Dockerfile

• ユーザー actions-runner を作成する
• ghコマンドをインストールする

FROM docker.io/ubuntu:jammy

ENV REPO_URL=
ENV REPO_ORG=
ENV REPO_NAME=
ENV GITHUB_TOKEN=
ENV RUNNER_BASE_NAME=

ENV NONINTERACTIVE=1

RUN apt-get -y update
RUN apt-get -y install \
    curl bash sudo gcc uuid git jq

RUN mkdir actions-runner && cd actions-runner \
    && curl -o actions-runner-linux-x64-2.311.0.tar.gz -L https://github.com/actions/runner/releases/download/v2.311.0/actions-runner-linux-x64-2.311.0.tar.gz \
    && echo "29fc8cf2dab4c195bb147384e7e2c94cfd4d4022c793b346a6175435265aa278  actions-runner-linux-x64-2.311.0.tar.gz" | sha256sum -c \
    && tar xzf ./actions-runner-linux-x64-2.311.0.tar.gz
RUN ./actions-runner/bin/installdependencies.sh

RUN useradd --uid 1001 --create-home --shell /bin/bash -G sudo,root actions-runner
RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers

ENV HOMEBREW_NO_INSTALL_CLEANUP=disable
RUN /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
RUN /home/linuxbrew/.linuxbrew/bin/brew install gh

COPY entry_point.sh .
USER actions-runner
WORKDIR /home/actions-runner
RUN echo 'export PATH="/home/linuxbrew/.linuxbrew/bin:$PATH"' >>  $HOME/.rc

CMD ["/entry_point.sh"]

entry_point.sh

jitconfigを作成するAPIを叩いてrunnerを起動します。
プロダクションで使用する場合は、jitconfigを作成する部分は外部で叩いてjitconfigだけ渡せると良いでしょう。

#!/usr/bin/env bash

source .rc

jitconfig=$(
    gh api \
        --method POST \
        -H "Accept: application/vnd.github+json" \
        -H "X-GitHub-Api-Version: 2022-11-28" \
        /repos/$REPO_ORG/$REPO_NAME/actions/runners/generate-jitconfig \
        -f name=$RUNNER_BASE_NAME-$(uuid) \
        -F runner_group_id=1 \
        -f "labels[]=self-hosted" -f "labels[]=X64" -f "labels[]=Linux" \
        -f work_folder='work'
)
encoded_jit_config=$(echo $jitconfig | jq --raw-output .encoded_jit_config)
echo $encoded_jit_config

/actions-runner/run.sh --jitconfig $encoded_jit_config