GitHub runners
Last updated
Last updated
This feature is experimental.
Not recommended for production usage yet, since it might introduce breaking changes in the future.
Feedback is welcome and much appreciated!
Earthly satellites are now bundled with a GitHub Actions runner, so they can directly pull jobs from GitHub Actions without the need of an intermediate runner.
These runners come with the Earthly CLI preinstalled and configured to use the satellite BuildKit instance, so GitHub Actions jobs will share the same satellite cache as the traditional satellite builds.
Satellite-based GitHub Actions runners can be enabled for a particular repository or for all repositories of a GitHub organization at once.
The integration process requires you to be a GitHub organization or repository admin, and to provide us with a GitHub token, so we can:
register a webhook in your GitHub repository/organization to receive the events generated from your GitHub Actions jobs
create GitHub self-hosted runners on demand, to process your repository/organization jobs
Follow the next steps to create such integrations:
Go to GitHub's new token page to create a new GitHub classic token.
Give a name to your token that clearly shows its purpose, for example:
Set the token as non-expiring (notice that the integration won't work after the token expires)
Check the following scopes:
For organization integrations: admin:org
,admin:org_hook
Alternatively, for repository integrations: repo
,admin:repo_hook
Click "generate token"
Copy the token value to use it in the following step
Alternatively, if you prefer creating a fine-grained token, make sure to set the following permissions for it: org: organization_hooks:write
, organization_self_hosted_runners:write
, repo: repository_hooks:write
, administration:write
and an expiration time long enough, since the integration won't work after the token expires.
Create the integration using the earthly gha add
CLI command, passing the token created in the previous step.
This feature needs to be enabled during satellite creation to be able to use it.
Launch the satellite with the enable-gha-runner
feature-flag enabled.
To enable the GH runner for a self-hosted satellite, set this environment entry when launching it:
also note that the satellite container must have access to the docker daemon in order to run the GitHub Actions jobs in containers:
Example
Required version: Use at least earthly/satellite:v0.8.13
Logs
You should see a log message like this, when the GitHub Actions runner is enabled:
In order to make a job run into the satellite, you'll need to reference the satellite name in its runs-on label as follows:
The following example runs the +build
target in the satellite. Given that the GH runner is configured to use the satellite BuildKit instance, the persistent satellite cache is implicitly used here.
Make sure you have an EARTHLY_TOKEN available in your GitHub Actions secrets store, and add it to the job environment, as shown in the previous example. Future versions will remove this requirement.
List the integrations of your Earthly organization with the earthly gha ls
CLI command:
Remove an integration using the earthly gha remove
CLI command: