From dcd20a8458e2dce00ce68ae9e4f8e64b99ee29ea Mon Sep 17 00:00:00 2001 From: Tarun Verghis Date: Wed, 22 Jan 2025 21:35:55 -0800 Subject: [PATCH] Document `market-type` (#211) * Document `market-type` * Fix blank line * Fix note * Try to fix note syntax --- README.md | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 7f94c8f3..19748696 100644 --- a/README.md +++ b/README.md @@ -141,9 +141,19 @@ Use the following steps to prepare your workflow for running on your EC2 self-ho These example policies above are provided as a guide. They can and most likely should be limited even more by specifying the resources you use. + 2. Add the keys to GitHub secrets. 3. Use the [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) action to set up the keys as environment variables. +> [!IMPORTANT] +> If you are planning on using Spot instances for your runner, AWS uses a service-linked role to provision the instances. +> +> For this to work, at least one of the following must be true: +> - The service-linked role exists already. This happens if you request a Spot instance via the AWS Console interface. +> - You create the service-linked role via the Console, AWS CLI or AWS API. +> - You grant the IAM role above permissions to create the service-linked role at runtime. +> See the docs [here](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create-service-linked-role.html) and [here](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/service-linked-roles-spot-instance-requests.html) for more details. + **2. Prepare GitHub personal access token** 1. Create a new GitHub personal access token with the `repo` scope. @@ -205,8 +215,8 @@ Now you're ready to go! | `iam-role-name` | Optional. Used only with the `start` mode. | IAM role name to attach to the created EC2 runner.

This allows the runner to have permissions to run additional actions within the AWS account, without having to manage additional GitHub secrets and AWS users.

Setting this requires additional AWS permissions for the role launching the instance (see above). | | `aws-resource-tags` | Optional. Used only with the `start` mode. | Specifies tags to add to the EC2 instance and any attached storage.

This field is a stringified JSON array of tag objects, each containing a `Key` and `Value` field (see example below).

Setting this requires additional AWS permissions for the role launching the instance (see above). | | `runner-home-dir` | Optional. Used only with the `start` mode. | Specifies a directory where pre-installed actions-runner software and scripts are located.

| -| `pre-runner-script` | Optional. Used only with the `start` mode. | Specifies bash commands to run before the runner starts. It's useful for installing dependencies with apt-get, yum, dnf, etc. For example:
          - name: Start EC2 runner
            with:
              mode: start
              ...
              pre-runner-script: \|
                 sudo yum update -y && \ 
                 sudo yum install docker git libicu -y
                 sudo systemctl enable docker
-

| +| `pre-runner-script` | Optional. Used only with the `start` mode. | Specifies bash commands to run before the runner starts. It's useful for installing dependencies with apt-get, yum, dnf, etc. For example:
          - name: Start EC2 runner
            with:
              mode: start
              ...
              pre-runner-script: \|
                 sudo yum update -y && \ 
                 sudo yum install docker git libicu -y
                 sudo systemctl enable docker
| +| `market-type` | Optional. Used only with the `start` mode. | The only valid option is `spot`. If `spot` is specified, a Spot instance will be requested. If left unspecified, an on-demand instance will be provisioned. | ### Environment variables