diff options
Diffstat (limited to 'arch/s390/self-hosted-builder')
5 files changed, 144 insertions, 0 deletions
diff --git a/arch/s390/self-hosted-builder/actions-runner.Dockerfile b/arch/s390/self-hosted-builder/actions-runner.Dockerfile new file mode 100644 index 0000000..a4bb774 --- /dev/null +++ b/arch/s390/self-hosted-builder/actions-runner.Dockerfile @@ -0,0 +1,40 @@ +# Self-Hosted IBM Z Github Actions Runner. + +# Temporary image: amd64 dependencies. +FROM amd64/ubuntu:20.04 as ld-prefix +ENV DEBIAN_FRONTEND=noninteractive +RUN apt-get update && apt-get -y install ca-certificates libicu66 libssl1.1 + +# Main image. +FROM s390x/ubuntu:20.04 + +# Packages for zlib-ng testing. +ENV DEBIAN_FRONTEND=noninteractive +RUN apt-get update && apt-get -y install \ + cmake \ + curl \ + gcc \ + git \ + jq \ + ninja-build \ + python-is-python3 \ + python3 \ + python3-pip + +# amd64 dependencies. +COPY --from=ld-prefix / /usr/x86_64-linux-gnu/ +RUN ln -fs ../lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 /usr/x86_64-linux-gnu/lib64/ +RUN ln -fs /etc/resolv.conf /usr/x86_64-linux-gnu/etc/ +ENV QEMU_LD_PREFIX=/usr/x86_64-linux-gnu + +# amd64 Github Actions Runner. +RUN useradd -m actions-runner +USER actions-runner +WORKDIR /home/actions-runner +RUN curl -L https://github.com/actions/runner/releases/download/v2.283.2/actions-runner-linux-x64-2.283.2.tar.gz | tar -xz +VOLUME /home/actions-runner + +# Scripts. +COPY fs/ / +ENTRYPOINT ["/usr/bin/entrypoint"] +CMD ["/usr/bin/actions-runner"] diff --git a/arch/s390/self-hosted-builder/actions-runner.service b/arch/s390/self-hosted-builder/actions-runner.service new file mode 100644 index 0000000..1d3129f --- /dev/null +++ b/arch/s390/self-hosted-builder/actions-runner.service @@ -0,0 +1,23 @@ +[Unit] +Description=Self-Hosted IBM Z Github Actions Runner +Wants=qemu-user-static +After=qemu-user-static +StartLimitIntervalSec=0 + +[Service] +Type=simple +Restart=always +ExecStart=/usr/bin/docker run \ + --env-file=/etc/actions-runner \ + --init \ + --interactive \ + --name=actions-runner \ + --rm \ + --volume=actions-runner:/home/actions-runner \ + iiilinuxibmcom/actions-runner +ExecStop=/bin/sh -c "docker exec actions-runner kill -INT -- -1" +ExecStop=/bin/sh -c "docker wait actions-runner" +ExecStop=/bin/sh -c "docker rm actions-runner" + +[Install] +WantedBy=multi-user.target diff --git a/arch/s390/self-hosted-builder/fs/usr/bin/actions-runner b/arch/s390/self-hosted-builder/fs/usr/bin/actions-runner new file mode 100755 index 0000000..c9d8227 --- /dev/null +++ b/arch/s390/self-hosted-builder/fs/usr/bin/actions-runner @@ -0,0 +1,40 @@ +#!/bin/bash + +# +# Ephemeral runner startup script. +# +# Expects the following environment variables: +# +# - repo=<owner>/<name> +# - access_token=<ghp_***> +# + +set -e -u + +# Check the cached registration token. +token_file=registration-token.json +set +e +expires_at=$(jq --raw-output .expires_at "$token_file" 2>/dev/null) +status=$? +set -e +if [[ $status -ne 0 || $(date +%s) -ge $(date -d "$expires_at" +%s) ]]; then + # Refresh the cached registration token. + curl \ + -X POST \ + -H "Accept: application/vnd.github.v3+json" \ + -H "Authorization: token $access_token" \ + "https://api.github.com/repos/$repo/actions/runners/registration-token" \ + -o "$token_file" +fi + +# (Re-)register the runner. +registration_token=$(jq --raw-output .token "$token_file") +./config.sh remove --token "$registration_token" || true +./config.sh \ + --url "https://github.com/$repo" \ + --token "$registration_token" \ + --labels z15 \ + --ephemeral + +# Run one job. +./run.sh diff --git a/arch/s390/self-hosted-builder/fs/usr/bin/entrypoint b/arch/s390/self-hosted-builder/fs/usr/bin/entrypoint new file mode 100755 index 0000000..eb8772b --- /dev/null +++ b/arch/s390/self-hosted-builder/fs/usr/bin/entrypoint @@ -0,0 +1,30 @@ +#!/bin/bash + +# +# Container entrypoint that waits for all spawned processes. +# + +set -e -u + +# Create a FIFO and start reading from its read end. +tempdir=$(mktemp -d "/tmp/done.XXXXXXXXXX") +trap 'rm -r "$tempdir"' EXIT +done="$tempdir/pipe" +mkfifo "$done" +cat "$done" & waiter=$! + +# Start the workload. Its descendants will inherit the FIFO's write end. +status=0 +if [ "$#" -eq 0 ]; then + bash 9>"$done" || status=$? +else + "$@" 9>"$done" || status=$? +fi + +# When the workload and all of its descendants exit, the FIFO's write end will +# be closed and `cat "$done"` will exit. Wait until it happens. This is needed +# in order to handle SelfUpdater, which the workload may start in background +# before exiting. +wait "$waiter" + +exit "$status" diff --git a/arch/s390/self-hosted-builder/qemu-user-static.service b/arch/s390/self-hosted-builder/qemu-user-static.service new file mode 100644 index 0000000..301f3ed --- /dev/null +++ b/arch/s390/self-hosted-builder/qemu-user-static.service @@ -0,0 +1,11 @@ +[Unit] +Description=Support for transparent execution of non-native binaries with QEMU user emulation + +[Service] +Type=oneshot +# The source code for iiilinuxibmcom/qemu-user-static is at https://github.com/iii-i/qemu-user-static/tree/v6.1.0-1 +# TODO: replace it with multiarch/qemu-user-static once version >6.1 is available +ExecStart=/usr/bin/docker run --rm --interactive --privileged iiilinuxibmcom/qemu-user-static --reset -p yes + +[Install] +WantedBy=multi-user.target |