GKE 中的 GitHub 运行器设置
我正在尝试在 GKE 中创建一个 GitHub actions 自托管运行器。 为此,我使用 Ubuntu 基础镜像创建了 Docker 并下载了 GitHub 运行程序代码。
curl -o actions-runner-linux-x64-2.288.1.tar.gz -L https://github.com/actions/runner/releases/download/v2.288.1/actions-runner-linux-x64-2.288.1.tar.gz
./config.sh
使用 Kubernetes deployment.yaml 文件在 Kubernetes 集群中部署运行程序,但在 POD 日志中我看到以下错误,并且运行程序无法使用 GitHub 帐户进行身份验证。
--------------------------------------------------------------------------------
| ____ _ _ _ _ _ _ _ _ |
| / ___(_) |_| | | |_ _| |__ / \ ___| |_(_) ___ _ __ ___ |
| | | _| | __| |_| | | | | '_ \ / _ \ / __| __| |/ _ \| '_ \/ __| |
| | |_| | | |_| _ | |_| | |_) | / ___ \ (__| |_| | (_) | | | \__ \ |
| \____|_|\__|_| |_|\__,_|_.__/ /_/ \_\___|\__|_|\___/|_| |_|___/ |
| |
| Self-hosted runner registration |
| |
--------------------------------------------------------------------------------
# Authentication
The SSL connection could not be established, see inner exception.
An error occurred: Not configured
我们使用 Istio 作为 Kubernetes 集群中的服务网格。
I am trying to create a GitHub actions self-host runner in GKE.
For the I created the Docker with Ubuntu base image and downloaded the GitHub runner code.
curl -o actions-runner-linux-x64-2.288.1.tar.gz -L https://github.com/actions/runner/releases/download/v2.288.1/actions-runner-linux-x64-2.288.1.tar.gz
./config.sh
Using the Kubernetes deployment.yaml file deployed the runner in the Kubernetes cluster, but in POD logs I am seeing the below error and the runner is unable to authenticate with the GitHub account.
--------------------------------------------------------------------------------
| ____ _ _ _ _ _ _ _ _ |
| / ___(_) |_| | | |_ _| |__ / \ ___| |_(_) ___ _ __ ___ |
| | | _| | __| |_| | | | | '_ \ / _ \ / __| __| |/ _ \| '_ \/ __| |
| | |_| | | |_| _ | |_| | |_) | / ___ \ (__| |_| | (_) | | | \__ \ |
| \____|_|\__|_| |_|\__,_|_.__/ /_/ \_\___|\__|_|\___/|_| |_|___/ |
| |
| Self-hosted runner registration |
| |
--------------------------------------------------------------------------------
# Authentication
The SSL connection could not be established, see inner exception.
An error occurred: Not configured
We are using Istio as a service mesh in our Kubernetes cluster.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
正如我之前提到的,我正在使用 Istio,在 Istio 中将以下 URL 列入白名单后。
我的问题得到解决,我可以在 Kubernetes 集群中创建一个运行程序。
api.github.com
raw.githubusercontent.com
oauth2.googleapis.com
As I mentioned earlier I am using Istio, After whitelisting the below URL in Istio.
My issue got resolved and I am able to create a runner in the Kubernetes cluster.
api.github.com
raw.githubusercontent.com
oauth2.googleapis.com
根据此文档,在安装之前您应该已经安装了 cert-经理:
之后,您有两种方式进行 actions-runner-控制器使用 GitHub API 进行身份验证:
请参阅 此处 设置步骤GitHub 应用程序身份验证和此处 PAT 认证。
Based on this documentation before installation you should have had already installed cert-manager:
After that you have two ways for actions-runner-controller to authenticate with the GitHub API:
See here setup steps for GitHub App Authentication and here for PAT Authentication.