42 @@
+FROM ghcr.io/fullstack-devops/github-actions-runner:base-latest
+
+USER root
+# install packages along with jq so we can parse JSON
+# add additional packages as necessary
+ARG PACKAGES="ansible"
+
+RUN apt-get update \
+  && apt-get install -y --no-install-recommends ${PACKAGES} \
+  && rm -rf /var/lib/apt/lists/* \
+  && apt-get clean
+
+ENV GH_RUNNER_LABELS="ubuntu-20.04,ansible-k8s"
+ARG KUBECTL_VERSION=1.21.0
+ARG HELM_VERSION=3.6.3
+
+# Install kubectl
+RUN wget -q https://storage.googleapis.com/kubernetes-release/release/v${KUBECTL_VERSION}/bin/linux/amd64/kubectl -O /usr/local/bin/kubectl \
+  && chmod +x /usr/local/bin/kubectl
+
+# Install helm
+RUN wget -q https://get.helm.sh/helm-v${HELM_VERSION}-linux-amd64.tar.gz -O - | tar -xzO linux-amd64/helm > /usr/local/bin/helm \
+  && chmod +x /usr/local/bin/helm
+
+ENV TMP_DIR=/home/${USERNAME}/tmp
+
+RUN mkdir /home/${USERNAME}/.ansible
+RUN mkdir ${TMP_DIR}
+
+COPY requirements.yml ${TMP_DIR}/requirements.yml
+
+RUN chown -R ${USERNAME} /home/${USERNAME}
+
+USER ${USERNAME}
+
+RUN ansible-galaxy install -c -r ${TMP_DIR}/requirements.yml
+RUN ansible-galaxy collection install -c -r ${TMP_DIR}/requirements.yml
+
+# install helm plugins helm push, appr && diff
+RUN helm plugin install --version 0.10.2 https://github.com/chartmuseum/helm-push.git \
+  && helm plugin install --version 0.7.0 https://github.com/app-registry/appr-helm-plugin.git \
+  && helm plugin install --version 3.4.2 https://github.com/databus23/helm-diff

images/ansible-k8s/requirements.yml

@@ -0,0 +1,11 @@
+---
+roles:
+  - name: geerlingguy.helm
+    version: 1.0.0
+
+collections:
+  - name: kubernetes.core
+    version: 1.2.0
+
+  - name: community.kubernetes
+    version: 1.0.0