werf · alexey-igrychev · Nov 25, 2024 · Nov 14, 2024 · Nov 15, 2024 · Nov 15, 2024
diff --git a/bin/configurator/config.yml b/bin/configurator/config.yml
@@ -100,8 +100,10 @@ combinations:
       - name: "buildBackend"
         value: "docker"
 
-  # github actions simple
+  # GitHub actions host docker
   - tabs:
+      - name: "infra"
+        includePath: "/configurator/tab/ci/github-actions/simple/host-runner/linux/docker/infra.md.liquid"
       - name: "project"
         includePath: "/configurator/tab/ci/github-actions/simple/host-runner/linux/docker/project.md.liquid"
     options:
@@ -122,6 +124,54 @@ combinations:
       - name: "repoType"
         value: "application"
 
+  # GitHub Actions host buildah
+  - tabs:
+      - name: "infra"
+        includePath: "/configurator/tab/ci/github-actions/simple/host-runner/linux/buildah/infra.md.liquid"
+      - name: "project"
+        includePath: "/configurator/tab/ci/github-actions/simple/host-runner/linux/buildah/project.md.liquid"
+    options:
+      - name: "usage"
+        value: "ci"
+      - name: "ci"
+        value: "githubActions"
+      - name: "runnerType"
+        value: "hostRunner"
+      - name: "os"
+        value: "linux"
+      - name: "buildBackend"
+        value: "buildah"
+      - name: "projectType"
+        value: "simplified"
+      - name: "sharedCICD"
+        value: "no"
+      - name: "repoType"
+        value: "application"
+
+#GitHub Actions ci/cd docker
+  - tabs:
+      - name: "infra"
+        includePath: "/configurator/tab/ci/github-actions/simple/docker-runner/linux/buildah/infra.md.liquid"
+      - name: "project"
+        includePath: "/configurator/tab/ci/github-actions/simple/docker-runner/linux/buildah/project.md.liquid"
+    options:
+      - name: "usage"
+        value: "ci"
+      - name: "ci"
+        value: "githubActions"
+      - name: "runnerType"
+        value: "dockerRunner"
+      - name: "os"
+        value: "linux"
+      - name: "buildBackend"
+        value: "buildah"
+      - name: "projectType"
+        value: "simplified"
+      - name: "sharedCICD"
+        value: "no"
+      - name: "repoType"
+        value: "application"
+
   # gitlab ci cd simple
   - tabs:
       - name: "infra"

diff --git a/bin/configurator/static/_includes/en/configurator/partials/ci/buildah_install.md.liquid b/bin/configurator/static/_includes/en/configurator/partials/ci/buildah_install.md.liquid
@@ -1,4 +1,4 @@
-### Installing Buildah
+### Setting up the build environment with Buildah
 
 Follow these steps on the GitLab Runner host to install Buildah:
 

diff --git a/bin/configurator/static/_includes/en/configurator/partials/ci/buildah_ubuntu.md.liquid b/bin/configurator/static/_includes/en/configurator/partials/ci/buildah_ubuntu.md.liquid
@@ -0,0 +1,7 @@
+### Setting up the build environment with Buildah
+
+(For Ubuntu 23.10 and later) on the GitLab Runner host run:
+
+```shell
+{ echo "kernel.apparmor_restrict_unprivileged_userns = 0" && echo "kernel.apparmor_restrict_unprivileged_unconfined = 0";} | sudo tee -a /etc/sysctl.d/20-apparmor-donotrestrict.conf && sudo sysctl -p /etc/sysctl.d/20-apparmor-donotrestrict.conf
+```
diff --git a/...gurator/static/_includes/en/configurator/partials/ci/gitlab_docker_main_section.md.liquid b/...gurator/static/_includes/en/configurator/partials/ci/gitlab_docker_main_section.md.liquid
@@ -6,13 +6,7 @@
 
   - [Docker Engine](https://docs.docker.com/engine/install/).
 
-### Prepare the environment
-
-(For Ubuntu 23.10 and later) on the GitLab Runner host run:
-
-```shell
-{ echo "kernel.apparmor_restrict_unprivileged_userns = 0" && echo "kernel.apparmor_restrict_unprivileged_unconfined = 0";} | sudo tee -a /etc/sysctl.d/20-apparmor-donotrestrict.conf && sudo sysctl -p /etc/sysctl.d/20-apparmor-donotrestrict.conf
-```
+{% include configurator/partials/ci/buildah_ubuntu.md.liquid %}
 
 ### Installing GitLab Runner
 

diff --git a/...tor/static/_includes/en/configurator/partials/ci/gitlab_kubernetes_main_section.md.liquid b/...tor/static/_includes/en/configurator/partials/ci/gitlab_kubernetes_main_section.md.liquid
@@ -8,13 +8,7 @@
 
 Follow [official instructions](https://docs.gitlab.com/runner/install/) to install and register the GitLab Runner. If you are going to install your GitLab Runner in Kubernetes, then install it to `gitlab-ci` namespace.
 
-### Prepare the environment
-
-(For Ubuntu 23.10 and later) on the GitLab Runner nodes run:
-
-```shell
-{ echo "kernel.apparmor_restrict_unprivileged_userns = 0" && echo "kernel.apparmor_restrict_unprivileged_unconfined = 0";} | sudo tee -a /etc/sysctl.d/20-apparmor-donotrestrict.conf && sudo sysctl -p /etc/sysctl.d/20-apparmor-donotrestrict.conf
-```
+{% include configurator/partials/ci/buildah_ubuntu.md.liquid %}
 
 ### Basic GitLab Runner configuration (no caching)
 

diff --git a/bin/configurator/static/_includes/en/configurator/partials/dev/buildah_install.md.liquid b/bin/configurator/static/_includes/en/configurator/partials/dev/buildah_install.md.liquid
@@ -1,4 +1,4 @@
-### Installing Buildah
+### Setting up the build environment with Buildah
 
 Perform the following steps to install Buildah:
 

diff --git a/...urator/tab/ci/argocd-with-gitlab-ci-cd/simple/docker-runner/linux/buildah/infra.md.liquid b/...urator/tab/ci/argocd-with-gitlab-ci-cd/simple/docker-runner/linux/buildah/infra.md.liquid
@@ -8,13 +8,7 @@
 
 - [Argo CD](https://argo-cd.readthedocs.io/en/stable/getting_started/#1-install-argo-cd).
 
-### Prepare the environment
-
-(For Ubuntu 23.10 and later) on the GitLab Runner host run:
-
-```shell
-{ echo "kernel.apparmor_restrict_unprivileged_userns = 0" && echo "kernel.apparmor_restrict_unprivileged_unconfined = 0";} | sudo tee -a /etc/sysctl.d/20-apparmor-donotrestrict.conf && sudo sysctl -p /etc/sysctl.d/20-apparmor-donotrestrict.conf
-```
+{% include configurator/partials/ci/buildah_ubuntu.md.liquid %}
 
 ### Installing GitLab Runner
 

diff --git a/...or/tab/ci/argocd-with-gitlab-ci-cd/simple/kubernetes-runner/linux/buildah/infra.md.liquid b/...or/tab/ci/argocd-with-gitlab-ci-cd/simple/kubernetes-runner/linux/buildah/infra.md.liquid
@@ -6,13 +6,7 @@
 
 - [Argo CD](https://argo-cd.readthedocs.io/en/stable/getting_started/#1-install-argo-cd).
 
-### Prepare the environment
-
-(For Ubuntu 23.10 and later) on the GitLab Runner nodes run:
-
-```shell
-{ echo "kernel.apparmor_restrict_unprivileged_userns = 0" && echo "kernel.apparmor_restrict_unprivileged_unconfined = 0";} | sudo tee -a /etc/sysctl.d/20-apparmor-donotrestrict.conf && sudo sysctl -p /etc/sysctl.d/20-apparmor-donotrestrict.conf
-```
+{% include configurator/partials/ci/buildah_ubuntu.md.liquid %}
 
 ### Install GitLab Runner
 

diff --git a/.../en/configurator/tab/ci/github-actions/simple/docker-runner/linux/buildah/infra.md.liquid b/.../en/configurator/tab/ci/github-actions/simple/docker-runner/linux/buildah/infra.md.liquid
@@ -0,0 +1,15 @@
+> **_Important_**: this section describes preparing the infrastructure for self-hosted GitHub Runner
+
+### Requirements
+
+- GitHub Actions;
+
+- Host to run GitHub Runner with:
+
+  - [Docker Engine](https://docs.docker.com/engine/install/).
+
+### Installing and registering GitHub Runner
+
+Install and register GitHub Runner on its dedicated host by following the [official instructions](https://docs.github.com/en/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners).
+
+{% include configurator/partials/ci/buildah_ubuntu.md.liquid %}
diff --git a/...n/configurator/tab/ci/github-actions/simple/docker-runner/linux/buildah/project.md.liquid b/...n/configurator/tab/ci/github-actions/simple/docker-runner/linux/buildah/project.md.liquid
@@ -0,0 +1,35 @@
+### Requirements
+
+* GitHub Actions;
+
+* GitHub-hosted Runner or self-hosted runner.
+
+### Setting up a GitHub project
+
+* [Create and save the access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens) to clean up the no longer needed images from the container registry with the following parameters:
+
+  * Token name: `werf-images-cleanup`;
+
+  * Scopes: `read:packages` and `delete:packages`.
+
+* Add the following variable to the project [secrets](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions):
+
+  * Access token to clean up the no longer needed images:
+
+    * Name: `REGISTRY_CLEANUP_TOKEN`;
+
+    * Secret: `<"werf-images-cleanup" access token you saved earlier>`.
+
+* Save the kubeconfig file to access the Kubernetes cluster as a `KUBECONFIG_BASE64` [encrypted secret](https://docs.github.com/en/actions/security-guides/encrypted-secrets), pre-encoding it in Base64.
+
+### Configuring CI/CD of the project
+
+This is how the repository that uses werf for build and deploy might look:
+
+{% tree_file_viewer '/examples/configurator/ci-cd/simple/github-actions/docker-runner/linux/buildah' default_file='.github/workflows/prod.yml' %}
+
+Extras:
+
+  * To use GitHub-hosted Runner, specify `ubuntu-latest` in `runs-on`;
+
+  * If you do not use ghcr as a container registry, then enter `WERF_REPO`, run [werf cr login](https://werf.io/docs/v1.2/reference/cli/werf_cr_login.html), and also take into account [features](https://werf.io/docs/v1.2/usage/cleanup/cr_cleanup.html#features-of-working-with-different-container-registries) of your container registry when cleaning.
diff --git a/...es/en/configurator/tab/ci/github-actions/simple/host-runner/linux/buildah/infra.md.liquid b/...es/en/configurator/tab/ci/github-actions/simple/host-runner/linux/buildah/infra.md.liquid
@@ -0,0 +1,19 @@
+> **_Important_**: this section describes preparing the infrastructure for self-hosted GitHub Runner
+
+### Requirements
+
+- GitHub Actions;
+
+- Host to run GitHub Runner with:
+
+  - Bash;
+
+  - Git version 2.18.0 or above;
+
+  - GPG.
+
+### Installing and registering the GitHub Runner
+
+Follow [official instructions](https://docs.github.com/en/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners) to install and register the GitHub Runner on your dedicated host.
+
+{% include configurator/partials/ci/buildah_install.md.liquid %}
diff --git a/.../en/configurator/tab/ci/github-actions/simple/host-runner/linux/buildah/project.md.liquid b/.../en/configurator/tab/ci/github-actions/simple/host-runner/linux/buildah/project.md.liquid
@@ -0,0 +1,35 @@
+### Requirements
+
+* GitHub Actions;
+
+* GitHub-hosted Runner or self-hosted runner.
+
+### Setting up a GitHub project
+
+* [Create and save the access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens) to clean up the no longer needed images from the container registry with the following parameters:
+
+  * Token name: `werf-images-cleanup`;
+
+  * Scopes: `read:packages` and `delete:packages`.
+
+* Add the following variable to the project [secrets](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions):
+
+  * Access token to clean up the no longer needed images:
+
+    * Name: `REGISTRY_CLEANUP_TOKEN`;
+
+    * Secret: `<"werf-images-cleanup" access token you saved earlier>`.
+
+* Save the kubeconfig file to access the Kubernetes cluster as a `KUBECONFIG_BASE64` [encrypted secret](https://docs.github.com/en/actions/security-guides/encrypted-secrets), pre-encoding it in Base64.
+
+### Configuring CI/CD of the project
+
+This is how the repository that uses werf for build and deploy might look:
+
+{% tree_file_viewer '/examples/configurator/ci-cd/simple/github-actions/host-runner/linux/buildah' default_file='.github/workflows/prod.yml' %}
+
+Extras:
+
+  * To use GitHub-hosted Runner, specify `ubuntu-latest` in `runs-on`;
+
+  * If you do not use ghcr as a container registry, then enter `WERF_REPO`, run [werf cr login](https://werf.io/docs/v1.2/reference/cli/werf_cr_login.html), and also take into account [features](https://werf.io/docs/v1.2/usage/cleanup/cr_cleanup.html#features-of-working-with-different-container-registries) of your container registry when cleaning.
diff --git a/...des/en/configurator/tab/ci/github-actions/simple/host-runner/linux/docker/infra.md.liquid b/...des/en/configurator/tab/ci/github-actions/simple/host-runner/linux/docker/infra.md.liquid
@@ -0,0 +1,19 @@
+> **_Important_**: this section describes preparing the infrastructure for self-hosted GitHub Runner
+
+### Requirements
+
+- GitHub Actions;
+
+- Host to run GitHub Runner with:
+
+  - Bash;
+
+  - Git version 2.18.0 or above;
+
+  - GPG;
+
+  - [Docker Engine](https://docs.docker.com/engine/install/).
+
+### Installing and registering the GitHub Runner
+
+Follow [official instructions](https://docs.github.com/en/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners) to install and register the GitHub Runner on your dedicated host.
diff --git a/...s/en/configurator/tab/ci/github-actions/simple/host-runner/linux/docker/project.md.liquid b/...s/en/configurator/tab/ci/github-actions/simple/host-runner/linux/docker/project.md.liquid
@@ -2,17 +2,34 @@
 
 * GitHub Actions;
 
-* GitHub-hosted Linux Runner.
+* GitHub-hosted Runner or self-hosted runner.
 
 ### Setting up a GitHub project
 
-Save the kubeconfig file to access the Kubernetes cluster as a `KUBECONFIG_BASE64` [encrypted secret](https://docs.github.com/en/actions/security-guides/encrypted-secrets), pre-encoding it in Base64.
+* [Create and save the access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens) to clean up the no longer needed images from the container registry with the following parameters:
+
+  * Token name: `werf-images-cleanup`;
+
+  * Scopes: `read:packages` and `delete:packages`.
+
+* Add the following variable to the project [secrets](https://docs.github.com/en/actions/security-for-github-actions/security-guides/using-secrets-in-github-actions):
+
+  * Access token to clean up the no longer needed images:
+
+    * Name: `REGISTRY_CLEANUP_TOKEN`;
+
+    * Secret: `<"werf-images-cleanup" access token you saved earlier>`.
+
+* Save the kubeconfig file to access the Kubernetes cluster as a `KUBECONFIG_BASE64` [encrypted secret](https://docs.github.com/en/actions/security-guides/encrypted-secrets), pre-encoding it in Base64.
 
 ### Configuring CI/CD of the project
 
 This is how the repository that uses werf for build and deploy might look:
 
-{% tree_file_viewer '/examples/configurator/ci-cd/simple/github-actions/host-runner/linux/buildah' default_file='.github/workflows/prod.yml' %}
+{% tree_file_viewer '/examples/configurator/ci-cd/simple/github-actions/host-runner/linux/docker' default_file='.github/workflows/prod.yml' %}
 
 Extras:
-  * Add authorization options for `werf cleanup` in the container registry by following [instructions]({{ "/docs/v2/usage/cleanup/cr_cleanup.html#features-of-working-with-different-container-registries" | relative_url }}).
+
+  * To use GitHub-hosted Runner, specify `ubuntu-latest` in `runs-on`;
+
+  * If you do not use ghcr as a container registry, then enter `WERF_REPO`, run [werf cr login](https://werf.io/docs/v1.2/reference/cli/werf_cr_login.html), and also take into account [features](https://werf.io/docs/v1.2/usage/cleanup/cr_cleanup.html#features-of-working-with-different-container-registries) of your container registry when cleaning.
diff --git a/...configurator/tab/ci/other-ci-cd-system/simple/docker-runner/linux/buildah/infra.md.liquid b/...configurator/tab/ci/other-ci-cd-system/simple/docker-runner/linux/buildah/infra.md.liquid
@@ -8,13 +8,7 @@
 
   * [Docker Engine](https://docs.docker.com/engine/install/).
 
-### Prepare the environment
-
-(For Ubuntu 23.10 and later) on the GitLab Runner host run:
-
-```shell
-{ echo "kernel.apparmor_restrict_unprivileged_userns = 0" && echo "kernel.apparmor_restrict_unprivileged_unconfined = 0";} | sudo tee -a /etc/sysctl.d/20-apparmor-donotrestrict.conf && sudo sysctl -p /etc/sysctl.d/20-apparmor-donotrestrict.conf
-```
+{% include configurator/partials/ci/buildah_ubuntu.md.liquid %}
 
 ### Configuring the Runner
 

diff --git a/...n/configurator/tab/ci/other-ci-cd-system/simple/host-runner/linux/buildah/infra.md.liquid b/...n/configurator/tab/ci/other-ci-cd-system/simple/host-runner/linux/buildah/infra.md.liquid
@@ -12,7 +12,7 @@
 
   * GPG.
 
-### Installing Buildah
+### Setting up the build environment with Buildah
 
 To install Buildah, do the following on the host for running CI jobs:
 

diff --git a/...igurator/tab/ci/other-ci-cd-system/simple/kubernetes-runner/linux/buildah/infra.md.liquid b/...igurator/tab/ci/other-ci-cd-system/simple/kubernetes-runner/linux/buildah/infra.md.liquid
@@ -4,13 +4,7 @@
 
 - Kubernetes for running CI jobs with your CI system's Kubernetes Runner.
 
-### Prepare the environment
-
-(For Ubuntu 23.10 and later) on the GitLab Runner nodes run:
-
-```shell
-{ echo "kernel.apparmor_restrict_unprivileged_userns = 0" && echo "kernel.apparmor_restrict_unprivileged_unconfined = 0";} | sudo tee -a /etc/sysctl.d/20-apparmor-donotrestrict.conf && sudo sysctl -p /etc/sysctl.d/20-apparmor-donotrestrict.conf
-```
+{% include configurator/partials/ci/buildah_ubuntu.md.liquid %}
 
 ### Basic Runner configuration (no caching)
 

diff --git a/bin/configurator/static/_includes/ru/configurator/partials/ci/buildah_install.md.liquid b/bin/configurator/static/_includes/ru/configurator/partials/ci/buildah_install.md.liquid
@@ -1,4 +1,4 @@
-### Установка Buildah
+### Настройка окружения для сборки с Buildah
 
 Для установки Buildah выполните следующие инструкции на хосте для GitLab Runner:
 

diff --git a/bin/configurator/static/_includes/ru/configurator/partials/dev/buildah_install.md.liquid b/bin/configurator/static/_includes/ru/configurator/partials/dev/buildah_install.md.liquid
@@ -1,4 +1,4 @@
-### Установка Buildah
+### Настройка окружения для сборки с Buildah
 
 Для установки Buildah выполните следующие инструкции:
 

diff --git a/.../ru/configurator/tab/ci/github-actions/simple/docker-runner/linux/buildah/infra.md.liquid b/.../ru/configurator/tab/ci/github-actions/simple/docker-runner/linux/buildah/infra.md.liquid
@@ -0,0 +1,21 @@
+> **_Важно_**: раздел описывает подготовку инфраструктуры для self-hosted GitHub Runner
+
+### Требования
+
+- GitHub Actions;
+
+- Хост для установки GitHub Runner, имеющий:
+
+  - [Docker Engine](https://docs.docker.com/engine/install/).
+
+### Установка и регистрация GitHub Runner
+
+Установите и зарегистрируйте GitHub Runner на выделенный для него хост, следуя [официальным инструкциям](https://docs.github.com/ru/actions/hosting-your-own-runners/managing-self-hosted-runners/adding-self-hosted-runners).
+
+### Настройка окружения для сборки с Buildah
+
+(Для Ubuntu 23.10 и выше) на хосте GitHub Runner запустите:
+
+```shell
+{ echo "kernel.apparmor_restrict_unprivileged_userns = 0" && echo "kernel.apparmor_restrict_unprivileged_unconfined = 0";} | sudo tee -a /etc/sysctl.d/20-apparmor-donotrestrict.conf && sudo sysctl -p /etc/sysctl.d/20-apparmor-donotrestrict.conf
+```
-Original file line number
+Diff line change
@@ Expand Up / @@ -12,7 +12,7 @@ @@
       * GPG.
-    ### Installing Buildah
+    ### Setting up the build environment with Buildah
     To install Buildah, do the following on the host for running CI jobs:
@@ Expand Down @@