Merge pull request #36 from pvlltvk/master

Add support for organization runners + use handler

Author: MonolithProjects

README.md

@@ -60,6 +60,9 @@ github_server: "https://github.com"
 # Personal Access Token
 access_token: "{{ lookup('env', 'PERSONAL_ACCESS_TOKEN') }}"
 
+# Is it runner for organization or not
+runner_org: false
+
 # Account used for Runner registration (GitHub Repository user with admin rights or Organization owner)
 # github_account: "youruser"
 
@@ -85,6 +88,21 @@ Runner service will run under the same user as the Ansible is using for ssh conn
     - role: monolithprojects.github_actions_runner
 ```
 
+Same example, but runner will be added to an organization
+
+```yaml
+---
+- name: GitHub Actions Runner
+  hosts: all
+  user: ansible
+  become: yes
+  vars:
+    - github_account: my_awesome_org
+    - runner_org: true
+  roles:
+    - role: monolithprojects.github_actions_runner
+```
+
 In this example the Ansible role will deploy (or redeploy) the GitHub Actions runner service (version 2.165.2) and register the runner for the GitHub repo. Runner service will run under the user `runner-user`.
 
 ```yaml

defaults/main.yml

@@ -23,6 +23,9 @@ github_server: "https://github.com"
 # Personal Access Token for your GitHub account
 access_token: "{{ lookup('env', 'PERSONAL_ACCESS_TOKEN') }}"
 
+# Is it runner for organization or not
+runner_org: false
+
 # GitHub Repository user or Organization owner used for Runner registration
 # github_account: "youruser"
 

handlers/main.yml

@@ -1,2 +1,6 @@
 ---
 # handlers file for ansible-github_actions_runner
+- name: Restart runner service
+  service:
+   name: "{{ runner_service }}"
+   state: restarted

tasks/collect_info_org.yml

@@ -0,0 +1,43 @@
+---
+- name: Get registration token (RUN ONCE)
+  uri:
+    url: "https://api.github.com/orgs/{{ github_account }}/actions/runners/registration-token"
+    headers:
+      Authorization: "token {{ access_token }}"
+      Accept: "application/vnd.github.v3+json"
+    method: POST
+    status_code: 201
+    force_basic_auth: yes
+  register: registration
+  run_once: yes
+  tags:
+    - install
+    - uninstall
+
+- name: Check currently registered runners (RUN ONCE)
+  uri:
+    url: "https://api.github.com/orgs/{{ github_account }}/actions/runners"
+    headers:
+      Authorization: "token {{ access_token }}"
+      Accept: "application/vnd.github.v3+json"
+    method: GET
+    status_code: 200
+    force_basic_auth: yes
+  register: registered_runners
+  run_once: yes
+  tags:
+    - install
+    - uninstall
+
+- name: Check service facts
+  service_facts:
+  tags:
+    - install
+    - uninstall
+
+- name: Build service name
+  set_fact:
+    runner_service: "actions.runner.{{ github_account[:45] }}.{{ ansible_hostname }}.service"
+  tags:
+    - install
+    - uninstall

tasks/collect_info.yml renamed to tasks/collect_info_repo.yml

@@ -72,30 +72,56 @@
     owner: "{{ runner_user }}"
     mode: 0755
   when: runner_version not in runner_installed.stdout
+  notify:
+    - Restart runner service
   tags:
     - install
 
-- name: Register runner (if new installation)
+- name: Register runner (if new installation) for repo
   command: "{{ runner_dir }}/./config.sh --url {{ github_server }}/{{ github_owner | default(github_account) }}/{{ github_repo }} \
             --token {{ registration.json.token }} --unattended"
   args:
     chdir: "{{ runner_dir }}"
   become: yes
   become_user: "{{ runner_user }}"
   no_log: "{{ hide_sensitive_logs | bool }}"
-  when: ansible_hostname not in registered_runners.json.runners|map(attribute='name')|list
+  when: ansible_hostname not in registered_runners.json.runners|map(attribute='name')|list and not runner_org
   tags:
     - install
 
-- name: Replace registered runner
+- name: Register runner (if new installation) for organization
+  command: "{{ runner_dir }}/./config.sh --url {{ github_server }}/{{ github_owner | default(github_account) }} \
+            --token {{ registration.json.token }} --unattended"
+  args:
+    chdir: "{{ runner_dir }}"
+  become: yes
+  become_user: "{{ runner_user }}"
+  no_log: "{{ hide_sensitive_logs | bool }}"
+  when: ansible_hostname not in registered_runners.json.runners|map(attribute='name')|list and runner_org
+  tags:
+    - install
+
+- name: Replace registered runner for repo
   command: "{{ runner_dir }}/config.sh --url {{ github_server }}/{{ github_owner | default(github_account) }}/{{ github_repo }} \
             --token {{ registration.json.token }} --unattended --replace"
   args:
     chdir: "{{ runner_dir }}"
   become: yes
   become_user: "{{ runner_user }}"
   no_log: "{{ hide_sensitive_logs | bool }}"
-  when: replace_runner and ansible_hostname in registered_runners.json.runners|map(attribute='name')|list
+  when: replace_runner and ansible_hostname in registered_runners.json.runners|map(attribute='name')|list and not github_org
+  tags:
+    - install
+
+- name: Replace registered runner for organization
+  command: "{{ runner_dir }}/config.sh --url {{ github_server }}/{{ github_owner | default(github_account) }} \
+            --token {{ registration.json.token }} --unattended --replace"
+  args:
+    chdir: "{{ runner_dir }}"
+  become: yes
+  become_user: "{{ runner_user }}"
+  no_log: "{{ hide_sensitive_logs | bool }}"
+  when: replace_runner and ansible_hostname in registered_runners.json.runners|map(attribute='name')|list and github_org
   tags:
     - install
 

tasks/install_runner.yml

@@ -1,5 +1,12 @@
 ---
-- include_tasks: collect_info.yml
+- include_tasks: collect_info_org.yml
+  when: runner_org
+  tags:
+    - install
+    - uninstall
+
+- include_tasks: collect_info_repo.yml
+  when: not runner_org
   tags:
     - install
     - uninstall