-
Notifications
You must be signed in to change notification settings - Fork 22
/
Copy pathconfig.yaml
150 lines (149 loc) · 6.81 KB
/
config.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
# Copyright 2025 Canonical Ltd.
# See LICENSE file for licensing details.
options:
dockerhub-mirror:
type: string
default: ""
description: >-
The URL to the private docker registry configured as the dockerhub mirror to be used by the
runners. If set a message will be displayed prior to job execution on self-hosted runner
informing users to use the provided registry. You must use https:// as the protocol.
openstack-clouds-yaml:
type: string
default: ""
description: >-
The clouds.yaml yaml necessary for OpenStack integration.
The format for the clouds.yaml is described in the docs:
(https://docs.openstack.org/python-openstackclient/pike/configuration/index.html#clouds-yaml).
openstack-flavor:
type: string
default: ""
description: |
(Deprecated, use flavor-label-list instead)
The openstack flavor to use to spawn virtual machines. This controls the hardware resource
of the virtual machines. See docs for details:
(https://docs.openstack.org/nova/rocky/user/flavors.html).
openstack-network:
type: string
default: ""
description: |
The openstack network for virtual machines hosting the runners. The network must allow this
application to be able to access the virtual machine though the IP assigned by the openstack
network. See docs for details:
(https://docs.openstack.org/neutron/latest/admin/intro-os-networking.html).
experimental-use-aproxy:
type: boolean
default: false
description: >-
(Experimental, may be removed) When set to true, aproxy (https://github.com/canonical/aproxy)
will be installed within the runners. It will forward all HTTP(S) traffic to standard ports
(80, 443) to a proxy server configured by the juju model config 'juju-http-proxy'
(or, if this is not set, 'juju-https-proxy' will be used).
This is useful when the charm is deployed in a network that requires a proxy to access the
internet.
Note that you should not specify a proxy server listening on port 80 or 443, as all traffic
to these ports is relayed to aproxy, which would cause an infinite loop.
group:
type: string
default: "default"
description: >-
The organization runner group to register the self-hosted runner under. This has no effect on
runners under a repository.
labels:
type: string
default: ""
description: >-
Additional comma separated labels to attach to self-hosted runners. By default, the labels
"self-hosted", architecture (i.e. "x64", "arm64"), os (i.e. "linux"), os-flavor (i.e.
"jammy") are set. Any labels provided via this configuration will be appended to the default
values.
path:
type: string
default: ""
description: >-
The organization or the repository to register the self-hosted runners. For organization the
path would be the name of the organization. For repository the path should be in the
"{owner}/{repo}" format.
reconcile-interval:
type: int
default: 10
description: >-
Minutes between each reconciliation of the current runners state and their targeted state.
On reconciliation, the charm polls the state of runners and see if actions are needed. A
random delay of 25% is added. Changes to this time interval will apply when next interval is
triggered. Prior to reconciliation, any packages, and services used by the software will be
updated.
repo-policy-compliance-token:
type: string
description: >-
The token to authenticate with the repository-policy-compliance service in order to
generate one-time-tokens. This option requires the repo-policy-compliance-url to be set.
If not set, the repository-policy-compliance service will not be used.
repo-policy-compliance-url:
type: string
description: >-
The URL to the repository-policy-compliance service. This option requires the
repo-policy-compliance-token to be set. If not set, the repository-policy-compliance service
will not be used. This option is only supported when using OpenStack Cloud.
test-mode:
type: string
description: >-
When set to 'insecure', the charm test mode is activated, which may deactivate some security
hardening measures.
token:
type: string
default: ""
description: >-
The GitHub Personal Access Token for registering the self-hosted runners. The token requires
'repo' scope for repository runners and 'repo' + 'admin:org' scope for organization runners.
For fine grained token scopes, see
https://charmhub.io/github-runner/docs/how-to-change-token.
virtual-machines:
type: int
default: 0
description: >-
(Deprecated, use base-virtual-machines or max-total-virtual-machines instead)
The number of virtual machine runners. This charm will spawn or destroy virtual machines
runners to match this setting. Setting virtual-machines to non-zero and any of
base-virtual-machines or max-total-virtual-machines will block the charm.
base-virtual-machines:
type: int
default: 0
description: >-
The number of non-reactive virtual machine runners spawned by the charm per each
combination of flavor and base. Currently, if the charm is integrated with MongoDB
this config option will be ignored.
max-total-virtual-machines:
type: int
default: 0
description: >-
If the github-runner charm is integrated with MongoDB, the reactive mode will not spawn
new virtual machines if there are max-total-virtual-machines of more virtual machines
managed by the charm.
flavor-label-combinations:
type: string
default: ""
description: >-
List of "flavor:label" entries separated by ",". The flavor will correspond to a OpenStack
flavor and the label will be a label for the GitHub runner. Only one flavor-label combination
is supported at the moment. A valid configuration looks like "m1.small:small".
manager-ssh-proxy-command:
type: string
default: ""
description: >-
Optional ProxyCommand used by the ssh connection which is used to access the virtual
machine runners from the runner manager. It is equivalent to ProxyCommand in ssh-config,
but without a shell. For example, a value could be something like:
`bash -c "openssl s_client -quiet -connect 192.168.20.2:2222 -servername %h 2> /dev/null"`
runner-http-proxy:
type: string
default: ""
description: >-
The HTTP proxy value to use for the runners. If not specified, the model configuration option
juju-http-proxy will be used instead.
use-runner-proxy-for-tmate:
type: boolean
default: false
description: >-
When set to true, the ssh connection from the runner to the tmate-ssh-server will be done
using the proxy for the runner.