npm - @cloudsnorkel/cdk-github-runners - Versions diffs - 0.2.0 → 0.3.0 - Mend

@cloudsnorkel/cdk-github-runners 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (41) hide show

package/.gitattributes +6 -1
package/.jsii +1225 -174
package/API.md +1047 -64
package/README.md +54 -44
package/lib/index.d.ts +3 -1
package/lib/index.js +7 -1
package/lib/lambdas/build-image/index.js +121 -0
package/lib/lambdas/setup/index.js +2 -2
package/lib/lambdas/update-lambda/index.js +55 -0
package/lib/providers/codebuild.d.ts +31 -1
package/lib/providers/codebuild.js +57 -13
package/lib/providers/common.d.ts +87 -6
package/lib/providers/common.js +64 -4
package/lib/providers/docker-images/codebuild/linux-arm64/Dockerfile +59 -0
package/lib/providers/docker-images/codebuild/{Dockerfile → linux-x64/Dockerfile} +10 -5
package/lib/providers/docker-images/fargate/linux-arm64/Dockerfile +41 -0
package/lib/providers/docker-images/fargate/{runner.sh → linux-arm64/runner.sh} +0 -0
package/lib/providers/docker-images/fargate/{Dockerfile → linux-x64/Dockerfile} +10 -5
package/lib/providers/docker-images/fargate/linux-x64/runner.sh +5 -0
package/lib/providers/docker-images/lambda/linux-arm64/Dockerfile +32 -0
package/lib/providers/docker-images/lambda/{runner.js → linux-arm64/runner.js} +0 -0
package/lib/providers/docker-images/lambda/{runner.sh → linux-arm64/runner.sh} +0 -0
package/lib/providers/docker-images/lambda/linux-x64/Dockerfile +31 -0
package/lib/providers/docker-images/lambda/linux-x64/runner.js +29 -0
package/lib/providers/docker-images/lambda/linux-x64/runner.sh +12 -0
package/lib/providers/fargate.d.ts +33 -1
package/lib/providers/fargate.js +39 -8
package/lib/providers/image-builders/codebuild.d.ts +170 -0
package/lib/providers/image-builders/codebuild.js +340 -0
package/lib/providers/image-builders/static.d.ts +29 -0
package/lib/providers/image-builders/static.js +58 -0
package/lib/providers/lambda.d.ts +27 -1
package/lib/providers/lambda.js +88 -9
package/lib/runner.d.ts +2 -2
package/lib/runner.js +7 -3
package/lib/secrets.js +1 -1
package/lib/utils.d.ts +2 -1
package/lib/utils.js +14 -3
package/lib/webhook.js +2 -1
package/package.json +8 -7
package/lib/providers/docker-images/lambda/Dockerfile +0 -27

package/lib/providers/common.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { aws_ec2 as ec2, aws_iam as iam, aws_logs as logs, aws_stepfunctions as stepfunctions } from 'aws-cdk-lib';
+import { aws_ec2 as ec2, aws_ecr as ecr, aws_iam as iam, aws_logs as logs, aws_stepfunctions as stepfunctions } from 'aws-cdk-lib';
 /**
  * Defines desired GitHub Actions runner version.
  */
@@ -19,15 +19,96 @@ export declare class RunnerVersion {
     protected constructor(version: string);
 }
 /**
- * Common properties for all runner providers.
+ * CPU architecture enum for an image.
  */
-export interface RunnerProviderProps {
+export declare class Architecture {
+    readonly name: string;
+    /**
+     * ARM64
+     */
+    static readonly ARM64: Architecture;
+    /**
+     * X86_64
+     */
+    static readonly X86_64: Architecture;
+    private static of;
+    private constructor();
+    /**
+    * Checks if the given architecture is the same as this one.
+    *
+    * @param arch architecture to compare
+    */
+    is(arch: Architecture): boolean;
+}
+/**
+ * OS enum for an image.
+ */
+export declare class Os {
+    readonly name: string;
     /**
-     * Version of GitHub Runners to install.
+    * Linux
+    */
+    static readonly LINUX: Os;
+    /**
+    * Windows
+    */
+    static readonly WINDOWS: Os;
+    private static of;
+    private constructor();
+    /**
+    * Checks if the given OS is the same as this one.
+    *
+    * @param os OS to compare
+    */
+    is(os: Os): boolean;
+}
+export interface RunnerImage {
+    /**
+     * ECR repository containing the image.
+     */
+    readonly imageRepository: ecr.IRepository;
+    /**
+     * Static image tag where the image will be pushed.
+     */
+    readonly imageTag: string;
+    /**
+     * Image digest for providers that need to know the digest like Lambda.
      *
-     * @default latest version available
+     * WARNING: the digest might change when the builder automatically rebuilds the image on a schedule. Do not expect for this digest to stay the same between deploys.
      */
-    readonly runnerVersion?: RunnerVersion;
+    readonly imageDigest: string;
+    /**
+     * Architecture of the image.
+     */
+    readonly architecture: Architecture;
+    /**
+     * OS type of the image.
+     */
+    readonly os: Os;
+}
+/**
+ * Interface for constructs that build an image that can be used in {@link IRunnerProvider}.
+ *
+ * Anything that ends up with an ECR repository containing a Docker image that runs GitHub self-hosted runners can be used. A simple implementation could even point to an existing image and nothing else.
+ *
+ * It's important that the specified image tag be available at the time the repository is available. Providers usually assume the image is ready and will fail if it's not.
+ *
+ * The image can be further updated over time manually or using a schedule as long as it is always written to the same tag.
+ */
+export interface IImageBuilder {
+    /**
+     * ECR repository containing the image.
+     *
+     * This method can be called multiple times if the image is bound to multiple providers. Make sure you cache the image when implementing or return an error if this builder doesn't support reusing images.
+     *
+     * @return image
+     */
+    bind(): RunnerImage;
+}
+/**
+ * Common properties for all runner providers.
+ */
+export interface RunnerProviderProps {
     /**
      * The number of days log events are kept in CloudWatch Logs. When updating
      * this property, unsetting it doesn't remove the log retention policy. To

package/lib/providers/common.js CHANGED Viewed

@@ -1,7 +1,7 @@
 "use strict";
-var _a;
+var _a, _b, _c;
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.RunnerVersion = void 0;
+exports.Os = exports.Architecture = exports.RunnerVersion = void 0;
 const JSII_RTTI_SYMBOL_1 = Symbol.for("jsii.rtti");
 /**
  * Defines desired GitHub Actions runner version.
@@ -29,5 +29,65 @@ class RunnerVersion {
 }
 exports.RunnerVersion = RunnerVersion;
 _a = JSII_RTTI_SYMBOL_1;
-RunnerVersion[_a] = { fqn: "@cloudsnorkel/cdk-github-runners.RunnerVersion", version: "0.2.0" };
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29tbW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3Byb3ZpZGVycy9jb21tb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFFQTs7R0FFRztBQUNILE1BQWEsYUFBYTtJQW1CeEIsWUFBK0IsT0FBZTtRQUFmLFlBQU8sR0FBUCxPQUFPLENBQVE7SUFDOUMsQ0FBQztJQW5CRDs7T0FFRztJQUNJLE1BQU0sQ0FBQyxNQUFNO1FBQ2xCLE9BQU8sSUFBSSxhQUFhLENBQUMsUUFBUSxDQUFDLENBQUM7SUFDckMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLE1BQU0sQ0FBQyxRQUFRLENBQUMsT0FBZTtRQUNwQyxPQUFPLElBQUksYUFBYSxDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBQ3BDLENBQUM7O0FBakJILHNDQXFCQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IGF3c19lYzIgYXMgZWMyLCBhd3NfaWFtIGFzIGlhbSwgYXdzX2xvZ3MgYXMgbG9ncywgYXdzX3N0ZXBmdW5jdGlvbnMgYXMgc3RlcGZ1bmN0aW9ucyB9IGZyb20gJ2F3cy1jZGstbGliJztcblxuLyoqXG4gKiBEZWZpbmVzIGRlc2lyZWQgR2l0SHViIEFjdGlvbnMgcnVubmVyIHZlcnNpb24uXG4gKi9cbmV4cG9ydCBjbGFzcyBSdW5uZXJWZXJzaW9uIHtcbiAgLyoqXG4gICAqIFVzZSB0aGUgbGF0ZXN0IHZlcnNpb24gYXZhaWxhYmxlIGF0IHRoZSB0aW1lIHRoZSBydW5uZXIgcHJvdmlkZXIgaW1hZ2UgaXMgYnVpbHQuXG4gICAqL1xuICBwdWJsaWMgc3RhdGljIGxhdGVzdCgpOiBSdW5uZXJWZXJzaW9uIHtcbiAgICByZXR1cm4gbmV3IFJ1bm5lclZlcnNpb24oJ2xhdGVzdCcpO1xuICB9XG5cbiAgLyoqXG4gICAqIFVzZSBhIHNwZWNpZmljIHZlcnNpb24uXG4gICAqXG4gICAqIEBzZWUgaHR0cHM6Ly9naXRodWIuY29tL2FjdGlvbnMvcnVubmVyL3JlbGVhc2VzXG4gICAqXG4gICAqIEBwYXJhbSB2ZXJzaW9uIEdpdEh1YiBSdW5uZXIgdmVyc2lvblxuICAgKi9cbiAgcHVibGljIHN0YXRpYyBzcGVjaWZpYyh2ZXJzaW9uOiBzdHJpbmcpIHtcbiAgICByZXR1cm4gbmV3IFJ1bm5lclZlcnNpb24odmVyc2lvbik7XG4gIH1cblxuICBwcm90ZWN0ZWQgY29uc3RydWN0b3IocmVhZG9ubHkgdmVyc2lvbjogc3RyaW5nKSB7XG4gIH1cbn1cblxuLyoqXG4gKiBDb21tb24gcHJvcGVydGllcyBmb3IgYWxsIHJ1bm5lciBwcm92aWRlcnMuXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgUnVubmVyUHJvdmlkZXJQcm9wcyB7XG4gIC8qKlxuICAgKiBWZXJzaW9uIG9mIEdpdEh1YiBSdW5uZXJzIHRvIGluc3RhbGwuXG4gICAqXG4gICAqIEBkZWZhdWx0IGxhdGVzdCB2ZXJzaW9uIGF2YWlsYWJsZVxuICAgKi9cbiAgcmVhZG9ubHkgcnVubmVyVmVyc2lvbj86IFJ1bm5lclZlcnNpb247XG5cbiAgLyoqXG4gICAqIFRoZSBudW1iZXIgb2YgZGF5cyBsb2cgZXZlbnRzIGFyZSBrZXB0IGluIENsb3VkV2F0Y2ggTG9ncy4gV2hlbiB1cGRhdGluZ1xuICAgKiB0aGlzIHByb3BlcnR5LCB1bnNldHRpbmcgaXQgZG9lc24ndCByZW1vdmUgdGhlIGxvZyByZXRlbnRpb24gcG9saWN5LiBUb1xuICAgKiByZW1vdmUgdGhlIHJldGVudGlvbiBwb2xpY3ksIHNldCB0aGUgdmFsdWUgdG8gYElORklOSVRFYC5cbiAgICpcbiAgICogQGRlZmF1bHQgbG9ncy5SZXRlbnRpb25EYXlzLk9ORV9NT05USFxuICAgKi9cbiAgcmVhZG9ubHkgbG9nUmV0ZW50aW9uPzogbG9ncy5SZXRlbnRpb25EYXlzO1xufVxuXG4vKipcbiAqIFdvcmtmbG93IGpvYiBwYXJhbWV0ZXJzIGFzIHBhcnNlZCBmcm9tIHRoZSB3ZWJob29rIGV2ZW50LiBQYXNzIHRoZXNlIGludG8geW91ciBydW5uZXIgZXhlY3V0b3IgYW5kIHJ1biBzb21ldGhpbmcgbGlrZTpcbiAqXG4gKiBgYGBzaFxuICogLi9jb25maWcuc2ggLS11bmF0dGVuZGVkIC0tdXJsIFwiaHR0cHM6Ly8ke0dJVEhVQl9ET01BSU59LyR7T1dORVJ9LyR7UkVQT31cIiAtLXRva2VuIFwiJHtSVU5ORVJfVE9LRU59XCIgLS1lcGhlbWVyYWwgLS13b3JrIF93b3JrIC0tbGFiZWxzIFwiJHtSVU5ORVJfTEFCRUx9XCIgLS1uYW1lIFwiJHtSVU5ORVJfTkFNRX1cIiAtLWRpc2FibGV1cGRhdGVcbiAqIGBgYFxuICpcbiAqIEFsbCBwYXJhbWV0ZXJzIGFyZSBzcGVjaWZpZWQgYXMgc3RlcCBmdW5jdGlvbiBwYXRocyBhbmQgdGhlcmVmb3JlIG11c3QgYmUgdXNlZCBvbmx5IGluIHN0ZXAgZnVuY3Rpb24gdGFzayBwYXJhbWV0ZXJzLlxuICovXG5leHBvcnQgaW50ZXJmYWNlIFJ1bm5lclJ1bnRpbWVQYXJhbWV0ZXJzIHtcbiAgLyoqXG4gICAqIFBhdGggdG8gcnVubmVyIHRva2VuIHVzZWQgdG8gcmVnaXN0ZXIgdG9rZW4uXG4gICAqL1xuICByZWFkb25seSBydW5uZXJUb2tlblBhdGg6IHN0cmluZztcblxuICAvKipcbiAgICogUGF0aCB0byBkZXNpcmVkIHJ1bm5lciBuYW1lLiBXZSBzcGVjaWZpY2FsbHkgc2V0IHRoZSBuYW1lIHRvIG1ha2UgdHJvdWJsZXNob290aW5nIGVhc2llci5cbiAgICovXG4gIHJlYWRvbmx5IHJ1bm5lck5hbWVQYXRoOiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIFBhdGggdG8gR2l0SHViIGRvbWFpbi4gTW9zdCBvZiB0aGUgdGltZSB0aGlzIHdpbGwgYmUgZ2l0aHViLmNvbSBidXQgZm9yIHNlbGYtaG9zdGVkIEdpdEh1YiBpbnN0YW5jZXMsIHRoaXMgd2lsbCBiZSBkaWZmZXJlbnQuXG4gICAqL1xuICByZWFkb25seSBnaXRodWJEb21haW5QYXRoOiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIFBhdGggdG8gcmVwb3N0aXJveSBvd25lciBuYW1lLlxuICAgKi9cbiAgcmVhZG9ubHkgb3duZXJQYXRoOiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIFBhdGggdG8gcmVwb3NpdG9yeSBuYW1lLlxuICAgKi9cbiAgcmVhZG9ubHkgcmVwb1BhdGg6IHN0cmluZztcbn1cblxuLyoqXG4gKiBJbnRlcmZhY2UgZm9yIGFsbCBydW5uZXIgcHJvdmlkZXJzLiBJbXBsZW1lbnRhdGlvbnMgY3JlYXRlIGFsbCByZXF1aXJlZCByZXNvdXJjZXMgYW5kIHJldHVybiBhIHN0ZXAgZnVuY3Rpb24gdGFzayB0aGF0IHN0YXJ0cyB0aG9zZSByZXNvdXJjZXMgZnJvbSB7QGxpbmsgZ2V0U3RlcEZ1bmN0aW9uVGFza30uXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgSVJ1bm5lclByb3ZpZGVyIGV4dGVuZHMgZWMyLklDb25uZWN0YWJsZSwgaWFtLklHcmFudGFibGUge1xuICAvKipcbiAgICogR2l0SHViIEFjdGlvbnMgbGFiZWwgYXNzb2NpYXRlZCB3aXRoIHRoaXMgcnVubmVyIHByb3ZpZGVyLlxuICAgKi9cbiAgcmVhZG9ubHkgbGFiZWw6IHN0cmluZztcblxuICAvKipcbiAgICogVlBDIG5ldHdvcmsgaW4gd2hpY2ggcnVubmVycyB3aWxsIGJlIHBsYWNlZC5cbiAgICovXG4gIHJlYWRvbmx5IHZwYz86IGVjMi5JVnBjO1xuXG4gIC8qKlxuICAgKiBTZWN1cml0eSBncm91cCBhc3NvY2lhdGVkIHdpdGggcnVubmVycy5cbiAgICovXG4gIHJlYWRvbmx5IHNlY3VyaXR5R3JvdXA/OiBlYzIuSVNlY3VyaXR5R3JvdXA7XG5cbiAgLyoqXG4gICAqIEdlbmVyYXRlIHN0ZXAgZnVuY3Rpb24gdGFza3MgdGhhdCBleGVjdXRlIHRoZSBydW5uZXIuXG4gICAqXG4gICAqIENhbGxlZCBieSBHaXRodWJSdW5uZXJzIGFuZCBzaG91bGRuJ3QgYmUgY2FsbGVkIG1hbnVhbGx5LlxuICAgKlxuICAgKiBAcGFyYW0gcGFyYW1ldGVycyBzcGVjaWZpYyBidWlsZCBwYXJhbWV0ZXJzXG4gICAqL1xuICBnZXRTdGVwRnVuY3Rpb25UYXNrKHBhcmFtZXRlcnM6IFJ1bm5lclJ1bnRpbWVQYXJhbWV0ZXJzKTogc3RlcGZ1bmN0aW9ucy5JQ2hhaW5hYmxlO1xufVxuIl19
+RunnerVersion[_a] = { fqn: "@cloudsnorkel/cdk-github-runners.RunnerVersion", version: "0.3.0" };
+/**
+ * CPU architecture enum for an image.
+ */
+class Architecture {
+    constructor(name) {
+        this.name = name;
+    }
+    static of(architecture) {
+        return new Architecture(architecture);
+    }
+    /**
+    * Checks if the given architecture is the same as this one.
+    *
+    * @param arch architecture to compare
+    */
+    is(arch) {
+        return arch.name == this.name;
+    }
+}
+exports.Architecture = Architecture;
+_b = JSII_RTTI_SYMBOL_1;
+Architecture[_b] = { fqn: "@cloudsnorkel/cdk-github-runners.Architecture", version: "0.3.0" };
+/**
+ * ARM64
+ */
+Architecture.ARM64 = Architecture.of('ARM64');
+/**
+ * X86_64
+ */
+Architecture.X86_64 = Architecture.of('X86_64');
+/**
+ * OS enum for an image.
+ */
+class Os {
+    constructor(name) {
+        this.name = name;
+    }
+    static of(os) {
+        return new Os(os);
+    }
+    /**
+    * Checks if the given OS is the same as this one.
+    *
+    * @param os OS to compare
+    */
+    is(os) {
+        return os.name == this.name;
+    }
+}
+exports.Os = Os;
+_c = JSII_RTTI_SYMBOL_1;
+Os[_c] = { fqn: "@cloudsnorkel/cdk-github-runners.Os", version: "0.3.0" };
+/**
+* Linux
+*/
+Os.LINUX = Os.of('Linux');
+/**
+* Windows
+*/
+Os.WINDOWS = Os.of('Windows');
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29tbW9uLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3Byb3ZpZGVycy9jb21tb24udHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7QUFFQTs7R0FFRztBQUNILE1BQWEsYUFBYTtJQW1CeEIsWUFBK0IsT0FBZTtRQUFmLFlBQU8sR0FBUCxPQUFPLENBQVE7SUFDOUMsQ0FBQztJQW5CRDs7T0FFRztJQUNJLE1BQU0sQ0FBQyxNQUFNO1FBQ2xCLE9BQU8sSUFBSSxhQUFhLENBQUMsUUFBUSxDQUFDLENBQUM7SUFDckMsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNJLE1BQU0sQ0FBQyxRQUFRLENBQUMsT0FBZTtRQUNwQyxPQUFPLElBQUksYUFBYSxDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBQ3BDLENBQUM7O0FBakJILHNDQXFCQzs7O0FBRUQ7O0dBRUc7QUFDSCxNQUFhLFlBQVk7SUFldkIsWUFBb0MsSUFBWTtRQUFaLFNBQUksR0FBSixJQUFJLENBQVE7SUFDaEQsQ0FBQztJQUxPLE1BQU0sQ0FBQyxFQUFFLENBQUMsWUFBb0I7UUFDcEMsT0FBTyxJQUFJLFlBQVksQ0FBQyxZQUFZLENBQUMsQ0FBQztJQUN4QyxDQUFDO0lBS0Q7Ozs7TUFJRTtJQUNLLEVBQUUsQ0FBQyxJQUFrQjtRQUMxQixPQUFPLElBQUksQ0FBQyxJQUFJLElBQUksSUFBSSxDQUFDLElBQUksQ0FBQztJQUNoQyxDQUFDOztBQXpCSCxvQ0EwQkM7OztBQXpCQzs7R0FFRztBQUNvQixrQkFBSyxHQUFHLFlBQVksQ0FBQyxFQUFFLENBQUMsT0FBTyxDQUFDLENBQUM7QUFFeEQ7O0dBRUc7QUFDb0IsbUJBQU0sR0FBRyxZQUFZLENBQUMsRUFBRSxDQUFDLFFBQVEsQ0FBQyxDQUFDO0FBbUI1RDs7R0FFRztBQUNILE1BQWEsRUFBRTtJQWViLFlBQW9DLElBQVk7UUFBWixTQUFJLEdBQUosSUFBSSxDQUFRO0lBQ2hELENBQUM7SUFMTyxNQUFNLENBQUMsRUFBRSxDQUFDLEVBQVU7UUFDMUIsT0FBTyxJQUFJLEVBQUUsQ0FBQyxFQUFFLENBQUMsQ0FBQztJQUNwQixDQUFDO0lBS0Q7Ozs7TUFJRTtJQUNLLEVBQUUsQ0FBQyxFQUFNO1FBQ2QsT0FBTyxFQUFFLENBQUMsSUFBSSxJQUFJLElBQUksQ0FBQyxJQUFJLENBQUM7SUFDOUIsQ0FBQzs7QUF6QkgsZ0JBMEJDOzs7QUF6QkM7O0VBRUU7QUFDcUIsUUFBSyxHQUFHLEVBQUUsQ0FBQyxFQUFFLENBQUMsT0FBTyxDQUFDLENBQUM7QUFFOUM7O0VBRUU7QUFDcUIsVUFBTyxHQUFHLEVBQUUsQ0FBQyxFQUFFLENBQUMsU0FBUyxDQUFDLENBQUMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBhd3NfZWMyIGFzIGVjMiwgYXdzX2VjciBhcyBlY3IsIGF3c19pYW0gYXMgaWFtLCBhd3NfbG9ncyBhcyBsb2dzLCBhd3Nfc3RlcGZ1bmN0aW9ucyBhcyBzdGVwZnVuY3Rpb25zIH0gZnJvbSAnYXdzLWNkay1saWInO1xuXG4vKipcbiAqIERlZmluZXMgZGVzaXJlZCBHaXRIdWIgQWN0aW9ucyBydW5uZXIgdmVyc2lvbi5cbiAqL1xuZXhwb3J0IGNsYXNzIFJ1bm5lclZlcnNpb24ge1xuICAvKipcbiAgICogVXNlIHRoZSBsYXRlc3QgdmVyc2lvbiBhdmFpbGFibGUgYXQgdGhlIHRpbWUgdGhlIHJ1bm5lciBwcm92aWRlciBpbWFnZSBpcyBidWlsdC5cbiAgICovXG4gIHB1YmxpYyBzdGF0aWMgbGF0ZXN0KCk6IFJ1bm5lclZlcnNpb24ge1xuICAgIHJldHVybiBuZXcgUnVubmVyVmVyc2lvbignbGF0ZXN0Jyk7XG4gIH1cblxuICAvKipcbiAgICogVXNlIGEgc3BlY2lmaWMgdmVyc2lvbi5cbiAgICpcbiAgICogQHNlZSBodHRwczovL2dpdGh1Yi5jb20vYWN0aW9ucy9ydW5uZXIvcmVsZWFzZXNcbiAgICpcbiAgICogQHBhcmFtIHZlcnNpb24gR2l0SHViIFJ1bm5lciB2ZXJzaW9uXG4gICAqL1xuICBwdWJsaWMgc3RhdGljIHNwZWNpZmljKHZlcnNpb246IHN0cmluZykge1xuICAgIHJldHVybiBuZXcgUnVubmVyVmVyc2lvbih2ZXJzaW9uKTtcbiAgfVxuXG4gIHByb3RlY3RlZCBjb25zdHJ1Y3RvcihyZWFkb25seSB2ZXJzaW9uOiBzdHJpbmcpIHtcbiAgfVxufVxuXG4vKipcbiAqIENQVSBhcmNoaXRlY3R1cmUgZW51bSBmb3IgYW4gaW1hZ2UuXG4gKi9cbmV4cG9ydCBjbGFzcyBBcmNoaXRlY3R1cmUge1xuICAvKipcbiAgICogQVJNNjRcbiAgICovXG4gIHB1YmxpYyBzdGF0aWMgcmVhZG9ubHkgQVJNNjQgPSBBcmNoaXRlY3R1cmUub2YoJ0FSTTY0Jyk7XG5cbiAgLyoqXG4gICAqIFg4Nl82NFxuICAgKi9cbiAgcHVibGljIHN0YXRpYyByZWFkb25seSBYODZfNjQgPSBBcmNoaXRlY3R1cmUub2YoJ1g4Nl82NCcpO1xuXG4gIHByaXZhdGUgc3RhdGljIG9mKGFyY2hpdGVjdHVyZTogc3RyaW5nKSB7XG4gICAgcmV0dXJuIG5ldyBBcmNoaXRlY3R1cmUoYXJjaGl0ZWN0dXJlKTtcbiAgfVxuXG4gIHByaXZhdGUgY29uc3RydWN0b3IocHVibGljIHJlYWRvbmx5IG5hbWU6IHN0cmluZykge1xuICB9XG5cbiAgLyoqXG4gICogQ2hlY2tzIGlmIHRoZSBnaXZlbiBhcmNoaXRlY3R1cmUgaXMgdGhlIHNhbWUgYXMgdGhpcyBvbmUuXG4gICpcbiAgKiBAcGFyYW0gYXJjaCBhcmNoaXRlY3R1cmUgdG8gY29tcGFyZVxuICAqL1xuICBwdWJsaWMgaXMoYXJjaDogQXJjaGl0ZWN0dXJlKSB7XG4gICAgcmV0dXJuIGFyY2gubmFtZSA9PSB0aGlzLm5hbWU7XG4gIH1cbn1cblxuLyoqXG4gKiBPUyBlbnVtIGZvciBhbiBpbWFnZS5cbiAqL1xuZXhwb3J0IGNsYXNzIE9zIHtcbiAgLyoqXG4gICogTGludXhcbiAgKi9cbiAgcHVibGljIHN0YXRpYyByZWFkb25seSBMSU5VWCA9IE9zLm9mKCdMaW51eCcpO1xuXG4gIC8qKlxuICAqIFdpbmRvd3NcbiAgKi9cbiAgcHVibGljIHN0YXRpYyByZWFkb25seSBXSU5ET1dTID0gT3Mub2YoJ1dpbmRvd3MnKTtcblxuICBwcml2YXRlIHN0YXRpYyBvZihvczogc3RyaW5nKSB7XG4gICAgcmV0dXJuIG5ldyBPcyhvcyk7XG4gIH1cblxuICBwcml2YXRlIGNvbnN0cnVjdG9yKHB1YmxpYyByZWFkb25seSBuYW1lOiBzdHJpbmcpIHtcbiAgfVxuXG4gIC8qKlxuICAqIENoZWNrcyBpZiB0aGUgZ2l2ZW4gT1MgaXMgdGhlIHNhbWUgYXMgdGhpcyBvbmUuXG4gICpcbiAgKiBAcGFyYW0gb3MgT1MgdG8gY29tcGFyZVxuICAqL1xuICBwdWJsaWMgaXMob3M6IE9zKSB7XG4gICAgcmV0dXJuIG9zLm5hbWUgPT0gdGhpcy5uYW1lO1xuICB9XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgUnVubmVySW1hZ2Uge1xuICAvKipcbiAgICogRUNSIHJlcG9zaXRvcnkgY29udGFpbmluZyB0aGUgaW1hZ2UuXG4gICAqL1xuICByZWFkb25seSBpbWFnZVJlcG9zaXRvcnk6IGVjci5JUmVwb3NpdG9yeTtcblxuICAvKipcbiAgICogU3RhdGljIGltYWdlIHRhZyB3aGVyZSB0aGUgaW1hZ2Ugd2lsbCBiZSBwdXNoZWQuXG4gICAqL1xuICByZWFkb25seSBpbWFnZVRhZzogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBJbWFnZSBkaWdlc3QgZm9yIHByb3ZpZGVycyB0aGF0IG5lZWQgdG8ga25vdyB0aGUgZGlnZXN0IGxpa2UgTGFtYmRhLlxuICAgKlxuICAgKiBXQVJOSU5HOiB0aGUgZGlnZXN0IG1pZ2h0IGNoYW5nZSB3aGVuIHRoZSBidWlsZGVyIGF1dG9tYXRpY2FsbHkgcmVidWlsZHMgdGhlIGltYWdlIG9uIGEgc2NoZWR1bGUuIERvIG5vdCBleHBlY3QgZm9yIHRoaXMgZGlnZXN0IHRvIHN0YXkgdGhlIHNhbWUgYmV0d2VlbiBkZXBsb3lzLlxuICAgKi9cbiAgcmVhZG9ubHkgaW1hZ2VEaWdlc3Q6IHN0cmluZztcblxuICAvKipcbiAgICogQXJjaGl0ZWN0dXJlIG9mIHRoZSBpbWFnZS5cbiAgICovXG4gIHJlYWRvbmx5IGFyY2hpdGVjdHVyZTogQXJjaGl0ZWN0dXJlO1xuXG4gIC8qKlxuICAgKiBPUyB0eXBlIG9mIHRoZSBpbWFnZS5cbiAgICovXG4gIHJlYWRvbmx5IG9zOiBPcztcbn1cblxuLyoqXG4gKiBJbnRlcmZhY2UgZm9yIGNvbnN0cnVjdHMgdGhhdCBidWlsZCBhbiBpbWFnZSB0aGF0IGNhbiBiZSB1c2VkIGluIHtAbGluayBJUnVubmVyUHJvdmlkZXJ9LlxuICpcbiAqIEFueXRoaW5nIHRoYXQgZW5kcyB1cCB3aXRoIGFuIEVDUiByZXBvc2l0b3J5IGNvbnRhaW5pbmcgYSBEb2NrZXIgaW1hZ2UgdGhhdCBydW5zIEdpdEh1YiBzZWxmLWhvc3RlZCBydW5uZXJzIGNhbiBiZSB1c2VkLiBBIHNpbXBsZSBpbXBsZW1lbnRhdGlvbiBjb3VsZCBldmVuIHBvaW50IHRvIGFuIGV4aXN0aW5nIGltYWdlIGFuZCBub3RoaW5nIGVsc2UuXG4gKlxuICogSXQncyBpbXBvcnRhbnQgdGhhdCB0aGUgc3BlY2lmaWVkIGltYWdlIHRhZyBiZSBhdmFpbGFibGUgYXQgdGhlIHRpbWUgdGhlIHJlcG9zaXRvcnkgaXMgYXZhaWxhYmxlLiBQcm92aWRlcnMgdXN1YWxseSBhc3N1bWUgdGhlIGltYWdlIGlzIHJlYWR5IGFuZCB3aWxsIGZhaWwgaWYgaXQncyBub3QuXG4gKlxuICogVGhlIGltYWdlIGNhbiBiZSBmdXJ0aGVyIHVwZGF0ZWQgb3ZlciB0aW1lIG1hbnVhbGx5IG9yIHVzaW5nIGEgc2NoZWR1bGUgYXMgbG9uZyBhcyBpdCBpcyBhbHdheXMgd3JpdHRlbiB0byB0aGUgc2FtZSB0YWcuXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgSUltYWdlQnVpbGRlciB7XG4gIC8qKlxuICAgKiBFQ1IgcmVwb3NpdG9yeSBjb250YWluaW5nIHRoZSBpbWFnZS5cbiAgICpcbiAgICogVGhpcyBtZXRob2QgY2FuIGJlIGNhbGxlZCBtdWx0aXBsZSB0aW1lcyBpZiB0aGUgaW1hZ2UgaXMgYm91bmQgdG8gbXVsdGlwbGUgcHJvdmlkZXJzLiBNYWtlIHN1cmUgeW91IGNhY2hlIHRoZSBpbWFnZSB3aGVuIGltcGxlbWVudGluZyBvciByZXR1cm4gYW4gZXJyb3IgaWYgdGhpcyBidWlsZGVyIGRvZXNuJ3Qgc3VwcG9ydCByZXVzaW5nIGltYWdlcy5cbiAgICpcbiAgICogQHJldHVybiBpbWFnZVxuICAgKi9cbiAgYmluZCgpOiBSdW5uZXJJbWFnZTtcbn1cblxuLyoqXG4gKiBDb21tb24gcHJvcGVydGllcyBmb3IgYWxsIHJ1bm5lciBwcm92aWRlcnMuXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgUnVubmVyUHJvdmlkZXJQcm9wcyB7XG4gIC8qKlxuICAgKiBUaGUgbnVtYmVyIG9mIGRheXMgbG9nIGV2ZW50cyBhcmUga2VwdCBpbiBDbG91ZFdhdGNoIExvZ3MuIFdoZW4gdXBkYXRpbmdcbiAgICogdGhpcyBwcm9wZXJ0eSwgdW5zZXR0aW5nIGl0IGRvZXNuJ3QgcmVtb3ZlIHRoZSBsb2cgcmV0ZW50aW9uIHBvbGljeS4gVG9cbiAgICogcmVtb3ZlIHRoZSByZXRlbnRpb24gcG9saWN5LCBzZXQgdGhlIHZhbHVlIHRvIGBJTkZJTklURWAuXG4gICAqXG4gICAqIEBkZWZhdWx0IGxvZ3MuUmV0ZW50aW9uRGF5cy5PTkVfTU9OVEhcbiAgICovXG4gIHJlYWRvbmx5IGxvZ1JldGVudGlvbj86IGxvZ3MuUmV0ZW50aW9uRGF5cztcbn1cblxuLyoqXG4gKiBXb3JrZmxvdyBqb2IgcGFyYW1ldGVycyBhcyBwYXJzZWQgZnJvbSB0aGUgd2ViaG9vayBldmVudC4gUGFzcyB0aGVzZSBpbnRvIHlvdXIgcnVubmVyIGV4ZWN1dG9yIGFuZCBydW4gc29tZXRoaW5nIGxpa2U6XG4gKlxuICogYGBgc2hcbiAqIC4vY29uZmlnLnNoIC0tdW5hdHRlbmRlZCAtLXVybCBcImh0dHBzOi8vJHtHSVRIVUJfRE9NQUlOfS8ke09XTkVSfS8ke1JFUE99XCIgLS10b2tlbiBcIiR7UlVOTkVSX1RPS0VOfVwiIC0tZXBoZW1lcmFsIC0td29yayBfd29yayAtLWxhYmVscyBcIiR7UlVOTkVSX0xBQkVMfVwiIC0tbmFtZSBcIiR7UlVOTkVSX05BTUV9XCIgLS1kaXNhYmxldXBkYXRlXG4gKiBgYGBcbiAqXG4gKiBBbGwgcGFyYW1ldGVycyBhcmUgc3BlY2lmaWVkIGFzIHN0ZXAgZnVuY3Rpb24gcGF0aHMgYW5kIHRoZXJlZm9yZSBtdXN0IGJlIHVzZWQgb25seSBpbiBzdGVwIGZ1bmN0aW9uIHRhc2sgcGFyYW1ldGVycy5cbiAqL1xuZXhwb3J0IGludGVyZmFjZSBSdW5uZXJSdW50aW1lUGFyYW1ldGVycyB7XG4gIC8qKlxuICAgKiBQYXRoIHRvIHJ1bm5lciB0b2tlbiB1c2VkIHRvIHJlZ2lzdGVyIHRva2VuLlxuICAgKi9cbiAgcmVhZG9ubHkgcnVubmVyVG9rZW5QYXRoOiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIFBhdGggdG8gZGVzaXJlZCBydW5uZXIgbmFtZS4gV2Ugc3BlY2lmaWNhbGx5IHNldCB0aGUgbmFtZSB0byBtYWtlIHRyb3VibGVzaG9vdGluZyBlYXNpZXIuXG4gICAqL1xuICByZWFkb25seSBydW5uZXJOYW1lUGF0aDogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBQYXRoIHRvIEdpdEh1YiBkb21haW4uIE1vc3Qgb2YgdGhlIHRpbWUgdGhpcyB3aWxsIGJlIGdpdGh1Yi5jb20gYnV0IGZvciBzZWxmLWhvc3RlZCBHaXRIdWIgaW5zdGFuY2VzLCB0aGlzIHdpbGwgYmUgZGlmZmVyZW50LlxuICAgKi9cbiAgcmVhZG9ubHkgZ2l0aHViRG9tYWluUGF0aDogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBQYXRoIHRvIHJlcG9zdGlyb3kgb3duZXIgbmFtZS5cbiAgICovXG4gIHJlYWRvbmx5IG93bmVyUGF0aDogc3RyaW5nO1xuXG4gIC8qKlxuICAgKiBQYXRoIHRvIHJlcG9zaXRvcnkgbmFtZS5cbiAgICovXG4gIHJlYWRvbmx5IHJlcG9QYXRoOiBzdHJpbmc7XG59XG5cbi8qKlxuICogSW50ZXJmYWNlIGZvciBhbGwgcnVubmVyIHByb3ZpZGVycy4gSW1wbGVtZW50YXRpb25zIGNyZWF0ZSBhbGwgcmVxdWlyZWQgcmVzb3VyY2VzIGFuZCByZXR1cm4gYSBzdGVwIGZ1bmN0aW9uIHRhc2sgdGhhdCBzdGFydHMgdGhvc2UgcmVzb3VyY2VzIGZyb20ge0BsaW5rIGdldFN0ZXBGdW5jdGlvblRhc2t9LlxuICovXG5leHBvcnQgaW50ZXJmYWNlIElSdW5uZXJQcm92aWRlciBleHRlbmRzIGVjMi5JQ29ubmVjdGFibGUsIGlhbS5JR3JhbnRhYmxlIHtcbiAgLyoqXG4gICAqIEdpdEh1YiBBY3Rpb25zIGxhYmVsIGFzc29jaWF0ZWQgd2l0aCB0aGlzIHJ1bm5lciBwcm92aWRlci5cbiAgICovXG4gIHJlYWRvbmx5IGxhYmVsOiBzdHJpbmc7XG5cbiAgLyoqXG4gICAqIFZQQyBuZXR3b3JrIGluIHdoaWNoIHJ1bm5lcnMgd2lsbCBiZSBwbGFjZWQuXG4gICAqL1xuICByZWFkb25seSB2cGM/OiBlYzIuSVZwYztcblxuICAvKipcbiAgICogU2VjdXJpdHkgZ3JvdXAgYXNzb2NpYXRlZCB3aXRoIHJ1bm5lcnMuXG4gICAqL1xuICByZWFkb25seSBzZWN1cml0eUdyb3VwPzogZWMyLklTZWN1cml0eUdyb3VwO1xuXG4gIC8qKlxuICAgKiBHZW5lcmF0ZSBzdGVwIGZ1bmN0aW9uIHRhc2tzIHRoYXQgZXhlY3V0ZSB0aGUgcnVubmVyLlxuICAgKlxuICAgKiBDYWxsZWQgYnkgR2l0aHViUnVubmVycyBhbmQgc2hvdWxkbid0IGJlIGNhbGxlZCBtYW51YWxseS5cbiAgICpcbiAgICogQHBhcmFtIHBhcmFtZXRlcnMgc3BlY2lmaWMgYnVpbGQgcGFyYW1ldGVyc1xuICAgKi9cbiAgZ2V0U3RlcEZ1bmN0aW9uVGFzayhwYXJhbWV0ZXJzOiBSdW5uZXJSdW50aW1lUGFyYW1ldGVycyk6IHN0ZXBmdW5jdGlvbnMuSUNoYWluYWJsZTtcbn1cbiJdfQ==

package/lib/providers/docker-images/codebuild/linux-arm64/Dockerfile ADDED Viewed

@@ -0,0 +1,59 @@
+ARG BASE_IMAGE="public.ecr.aws/lts/ubuntu:20.04"
+FROM $BASE_IMAGE
+# setup user
+RUN addgroup runner && adduser --system --disabled-password --home /home/runner --ingroup runner runner
+# add dependencies and sudo
+ARG EXTRA_PACKAGES=""
+RUN apt-get update && apt-get upgrade -y && apt-get install -y curl sudo jq bash zip unzip iptables software-properties-common $EXTRA_PACKAGES && \
+    usermod -aG sudo runner && \
+    echo "%sudo   ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/runner
+# add latest git
+RUN add-apt-repository ppa:git-core/ppa && apt update && apt-get install -y git
+# add awscli
+RUN curl -fsSL "https://awscli.amazonaws.com/awscli-exe-linux-aarch64.zip" -o awscliv2.zip && \
+    unzip -q awscliv2.zip && ./aws/install && rm -rf awscliv2.zip aws
+# add ghcli
+RUN curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg && \
+    echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null  && \
+    apt update && \
+    apt install -y gh
+# setup working directory
+WORKDIR /home/runner
+# add runner without github's api which is rate limited
+ARG RUNNER_VERSION=latest
+RUN if [ "$RUNNER_VERSION" = "latest" ]; then RUNNER_VERSION=`curl  -w "%{redirect_url}" -fsS https://github.com/actions/runner/releases/latest | grep -oE "[^/v]+$"`; fi && \
+    curl -fsSLO  "https://github.com/actions/runner/releases/download/v${RUNNER_VERSION}/actions-runner-linux-arm64-${RUNNER_VERSION}.tar.gz" && \
+    tar xzf "actions-runner-linux-arm64-${RUNNER_VERSION}.tar.gz" && \
+    rm actions-runner-linux-arm64-${RUNNER_VERSION}.tar.gz && \
+    ./bin/installdependencies.sh
+# docker-in-docker
+ARG DOCKER_CHANNEL="stable"
+ARG DIND_COMMIT="42b1175eda071c0e9121e1d64345928384a93df1"
+ARG DOCKER_VERSION="20.10.16"
+ARG DOCKER_COMPOSE_VERSION="2.5.1"
+RUN curl -fsSL "https://download.docker.com/linux/static/${DOCKER_CHANNEL}/aarch64/docker-${DOCKER_VERSION}.tgz" -o docker.tgz && \
+    tar --strip-components 1 -C /usr/local/bin/ -xzf docker.tgz && \
+    rm docker.tgz && \
+    # set up subuid/subgid so that "--userns-remap=default" works out-of-the-box
+    addgroup dockremap && \
+    useradd -g dockremap dockremap && \
+    echo 'dockremap:165536:65536' >> /etc/subuid && \
+    echo 'dockremap:165536:65536' >> /etc/subgid && \
+    curl -fsSL "https://raw.githubusercontent.com/docker/docker/${DIND_COMMIT}/hack/dind" -o /usr/local/bin/dind && \
+    curl -fsSL https://github.com/docker/compose/releases/download/v${DOCKER_COMPOSE_VERSION}/docker-compose-linux-aarch64 -o /usr/local/bin/docker-compose && \
+    chmod +x /usr/local/bin/dind /usr/local/bin/docker-compose && \
+    addgroup docker && usermod -aG docker runner
+VOLUME /var/lib/docker
+# configure runner
+USER runner

package/lib/providers/docker-images/codebuild/{Dockerfile → linux-x64/Dockerfile} RENAMED Viewed

@@ -1,13 +1,18 @@
-FROM public.ecr.aws/lts/ubuntu:18.04
+ARG BASE_IMAGE="public.ecr.aws/lts/ubuntu:20.04"
+FROM $BASE_IMAGE
 # setup user
 RUN addgroup runner && adduser --system --disabled-password --home /home/runner --ingroup runner runner
 # add dependencies and sudo
-RUN apt-get update && apt-get upgrade -y && apt-get install -y curl sudo jq bash git zip unzip iptables && \
+ARG EXTRA_PACKAGES=""
+RUN apt-get update && apt-get upgrade -y && apt-get install -y curl sudo jq bash zip unzip iptables software-properties-common $EXTRA_PACKAGES && \
     usermod -aG sudo runner && \
     echo "%sudo   ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/runner
+# add latest git
+RUN add-apt-repository ppa:git-core/ppa && apt update && apt-get install -y git
 # add awscli
 RUN curl -fsSL "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o awscliv2.zip && \
     unzip -q awscliv2.zip && ./aws/install && rm -rf awscliv2.zip aws
@@ -21,9 +26,9 @@ RUN curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | s
 # setup working directory
 WORKDIR /home/runner
-# add runner
-ARG RUNNER_VERSION
-RUN if [ "${RUNNER_VERSION}" = "latest" ]; then RUNNER_VERSION=`curl -fsSL https://api.github.com/repos/actions/runner/releases/latest | jq -r .tag_name | cut -c2-`; fi && \
+# add runner without github's api which is rate limited
+ARG RUNNER_VERSION=latest
+RUN if [ "${RUNNER_VERSION}" = "latest" ]; then RUNNER_VERSION=`curl  -w "%{redirect_url}" -fsS https://github.com/actions/runner/releases/latest | grep -oE "[^/v]+$"`; fi && \
     curl -fsSLO  "https://github.com/actions/runner/releases/download/v${RUNNER_VERSION}/actions-runner-linux-x64-${RUNNER_VERSION}.tar.gz" && \
     tar xzf "actions-runner-linux-x64-${RUNNER_VERSION}.tar.gz" && \
     rm actions-runner-linux-x64-${RUNNER_VERSION}.tar.gz && \

package/lib/providers/docker-images/fargate/linux-arm64/Dockerfile ADDED Viewed

@@ -0,0 +1,41 @@
+ARG BASE_IMAGE="public.ecr.aws/lts/ubuntu:20.04"
+FROM $BASE_IMAGE
+# setup user
+RUN addgroup runner && adduser --system --disabled-password --home /home/runner --ingroup runner runner
+# add dependencies and sudo
+ARG EXTRA_PACKAGES=""
+RUN apt-get update && apt-get upgrade -y && apt-get install -y curl sudo jq bash zip unzip software-properties-common $EXTRA_PACKAGES && \
+    usermod -aG sudo runner && \
+    echo "%sudo   ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/runner
+# add latest git
+RUN add-apt-repository ppa:git-core/ppa && apt update && apt-get install -y git
+# add awscli
+RUN curl -fsSL "https://awscli.amazonaws.com/awscli-exe-linux-aarch64.zip" -o awscliv2.zip && \
+    unzip -q awscliv2.zip && ./aws/install && rm -rf awscliv2.zip aws
+# add ghcli
+RUN curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg && \
+    echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null  && \
+    apt update && \
+    apt install -y gh
+# setup working directory
+WORKDIR /home/runner
+# add runner without github's api which is rate limited
+ARG RUNNER_VERSION=latest
+RUN if [ "${RUNNER_VERSION}" = "latest" ]; then RUNNER_VERSION=`curl  -w "%{redirect_url}" -fsS https://github.com/actions/runner/releases/latest | grep -oE "[^/v]+$"`; fi && \
+    curl -fsSLO  "https://github.com/actions/runner/releases/download/v${RUNNER_VERSION}/actions-runner-linux-arm64-${RUNNER_VERSION}.tar.gz" && \
+    tar xzf "actions-runner-linux-arm64-${RUNNER_VERSION}.tar.gz" && \
+    rm actions-runner-linux-arm64-${RUNNER_VERSION}.tar.gz && \
+    ./bin/installdependencies.sh
+# configure runner
+USER runner
+ADD runner.sh .
+CMD ["bash", "/home/runner/runner.sh"]

package/lib/providers/docker-images/fargate/{runner.sh → linux-arm64/runner.sh} RENAMED Viewed

File without changes

package/lib/providers/docker-images/fargate/{Dockerfile → linux-x64/Dockerfile} RENAMED Viewed

@@ -1,13 +1,18 @@
-FROM public.ecr.aws/lts/ubuntu:18.04
+ARG BASE_IMAGE="public.ecr.aws/lts/ubuntu:20.04"
+FROM $BASE_IMAGE
 # setup user
 RUN addgroup runner && adduser --system --disabled-password --home /home/runner --ingroup runner runner
 # add dependencies and sudo
-RUN apt-get update && apt-get upgrade -y && apt-get install -y curl sudo jq bash git zip unzip && \
+ARG EXTRA_PACKAGES=""
+RUN apt-get update && apt-get upgrade -y && apt-get install -y curl sudo jq bash zip unzip software-properties-common $EXTRA_PACKAGES && \
     usermod -aG sudo runner && \
     echo "%sudo   ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/runner
+# add latest git
+RUN add-apt-repository ppa:git-core/ppa && apt update && apt-get install -y git
 # add awscli
 RUN curl -fsSL "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o awscliv2.zip && \
     unzip -q awscliv2.zip && ./aws/install && rm -rf awscliv2.zip aws
@@ -21,9 +26,9 @@ RUN curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | s
 # setup working directory
 WORKDIR /home/runner
-# add runner
-ARG RUNNER_VERSION
-RUN if [ "${RUNNER_VERSION}" = "latest" ]; then RUNNER_VERSION=`curl -fsSL https://api.github.com/repos/actions/runner/releases/latest | jq -r .tag_name | cut -c2-`; fi && \
+# add runner without github's api which is rate limited
+ARG RUNNER_VERSION=latest
+RUN if [ "${RUNNER_VERSION}" = "latest" ]; then RUNNER_VERSION=`curl  -w "%{redirect_url}" -fsS https://github.com/actions/runner/releases/latest | grep -oE "[^/v]+$"`; fi && \
     curl -fsSLO  "https://github.com/actions/runner/releases/download/v${RUNNER_VERSION}/actions-runner-linux-x64-${RUNNER_VERSION}.tar.gz" && \
     tar xzf "actions-runner-linux-x64-${RUNNER_VERSION}.tar.gz" && \
     rm actions-runner-linux-x64-${RUNNER_VERSION}.tar.gz && \

package/lib/providers/docker-images/fargate/linux-x64/runner.sh ADDED Viewed

@@ -0,0 +1,5 @@
+#!/bin/bash
+set -e -u -o pipefail
+/home/runner/config.sh --unattended --url "https://${GITHUB_DOMAIN}/${OWNER}/${REPO}" --token "${RUNNER_TOKEN}" --ephemeral --work _work --labels "${RUNNER_LABEL}" --disableupdate --name "${RUNNER_NAME}"
+/home/runner/run.sh

package/lib/providers/docker-images/lambda/linux-arm64/Dockerfile ADDED Viewed

@@ -0,0 +1,32 @@
+# https://docs.aws.amazon.com/lambda/latest/dg/images-create.html
+ARG BASE_IMAGE="public.ecr.aws/lambda/nodejs:14-arm64"
+FROM $BASE_IMAGE
+WORKDIR /runner
+# add dependencies
+ARG EXTRA_PACKAGES=""
+RUN yum update -y && yum install -y jq tar gzip bzip2 which binutils git zip unzip $EXTRA_PACKAGES
+# add awscli
+RUN curl -fsSL "https://awscli.amazonaws.com/awscli-exe-linux-aarch64.zip" -o awscliv2.zip && \
+    unzip -q awscliv2.zip && ./aws/install && rm -rf awscliv2.zip aws
+# add ghcli
+RUN curl -fsSSL https://cli.github.com/packages/rpm/gh-cli.repo -o /etc/yum.repos.d/gh-cli.repo && \
+    yum install -y gh
+# add runner without github's api which is rate limited
+ARG RUNNER_VERSION=latest
+RUN if [ "${RUNNER_VERSION}" = "latest" ]; then RUNNER_VERSION=`curl  -w "%{redirect_url}" -fsS https://github.com/actions/runner/releases/latest | grep -oE "[^/v]+$"`; fi && \
+    curl -fsSLO  "https://github.com/actions/runner/releases/download/v${RUNNER_VERSION}/actions-runner-linux-arm64-${RUNNER_VERSION}.tar.gz" && \
+    tar xzf "actions-runner-linux-arm64-${RUNNER_VERSION}.tar.gz" && \
+    rm actions-runner-linux-arm64-${RUNNER_VERSION}.tar.gz && \
+    yum install -y openssl-libs krb5-libs zlib libicu60
+# doesn't work on CentOS - RUN ./bin/installdependencies.sh
+# prepare for execution
+WORKDIR ${LAMBDA_TASK_ROOT}
+COPY runner.js runner.sh ${LAMBDA_TASK_ROOT}/
+CMD ["runner.handler"]

package/lib/providers/docker-images/lambda/{runner.js → linux-arm64/runner.js} RENAMED Viewed

File without changes

package/lib/providers/docker-images/lambda/{runner.sh → linux-arm64/runner.sh} RENAMED Viewed

File without changes

package/lib/providers/docker-images/lambda/linux-x64/Dockerfile ADDED Viewed

@@ -0,0 +1,31 @@
+# https://docs.aws.amazon.com/lambda/latest/dg/images-create.html
+ARG BASE_IMAGE="public.ecr.aws/lambda/nodejs:14-x86_64"
+FROM $BASE_IMAGE
+WORKDIR /runner
+# add dependencies
+ARG EXTRA_PACKAGES=""
+RUN yum update -y && yum install -y jq tar gzip bzip2 which binutils git zip unzip $EXTRA_PACKAGES
+# add awscli
+RUN curl -fsSL "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o awscliv2.zip && \
+    unzip -q awscliv2.zip && ./aws/install && rm -rf awscliv2.zip aws
+# add ghcli
+RUN curl -fsSSL https://cli.github.com/packages/rpm/gh-cli.repo -o /etc/yum.repos.d/gh-cli.repo && \
+    yum install -y gh
+# add runner without github's api which is rate limited
+ARG RUNNER_VERSION=latest
+RUN if [ "${RUNNER_VERSION}" = "latest" ]; then RUNNER_VERSION=`curl  -w "%{redirect_url}" -fsS https://github.com/actions/runner/releases/latest | grep -oE "[^/v]+$"`; fi && \
+    curl -fsSLO "https://github.com/actions/runner/releases/download/v${RUNNER_VERSION}/actions-runner-linux-x64-${RUNNER_VERSION}.tar.gz" && \
+    tar xzf "actions-runner-linux-x64-${RUNNER_VERSION}.tar.gz" && \
+    rm -f actions-runner-linux-x64-*.tar.gz && \
+    yum install -y openssl-libs krb5-libs zlib libicu60
+# prepare for execution
+WORKDIR ${LAMBDA_TASK_ROOT}
+COPY runner.js runner.sh ${LAMBDA_TASK_ROOT}/
+CMD ["runner.handler"]

package/lib/providers/docker-images/lambda/linux-x64/runner.js ADDED Viewed

@@ -0,0 +1,29 @@
+const exec = require('child_process').exec;
+exports.handler = async (event, context) => {
+  await new Promise((resolve, reject) => {
+    const shellScript = exec('sh runner.sh', {
+      env: {
+        OWNER: event.owner,
+        REPO: event.repo,
+        GITHUB_DOMAIN: event.githubDomain,
+        RUNNER_TOKEN: event.token,
+        RUNNER_NAME: event.runnerName,
+        RUNNER_LABEL: event.label,
+      },
+    });
+    shellScript.stdout.on('data', (data) => {
+      console.log(data);
+    });
+    shellScript.stderr.on('data', (data) => {
+      console.error(data);
+    });
+    shellScript.on('exit', (code) => {
+      if (code) {
+        reject(new Error(`Runner failed with exit code ${code}`));
+      } else {
+        resolve();
+      }
+    });
+  });
+}

package/lib/providers/docker-images/lambda/linux-x64/runner.sh ADDED Viewed

@@ -0,0 +1,12 @@
+#!/bin/bash
+set -e -u -o pipefail
+cp -r /runner /tmp/
+cd /tmp/runner
+export PATH=/var/lang/bin:/usr/local/bin:/usr/bin/:/bin:/opt/bin
+./config.sh --unattended --url "https://${GITHUB_DOMAIN}/${OWNER}/${REPO}" --token "${RUNNER_TOKEN}" --ephemeral --work _work --labels "${RUNNER_LABEL}" --name "${RUNNER_NAME}" --disableupdate
+echo Config done
+./run.sh
+echo Run done

package/lib/providers/fargate.d.ts CHANGED Viewed

@@ -1,10 +1,26 @@
 import { aws_ec2 as ec2, aws_ecs as ecs, aws_iam as iam, aws_stepfunctions as stepfunctions } from 'aws-cdk-lib';
 import { Construct } from 'constructs';
-import { IRunnerProvider, RunnerProviderProps, RunnerRuntimeParameters } from './common';
+import { IImageBuilder, IRunnerProvider, RunnerProviderProps, RunnerRuntimeParameters } from './common';
 /**
  * Properties for FargateRunner.
  */
 export interface FargateRunnerProps extends RunnerProviderProps {
+    /**
+     * Provider running an image to run inside CodeBuild with GitHub runner pre-configured. A user named `runner` is expected to exist.
+     *
+     * The entry point should start GitHub runner. For example:
+     *
+     * ```
+     * #!/bin/bash
+     * set -e -u -o pipefail
+     *
+     * /home/runner/config.sh --unattended --url "https://${GITHUB_DOMAIN}/${OWNER}/${REPO}" --token "${RUNNER_TOKEN}" --ephemeral --work _work --labels "${RUNNER_LABEL}" --disableupdate --name "${RUNNER_NAME}"
+     * /home/runner/run.sh
+     * ```
+     *
+     * @default image builder with `FargateRunner.LINUX_X64_DOCKERFILE_PATH` as Dockerfile
+     */
+    readonly imageBuilder?: IImageBuilder;
     /**
      * GitHub Actions label used for this provider.
      *
@@ -98,6 +114,22 @@ export interface FargateRunnerProps extends RunnerProviderProps {
  * This construct is not meant to be used by itself. It should be passed in the providers property for GitHubRunners.
  */
 export declare class FargateRunner extends Construct implements IRunnerProvider {
+    /**
+     * Path to Dockerfile for Linux x64 with all the requirement for Fargate runner. Use this Dockerfile unless you need to customize it further than allowed by hooks.
+     *
+     * Available build arguments that can be set in the image builder:
+     * * `BASE_IMAGE` sets the `FROM` line. This should be an Ubuntu compatible image.
+     * * `EXTRA_PACKAGES` can be used to install additional packages.
+     */
+    static readonly LINUX_X64_DOCKERFILE_PATH: string;
+    /**
+     * Path to Dockerfile for Linux ARM64 with all the requirement for Fargate runner. Use this Dockerfile unless you need to customize it further than allowed by hooks.
+     *
+     * Available build arguments that can be set in the image builder:
+     * * `BASE_IMAGE` sets the `FROM` line. This should be an Ubuntu compatible image.
+     * * `EXTRA_PACKAGES` can be used to install additional packages.
+     */
+    static readonly LINUX_ARM64_DOCKERFILE_PATH: string;
     /**
      * Cluster hosting the task hosting the runner.
      */