Skip to content

Commit

Permalink
feat: Option to not require self-hosted label
Browse files Browse the repository at this point in the history
  • Loading branch information
@kichik
kichik committed Nov 12, 2023
1 parent 751f118 commit 0158de8
Show file tree
Hide file tree
Showing 5 changed files with 52 additions and 36 deletions.
8 changes: 8 additions & 0 deletions src/runner.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,13 @@ export interface GitHubRunnersProps {
*/
readonly providers?: IRunnerProvider[];

/**
* Whether to require the `self-hosted` label. If true, the runner will only start if the workflow job explicitly requests the `self-hosted` label.
*
* @default true
*/
readonly requireSelfHostedLabel?: boolean;

/**
* VPC used for all management functions. Use this with GitHub Enterprise Server hosted that's inaccessible from outside the VPC.
*
Expand Down Expand Up @@ -303,6 +310,7 @@ export class GitHubRunners extends Construct implements ec2.IConnectable {
labels: p.labels,
};
}),
requireSelfHostedLabel: this.props?.requireSelfHostedLabel ?? true,
});

this.setupUrl = this.setupFunction();
Expand Down
21 changes: 11 additions & 10 deletions src/webhook-handler.lambda.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ function matchLabelsToProvider(labels: string[]) {
}

export async function handler(event: AWSLambda.APIGatewayProxyEventV2): Promise<AWSLambda.APIGatewayProxyResultV2> {
if (!process.env.WEBHOOK_SECRET_ARN || !process.env.STEP_FUNCTION_ARN || !process.env.SUPPORTED_LABELS) {
if (!process.env.WEBHOOK_SECRET_ARN || !process.env.STEP_FUNCTION_ARN || !process.env.SUPPORTED_LABELS || !process.env.REQUIRE_SELF_HOSTED_LABEL) {
throw new Error('Missing environment variables');
}

Expand Down Expand Up @@ -136,22 +136,14 @@ export async function handler(event: AWSLambda.APIGatewayProxyEventV2): Promise<
};
}

if (!payload.workflow_job.labels.includes('self-hosted')) {
if (process.env.REQUIRE_SELF_HOSTED_LABEL === '1' && !payload.workflow_job.labels.includes('self-hosted')) {
console.log(`Ignoring labels "${payload.workflow_job.labels}", expecting "self-hosted"`);
return {
statusCode: 200,
body: 'OK. No runner started (no "self-hosted" label).',
};
}

if (await isDeploymentPending(payload)) {
console.log('Ignoring job as its deployment is still pending');
return {
statusCode: 200,
body: 'OK. No runner started (deployment pending).',
};
}

// don't start step function unless labels match a runner provider
const provider = matchLabelsToProvider(payload.workflow_job.labels);
if (!provider) {
Expand All @@ -162,6 +154,15 @@ export async function handler(event: AWSLambda.APIGatewayProxyEventV2): Promise<
};
}

// don't start runners for a deployment that's still pending as GitHub will send another event when it's ready
if (await isDeploymentPending(payload)) {
console.log('Ignoring job as its deployment is still pending');
return {
statusCode: 200,
body: 'OK. No runner started (deployment pending).',
};
}

// set execution name which is also used as runner name which are limited to 64 characters
let executionName = `${payload.repository.full_name.replace('/', '-')}-${getHeader(event, 'x-github-delivery')}`.slice(0, 64);
// start execution
Expand Down
6 changes: 6 additions & 0 deletions src/webhook.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,11 @@ export interface GithubWebhookHandlerProps {
* List of supported label combinations.
*/
readonly supportedLabels: SupportedLabels[];

/**
* Whether to require the "self-hosted" label.
*/
readonly requireSelfHostedLabel: boolean;
}

/**
Expand Down Expand Up @@ -71,6 +76,7 @@ export class GithubWebhookHandler extends Construct {
GITHUB_SECRET_ARN: props.secrets.github.secretArn,
GITHUB_PRIVATE_KEY_SECRET_ARN: props.secrets.githubPrivateKey.secretArn,
SUPPORTED_LABELS: JSON.stringify(props.supportedLabels),
REQUIRE_SELF_HOSTED_LABEL: props.requireSelfHostedLabel ? '1' : '0',
},
timeout: cdk.Duration.seconds(30),
logRetention: logs.RetentionDays.ONE_MONTH,
Expand Down
40 changes: 20 additions & 20 deletions test/default.integ.snapshot/github-runners-test.assets.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,41 +131,41 @@
}
}
},
"ebd66521f7707416a2314f3992a1a42a7f541ab52230e26a4acc432f427fccdb": {
"55fa540663fb148449ff8e69e6714a999c7cdf65c9e9d70c6552e446df2ee091": {
"source": {
"path": "asset.ebd66521f7707416a2314f3992a1a42a7f541ab52230e26a4acc432f427fccdb.lambda",
"path": "asset.55fa540663fb148449ff8e69e6714a999c7cdf65c9e9d70c6552e446df2ee091.lambda",
"packaging": "zip"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
"objectKey": "ebd66521f7707416a2314f3992a1a42a7f541ab52230e26a4acc432f427fccdb.zip",
"objectKey": "55fa540663fb148449ff8e69e6714a999c7cdf65c9e9d70c6552e446df2ee091.zip",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
},
"b26f28f551ac2491b40644d9a14ebd34da8580595a57de9052a62bfa878c7117": {
"a6415b13fc0ead8dcbbaa38561792b06cf124668a075c899a04241a27f99c674": {
"source": {
"path": "asset.b26f28f551ac2491b40644d9a14ebd34da8580595a57de9052a62bfa878c7117.lambda",
"path": "asset.a6415b13fc0ead8dcbbaa38561792b06cf124668a075c899a04241a27f99c674.lambda",
"packaging": "zip"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
"objectKey": "b26f28f551ac2491b40644d9a14ebd34da8580595a57de9052a62bfa878c7117.zip",
"objectKey": "a6415b13fc0ead8dcbbaa38561792b06cf124668a075c899a04241a27f99c674.zip",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
},
"4751eb769bdf1292f88a2557519ab174a3ca375411a89d24ebc1e22748dfe958": {
"f3a2f738d463f47fd186b28e37459038b70223eb7be12923edfcaeeb4e3741cc": {
"source": {
"path": "asset.4751eb769bdf1292f88a2557519ab174a3ca375411a89d24ebc1e22748dfe958.lambda",
"path": "asset.f3a2f738d463f47fd186b28e37459038b70223eb7be12923edfcaeeb4e3741cc.lambda",
"packaging": "zip"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
"objectKey": "4751eb769bdf1292f88a2557519ab174a3ca375411a89d24ebc1e22748dfe958.zip",
"objectKey": "f3a2f738d463f47fd186b28e37459038b70223eb7be12923edfcaeeb4e3741cc.zip",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
Expand All @@ -183,41 +183,41 @@
}
}
},
"83c34056f7ca98a7a7401c127f51561df0e313e9211eee11806198ac48bb44bb": {
"9786b9ff499424eae269392998c47ab19d0f067169178f9c5bb28b79b8f7ea1c": {
"source": {
"path": "asset.83c34056f7ca98a7a7401c127f51561df0e313e9211eee11806198ac48bb44bb.lambda",
"path": "asset.9786b9ff499424eae269392998c47ab19d0f067169178f9c5bb28b79b8f7ea1c.lambda",
"packaging": "zip"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
"objectKey": "83c34056f7ca98a7a7401c127f51561df0e313e9211eee11806198ac48bb44bb.zip",
"objectKey": "9786b9ff499424eae269392998c47ab19d0f067169178f9c5bb28b79b8f7ea1c.zip",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
},
"bafd1154716caaeecd7525bc676d0c407a3cf2e8390f428920d4df62aad1f2d6": {
"cbd98f229a324959b7084d3048e2ad85b5ae8b0a38a5f0e756385402002f44db": {
"source": {
"path": "asset.bafd1154716caaeecd7525bc676d0c407a3cf2e8390f428920d4df62aad1f2d6.lambda",
"path": "asset.cbd98f229a324959b7084d3048e2ad85b5ae8b0a38a5f0e756385402002f44db.lambda",
"packaging": "zip"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
"objectKey": "bafd1154716caaeecd7525bc676d0c407a3cf2e8390f428920d4df62aad1f2d6.zip",
"objectKey": "cbd98f229a324959b7084d3048e2ad85b5ae8b0a38a5f0e756385402002f44db.zip",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
},
"94d03c5283a29868854475d01f11716b0f76bfbe83b287642b956ac44adc762f": {
"d606565feb80beb0c087a09d0b757e36713686a1d48545e20b8823d27325bdfa": {
"source": {
"path": "asset.94d03c5283a29868854475d01f11716b0f76bfbe83b287642b956ac44adc762f.lambda",
"path": "asset.d606565feb80beb0c087a09d0b757e36713686a1d48545e20b8823d27325bdfa.lambda",
"packaging": "zip"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
"objectKey": "94d03c5283a29868854475d01f11716b0f76bfbe83b287642b956ac44adc762f.zip",
"objectKey": "d606565feb80beb0c087a09d0b757e36713686a1d48545e20b8823d27325bdfa.zip",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
Expand All @@ -235,15 +235,15 @@
}
}
},
"d27eeceaa249ff973f9aaebc9e29e0cdfa2e83723d945f6c5df450a5f9f0ba38": {
"47e1b0e93221e9b7a82dc26f16b8f0adae743031e2dbd9fb67b6b62bce4bed99": {
"source": {
"path": "github-runners-test.template.json",
"packaging": "file"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
"objectKey": "d27eeceaa249ff973f9aaebc9e29e0cdfa2e83723d945f6c5df450a5f9f0ba38.json",
"objectKey": "47e1b0e93221e9b7a82dc26f16b8f0adae743031e2dbd9fb67b6b62bce4bed99.json",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
Expand Down
13 changes: 7 additions & 6 deletions test/default.integ.snapshot/github-runners-test.template.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14210,7 +14210,7 @@
"S3Bucket": {
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
},
"S3Key": "ebd66521f7707416a2314f3992a1a42a7f541ab52230e26a4acc432f427fccdb.zip"
"S3Key": "55fa540663fb148449ff8e69e6714a999c7cdf65c9e9d70c6552e446df2ee091.zip"
},
"Role": {
"Fn::GetAtt": [
Expand Down Expand Up @@ -14336,7 +14336,7 @@
"S3Bucket": {
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
},
"S3Key": "b26f28f551ac2491b40644d9a14ebd34da8580595a57de9052a62bfa878c7117.zip"
"S3Key": "a6415b13fc0ead8dcbbaa38561792b06cf124668a075c899a04241a27f99c674.zip"
},
"Role": {
"Fn::GetAtt": [
Expand Down Expand Up @@ -14577,7 +14577,7 @@
"S3Bucket": {
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
},
"S3Key": "4751eb769bdf1292f88a2557519ab174a3ca375411a89d24ebc1e22748dfe958.zip"
"S3Key": "f3a2f738d463f47fd186b28e37459038b70223eb7be12923edfcaeeb4e3741cc.zip"
},
"Role": {
"Fn::GetAtt": [
Expand Down Expand Up @@ -16745,7 +16745,7 @@
"S3Bucket": {
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
},
"S3Key": "83c34056f7ca98a7a7401c127f51561df0e313e9211eee11806198ac48bb44bb.zip"
"S3Key": "9786b9ff499424eae269392998c47ab19d0f067169178f9c5bb28b79b8f7ea1c.zip"
},
"Role": {
"Fn::GetAtt": [
Expand All @@ -16769,6 +16769,7 @@
"Ref": "runnersSecretsGitHubPrivateKey79498F91"
},
"SUPPORTED_LABELS": "[{\"provider\":\"github-runners-test/CodeBuildx64\",\"labels\":[\"codebuild-x64\"]},{\"provider\":\"github-runners-test/CodeBuildARM\",\"labels\":[\"codebuild\",\"linux\",\"arm64\"]},{\"provider\":\"github-runners-test/CodeBuildWindows\",\"labels\":[\"codebuild\",\"windows\",\"x64\"]},{\"provider\":\"github-runners-test/ECS\",\"labels\":[\"ecs\",\"linux\",\"x64\"]},{\"provider\":\"github-runners-test/ECS ARM64\",\"labels\":[\"ecs\",\"linux\",\"arm64\"]},{\"provider\":\"github-runners-test/ECS Windows\",\"labels\":[\"ecs\",\"windows\",\"x64\"]},{\"provider\":\"github-runners-test/Lambda\",\"labels\":[\"lambda\",\"x64\"]},{\"provider\":\"github-runners-test/LambdaARM\",\"labels\":[\"lambda\",\"arm64\"]},{\"provider\":\"github-runners-test/Fargate\",\"labels\":[\"fargate\",\"linux\",\"x64\"]},{\"provider\":\"github-runners-test/Fargate-x64-spot\",\"labels\":[\"fargate-spot\",\"linux\",\"x64\"]},{\"provider\":\"github-runners-test/Fargate-arm64\",\"labels\":[\"fargate\",\"linux\",\"arm64\"]},{\"provider\":\"github-runners-test/Fargate-arm64-spot\",\"labels\":[\"fargate-spot\",\"linux\",\"arm64\"]},{\"provider\":\"github-runners-test/Fargate-Windows\",\"labels\":[\"fargate\",\"windows\",\"x64\"]},{\"provider\":\"github-runners-test/EC2 Linux\",\"labels\":[\"ec2\",\"linux\",\"x64\"]},{\"provider\":\"github-runners-test/EC2 Spot Linux\",\"labels\":[\"ec2-spot\",\"linux\",\"x64\"]},{\"provider\":\"github-runners-test/EC2 Linux arm64\",\"labels\":[\"ec2\",\"linux\",\"arm64\"]},{\"provider\":\"github-runners-test/EC2 Windows\",\"labels\":[\"ec2\",\"windows\",\"x64\"]}]",
"REQUIRE_SELF_HOSTED_LABEL": "1",
"AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1"
}
},
Expand Down Expand Up @@ -16944,7 +16945,7 @@
"S3Bucket": {
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
},
"S3Key": "bafd1154716caaeecd7525bc676d0c407a3cf2e8390f428920d4df62aad1f2d6.zip"
"S3Key": "cbd98f229a324959b7084d3048e2ad85b5ae8b0a38a5f0e756385402002f44db.zip"
},
"Role": {
"Fn::GetAtt": [
Expand Down Expand Up @@ -17271,7 +17272,7 @@
"S3Bucket": {
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
},
"S3Key": "94d03c5283a29868854475d01f11716b0f76bfbe83b287642b956ac44adc762f.zip"
"S3Key": "d606565feb80beb0c087a09d0b757e36713686a1d48545e20b8823d27325bdfa.zip"
},
"Role": {
"Fn::GetAtt": [
Expand Down

0 comments on commit 0158de8

Please sign in to comment.