search

springernature / halfpipe

CLI for interacting with halfpipe
BSD 3-Clause "New" or "Revised" License
12 stars 3 forks source link

actions: mount shared cache in run tasks #241

Open robwhitby opened 7 months ago

robwhitby commented 7 months ago

slack thread

it would be great to be able to access the halfpipe shared/team cache in actions run tasks

the cache NFS volume it is already mounted on the runner at /mnt/halfpipe/shared-cache

ideally in a run task the team's sub-directory would be mounted in the container like:

docker run -v `/mnt/halfpipe/shared-cache/<team>:/var/halfpipe/shared-cache ...

this is not possible currently because the github step syntax does not allow configuring volume options.

robwhitby commented 7 months ago

halfpipe task

- type: run
  name: hello
  script: \echo hello
  docker:
    image: alpine
  vars:
   MY_VAR: myvar

current workflow output

- name: hello
  uses: docker://alpine
  with:
    args: -c "cd run-task; \echo MY_VAR=$MY_VAR"
    entrypoint: /bin/sh
  env:
    MY_VAR: myvar

option of rendering the docker command ourselves:

- name: hello
  run: |
    docker run \
      --workdir /github/workspace/run-task \
      --rm \
      -e "ARTIFACTORY_PASSWORD" \
      -e "ARTIFACTORY_URL" \
      -e "ARTIFACTORY_USERNAME" \
      -e "BUILD_VERSION" \
      -e "GIT_REVISION" \
      -e "RUNNING_IN_CI" \
      -e "VAULT_ROLE_ID" \
      -e "VAULT_SECRET_ID" \
      -e "INPUT_ARGS" \
      -e "INPUT_ENTRYPOINT" \
      -e "HOME" \
      -e "GITHUB_JOB" \
      -e "GITHUB_REF" \
      -e "GITHUB_SHA" \
      -e "GITHUB_REPOSITORY" \
      -e "GITHUB_REPOSITORY_OWNER" \
      -e "GITHUB_REPOSITORY_OWNER_ID" \
      -e "GITHUB_RUN_ID" \
      -e "GITHUB_RUN_NUMBER" \
      -e "GITHUB_RETENTION_DAYS" \
      -e "GITHUB_RUN_ATTEMPT" \
      -e "GITHUB_REPOSITORY_ID" \
      -e "GITHUB_ACTOR_ID" \
      -e "GITHUB_ACTOR" \
      -e "GITHUB_TRIGGERING_ACTOR" \
      -e "GITHUB_WORKFLOW" \
      -e "GITHUB_HEAD_REF" \
      -e "GITHUB_BASE_REF" \
      -e "GITHUB_EVENT_NAME" \
      -e "GITHUB_SERVER_URL" \
      -e "GITHUB_API_URL" \
      -e "GITHUB_GRAPHQL_URL" \
      -e "GITHUB_REF_NAME" \
      -e "GITHUB_REF_PROTECTED" \
      -e "GITHUB_REF_TYPE" \
      -e "GITHUB_WORKFLOW_REF" \
      -e "GITHUB_WORKFLOW_SHA" \
      -e "GITHUB_WORKSPACE" \
      -e "GITHUB_EVENT_PATH" \
      -e "GITHUB_PATH" \
      -e "GITHUB_ENV" \
      -e "GITHUB_STEP_SUMMARY" \
      -e "GITHUB_STATE" \
      -e "GITHUB_OUTPUT" \
      -e "GITHUB_ACTION" \
      -e "GITHUB_ACTION_REPOSITORY" \
      -e "GITHUB_ACTION_REF" \
      -e "RUNNER_OS" \
      -e "RUNNER_ARCH" \
      -e "RUNNER_NAME" \
      -e "RUNNER_ENVIRONMENT" \
      -e "RUNNER_TOOL_CACHE" \
      -e "RUNNER_TEMP" \
      -e "RUNNER_WORKSPACE" \
      -e "ACTIONS_RUNTIME_URL" \
      -e "ACTIONS_RUNTIME_TOKEN" \
      -e "ACTIONS_CACHE_URL" \
      -e "ACTIONS_RESULTS_URL" \
      -e GITHUB_ACTIONS=true \
      -e CI=true \
      -e MY_VAR \
      --entrypoint "/bin/sh" \
      -v "/mnt/halfpipe/shared-cache/my-team":"/var/halfpipe/shared-cache" \
      -v "/var/run/docker.sock":"/var/run/docker.sock" \
      -v "/home/runner/_work/_temp/_github_home":"/github/home" \
      -v "/home/runner/_work/_temp/_github_workflow":"/github/workflow" \
      -v "/home/runner/_work/_temp/_runner_file_commands":"/github/file_commands" \
      -v "/home/runner/_work/ee-test-actions/ee-test-actions":"/github/workspace" \
      alpine \
      -c "\echo MY_VAR=$MY_VAR"
  env:
    MY_VAR: myvar
robwhitby commented 7 months ago

not very keen on this option, feels very brittle if github change anything e.g. directory structure or env vars

robwhitby commented 7 months ago

there is also this approach but hard to tell how official it really is :) https://github.com/actions/runner-container-hooks

dhs3000 commented 7 months ago

@robwhitby Are there environment variables for those /home/runner/_work/_temp/* directories that maybe could be used instead of hardcoding?

Could the following add all github-provided environment variables?

# shell pseudo code:
CMD=$(cat <<EOF
docker run \
  --workdir /github/workspace/run-task \
  --rm \
  -e "ARTIFACTORY_PASSWORD" \
  -e "ARTIFACTORY_URL" \
  -e "ARTIFACTORY_USERNAME" \
  -e "BUILD_VERSION" \
  -e "GIT_REVISION" \
  -e "RUNNING_IN_CI" \
  -e "VAULT_ROLE_ID" \
  -e "VAULT_SECRET_ID" \
  -e GITHUB_ACTIONS=true \
  -e CI=true \  
  -e "INPUT_ARGS" \
  -e "INPUT_ENTRYPOINT" \
  -e "HOME" \
  $(env | grep "GITHUB_") \
  $(env | grep "RUNNER_") \
  $(env | grep "ACTIONS_") \
  -e MY_VAR \
  --entrypoint "/bin/sh" \
  -v "/mnt/halfpipe/shared-cache/my-team":"/var/halfpipe/shared-cache" \
  -v "/var/run/docker.sock":"/var/run/docker.sock" \
  -v "/home/runner/_work/_temp/_github_home":"/github/home" \
  -v "/home/runner/_work/_temp/_github_workflow":"/github/workflow" \
  -v "/home/runner/_work/_temp/_runner_file_commands":"/github/file_commands" \
  -v "/home/runner/_work/ee-test-actions/ee-test-actions":"/github/workspace" \
  alpine \
  -c "\echo MY_VAR=$MY_VAR"
EOF
)
eval "$CMD"