Open pilif opened 1 year ago
selfagency
commented
1 year ago Actually, I'm seeing the GitHub-hosted runners in my dashboard days after a job run. The action should delete the connection completely when it's finished during its cleanup step.
DentonGentry
commented
1 year ago Actually, I'm seeing the GitHub-hosted runners in my dashboard days after a job run.
Is the Authkey an ephemeral authkey? https://tailscale.com/kb/1111/ephemeral-nodes/
The github-action doesn't delete itself, it expects the ephemeral node to be cleaned up automatically by the control server shortly after it drops out of contact.
ad-m
commented
1 year ago The github-action doesn't delete itself, it expects the ephemeral node to be cleaned up automatically by the control server shortly after it drops out of contact.
Actions may define teardown action for the worker: https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#runspost and https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#runspost-entrypoint Unfortunately, it's available only for JavaScript and Docker actions (not composite actions), so conversion to JavaScript or hacky solution nested actions is required to set up it. You can look for https://github.com/ad-m/github-push-action how to make JavaScript action to execute bash script https://github.com/ad-m/github-push-action . See https://github.com/ad-m/github-push-action/issues/94 for the advantages of JavaScript action versus Docker action for basic scenarios like that one.
This is not a problem when using GitHub-hosted runners which will be destroyed at the end of the job, but in case of self-hosted runner, a runner will stay running after a job has completed.
As this action does nothing to kill the tailscale daemon nor manually disconnect, I would say that in such cases, the machine, even though intended to be connected only during the runtime ob the job, stays connected to the tailnet.
I don't think this is currently possible using composite actions (https://github.com/actions/runner/issues/1478), so you might have to migrate to a TS/JS based action or at least put up a warning in the README that this action is not to be used with self-hosted runners, at least not without some further manual intervention of the user.