@cloudsnorkel/cdk-github-runners 0.9.5 → 0.9.6

package/.gitattributes

@@ -22,11 +22,13 @@
 /.projen/files.json linguist-generated
 /.projen/tasks.json linguist-generated
 /API.md linguist-generated
+/cdk.json linguist-generated
 /LICENSE linguist-generated
 /package.json linguist-generated
 /src/delete-runner-function.ts linguist-generated
 /src/image-builders/aws-image-builder/delete-ami-function.ts linguist-generated
 /src/image-builders/aws-image-builder/filter-failed-builds-function.ts linguist-generated
+/src/image-builders/aws-image-builder/reaper-function.ts linguist-generated
 /src/image-builders/aws-image-builder/versioner-function.ts linguist-generated
 /src/providers/build-image-function.ts linguist-generated
 /src/providers/update-lambda-function.ts linguist-generated

package/.jsii

@@ -3138,7 +3138,7 @@
   },
   "name": "@cloudsnorkel/cdk-github-runners",
   "readme": {
-    "markdown": "# GitHub Self-Hosted Runners CDK Constructs\n\n[![NPM](https://img.shields.io/npm/v/@cloudsnorkel/cdk-github-runners?label=npm&logo=npm)][7]\n[![PyPI](https://img.shields.io/pypi/v/cloudsnorkel.cdk-github-runners?label=pypi&logo=pypi)][6]\n[![Maven Central](https://img.shields.io/maven-central/v/com.cloudsnorkel/cdk.github.runners.svg?label=Maven%20Central&logo=apachemaven)][8]\n[![Go](https://img.shields.io/github/v/tag/CloudSnorkel/cdk-github-runners?color=red&label=go&logo=go)][11]\n[![Nuget](https://img.shields.io/nuget/v/CloudSnorkel.Cdk.Github.Runners?color=red&&logo=nuget)][12]\n[![Release](https://github.com/CloudSnorkel/cdk-github-runners/actions/workflows/release.yml/badge.svg)](https://github.com/CloudSnorkel/cdk-github-runners/actions/workflows/release.yml)\n[![License](https://img.shields.io/badge/license-Apache--2.0-blue)](https://github.com/CloudSnorkel/cdk-github-runners/blob/main/LICENSE)\n\nUse this CDK construct to create ephemeral [self-hosted GitHub runners][1] on-demand inside your AWS account.\n\n* Easy to configure GitHub integration with a web-based interface\n* Customizable runners with decent defaults\n* Multiple runner configurations controlled by labels\n* Everything fully hosted in your account\n* Automatically updated build environment with latest runner version\n\nSelf-hosted runners in AWS are useful when:\n\n* You need easy access to internal resources in your actions\n* You want to pre-install some software for your actions\n* You want to provide some basic AWS API access (but [aws-actions/configure-aws-credentials][2] has more security controls)\n* You are using GitHub Enterprise Server\n\nEphemeral (or on-demand) runners are the [recommended way by GitHub][14] for auto-scaling, and they make sure all jobs run with a clean image. Runners are started on-demand. You don't pay unless a job is running.\n\n## API\n\nThe best way to browse API documentation is on [Constructs Hub][13]. It is available in all supported programming languages.\n\n## Providers\n\nA runner provider creates compute resources on-demand and uses [actions/runner][5] to start a runner.\n\n|                  | EC2               | CodeBuild                  | Fargate        | ECS            | Lambda        |\n|------------------|-------------------|----------------------------|----------------|----------------|---------------|\n| **Time limit**   | Unlimited         | 8 hours                    | Unlimited      | Unlimited      | 15 minutes    |\n| **vCPUs**        | Unlimited         | 2, 4, 8, or 72             | 0.25 to 4      | Unlimited      | 1 to 6        |\n| **RAM**          | Unlimited         | 3gb, 7gb, 15gb, or 145gb   | 512mb to 30gb  | Unlimited      | 128mb to 10gb |\n| **Storage**      | Unlimited         | 50gb to 824gb              | 20gb to 200gb  | Unlimited      | Up to 10gb    |\n| **Architecture** | x86_64, ARM64     | x86_64, ARM64              | x86_64, ARM64  | x86_64, ARM64  | x86_64, ARM64 |\n| **sudo**         | ✔                 | ✔                         | ✔              | ✔              | ❌           |\n| **Docker**       | ✔                 | ✔ (Linux only)            | ❌              | ✔              | ❌           |\n| **Spot pricing** | ✔                 | ❌                         | ✔              | ✔              | ❌           |\n| **OS**           | Linux, Windows    | Linux, Windows             | Linux, Windows | Linux, Windows | Linux         |\n\nThe best provider to use mostly depends on your current infrastructure. When in doubt, CodeBuild is always a good choice. Execution history and logs are easy to view, and it has no restrictive limits unless you need to run for more than 8 hours.\n\n* EC2 is useful when you want runners to have complete access to the host\n* ECS is useful when you want to control the infrastructure, like leaving the runner host running for faster startups\n* Lambda is useful for short jobs that can work within time, size and readonly system constraints\n\nYou can also create your own provider by implementing `IRunnerProvider`.\n\n## Installation\n\n1. Confirm you're using CDK v2\n2. Install the appropriate package\n   1. [Python][6]\n      ```\n      pip install cloudsnorkel.cdk-github-runners\n      ```\n   2. [TypeScript or JavaScript][7]\n      ```\n      npm i @cloudsnorkel/cdk-github-runners\n      ```\n   3. [Java][8]\n      ```xml\n      <dependency>\n      <groupId>com.cloudsnorkel</groupId>\n      <artifactId>cdk.github.runners</artifactId>\n      </dependency>\n      ```\n   4. [Go][11]\n      ```\n      go get github.com/CloudSnorkel/cdk-github-runners-go/cloudsnorkelcdkgithubrunners\n      ```\n   5. [.NET][12]\n      ```\n      dotnet add package CloudSnorkel.Cdk.Github.Runners\n      ```\n3. Use `GitHubRunners` construct in your code (starting with default arguments is fine)\n4. Deploy your stack\n5. Look for the status command output similar to `aws --region us-east-1 lambda invoke --function-name status-XYZ123 status.json`\n6. Execute the status command (you may need to specify `--profile` too) and open the resulting `status.json` file\n7. Open the URL in `github.setup.url` from `status.json` or [manually setup GitHub](SETUP_GITHUB.md) integration as an app or with personal access token\n8. Run status command again to confirm `github.auth.status` and `github.webhook.status` are OK\n9. Trigger a GitHub action that has a `self-hosted` label with `runs-on: [self-hosted, linux, codebuild]` or similar\n10. If the action is not successful, see [troubleshooting](#Troubleshooting)\n\n[![Demo](demo-thumbnail.jpg)](https://youtu.be/wlyv_3V8lIw)\n\n## Customizing\n\nThe default providers configured by `GitHubRunners` are useful for testing but probably not too much for actual production work. They run in the default VPC or no VPC and have no added IAM permissions. You would usually want to configure the providers yourself.\n\nFor example:\n\n```typescript\nlet vpc: ec2.Vpc;\nlet runnerSg: ec2.SecurityGroup;\nlet dbSg: ec2.SecurityGroup;\nlet bucket: s3.Bucket;\n\n// create a custom CodeBuild provider\nconst myProvider = new CodeBuildRunnerProvider(this, 'codebuild runner', {\n  label: 'my-codebuild',\n  vpc: vpc,\n  securityGroup: runnerSg,\n});\n// grant some permissions to the provider\nbucket.grantReadWrite(myProvider);\ndbSg.connections.allowFrom(runnerSg, ec2.Port.tcp(3306), 'allow runners to connect to MySQL database');\n\n// create the runner infrastructure\nnew GitHubRunners(this, 'runners', {\n   providers: [myProvider],\n});\n```\n\nAnother way to customize runners is by modifying the image used to spin them up. The image contains the [runner][5], any required dependencies, and integration code with the provider. You may choose to customize this image by adding more packages, for example.\n\n```typescript\nconst myBuilder = CodeBuildRunnerProvider.imageBuilder(this, 'image builder', {\n   dockerfilePath: FargateRunner.LINUX_X64_DOCKERFILE_PATH,\n   runnerVersion: RunnerVersion.specific('2.291.0'),\n   rebuildInterval: Duration.days(14),\n});\nmyBuilder.addComponent(\n  RunnerImageComponent.custom({ commands: ['apt install -y nginx xz-utils'] })\n);\n\nconst myProvider = new FargateRunnerProvider(this, 'fargate runner', {\n   label: 'customized-fargate',\n   vpc: vpc,\n   securityGroup: runnerSg,\n   imageBuilder: myBuilder,\n});\n\n// create the runner infrastructure\nnew GitHubRunners(this, 'runners', {\n   providers: [myProvider],\n});\n```\n\nYour workflow will then look like:\n\n```yaml\nname: self-hosted example\non: push\njobs:\n  self-hosted:\n    runs-on: [self-hosted, customized-fargate]\n    steps:\n      - run: echo hello world\n```\n\nWindows images can also be customized the same way.\n\n```typescript\nconst myWindowsBuilder = FargateRunnerProvider.imageBuilder(this, 'Windows image builder', {\n  architecture: Architecture.X86_64,\n  os: Os.WINDOWS,\n  runnerVersion: RunnerVersion.specific('2.291.0'),\n  rebuildInterval: Duration.days(14),\n});\nmyWindowsBuilder.addComponent(\n  RunnerImageComponent.custom({\n    name: 'Ninja',\n    commands: [\n      'Invoke-WebRequest -UseBasicParsing -Uri \"https://github.com/ninja-build/ninja/releases/download/v1.11.1/ninja-win.zip\" -OutFile ninja.zip',\n      'Expand-Archive ninja.zip -DestinationPath C:\\\\actions',\n      'del ninja.zip',\n    ],\n  })\n);\n\nconst myProvider = new FargateRunnerProvider(this, 'fargate runner', {\n  label: 'customized-windows-fargate',\n  vpc: vpc,\n  securityGroup: runnerSg,\n  imageBuidler: myWindowsBuilder,\n});\n\nnew GitHubRunners(this, 'runners', {\n  providers: [myProvider],\n});\n```\n\nThe runner OS and architecture is determined by the image it is set to use. For example, to create a Fargate runner provider for ARM64 set the `architecture` property for the image builder to `Architecture.ARM64` in the image builder properties.\n\n```typescript\nnew GitHubRunners(this, 'runners', {\n  providers: [\n    new FargateRunnerProvider(this, 'fargate runner', {\n      labels: ['arm64', 'fargate'],\n      imageBuidler: FargateRunnerProvider.imageBuilder(this, 'image builder', {\n        architecture: Architecture.ARM64,\n        os: Os.LINUX,\n      }),\n    }),\n  ],\n});\n```\n\n## Architecture\n\n![Architecture diagram](architecture.svg)\n\n## Troubleshooting\n\n1. Always start with the status function, make sure no errors are reported, and confirm all status codes are OK\n2. If jobs are stuck on pending:\n   1. Make sure `runs-on` in the workflow matches the expected labels set in the runner provider\n   2. If jobs get stuck often and take a long time to start, cancel the pending jobs and start them again\n4. Confirm the webhook Lambda was called by visiting the URL in `troubleshooting.webhookHandlerUrl` from `status.json`\n   1. If it's not called or logs errors, confirm the webhook settings on the GitHub side\n   2. If you see too many errors, make sure you're only sending `workflow_job` events\n5. When using GitHub app, make sure there are active installation in `github.auth.app.installations`\n6. Check execution details of the orchestrator step function by visiting the URL in `troubleshooting.stepFunctionUrl` from `status.json`\n   1. Use the details tab to find the specific execution of the provider (Lambda, CodeBuild, Fargate, etc.)\n   2. Every step function execution should be successful, even if the runner action inside it failed\n\n## Monitoring\n\nThere are two important ways to monitor your runners:\n\n1. Make sure runners don't fail to start. When that happens, jobs may sit and wait. Use `GitHubRunners.metricFailed()` to get a metric for the number of failed runner starts. You should use this metric to trigger an alarm.\n2. Make sure runner images don't fail to build. Failed runner image builds mean you will get stuck with out-of-date software on your runners. It may lead to security vulnerabilities, or it may lead to slower runner start-ups as the runner software itself needs to be updated. Use `GitHubRunners.failedImageBuildsTopic()` to get SNS topic that gets notified of failed runner image builds. You should subscribe to this topic.\n\nOther useful metrics to track:\n\n1. Use `GitHubRunners.metricJobCompleted()` to get a metric for the number of completed jobs broken down by labels and job success.\n2. Use `GitHubRunners.metricTime()` to get a metric for the total time a runner is running. This includes the overhead of starting the runner.\n\n## Other Options\n\n1. [philips-labs/terraform-aws-github-runner][3] if you're using Terraform\n2. [actions/actions-runner-controller][4] if you're using Kubernetes\n\n\n[1]: https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners\n[2]: https://github.com/marketplace/actions/configure-aws-credentials-action-for-github-actions\n[3]: https://github.com/philips-labs/terraform-aws-github-runner\n[4]: https://github.com/actions/actions-runner-controller\n[5]: https://github.com/actions/runner\n[6]: https://pypi.org/project/cloudsnorkel.cdk-github-runners\n[7]: https://www.npmjs.com/package/@cloudsnorkel/cdk-github-runners\n[8]: https://search.maven.org/search?q=g:%22com.cloudsnorkel%22%20AND%20a:%22cdk.github.runners%22\n[9]: https://docs.github.com/en/developers/apps/getting-started-with-apps/about-apps\n[10]: https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token\n[11]: https://pkg.go.dev/github.com/CloudSnorkel/cdk-github-runners-go/cloudsnorkelcdkgithubrunners\n[12]: https://www.nuget.org/packages/CloudSnorkel.Cdk.Github.Runners/\n[13]: https://constructs.dev/packages/@cloudsnorkel/cdk-github-runners/\n[14]: https://docs.github.com/en/actions/hosting-your-own-runners/autoscaling-with-self-hosted-runners#using-ephemeral-runners-for-autoscaling\n"
+    "markdown": "# GitHub Self-Hosted Runners CDK Constructs\n\n[![NPM](https://img.shields.io/npm/v/@cloudsnorkel/cdk-github-runners?label=npm&logo=npm)][7]\n[![PyPI](https://img.shields.io/pypi/v/cloudsnorkel.cdk-github-runners?label=pypi&logo=pypi)][6]\n[![Maven Central](https://img.shields.io/maven-central/v/com.cloudsnorkel/cdk.github.runners.svg?label=Maven%20Central&logo=apachemaven)][8]\n[![Go](https://img.shields.io/github/v/tag/CloudSnorkel/cdk-github-runners?color=red&label=go&logo=go)][11]\n[![Nuget](https://img.shields.io/nuget/v/CloudSnorkel.Cdk.Github.Runners?color=red&&logo=nuget)][12]\n[![Release](https://github.com/CloudSnorkel/cdk-github-runners/actions/workflows/release.yml/badge.svg)](https://github.com/CloudSnorkel/cdk-github-runners/actions/workflows/release.yml)\n[![License](https://img.shields.io/badge/license-Apache--2.0-blue)](https://github.com/CloudSnorkel/cdk-github-runners/blob/main/LICENSE)\n\nUse this CDK construct to create ephemeral [self-hosted GitHub runners][1] on-demand inside your AWS account.\n\n* Easy to configure GitHub integration with a web-based interface\n* Customizable runners with decent defaults\n* Multiple runner configurations controlled by labels\n* Everything fully hosted in your account\n* Automatically updated build environment with latest runner version\n\nSelf-hosted runners in AWS are useful when:\n\n* You need easy access to internal resources in your actions\n* You want to pre-install some software for your actions\n* You want to provide some basic AWS API access (but [aws-actions/configure-aws-credentials][2] has more security controls)\n* You are using GitHub Enterprise Server\n\nEphemeral (or on-demand) runners are the [recommended way by GitHub][14] for auto-scaling, and they make sure all jobs run with a clean image. Runners are started on-demand. You don't pay unless a job is running.\n\n## API\n\nThe best way to browse API documentation is on [Constructs Hub][13]. It is available in all supported programming languages.\n\n## Providers\n\nA runner provider creates compute resources on-demand and uses [actions/runner][5] to start a runner.\n\n|                  | EC2               | CodeBuild                  | Fargate        | ECS            | Lambda        |\n|------------------|-------------------|----------------------------|----------------|----------------|---------------|\n| **Time limit**   | Unlimited         | 8 hours                    | Unlimited      | Unlimited      | 15 minutes    |\n| **vCPUs**        | Unlimited         | 2, 4, 8, or 72             | 0.25 to 4      | Unlimited      | 1 to 6        |\n| **RAM**          | Unlimited         | 3gb, 7gb, 15gb, or 145gb   | 512mb to 30gb  | Unlimited      | 128mb to 10gb |\n| **Storage**      | Unlimited         | 50gb to 824gb              | 20gb to 200gb  | Unlimited      | Up to 10gb    |\n| **Architecture** | x86_64, ARM64     | x86_64, ARM64              | x86_64, ARM64  | x86_64, ARM64  | x86_64, ARM64 |\n| **sudo**         | ✔                 | ✔                         | ✔              | ✔              | ❌           |\n| **Docker**       | ✔                 | ✔ (Linux only)            | ❌              | ✔              | ❌           |\n| **Spot pricing** | ✔                 | ❌                         | ✔              | ✔              | ❌           |\n| **OS**           | Linux, Windows    | Linux, Windows             | Linux, Windows | Linux, Windows | Linux         |\n\nThe best provider to use mostly depends on your current infrastructure. When in doubt, CodeBuild is always a good choice. Execution history and logs are easy to view, and it has no restrictive limits unless you need to run for more than 8 hours.\n\n* EC2 is useful when you want runners to have complete access to the host\n* ECS is useful when you want to control the infrastructure, like leaving the runner host running for faster startups\n* Lambda is useful for short jobs that can work within time, size and readonly system constraints\n\nYou can also create your own provider by implementing `IRunnerProvider`.\n\n## Installation\n\n1. Install and use the appropriate package\n   <details><summary>Python</summary>\n\n   ### Install\n   Available on [PyPI][6].\n   ```bash\n   pip install cloudsnorkel.cdk-github-runners\n   ```\n   ### Use\n   ```python\n   from cloudsnorkel.cdk_github_runners import GitHubRunners\n\n   GitHubRunners(self, \"runners\")\n   ```\n   </details>\n   <details><summary>TypeScript or JavaScript</summary>\n\n   ### Install\n   Available on [npm][7].\n   ```bash\n   npm i @cloudsnorkel/cdk-github-runners\n   ```\n   ### Use\n   ```typescript\n   import { GitHubRunners } from '@cloudsnorkel/cdk-github-runners';\n\n   new GitHubRunners(this, \"runners\");\n   ```\n   </details>\n   <details><summary>Java</summary>\n\n   ### Install\n   Available on [Maven][8].\n   ```xml\n   <dependency>\n      <groupId>com.cloudsnorkel</groupId>\n      <artifactId>cdk.github.runners</artifactId>\n   </dependency>\n   ```\n   ### Use\n   ```java\n   import com.cloudsnorkel.cdk.github.runners.GitHubRunners;\n\n   GitHubRunners.Builder.create(this, \"runners\").build();\n   ```\n   </details>\n   <details><summary>Go</summary>\n\n   ### Install\n   Available on [GitHub][11].\n   ```bash\n   go get github.com/CloudSnorkel/cdk-github-runners-go/cloudsnorkelcdkgithubrunners\n   ```\n   ### Use\n   ```go\n   import \"github.com/CloudSnorkel/cdk-github-runners-go/cloudsnorkelcdkgithubrunners\"\n\n   NewGitHubRunners(this, jsii.String(\"runners\"))\n   ```\n   </details>\n   <details><summary>.NET</summary>\n\n   ### Install\n   Available on [Nuget][12].\n   ```bash\n   dotnet add package CloudSnorkel.Cdk.Github.Runners\n   ```\n   ### Use\n   ```csharp\n   using CloudSnorkel;\n\n   new GitHubRunners(this, \"runners\");\n   ```\n   </details>\n2. Use `GitHubRunners` construct in your code (starting with default arguments is fine)\n3. Deploy your stack\n4. Look for the status command output similar to `aws --region us-east-1 lambda invoke --function-name status-XYZ123 status.json`\n   ```\n    ✅  github-runners-test\n\n   ✨  Deployment time: 260.01s\n\n   Outputs:\n   github-runners-test.runnersstatuscommand4A30F0F5 = aws --region us-east-1 lambda invoke --function-name github-runners-test-runnersstatus1A5771C0-mvttg8oPQnQS status.json\n   ```\n5. Execute the status command (you may need to specify `--profile` too) and open the resulting `status.json` file\n6. Open the URL in `github.setup.url` from `status.json` or [manually setup GitHub](SETUP_GITHUB.md) integration as an app or with personal access token\n7. Run status command again to confirm `github.auth.status` and `github.webhook.status` are OK\n8. Trigger a GitHub action that has a `self-hosted` label with `runs-on: [self-hosted, linux, codebuild]` or similar\n9. If the action is not successful, see [troubleshooting](#Troubleshooting)\n\n[![Demo](demo-thumbnail.jpg)](https://youtu.be/wlyv_3V8lIw)\n\n## Customizing\n\nThe default providers configured by `GitHubRunners` are useful for testing but probably not too much for actual production work. They run in the default VPC or no VPC and have no added IAM permissions. You would usually want to configure the providers yourself.\n\nFor example:\n\n```typescript\nlet vpc: ec2.Vpc;\nlet runnerSg: ec2.SecurityGroup;\nlet dbSg: ec2.SecurityGroup;\nlet bucket: s3.Bucket;\n\n// create a custom CodeBuild provider\nconst myProvider = new CodeBuildRunnerProvider(this, 'codebuild runner', {\n   labels: ['my-codebuild'],\n   vpc: vpc,\n   securityGroups: [runnerSg],\n});\n// grant some permissions to the provider\nbucket.grantReadWrite(myProvider);\ndbSg.connections.allowFrom(runnerSg, ec2.Port.tcp(3306), 'allow runners to connect to MySQL database');\n\n// create the runner infrastructure\nnew GitHubRunners(this, 'runners', {\n   providers: [myProvider],\n});\n```\n\nAnother way to customize runners is by modifying the image used to spin them up. The image contains the [runner][5], any required dependencies, and integration code with the provider. You may choose to customize this image by adding more packages, for example.\n\n```typescript\nconst myBuilder = CodeBuildRunnerProvider.imageBuilder(this, 'image builder', {\n   dockerfilePath: FargateRunner.LINUX_X64_DOCKERFILE_PATH,\n   runnerVersion: RunnerVersion.specific('2.291.0'),\n   rebuildInterval: Duration.days(14),\n});\nmyBuilder.addComponent(\n  RunnerImageComponent.custom({ commands: ['apt install -y nginx xz-utils'] })\n);\n\nconst myProvider = new FargateRunnerProvider(this, 'fargate runner', {\n   labels: ['customized-fargate'],\n   vpc: vpc,\n   securityGroups: [runnerSg],\n   imageBuilder: myBuilder,\n});\n\n// create the runner infrastructure\nnew GitHubRunners(this, 'runners', {\n   providers: [myProvider],\n});\n```\n\nYour workflow will then look like:\n\n```yaml\nname: self-hosted example\non: push\njobs:\n  self-hosted:\n    runs-on: [self-hosted, customized-fargate]\n    steps:\n      - run: echo hello world\n```\n\nWindows images can also be customized the same way.\n\n```typescript\nconst myWindowsBuilder = FargateRunnerProvider.imageBuilder(this, 'Windows image builder', {\n   architecture: Architecture.X86_64,\n   os: Os.WINDOWS,\n   runnerVersion: RunnerVersion.specific('2.291.0'),\n   rebuildInterval: Duration.days(14),\n});\nmyWindowsBuilder.addComponent(\n        RunnerImageComponent.custom({\n           name: 'Ninja',\n           commands: [\n              'Invoke-WebRequest -UseBasicParsing -Uri \"https://github.com/ninja-build/ninja/releases/download/v1.11.1/ninja-win.zip\" -OutFile ninja.zip',\n              'Expand-Archive ninja.zip -DestinationPath C:\\\\actions',\n              'del ninja.zip',\n           ],\n        })\n);\n\nconst myProvider = new FargateRunnerProvider(this, 'fargate runner', {\n   labels: ['customized-windows-fargate'],\n   vpc: vpc,\n   securityGroups: [runnerSg],\n   imageBuidler: myWindowsBuilder,\n});\n\nnew GitHubRunners(this, 'runners', {\n   providers: [myProvider],\n});\n```\n\nThe runner OS and architecture is determined by the image it is set to use. For example, to create a Fargate runner provider for ARM64 set the `architecture` property for the image builder to `Architecture.ARM64` in the image builder properties.\n\n```typescript\nnew GitHubRunners(this, 'runners', {\n   providers: [\n      new FargateRunnerProvider(this, 'fargate runner', {\n         labels: ['arm64', 'fargate'],\n         imageBuidler: FargateRunnerProvider.imageBuilder(this, 'image builder', {\n            architecture: Architecture.ARM64,\n            os: Os.LINUX_UBUNTU,\n         }),\n      }),\n   ],\n});\n```\n\n## Architecture\n\n![Architecture diagram](architecture.svg)\n\n## Troubleshooting\n\n1. Always start with the status function, make sure no errors are reported, and confirm all status codes are OK\n2. If jobs are stuck on pending:\n   1. Make sure `runs-on` in the workflow matches the expected labels set in the runner provider\n   2. If jobs get stuck often and take a long time to start, cancel the pending jobs and start them again\n4. Confirm the webhook Lambda was called by visiting the URL in `troubleshooting.webhookHandlerUrl` from `status.json`\n   1. If it's not called or logs errors, confirm the webhook settings on the GitHub side\n   2. If you see too many errors, make sure you're only sending `workflow_job` events\n5. When using GitHub app, make sure there are active installation in `github.auth.app.installations`\n6. Check execution details of the orchestrator step function by visiting the URL in `troubleshooting.stepFunctionUrl` from `status.json`\n   1. Use the details tab to find the specific execution of the provider (Lambda, CodeBuild, Fargate, etc.)\n   2. Every step function execution should be successful, even if the runner action inside it failed\n\n## Monitoring\n\nThere are two important ways to monitor your runners:\n\n1. Make sure runners don't fail to start. When that happens, jobs may sit and wait. Use `GitHubRunners.metricFailed()` to get a metric for the number of failed runner starts. You should use this metric to trigger an alarm.\n2. Make sure runner images don't fail to build. Failed runner image builds mean you will get stuck with out-of-date software on your runners. It may lead to security vulnerabilities, or it may lead to slower runner start-ups as the runner software itself needs to be updated. Use `GitHubRunners.failedImageBuildsTopic()` to get SNS topic that gets notified of failed runner image builds. You should subscribe to this topic.\n\nOther useful metrics to track:\n\n1. Use `GitHubRunners.metricJobCompleted()` to get a metric for the number of completed jobs broken down by labels and job success.\n2. Use `GitHubRunners.metricTime()` to get a metric for the total time a runner is running. This includes the overhead of starting the runner.\n\n## Other Options\n\n1. [philips-labs/terraform-aws-github-runner][3] if you're using Terraform\n2. [actions/actions-runner-controller][4] if you're using Kubernetes\n\n\n[1]: https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners\n[2]: https://github.com/marketplace/actions/configure-aws-credentials-action-for-github-actions\n[3]: https://github.com/philips-labs/terraform-aws-github-runner\n[4]: https://github.com/actions/actions-runner-controller\n[5]: https://github.com/actions/runner\n[6]: https://pypi.org/project/cloudsnorkel.cdk-github-runners\n[7]: https://www.npmjs.com/package/@cloudsnorkel/cdk-github-runners\n[8]: https://central.sonatype.com/artifact/com.cloudsnorkel/cdk.github.runners/\n[9]: https://docs.github.com/en/developers/apps/getting-started-with-apps/about-apps\n[10]: https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token\n[11]: https://pkg.go.dev/github.com/CloudSnorkel/cdk-github-runners-go/cloudsnorkelcdkgithubrunners\n[12]: https://www.nuget.org/packages/CloudSnorkel.Cdk.Github.Runners/\n[13]: https://constructs.dev/packages/@cloudsnorkel/cdk-github-runners/\n[14]: https://docs.github.com/en/actions/hosting-your-own-runners/autoscaling-with-self-hosted-runners#using-ephemeral-runners-for-autoscaling\n"
   },
   "repository": {
     "type": "git",
@@ -3174,7 +3174,7 @@
       "base": "constructs.Construct",
       "docs": {
         "deprecated": "use RunnerImageBuilder",
-        "remarks": "Builders can be used with {@link Ec2Runner }.\n\nEach builder re-runs automatically at a set interval to make sure the AMIs contain the latest versions of everything.\n\nYou can create an instance of this construct to customize the AMI used to spin-up runners. Some runner providers may require custom components. Check the runner provider documentation.\n\nFor example, to set a specific runner version, rebuild the image every 2 weeks, and add a few packages for the EC2 provider, use:\n\n```\nconst builder = new AmiBuilder(this, 'Builder', {\n    runnerVersion: RunnerVersion.specific('2.293.0'),\n    rebuildInterval: Duration.days(14),\n});\nbuilder.addComponent(new ImageBuilderComponent(scope, id, {\n  platform: 'Linux',\n  displayName: 'p7zip',\n  description: 'Install some more packages',\n  commands: [\n    'apt-get install p7zip',\n  ],\n}));\nnew Ec2Runner(this, 'EC2 provider', {\n    label: 'custom-ec2',\n    amiBuilder: builder,\n});\n```",
+        "remarks": "Builders can be used with {@link Ec2Runner }.\n\nEach builder re-runs automatically at a set interval to make sure the AMIs contain the latest versions of everything.\n\nYou can create an instance of this construct to customize the AMI used to spin-up runners. Some runner providers may require custom components. Check the runner provider documentation.\n\nFor example, to set a specific runner version, rebuild the image every 2 weeks, and add a few packages for the EC2 provider, use:\n\n```\nconst builder = new AmiBuilder(this, 'Builder', {\n    runnerVersion: RunnerVersion.specific('2.293.0'),\n    rebuildInterval: Duration.days(14),\n});\nbuilder.addComponent(new ImageBuilderComponent(scope, id, {\n  platform: 'Linux',\n  displayName: 'p7zip',\n  description: 'Install some more packages',\n  commands: [\n    'apt-get install p7zip',\n  ],\n}));\nnew Ec2RunnerProvider(this, 'EC2 provider', {\n    labels: ['custom-ec2'],\n    amiBuilder: builder,\n});\n```",
         "stability": "deprecated",
         "summary": "An AMI builder that uses AWS Image Builder to build AMIs pre-baked with all the GitHub Actions runner requirements."
       },
@@ -4070,7 +4070,7 @@
       "kind": "interface",
       "locationInModule": {
         "filename": "src/image-builders/aws-image-builder/builder.ts",
-        "line": 32
+        "line": 33
       },
       "name": "AwsImageBuilderRunnerImageBuilderProps",
       "properties": [
@@ -4084,7 +4084,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/image-builders/aws-image-builder/builder.ts",
-            "line": 38
+            "line": 39
           },
           "name": "instanceType",
           "optional": true,
@@ -4100,7 +4100,7 @@
       "base": "constructs.Construct",
       "docs": {
         "deprecated": "use RunnerImageBuilder",
-        "remarks": "Builders can be used with runner providers.\n\nEach builder re-runs automatically at a set interval to make sure the images contain the latest versions of everything.\n\nYou can create an instance of this construct to customize the image used to spin-up runners. Each provider has its own requirements for what an image should do. That's why they each provide their own Dockerfile.\n\nFor example, to set a specific runner version, rebuild the image every 2 weeks, and add a few packages for the Fargate provider, use:\n\n```\nconst builder = new CodeBuildImageBuilder(this, 'Builder', {\n    dockerfilePath: FargateProvider.LINUX_X64_DOCKERFILE_PATH,\n    runnerVersion: RunnerVersion.specific('2.293.0'),\n    rebuildInterval: Duration.days(14),\n});\nbuilder.setBuildArg('EXTRA_PACKAGES', 'nginx xz-utils');\nnew FargateRunner(this, 'Fargate provider', {\n    label: 'customized-fargate',\n    imageBuilder: builder,\n});\n```",
+        "remarks": "Builders can be used with runner providers.\n\nEach builder re-runs automatically at a set interval to make sure the images contain the latest versions of everything.\n\nYou can create an instance of this construct to customize the image used to spin-up runners. Each provider has its own requirements for what an image should do. That's why they each provide their own Dockerfile.\n\nFor example, to set a specific runner version, rebuild the image every 2 weeks, and add a few packages for the Fargate provider, use:\n\n```\nconst builder = new CodeBuildImageBuilder(this, 'Builder', {\n    dockerfilePath: FargateRunnerProvider.LINUX_X64_DOCKERFILE_PATH,\n    runnerVersion: RunnerVersion.specific('2.293.0'),\n    rebuildInterval: Duration.days(14),\n});\nbuilder.setBuildArg('EXTRA_PACKAGES', 'nginx xz-utils');\nnew FargateRunnerProvider(this, 'Fargate provider', {\n    labels: ['customized-fargate'],\n    imageBuilder: builder,\n});\n```",
         "stability": "deprecated",
         "summary": "An image builder that uses CodeBuild to build Docker images pre-baked with all the GitHub Actions runner requirements."
       },
@@ -5358,7 +5358,7 @@
       "base": "constructs.Construct",
       "docs": {
         "deprecated": "use RunnerImageBuilder",
-        "remarks": "Builders can be used with runner providers.\n\nThe CodeBuild builder is better and faster. Only use this one if you have no choice. For example, if you need Windows containers.\n\nEach builder re-runs automatically at a set interval to make sure the images contain the latest versions of everything.\n\nYou can create an instance of this construct to customize the image used to spin-up runners. Some runner providers may require custom components. Check the runner provider documentation. The default components work with CodeBuild and Fargate.\n\nFor example, to set a specific runner version, rebuild the image every 2 weeks, and add a few packages for the Fargate provider, use:\n\n```\nconst builder = new ContainerImageBuilder(this, 'Builder', {\n    runnerVersion: RunnerVersion.specific('2.293.0'),\n    rebuildInterval: Duration.days(14),\n});\nnew CodeBuildRunner(this, 'CodeBuild provider', {\n    label: 'custom-codebuild',\n    imageBuilder: builder,\n});\n```",
+        "remarks": "Builders can be used with runner providers.\n\nThe CodeBuild builder is better and faster. Only use this one if you have no choice. For example, if you need Windows containers.\n\nEach builder re-runs automatically at a set interval to make sure the images contain the latest versions of everything.\n\nYou can create an instance of this construct to customize the image used to spin-up runners. Some runner providers may require custom components. Check the runner provider documentation. The default components work with CodeBuild and Fargate.\n\nFor example, to set a specific runner version, rebuild the image every 2 weeks, and add a few packages for the Fargate provider, use:\n\n```\nconst builder = new ContainerImageBuilder(this, 'Builder', {\n    runnerVersion: RunnerVersion.specific('2.293.0'),\n    rebuildInterval: Duration.days(14),\n});\nnew CodeBuildRunnerProvider(this, 'CodeBuild provider', {\n    labels: ['custom-codebuild'],\n    imageBuilder: builder,\n});\n```",
         "stability": "deprecated",
         "summary": "An image builder that uses AWS Image Builder to build Docker images pre-baked with all the GitHub Actions runner requirements."
       },
@@ -6435,7 +6435,7 @@
         {
           "abstract": true,
           "docs": {
-            "default": "Ec2ProviderProps.imageBuilder()",
+            "default": "Ec2RunnerProvider.imageBuilder()",
             "remarks": "The image builder determines the OS and architecture of the runner.",
             "stability": "experimental",
             "summary": "Runner image builder used to build AMI containing GitHub Runner and all requirements."
@@ -8115,7 +8115,7 @@
       "assembly": "@cloudsnorkel/cdk-github-runners",
       "base": "constructs.Construct",
       "docs": {
-        "remarks": "It creates a webhook, secrets, and a step function to orchestrate all runs. Secrets are not automatically filled. See README.md for instructions on how to setup GitHub integration.\n\nBy default, this will create a runner provider of each available type with the defaults. This is good enough for the initial setup stage when you just want to get GitHub integration working.\n\n```typescript\nnew GitHubRunners(this, 'runners');\n```\n\nUsually you'd want to configure the runner providers so the runners can run in a certain VPC or have certain permissions.\n\n```typescript\nconst vpc = ec2.Vpc.fromLookup(this, 'vpc', { vpcId: 'vpc-1234567' });\nconst runnerSg = new ec2.SecurityGroup(this, 'runner security group', { vpc: vpc });\nconst dbSg = ec2.SecurityGroup.fromSecurityGroupId(this, 'database security group', 'sg-1234567');\nconst bucket = new s3.Bucket(this, 'runner bucket');\n\n// create a custom CodeBuild provider\nconst myProvider = new CodeBuildRunner(\n  this, 'codebuild runner',\n  {\n     label: 'my-codebuild',\n     vpc: vpc,\n     securityGroup: runnerSg,\n  },\n);\n// grant some permissions to the provider\nbucket.grantReadWrite(myProvider);\ndbSg.connections.allowFrom(runnerSg, ec2.Port.tcp(3306), 'allow runners to connect to MySQL database');\n\n// create the runner infrastructure\nnew GitHubRunners(\n  this,\n  'runners',\n  {\n    providers: [myProvider],\n  }\n);\n```",
+        "remarks": "It creates a webhook, secrets, and a step function to orchestrate all runs. Secrets are not automatically filled. See README.md for instructions on how to setup GitHub integration.\n\nBy default, this will create a runner provider of each available type with the defaults. This is good enough for the initial setup stage when you just want to get GitHub integration working.\n\n```typescript\nnew GitHubRunners(this, 'runners');\n```\n\nUsually you'd want to configure the runner providers so the runners can run in a certain VPC or have certain permissions.\n\n```typescript\nconst vpc = ec2.Vpc.fromLookup(this, 'vpc', { vpcId: 'vpc-1234567' });\nconst runnerSg = new ec2.SecurityGroup(this, 'runner security group', { vpc: vpc });\nconst dbSg = ec2.SecurityGroup.fromSecurityGroupId(this, 'database security group', 'sg-1234567');\nconst bucket = new s3.Bucket(this, 'runner bucket');\n\n// create a custom CodeBuild provider\nconst myProvider = new CodeBuildRunnerProvider(\n  this, 'codebuild runner',\n  {\n     labels: ['my-codebuild'],\n     vpc: vpc,\n     securityGroups: [runnerSg],\n  },\n);\n// grant some permissions to the provider\nbucket.grantReadWrite(myProvider);\ndbSg.connections.allowFrom(runnerSg, ec2.Port.tcp(3306), 'allow runners to connect to MySQL database');\n\n// create the runner infrastructure\nnew GitHubRunners(\n  this,\n  'runners',\n  {\n    providers: [myProvider],\n  }\n);\n```",
         "stability": "experimental",
         "summary": "Create all the required infrastructure to provide self-hosted GitHub runners."
       },
@@ -9048,7 +9048,7 @@
       "kind": "interface",
       "locationInModule": {
         "filename": "src/image-builders/aws-image-builder/builder.ts",
-        "line": 44
+        "line": 45
       },
       "name": "ImageBuilderAsset",
       "properties": [
@@ -9061,7 +9061,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/image-builders/aws-image-builder/builder.ts",
-            "line": 53
+            "line": 54
           },
           "name": "asset",
           "type": {
@@ -9077,7 +9077,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/image-builders/aws-image-builder/builder.ts",
-            "line": 48
+            "line": 49
           },
           "name": "path",
           "type": {
@@ -9103,7 +9103,7 @@
         },
         "locationInModule": {
           "filename": "src/image-builders/aws-image-builder/builder.ts",
-          "line": 127
+          "line": 128
         },
         "parameters": [
           {
@@ -9129,7 +9129,7 @@
       "kind": "class",
       "locationInModule": {
         "filename": "src/image-builders/aws-image-builder/builder.ts",
-        "line": 114
+        "line": 115
       },
       "methods": [
         {
@@ -9139,7 +9139,7 @@
           },
           "locationInModule": {
             "filename": "src/image-builders/aws-image-builder/builder.ts",
-            "line": 229
+            "line": 230
           },
           "name": "grantAssetsRead",
           "parameters": [
@@ -9157,7 +9157,7 @@
           },
           "locationInModule": {
             "filename": "src/image-builders/aws-image-builder/builder.ts",
-            "line": 235
+            "line": 236
           },
           "name": "prefixCommandsWithErrorHandling",
           "parameters": [
@@ -9237,7 +9237,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/image-builders/aws-image-builder/builder.ts",
-            "line": 118
+            "line": 119
           },
           "name": "arn",
           "type": {
@@ -9252,7 +9252,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/image-builders/aws-image-builder/builder.ts",
-            "line": 123
+            "line": 124
           },
           "name": "platform",
           "type": {
@@ -9273,7 +9273,7 @@
       "kind": "interface",
       "locationInModule": {
         "filename": "src/image-builders/aws-image-builder/builder.ts",
-        "line": 59
+        "line": 60
       },
       "name": "ImageBuilderComponentProperties",
       "properties": [
@@ -9287,7 +9287,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/image-builders/aws-image-builder/builder.ts",
-            "line": 80
+            "line": 81
           },
           "name": "commands",
           "type": {
@@ -9308,7 +9308,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/image-builders/aws-image-builder/builder.ts",
-            "line": 73
+            "line": 74
           },
           "name": "description",
           "type": {
@@ -9324,7 +9324,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/image-builders/aws-image-builder/builder.ts",
-            "line": 68
+            "line": 69
           },
           "name": "displayName",
           "type": {
@@ -9341,7 +9341,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/image-builders/aws-image-builder/builder.ts",
-            "line": 63
+            "line": 64
           },
           "name": "platform",
           "type": {
@@ -9357,7 +9357,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/image-builders/aws-image-builder/builder.ts",
-            "line": 85
+            "line": 86
           },
           "name": "assets",
           "optional": true,
@@ -9380,7 +9380,7 @@
           "immutable": true,
           "locationInModule": {
             "filename": "src/image-builders/aws-image-builder/builder.ts",
-            "line": 92
+            "line": 93
           },
           "name": "reboot",
           "optional": true,
@@ -11507,7 +11507,7 @@
         {
           "abstract": true,
           "docs": {
-            "default": "OS.LINUX",
+            "default": "OS.LINUX_UBUNTU",
             "stability": "experimental",
             "summary": "Image OS."
           },
@@ -12940,6 +12940,6 @@
       "symbolId": "src/image-builders/aws-image-builder/deprecated/windows-components:WindowsComponents"
     }
   },
-  "version": "0.9.5",
-  "fingerprint": "V+KyphB/VHigagS07H6ZFAsLHZDxDcwHuUU2M43SHDw="
+  "version": "0.9.6",
+  "fingerprint": "dXLB8R7bVjXz9NvFFt0Yd2eBeyqrjen4wC9L+uovCr0="
 }

package/API.md

@@ -29,8 +29,8 @@ builder.addComponent(new ImageBuilderComponent(scope, id, {
     'apt-get install p7zip',
   ],
 }));
-new Ec2Runner(this, 'EC2 provider', {
-    label: 'custom-ec2',
+new Ec2RunnerProvider(this, 'EC2 provider', {
+    labels: ['custom-ec2'],
     amiBuilder: builder,
 });
 ```
@@ -240,13 +240,13 @@ For example, to set a specific runner version, rebuild the image every 2 weeks,
 
 ```
 const builder = new CodeBuildImageBuilder(this, 'Builder', {
-    dockerfilePath: FargateProvider.LINUX_X64_DOCKERFILE_PATH,
+    dockerfilePath: FargateRunnerProvider.LINUX_X64_DOCKERFILE_PATH,
     runnerVersion: RunnerVersion.specific('2.293.0'),
     rebuildInterval: Duration.days(14),
 });
 builder.setBuildArg('EXTRA_PACKAGES', 'nginx xz-utils');
-new FargateRunner(this, 'Fargate provider', {
-    label: 'customized-fargate',
+new FargateRunnerProvider(this, 'Fargate provider', {
+    labels: ['customized-fargate'],
     imageBuilder: builder,
 });
 ```
@@ -1221,8 +1221,8 @@ const builder = new ContainerImageBuilder(this, 'Builder', {
     runnerVersion: RunnerVersion.specific('2.293.0'),
     rebuildInterval: Duration.days(14),
 });
-new CodeBuildRunner(this, 'CodeBuild provider', {
-    label: 'custom-codebuild',
+new CodeBuildRunnerProvider(this, 'CodeBuild provider', {
+    labels: ['custom-codebuild'],
     imageBuilder: builder,
 });
 ```
@@ -3039,12 +3039,12 @@ const dbSg = ec2.SecurityGroup.fromSecurityGroupId(this, 'database security grou
 const bucket = new s3.Bucket(this, 'runner bucket');
 
 // create a custom CodeBuild provider
-const myProvider = new CodeBuildRunner(
+const myProvider = new CodeBuildRunnerProvider(
   this, 'codebuild runner',
   {
-     label: 'my-codebuild',
+     labels: ['my-codebuild'],
      vpc: vpc,
-     securityGroup: runnerSg,
+     securityGroups: [runnerSg],
   },
 );
 // grant some permissions to the provider
@@ -5693,7 +5693,7 @@ public readonly imageBuilder: IRunnerImageBuilder;
 ```
 
 - *Type:* <a href="#@cloudsnorkel/cdk-github-runners.IRunnerImageBuilder">IRunnerImageBuilder</a>
-- *Default:* Ec2ProviderProps.imageBuilder()
+- *Default:* Ec2RunnerProvider.imageBuilder()
 
 Runner image builder used to build AMI containing GitHub Runner and all requirements.
 
@@ -7545,7 +7545,7 @@ public readonly os: Os;
 ```
 
 - *Type:* <a href="#@cloudsnorkel/cdk-github-runners.Os">Os</a>
-- *Default:* OS.LINUX
+- *Default:* OS.LINUX_UBUNTU
 
 Image OS.
 

package/README.md

@@ -55,39 +55,96 @@ You can also create your own provider by implementing `IRunnerProvider`.
 
 ## Installation
 
-1. Confirm you're using CDK v2
-2. Install the appropriate package
-   1. [Python][6]
-      ```
-      pip install cloudsnorkel.cdk-github-runners
-      ```
-   2. [TypeScript or JavaScript][7]
-      ```
-      npm i @cloudsnorkel/cdk-github-runners
-      ```
-   3. [Java][8]
-      ```xml
-      <dependency>
+1. Install and use the appropriate package
+   <details><summary>Python</summary>
+
+   ### Install
+   Available on [PyPI][6].
+   ```bash
+   pip install cloudsnorkel.cdk-github-runners
+   ```
+   ### Use
+   ```python
+   from cloudsnorkel.cdk_github_runners import GitHubRunners
+   
+   GitHubRunners(self, "runners")
+   ```
+   </details>
+   <details><summary>TypeScript or JavaScript</summary>
+
+   ### Install
+   Available on [npm][7].
+   ```bash
+   npm i @cloudsnorkel/cdk-github-runners
+   ```
+   ### Use
+   ```typescript
+   import { GitHubRunners } from '@cloudsnorkel/cdk-github-runners';
+   
+   new GitHubRunners(this, "runners");
+   ```
+   </details>
+   <details><summary>Java</summary>
+
+   ### Install
+   Available on [Maven][8].
+   ```xml
+   <dependency>
       <groupId>com.cloudsnorkel</groupId>
       <artifactId>cdk.github.runners</artifactId>
-      </dependency>
-      ```
-   4. [Go][11]
-      ```
-      go get github.com/CloudSnorkel/cdk-github-runners-go/cloudsnorkelcdkgithubrunners
-      ```
-   5. [.NET][12]
-      ```
-      dotnet add package CloudSnorkel.Cdk.Github.Runners
-      ```
-3. Use `GitHubRunners` construct in your code (starting with default arguments is fine)
-4. Deploy your stack
-5. Look for the status command output similar to `aws --region us-east-1 lambda invoke --function-name status-XYZ123 status.json`
-6. Execute the status command (you may need to specify `--profile` too) and open the resulting `status.json` file
-7. Open the URL in `github.setup.url` from `status.json` or [manually setup GitHub](SETUP_GITHUB.md) integration as an app or with personal access token
-8. Run status command again to confirm `github.auth.status` and `github.webhook.status` are OK
-9. Trigger a GitHub action that has a `self-hosted` label with `runs-on: [self-hosted, linux, codebuild]` or similar
-10. If the action is not successful, see [troubleshooting](#Troubleshooting)
+   </dependency>
+   ```
+   ### Use
+   ```java
+   import com.cloudsnorkel.cdk.github.runners.GitHubRunners;
+   
+   GitHubRunners.Builder.create(this, "runners").build();
+   ```
+   </details>
+   <details><summary>Go</summary>
+
+   ### Install
+   Available on [GitHub][11].
+   ```bash
+   go get github.com/CloudSnorkel/cdk-github-runners-go/cloudsnorkelcdkgithubrunners
+   ```
+   ### Use
+   ```go
+   import "github.com/CloudSnorkel/cdk-github-runners-go/cloudsnorkelcdkgithubrunners"
+   
+   NewGitHubRunners(this, jsii.String("runners"))
+   ```
+   </details>
+   <details><summary>.NET</summary>
+
+   ### Install
+   Available on [Nuget][12].
+   ```bash
+   dotnet add package CloudSnorkel.Cdk.Github.Runners
+   ```
+   ### Use
+   ```csharp
+   using CloudSnorkel;
+   
+   new GitHubRunners(this, "runners");
+   ```
+   </details>
+2. Use `GitHubRunners` construct in your code (starting with default arguments is fine)
+3. Deploy your stack
+4. Look for the status command output similar to `aws --region us-east-1 lambda invoke --function-name status-XYZ123 status.json`
+   ```
+    ✅  github-runners-test
+
+   ✨  Deployment time: 260.01s
+   
+   Outputs:
+   github-runners-test.runnersstatuscommand4A30F0F5 = aws --region us-east-1 lambda invoke --function-name github-runners-test-runnersstatus1A5771C0-mvttg8oPQnQS status.json
+   ```
+5. Execute the status command (you may need to specify `--profile` too) and open the resulting `status.json` file
+6. Open the URL in `github.setup.url` from `status.json` or [manually setup GitHub](SETUP_GITHUB.md) integration as an app or with personal access token
+7. Run status command again to confirm `github.auth.status` and `github.webhook.status` are OK
+8. Trigger a GitHub action that has a `self-hosted` label with `runs-on: [self-hosted, linux, codebuild]` or similar
+9. If the action is not successful, see [troubleshooting](#Troubleshooting)
 
 [![Demo](demo-thumbnail.jpg)](https://youtu.be/wlyv_3V8lIw)
 
@@ -104,10 +161,10 @@ let dbSg: ec2.SecurityGroup;
 let bucket: s3.Bucket;
 
 // create a custom CodeBuild provider
-const myProvider = new CodeBuildRunnerProvider(this, 'codebuild runner', { 
-  label: 'my-codebuild',
-  vpc: vpc,
-  securityGroup: runnerSg,
+const myProvider = new CodeBuildRunnerProvider(this, 'codebuild runner', {
+   labels: ['my-codebuild'],
+   vpc: vpc,
+   securityGroups: [runnerSg],
 });
 // grant some permissions to the provider
 bucket.grantReadWrite(myProvider);
@@ -132,9 +189,9 @@ myBuilder.addComponent(
 );
 
 const myProvider = new FargateRunnerProvider(this, 'fargate runner', {
-   label: 'customized-fargate',
+   labels: ['customized-fargate'],
    vpc: vpc,
-   securityGroup: runnerSg,
+   securityGroups: [runnerSg],
    imageBuilder: myBuilder,
 });
 
@@ -160,31 +217,31 @@ Windows images can also be customized the same way.
 
 ```typescript
 const myWindowsBuilder = FargateRunnerProvider.imageBuilder(this, 'Windows image builder', {
-  architecture: Architecture.X86_64,
-  os: Os.WINDOWS,
-  runnerVersion: RunnerVersion.specific('2.291.0'),
-  rebuildInterval: Duration.days(14),    
+   architecture: Architecture.X86_64,
+   os: Os.WINDOWS,
+   runnerVersion: RunnerVersion.specific('2.291.0'),
+   rebuildInterval: Duration.days(14),
 });
 myWindowsBuilder.addComponent(
-  RunnerImageComponent.custom({
-    name: 'Ninja',
-    commands: [
-      'Invoke-WebRequest -UseBasicParsing -Uri "https://github.com/ninja-build/ninja/releases/download/v1.11.1/ninja-win.zip" -OutFile ninja.zip',
-      'Expand-Archive ninja.zip -DestinationPath C:\\actions',
-      'del ninja.zip',
-    ],
-  })
+        RunnerImageComponent.custom({
+           name: 'Ninja',
+           commands: [
+              'Invoke-WebRequest -UseBasicParsing -Uri "https://github.com/ninja-build/ninja/releases/download/v1.11.1/ninja-win.zip" -OutFile ninja.zip',
+              'Expand-Archive ninja.zip -DestinationPath C:\\actions',
+              'del ninja.zip',
+           ],
+        })
 );
 
 const myProvider = new FargateRunnerProvider(this, 'fargate runner', {
-  label: 'customized-windows-fargate',
-  vpc: vpc,
-  securityGroup: runnerSg,
-  imageBuidler: myWindowsBuilder,
+   labels: ['customized-windows-fargate'],
+   vpc: vpc,
+   securityGroups: [runnerSg],
+   imageBuidler: myWindowsBuilder,
 });
 
 new GitHubRunners(this, 'runners', {
-  providers: [myProvider],
+   providers: [myProvider],
 });
 ```
 
@@ -192,15 +249,15 @@ The runner OS and architecture is determined by the image it is set to use. For
 
 ```typescript
 new GitHubRunners(this, 'runners', {
-  providers: [
-    new FargateRunnerProvider(this, 'fargate runner', {
-      labels: ['arm64', 'fargate'],
-      imageBuidler: FargateRunnerProvider.imageBuilder(this, 'image builder', {
-        architecture: Architecture.ARM64,
-        os: Os.LINUX,
+   providers: [
+      new FargateRunnerProvider(this, 'fargate runner', {
+         labels: ['arm64', 'fargate'],
+         imageBuidler: FargateRunnerProvider.imageBuilder(this, 'image builder', {
+            architecture: Architecture.ARM64,
+            os: Os.LINUX_UBUNTU,
+         }),
       }),
-    }),
-  ],
+   ],
 });
 ```
 
@@ -247,7 +304,7 @@ Other useful metrics to track:
 [5]: https://github.com/actions/runner
 [6]: https://pypi.org/project/cloudsnorkel.cdk-github-runners
 [7]: https://www.npmjs.com/package/@cloudsnorkel/cdk-github-runners
-[8]: https://search.maven.org/search?q=g:%22com.cloudsnorkel%22%20AND%20a:%22cdk.github.runners%22
+[8]: https://central.sonatype.com/artifact/com.cloudsnorkel/cdk.github.runners/
 [9]: https://docs.github.com/en/developers/apps/getting-started-with-apps/about-apps
 [10]: https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token
 [11]: https://pkg.go.dev/github.com/CloudSnorkel/cdk-github-runners-go/cloudsnorkelcdkgithubrunners