Skip to content

Add Github CI runner proxy support #1992

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: stackhpc/2025.1
Choose a base branch
from
Open

Add Github CI runner proxy support #1992

wants to merge 1 commit into from
+12 −0

Conversation

@darmach
Copy link
Member

@darmach darmach commented Nov 21, 2025

Conditionally sets custom_env fact to leverage
monolithprojects.github_actions_runner role support for seting proxy for deployed Github runners.

Confirmed working on environment with mandatory proxy ONLY - it would be great if someone could give this a go in non-proxy setup. With custom_env defined monolithprojects role creates .env file in /opt/actions*... directory (per runner) which is ingested by the running runner (ran on the runner VM ,)

@darmach darmach requested a review from a team as a code owner November 21, 2025 14:22
gemini-code-assist[bot]
gemini-code-assist bot reviewed Nov 21, 2025
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request adds proxy support for GitHub runners by setting a custom_env fact. The overall approach is good, but there is a critical issue in how the no_proxy variable is constructed which could cause the Ansible playbook to fail. I've provided a suggestion to fix this and make the implementation more robust.

etc/kayobe/ansible/deployment/deploy-github-runner.yml
Comment on lines +11 to +14
custom_env: |
http_proxy={{ http_proxy | default('') }}
https_proxy={{ https_proxy | default('') }}
no_proxy=localhost,127.0.0.1,127.0.0.2,{{ no_proxy | default('') | join(',') }}
Copy link

@gemini-code-assist gemini-code-assist bot Nov 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

critical

The current implementation for no_proxy will cause an error if the no_proxy variable is not defined. The default('') filter provides an empty string, and the join filter cannot be used on a string, which will cause a fatal error during playbook execution.

I suggest constructing the full list of no_proxy entries first and then joining them. This approach fixes the error and also avoids a potential trailing comma in the no_proxy value, making it more robust.

        custom_env: |
          http_proxy={{ http_proxy | default('') }}
          https_proxy={{ https_proxy | default('') }}
          no_proxy={{ (['localhost', '127.0.0.1', '127.0.0.2'] + (no_proxy | default([]))) | join(',') }}

@darmach
Add Github CI runner proxy support
6c9662f 
Conditionally define custom_env fact to leverage
monolithprojects.github_actions_runner role support for
setting proxy on deployed Github runners.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@darmach