Using a self-hosted runner with GitHub Actions

As I was going through the excellent short course called Azure Infrastructure as Code with GitHub (by fellow MVP, Barbara Forbes), a thought appeared – what do I need to do to use my custom runner machine inside a pipeline for… I don’t know… security/privacy concerns, isolation, special requirements, different OS, control, price… or just to complicate things a bit?

Of course, GitHub supports this and it’s called a self-hosted runner.

So, what do I need to do to use this self-hosted runner with my GitHub Actions?

It’s relatively simple – there is an application package, which will be installed on your runner machine, and which will listen for and eventually do all the work defined in your workflow!

But first, let’s introduce my environment.

I have a simple GitHub Action (workflow), which creates a simple storage account on my Azure environment (there is actually no need to convert Bicep to ARM before deployment, but it seemed cool ?). It’s currently using the „ubuntu-latest“ runner, provided by GitHub… which has also all the needed components inside (like Azure CLI, Azure PowerShell, …).

And it works fine. When there is a push to my GitHub repository, GitHub Actions starts and does what is needed on my Azure environment via this workflow:

And the mighty Bicep file (?) it’s using for the deployment is:

Of course, this runs just fine on a standard (hosted) runner:

To run this workflow (successfully) not that much is needed.

First, I’ve created a new virtual machine (I’ll use a simple Ubuntu Hyper-V VM, no autoscaling, no… nothing) called hermes (god of speed ?), with freshly installed Ubuntu 22.04.1-LTS (minimized).

After that, I went to the Settings of my GitHub repository and got the download and install scripts for the x64 Linux runner:

As you can see, I’ll be using crontab later to automatically (re)start my self-hosted runner.

If everything went well, you should see your runner “up and running” (?) in the GitHub portal:

Next, I’ll use the following script to install all prerequisites for my workflow (like Azure CLI, Azure PowerShell, etc. – it really depends on your workflow and things you use):

Once this is done, my self-hosted runner hermes should be ready to run the workflow.

To try this, I need to make a slight update to my workflow file – line 12 inside the job configuration should be updated from “runs-on: ubuntu-latest” to “runs-on: self-hosted“.

So, my workflow YAML file now looks like this:

And once I push the configuration to my GitHub, my workflow automatically starts and runs on hermes, my self-hosted runner:

If we prepared our runner right, all is good! ?

Of course, our resources are deployed successfully:

So, this is how you can use your own, self-hosted runner, to execute your GitHub Actions (workflows).

Cheers!

What about this Bicep?

You’ve probably heard about Azure Resource Manager (ARM) – the deployment and management service/layer of Azure, which enables you to manage (create, configure, delete) your Azure resources. Also, you are probably aware that ARM uses so called ARM templates – basically, JSON files that actually define the infrastructure and configuration you want to deploy to Azure (think Infrastructure as Code, IaC).

So, if you have dealt with ARM/JSON in the past, you may have been finding it difficult to start with, and somewhat complex.

Bicep is here to help.

Here is a short overview of Bicep – basically, it’s a language which enables you easier deployment of Azure resources, without messing around (too much) with JSON. To be frank, it somehow reminds of Terraform, but it’s also different. It has many cool features, immediately supports all new Azure features and APIs, can be built (converted) into .json and deployed as such or it can be deployed straight away as .bicep, doesn’t require state file, it’s open and free, has great support in Visual Studio Code and much more. And it’s still in active development!

If you’re dealing with IaC and Azure, try it.

To show you the power (and simplicity) of Bicep, here is a short example of deploying Linux virtual machine in Azure (together with a resource group, virtual network, virtual network subnet, virtual NIC and network security group), done “the old way” (in JSON, which was actually converted from Bicep… it’s easier than writing JSON from the scratch) and then done via Bicep (“the right way”? ?).

Additionally, you’ll see that I’ve tried to break stuff into modules – with more or less sucess. ?

The ARM/JSON way (could be done nicer/shorter, with parameters inside .parameters.json… if you know what you’re doing – this is converted from Bicep and serves just for illustrative purposes):

 

The Bicep way:



Bicep seems a bit easier to read and shorter, right (while still doing basically the same thing)? ?

If we deploy the .bicep files above (note that I’m deploying the “raw” .bicep file directly – which is cool!):


We finally get our resources:

So, where should you start if you’re new to Bicep?

I would certainly recommend starting with free and official Deploy and manage resources in Azure by using Bicep learning path on Microsoft Learn.

After that, you can probably pick up Freek Berson’s book Getting started with Bicep: Infrastructure as Code on Azure (first and only book on Bicep that I know of – really liked it because of the simple (yet effective) examples with storage accounts, it connects everything and flows naturally – building up “brick by brick” and not “jumping around”, just to show off what Bicep can do).

Another great resource are also the Bicep examples – there’s plenty to learn from them too!

Of course, you’ll also need to practice – install the Azure CLI or Azure PowerShell module, add Bicep and use Visual Studio Code for your first steps with creating, deleting, configuring and breaking stuff… powered by Bicep! ?

Cheers!

WinDays 12 – afterword…

So… another year, another WinDays conference is over… In short, it was fun (as always).

This year (like the year before), I was in charge of preparing the lab environment for almost all of the workshops happening at Centar Znanja – this was intense but also fun…

This year, at Wednesday, I had a session about Windows 8 deployment, called “A što je s klijentima?”. Session was early in the morning, but from my perspective, attendance was great, session was also OK (those who attended can say more about it Smile)!

I was using Windows Server “8” Beta as the basis for my lab, was deploying Windows “8” Consumer Preview with Windows ADK, Microsoft Deployment Toolkit 2012 and System Center Configuration Manager 2012. My lab wouldn’t be possible without the support of my “sponsor” – Kodeks, who provided me with the new, 12th generation Dell PowerEdge R720 server (thank you guys for this one!). I can say that this is indeed a fine piece of machinery, wish to have couple of these for all of my demos & workshops (Smile)…

I also had a workshop called “Build your private cloud in 3 hours” at Thursday (with my colleague Marin) which was fun – early morning, half of the room full, lots of work to be done… it was a success!

Photos (thanks to Romeo & Bojana):

Again, thanks to everyone who attended my session and workshop (or was planning to attend but was recovering from “yesterday” Smile); hope to hear from you & see you next year at WinDays 13!

Deployment Guides & Tools

Nakon godišnjih i ostalih odmora, vrijeme je da se lagano posvetim svakodnevnim obavezama. Svima koji se tek spremaju na godišnji, sretan im bio (uz lijepo vrijeme), a za sve one koji su se vratili, nadam se da ste se odmorili… Smile

Jučer sam naišao na, po meni, jako dobre materijale koje bih želio s vama podijeliti, a vezani su uz deployment.

Microsoftov MVP (Setup &  Deployment), Johan Arwidmark, koji je ujedno i dio TrueSec tima, skupio je hrpu materijala koji vam mogu pomoći da ovladate umijećem Windows deploymenta.

Ovo je inače drugi takav CD, a osnovna ideja mu je olakšati sam proces deploymenta i upoznati administratore sa potrebnim alatima (MDT 2010, odnosno SCCM 2007 R2), ali i svime ostalim što bi im moglo zatrebati. CD je zamišljen kao skup dokumenata i skripti koje vam mogu pomoći, a najljepši dio su svakako video tutoriali.

Materijali su dostupni na ovim stranicama, a nalaze se zapakirani u .iso image CD-a (cca. 180 MB), a za njihovo preuzimanje se je potrebno registrirati (link za preuzimanje dolazi e-mailom kroz dan-dva).

Dodatan resurs jest i Jonathanov blog koji se nalazi ovdje.

<

p>Ukoliko se bavite (ili namjeravate baviti) Windows deploymentom, mislim da ne biste trebali propustiti ovu priliku…

Dostupan MDT 2010 Update 1

Microsoft Deployment Toolkit 2010 Update 1 je, nakon perioda beta testiranja (beta je bila dostupna od sredine svibnja), danas konačno ugledao svjetlo dana u svojoj konačnoj verziji.

Ukoliko koristite MDT 2010, MDT 2008 ili BDD 2007, preporuča se nadogradnja na najsvježiju verziju jer su ispravljeni uočeni bugovi, ali i dodane nove mogućnosti…

<

p>Jedna od najvažnijih novosti je mogućnost deploymenta novog Officea (2010), a ostali detalji i download se nalaze ovdje.