From e8bbc126dc3316f46676d8a5a1a14992d7584fe8 Mon Sep 17 00:00:00 2001 From: Daniele Franceschi Date: Wed, 2 Aug 2023 17:39:24 +0200 Subject: [PATCH 1/8] add enterprise support --- README.md | 24 +++++++++++++++++++++--- defaults/main.yml | 3 +++ tasks/assert.yml | 4 +++- tasks/collect_info.yml | 11 ++++++++--- tasks/install_runner.yml | 9 +++++++-- 5 files changed, 42 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 394ad5c..c8f34be 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ This role will deploy/redeploy/uninstall and register/unregister local GitHub Actions Runner on Linux and macOS Systems (see [compatibility list](#supported-operating-systems) ). -It supports both, Organization and Repository Runners. +It supports Enterprise, Organization and Repository Runners. ## Requirements @@ -18,7 +18,8 @@ It supports both, Organization and Repository Runners. * The role require Personal Access Token to access the GitHub. The token can be set as `PERSONAL_ACCESS_TOKEN` environment variable. > **Note** -> The token must have the `repo` scope (when creating a repo runner) or the `admin:org` scope (when creating a runner for an organization). +> The token must have the `repo` scope (when creating a repo runner), the `admin:org` scope (when creating a runner for an organization), +> the `manage_runners:enterprise` scope (when creating a enterprise runner). Personal Access Token for GitHub account can be created [here](https://github.com/settings/tokens). > **Warning** @@ -112,6 +113,9 @@ runner_name: "{{ ansible_hostname }}" # Github repository name # github_repo: "yourrepo" +# GitHub Enterprise name +# github_enterprise: "yourenterprise" + # Configuring a custom .env file # custom_env: | # http_proxy=YOUR_URL_HERE @@ -122,7 +126,7 @@ runner_name: "{{ ansible_hostname }}" # HTTP_PROXY= ``` -## Example Playbook +## Example Playbooks In this example the Ansible role will install (or update) the GitHub Actions Runner service (latest available version). The runner will be registered for *my_awesome_repo* GitHub repo. Runner service will be stated and will run under the same user as the Ansible is using for ssh connection (*ansible*). @@ -156,6 +160,20 @@ Same example as above, but runner will be added to an organization and deployed - role: monolithprojects.github_actions_runner ``` +If you have a Github Enterprise Cloud license and you want to manage all the self-hosted runners from the enterprise: +```yaml +--- +- name: Install GitHub Actions Runner + hosts: all + user: automation + become: yes + vars: + - github_enterprise: my_awesome_enterprise + - runner_org: no + roles: + - role: monolithprojects.github_actions_runner +``` + In this example the Ansible role will deploy (or update) the GitHub Actions runner service (version 2.165.2) and register the runner for the GitHub repo. Runner service will run under the user `runner-user`. Runner will be registered with two labels. The runner service will be *stopped* and disabled. Runner will use custom environment variables (from file named `.env` in the self-hosted runner application directory). diff --git a/defaults/main.yml b/defaults/main.yml index b7148c6..fa0d527 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -54,6 +54,9 @@ runner_name: "{{ ansible_hostname }}" # Github repository name # github_repo: "yourrepo" +# GitHub Enterprise name +# github_enterprise: "yourenterprise" + # Configuring a custom .env file # custom_env: | # http_proxy=YOUR_URL_HERE diff --git a/tasks/assert.yml b/tasks/assert.yml index 966c6b0..eb8b215 100644 --- a/tasks/assert.yml +++ b/tasks/assert.yml @@ -5,6 +5,7 @@ - github_account is defined fail_msg: "github_account is not defined" run_once: true + when: not github_enterprise - name: Check access_token variable (RUN ONCE) ansible.builtin.assert: @@ -20,6 +21,7 @@ - runner_org | bool == True or runner_org == False fail_msg: "runner_org should be a boolean value" run_once: true + when: not github_enterprise - name: Check github_repo variable (RUN ONCE) ansible.builtin.assert: @@ -28,4 +30,4 @@ - github_repo | length > 0 fail_msg: "github_repo was not found or is using an invalid format." run_once: true - when: not runner_org + when: not runner_org and not github_enterprise diff --git a/tasks/collect_info.yml b/tasks/collect_info.yml index cfee494..3f4d2b7 100644 --- a/tasks/collect_info.yml +++ b/tasks/collect_info.yml @@ -5,12 +5,17 @@ - name: Set complete API url for repo runner ansible.builtin.set_fact: github_full_api_url: "{{ github_api_url }}/repos/{{ github_owner | default(github_account) }}/{{ github_repo }}/actions/runners" - when: not runner_org + when: not runner_org and not runner_enterprise - name: Set complete API url for org runner ansible.builtin.set_fact: github_full_api_url: "{{ github_api_url }}/orgs/{{ github_owner | default(github_account) }}/actions/runners" - when: runner_org | bool + when: runner_org | bool and not runner_enterprise + + - name: Set complete API url for enterprise runner + ansible.builtin.set_fact: + github_full_api_url: "{{ github_api_url }}/enterprises/{{ github_enterprise }}/actions/runners" + when: runner_enterprise - name: Get registration token (RUN ONCE) ansible.builtin.uri: @@ -24,7 +29,7 @@ register: registration run_once: true - - name: Check currently registered runners for repo (RUN ONCE) + - name: Check currently registered runners (RUN ONCE) ansible.builtin.uri: url: "{{ github_full_api_url }}" headers: diff --git a/tasks/install_runner.yml b/tasks/install_runner.yml index 001fc87..0f77e94 100644 --- a/tasks/install_runner.yml +++ b/tasks/install_runner.yml @@ -51,12 +51,17 @@ - name: Set complete GitHub url for repo runner ansible.builtin.set_fact: github_full_url: "{{ github_url }}/{{ github_owner | default(github_account) }}/{{ github_repo }}" - when: not runner_org + when: not runner_org and not runner_enterprise - name: Set complete GitHub url for org runner ansible.builtin.set_fact: github_full_url: "{{ github_url }}/{{ github_owner | default(github_account) }}" - when: runner_org | bool + when: runner_org | bool and not runner_enterprise + +- name: Set complete GitHub url for enterprise runner + ansible.builtin.set_fact: + github_full_url: "{{ github_url }}/enterprises/{{ github_enterprise }}" + when: runner_enterprise - name: Register runner environment: From 693659f89af558514f2a7609080c44edb5e67bd5 Mon Sep 17 00:00:00 2001 From: Daniele Franceschi Date: Wed, 2 Aug 2023 17:48:57 +0200 Subject: [PATCH 2/8] fix variable check --- tasks/collect_info.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tasks/collect_info.yml b/tasks/collect_info.yml index 3f4d2b7..b13eb85 100644 --- a/tasks/collect_info.yml +++ b/tasks/collect_info.yml @@ -5,17 +5,17 @@ - name: Set complete API url for repo runner ansible.builtin.set_fact: github_full_api_url: "{{ github_api_url }}/repos/{{ github_owner | default(github_account) }}/{{ github_repo }}/actions/runners" - when: not runner_org and not runner_enterprise + when: not runner_org and not github_enterprise - name: Set complete API url for org runner ansible.builtin.set_fact: github_full_api_url: "{{ github_api_url }}/orgs/{{ github_owner | default(github_account) }}/actions/runners" - when: runner_org | bool and not runner_enterprise + when: runner_org | bool and not github_enterprise - name: Set complete API url for enterprise runner ansible.builtin.set_fact: github_full_api_url: "{{ github_api_url }}/enterprises/{{ github_enterprise }}/actions/runners" - when: runner_enterprise + when: github_enterprise - name: Get registration token (RUN ONCE) ansible.builtin.uri: From e45c1d496fa365e9defb7a7e3a14d8bfedabbe40 Mon Sep 17 00:00:00 2001 From: Daniele Franceschi Date: Wed, 2 Aug 2023 17:50:32 +0200 Subject: [PATCH 3/8] enable workflows on main --- .github/workflows/lint.yml | 1 + .github/workflows/tests.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index c3f879c..e90c363 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -5,6 +5,7 @@ on: push: branches: - master + - main jobs: lint: diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 9235011..8e17747 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -4,6 +4,7 @@ on: pull_request: branches: - master + - main types: [opened, synchronize, reopened] paths: - 'defaults/**' From e8bf4f035374f206942a1566800ea8a881a0996e Mon Sep 17 00:00:00 2001 From: Daniele Franceschi Date: Wed, 2 Aug 2023 17:53:24 +0200 Subject: [PATCH 4/8] fix varcheck again --- tasks/install_runner.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tasks/install_runner.yml b/tasks/install_runner.yml index 0f77e94..965bfb3 100644 --- a/tasks/install_runner.yml +++ b/tasks/install_runner.yml @@ -51,17 +51,17 @@ - name: Set complete GitHub url for repo runner ansible.builtin.set_fact: github_full_url: "{{ github_url }}/{{ github_owner | default(github_account) }}/{{ github_repo }}" - when: not runner_org and not runner_enterprise + when: not runner_org and not github_enterprise - name: Set complete GitHub url for org runner ansible.builtin.set_fact: github_full_url: "{{ github_url }}/{{ github_owner | default(github_account) }}" - when: runner_org | bool and not runner_enterprise + when: runner_org | bool and not github_enterprise - name: Set complete GitHub url for enterprise runner ansible.builtin.set_fact: github_full_url: "{{ github_url }}/enterprises/{{ github_enterprise }}" - when: runner_enterprise + when: github_enterprise - name: Register runner environment: From 18ec4043c7fb0f74250ecbd59a7e60055bac1588 Mon Sep 17 00:00:00 2001 From: Daniele Franceschi Date: Wed, 2 Aug 2023 17:59:14 +0200 Subject: [PATCH 5/8] fix linting and format --- .pre-commit-config.yaml | 40 ++++++------- defaults/main.yml | 6 +- tasks/collect_info.yml | 128 ++++++++++++++++++++-------------------- 3 files changed, 87 insertions(+), 87 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 710ab9a..83b3cb6 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,23 +1,23 @@ repos: - - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.0.1 - hooks: - - id: check-yaml - args: [--allow-multiple-documents] - - id: end-of-file-fixer - - id: trailing-whitespace - args: [--markdown-linebreak-ext=md] + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.0.1 + hooks: + - id: check-yaml + args: [--allow-multiple-documents] + - id: end-of-file-fixer + - id: trailing-whitespace + args: [--markdown-linebreak-ext=md] - - repo: https://github.com/adrienverge/yamllint - rev: v1.26.3 - hooks: - - id: yamllint - args: [-c=.yamllint] + - repo: https://github.com/adrienverge/yamllint + rev: v1.26.3 + hooks: + - id: yamllint + args: [-c=.yamllint] - - repo: https://github.com/robertdebock/pre-commit - rev: v1.2.3 - hooks: - - id: ansible_role_find_unused_variable - - id: ansible_role_find_empty_files - - id: ansible_role_find_empty_directories - - id: ansible_role_fix_readability + - repo: https://github.com/robertdebock/pre-commit + rev: v1.2.3 + hooks: + - id: ansible_role_find_unused_variable + - id: ansible_role_find_empty_files + - id: ansible_role_find_empty_directories + - id: ansible_role_fix_readability diff --git a/defaults/main.yml b/defaults/main.yml index fa0d527..eb6c744 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -12,10 +12,10 @@ runner_version: "latest" runner_state: "started" # If found on the server, delete already existing runner service and install it again -reinstall_runner: no +reinstall_runner: false # Do not show Ansible logs which may contain sensitive data (registration token) -hide_sensitive_logs: yes +hide_sensitive_logs: true # GitHub address github_url: "https://github.com" @@ -27,7 +27,7 @@ github_api_url: "https://api.github.com" access_token: "{{ lookup('env', 'PERSONAL_ACCESS_TOKEN') }}" # Is it the runner for organization or not? -runner_org: no +runner_org: false # Labels to apply to the runner runner_labels: [] diff --git a/tasks/collect_info.yml b/tasks/collect_info.yml index b13eb85..9c96fd0 100644 --- a/tasks/collect_info.yml +++ b/tasks/collect_info.yml @@ -2,76 +2,76 @@ - name: Info collections check_mode: false block: - - name: Set complete API url for repo runner - ansible.builtin.set_fact: - github_full_api_url: "{{ github_api_url }}/repos/{{ github_owner | default(github_account) }}/{{ github_repo }}/actions/runners" - when: not runner_org and not github_enterprise + - name: Set complete API url for repo runner + ansible.builtin.set_fact: + github_full_api_url: "{{ github_api_url }}/repos/{{ github_owner | default(github_account) }}/{{ github_repo }}/actions/runners" + when: not runner_org and not github_enterprise - - name: Set complete API url for org runner - ansible.builtin.set_fact: - github_full_api_url: "{{ github_api_url }}/orgs/{{ github_owner | default(github_account) }}/actions/runners" - when: runner_org | bool and not github_enterprise + - name: Set complete API url for org runner + ansible.builtin.set_fact: + github_full_api_url: "{{ github_api_url }}/orgs/{{ github_owner | default(github_account) }}/actions/runners" + when: runner_org | bool and not github_enterprise - - name: Set complete API url for enterprise runner - ansible.builtin.set_fact: - github_full_api_url: "{{ github_api_url }}/enterprises/{{ github_enterprise }}/actions/runners" - when: github_enterprise + - name: Set complete API url for enterprise runner + ansible.builtin.set_fact: + github_full_api_url: "{{ github_api_url }}/enterprises/{{ github_enterprise }}/actions/runners" + when: github_enterprise - - name: Get registration token (RUN ONCE) - ansible.builtin.uri: - url: "{{ github_full_api_url }}/registration-token" - headers: - Authorization: "token {{ access_token }}" - Accept: "application/vnd.github.v3+json" - method: POST - status_code: 201 - force_basic_auth: yes - register: registration - run_once: true + - name: Get registration token (RUN ONCE) + ansible.builtin.uri: + url: "{{ github_full_api_url }}/registration-token" + headers: + Authorization: "token {{ access_token }}" + Accept: "application/vnd.github.v3+json" + method: POST + status_code: 201 + force_basic_auth: true + register: registration + run_once: true - - name: Check currently registered runners (RUN ONCE) - ansible.builtin.uri: - url: "{{ github_full_api_url }}" - headers: - Authorization: "token {{ access_token }}" - Accept: "application/vnd.github.v3+json" - method: GET - status_code: 200 - force_basic_auth: yes - register: registered_runners - run_once: true + - name: Check currently registered runners (RUN ONCE) + ansible.builtin.uri: + url: "{{ github_full_api_url }}" + headers: + Authorization: "token {{ access_token }}" + Accept: "application/vnd.github.v3+json" + method: GET + status_code: 200 + force_basic_auth: true + register: registered_runners + run_once: true - - name: Get Runner User IDs - ansible.builtin.command: id -u "{{ runner_user }}" - changed_when: false - register: runner_user_id + - name: Get Runner User IDs + ansible.builtin.command: id -u "{{ runner_user }}" + changed_when: false + register: runner_user_id - - name: Get Runner Group IDs - ansible.builtin.command: id -g "{{ runner_user }}" - changed_when: false - register: runner_user_group_id + - name: Get Runner Group IDs + ansible.builtin.command: id -g "{{ runner_user }}" + changed_when: false + register: runner_user_group_id - - name: Set runner_system variable - ansible.builtin.set_fact: - runner_system: "{{ 'osx' if ansible_system == 'Darwin' else 'linux' }}" + - name: Set runner_system variable + ansible.builtin.set_fact: + runner_system: "{{ 'osx' if ansible_system == 'Darwin' else 'linux' }}" - - name: Find the latest runner version (RUN ONCE) - ansible.builtin.uri: - url: "https://api.github.com/repos/{{ runner_download_repository }}/releases/latest" - headers: - Content-Type: "application/json" - method: GET - return_content: yes - status_code: 200 - body_format: json - check_mode: false - register: api_response - run_once: true - become: false - delegate_to: localhost - when: runner_version == "latest" + - name: Find the latest runner version (RUN ONCE) + ansible.builtin.uri: + url: "https://api.github.com/repos/{{ runner_download_repository }}/releases/latest" + headers: + Content-Type: "application/json" + method: GET + return_content: true + status_code: 200 + body_format: json + check_mode: false + register: api_response + run_once: true + become: false + delegate_to: localhost + when: runner_version == "latest" - - name: Get systemd service facts - ansible.builtin.service_facts: - register: service_facts - when: ansible_system == "Linux" + - name: Get systemd service facts + ansible.builtin.service_facts: + register: service_facts + when: ansible_system == "Linux" From dcfba488e97dae765e23fb23ff0ffb19ace4660b Mon Sep 17 00:00:00 2001 From: Daniele Franceschi Date: Wed, 2 Aug 2023 18:03:49 +0200 Subject: [PATCH 6/8] fix linting --- tasks/install_deps.yml | 18 +++++++++--------- tasks/install_runner.yml | 6 +++--- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/tasks/install_deps.yml b/tasks/install_deps.yml index 8aa0b85..04202ce 100644 --- a/tasks/install_deps.yml +++ b/tasks/install_deps.yml @@ -10,7 +10,7 @@ - libssl1.1 - libicu57 state: present - update_cache: yes + update_cache: true when: (ansible_distribution == "Debian" and ansible_distribution_major_version == "9") - name: Install dependencies on Debian Buster @@ -23,7 +23,7 @@ - libssl1.1 - libicu63 state: present - update_cache: yes + update_cache: true when: (ansible_distribution == "Debian" and ansible_distribution_major_version == "10") - name: Install dependencies on Debian Bullseye @@ -36,7 +36,7 @@ - libssl1.1 - libicu67 state: present - update_cache: yes + update_cache: true when: (ansible_distribution == "Debian" and ansible_distribution_major_version == "11") - name: Install dependencies on Debian Bookworm @@ -49,7 +49,7 @@ - libssl3 - libicu72 state: present - update_cache: yes + update_cache: true when: (ansible_distribution == "Debian" and ansible_distribution_major_version == "12") - name: Install dependencies on Ubuntu Xenial systems @@ -62,7 +62,7 @@ - libssl1.0.0 - libicu55 state: present - update_cache: yes + update_cache: true when: (ansible_distribution == "Ubuntu" and ansible_distribution_major_version == "16") - name: Install dependencies on Ubuntu Bionic systems @@ -75,7 +75,7 @@ - libssl1.1 - libicu60 state: present - update_cache: yes + update_cache: true when: (ansible_distribution == "Ubuntu" and ansible_distribution_major_version == "18") - name: Install dependencies on Ubuntu Focal systems @@ -88,7 +88,7 @@ - libssl1.1 - libicu66 state: present - update_cache: yes + update_cache: true when: (ansible_distribution == "Ubuntu" and ansible_distribution_major_version == "20") - name: Install dependencies on Ubuntu Jammy systems @@ -100,7 +100,7 @@ - zlib1g - libicu70 state: present - update_cache: yes + update_cache: true when: (ansible_distribution == "Ubuntu" and ansible_distribution_major_version == "22") - name: Install dependencies on RHEL/CentOS/Fedora systems @@ -112,7 +112,7 @@ - zlib - libicu state: present - update_cache: yes + update_cache: true when: (ansible_distribution == "RedHat") or (ansible_distribution == "CentOS") or (ansible_distribution == "Fedora") or diff --git a/tasks/install_runner.yml b/tasks/install_runner.yml index 965bfb3..e780043 100644 --- a/tasks/install_runner.yml +++ b/tasks/install_runner.yml @@ -3,7 +3,7 @@ ansible.builtin.file: path: "{{ runner_dir }}" state: directory - mode: 0755 + mode: "0755" owner: "{{ runner_user_id.stdout }}" group: "{{ runner_user_group_id.stdout }}" @@ -27,7 +27,7 @@ owner: "{{ runner_user_id.stdout }}" group: "{{ runner_user_group_id.stdout }}" remote_src: yes - mode: 0755 + mode: "0755" environment: PATH: /usr/local/bin:/opt/homebrew/bin/:{{ ansible_env.HOME }}/bin:{{ ansible_env.PATH }} when: runner_version not in runner_installed.stdout or reinstall_runner @@ -38,7 +38,7 @@ block: "{{ custom_env }}" owner: "{{ runner_user }}" create: yes - mode: 0755 + mode: "0755" marker_begin: "# BEGIN ANSIBLE MANAGED BLOCK" marker_end: "# END ANSIBLE MANAGED BLOCK" when: custom_env is defined From e75d19f435f1472ee3cfb9eaaf0acf1cee145038 Mon Sep 17 00:00:00 2001 From: Daniele Franceschi Date: Wed, 2 Aug 2023 18:10:33 +0200 Subject: [PATCH 7/8] fix linting again --- tasks/install_runner.yml | 29 +++++++++++++++++++---------- 1 file changed, 19 insertions(+), 10 deletions(-) diff --git a/tasks/install_runner.yml b/tasks/install_runner.yml index e780043..3232fd0 100644 --- a/tasks/install_runner.yml +++ b/tasks/install_runner.yml @@ -26,7 +26,7 @@ dest: "{{ runner_dir }}/" owner: "{{ runner_user_id.stdout }}" group: "{{ runner_user_group_id.stdout }}" - remote_src: yes + remote_src: true mode: "0755" environment: PATH: /usr/local/bin:/opt/homebrew/bin/:{{ ansible_env.HOME }}/bin:{{ ansible_env.PATH }} @@ -37,7 +37,7 @@ path: "{{ runner_dir }}/.env" block: "{{ custom_env }}" owner: "{{ runner_user }}" - create: yes + create: true mode: "0755" marker_begin: "# BEGIN ANSIBLE MANAGED BLOCK" marker_end: "# END ANSIBLE MANAGED BLOCK" @@ -77,6 +77,7 @@ {{ runner_extra_config_args }}" args: chdir: "{{ runner_dir }}" + changed_when: true become_user: "{{ runner_user }}" no_log: "{{ hide_sensitive_logs | bool }}" when: runner_name not in registered_runners.json.runners|map(attribute='name')|list @@ -95,14 +96,19 @@ --replace" args: chdir: "{{ runner_dir }}" + changed_when: true become_user: "{{ runner_user }}" no_log: "{{ hide_sensitive_logs | bool }}" - when: runner_name in registered_runners.json.runners|map(attribute='name')|list and reinstall_runner and not runner_org + when: > + runner_name in registered_runners.json.runners|map(attribute='name')|list and + reinstall_runner and + not runner_org - name: Install service ansible.builtin.command: "./svc.sh install {{ runner_user }}" args: chdir: "{{ runner_dir }}" + changed_when: true become: "{{ 'false' if ansible_system == 'Darwin' else 'true' }}" when: not runner_service_file_path.stat.exists @@ -117,7 +123,11 @@ chdir: "{{ runner_dir }}" no_log: "{{ hide_sensitive_logs | bool }}" ignore_errors: "{{ ansible_check_mode }}" - when: ansible_system != 'Darwin' and runner_state|lower == "started" and ansible_facts.services[(runner_service.content | b64decode) | trim ]['state'] != 'running' + changed_when: true + when: > + ansible_system != 'Darwin' and + runner_state|lower == "started" and + ansible_facts.services[(runner_service.content | b64decode) | trim ]['state'] != 'running' - name: START and enable Github Actions Runner service (macOS) # TODO: Idempotence ansible.builtin.command: "./svc.sh start" @@ -126,25 +136,24 @@ become: false no_log: "{{ hide_sensitive_logs | bool }}" ignore_errors: "{{ ansible_check_mode }}" + changed_when: true when: ansible_system == 'Darwin' and runner_state|lower - name: STOP and disable Github Actions Runner service - ansible.builtin.shell: "./svc.sh stop" + ansible.builtin.command: "./svc.sh stop" args: chdir: "{{ runner_dir }}" + changed_when: true become: "{{ 'false' if ansible_distribution == 'MacOS' else 'true' }}" no_log: "{{ hide_sensitive_logs | bool }}" ignore_errors: "{{ ansible_check_mode }}" when: runner_state|lower == "stopped" - name: Version changed - RESTART Github Actions Runner service - ansible.builtin.shell: - cmd: | - ./svc.sh stop - sleep 5 - ./svc.sh start + ansible.builtin.command: "./svc.sh stop && sleep 5 && ./svc.sh start" args: chdir: "{{ runner_dir }}" + changed_when: true become: "{{ 'false' if ansible_system == 'Darwin' else 'true' }}" no_log: "{{ hide_sensitive_logs | bool }}" ignore_errors: "{{ ansible_check_mode }}" From ac3137ea126d4913173c68dcc34000431151dfb8 Mon Sep 17 00:00:00 2001 From: Daniele Franceschi Date: Wed, 2 Aug 2023 18:13:03 +0200 Subject: [PATCH 8/8] fix linting issues --- tasks/uninstall_runner.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tasks/uninstall_runner.yml b/tasks/uninstall_runner.yml index 23889a5..97bea60 100644 --- a/tasks/uninstall_runner.yml +++ b/tasks/uninstall_runner.yml @@ -8,6 +8,7 @@ ansible.builtin.command: "./svc.sh uninstall" args: chdir: "{{ runner_dir }}" + changed_when: true become: "{{ 'false' if ansible_system == 'Darwin' else 'true' }}" when: runner_service_file_path.stat.exists @@ -25,6 +26,7 @@ become: false become_user: "{{ runner_user }}" no_log: "{{ hide_sensitive_logs | bool }}" + changed_when: true when: runner_name in registered_runners.json.runners|map(attribute='name')|list and runner_file.stat.exists - name: Delete runner directory