Update all Action to new selfhosted Runner Cluster (#2739)

* Update Runner

* Update Workflows

.github/runner/docker/gh-runner-self.dockerfile

@@ -0,0 +1,68 @@
+FROM mcr.microsoft.com/dotnet/runtime-deps:8.0-jammy as build
+
+ARG TARGETOS
+ARG TARGETARCH
+ARG DOCKER_VERSION=27.5.1
+ARG BUILDX_VERSION=0.20.1
+ARG RUNNER_ARCH="x64"
+
+RUN apt update -y && apt install sudo curl unzip -y
+
+WORKDIR /actions-runner
+
+RUN RUNNER_VERSION=$(curl -s https://api.github.com/repos/actions/runner/releases/latest | grep "tag_name" | head -n 1 | awk '{print substr($2, 3, length($2)-4)}') \
+    && curl -f -L -o runner.tar.gz https://github.com/actions/runner/releases/download/v${RUNNER_VERSION}/actions-runner-linux-${RUNNER_ARCH}-${RUNNER_VERSION}.tar.gz \
+    && tar xzf ./runner.tar.gz \
+    && rm runner.tar.gz
+
+RUN RUNNER_CONTAINER_HOOKS_VERSION=$(curl -s https://api.github.com/repos/actions/runner-container-hooks/releases/latest | grep "tag_name" | head -n 1 | awk '{print substr($2, 3, length($2)-4)}') \
+    && curl -f -L -o runner-container-hooks.zip https://github.com/actions/runner-container-hooks/releases/download/v${RUNNER_CONTAINER_HOOKS_VERSION}/actions-runner-hooks-k8s-${RUNNER_CONTAINER_HOOKS_VERSION}.zip \
+    && unzip ./runner-container-hooks.zip -d ./k8s \
+    && rm runner-container-hooks.zip
+
+RUN export RUNNER_ARCH=${TARGETARCH} \
+    && if [ "$RUNNER_ARCH" = "amd64" ]; then export DOCKER_ARCH=x86_64 ; fi \
+    && if [ "$RUNNER_ARCH" = "arm64" ]; then export DOCKER_ARCH=aarch64 ; fi \
+    && curl -fLo docker.tgz https://download.docker.com/${TARGETOS}/static/stable/${DOCKER_ARCH}/docker-${DOCKER_VERSION}.tgz \
+    && tar zxvf docker.tgz \
+    && rm -rf docker.tgz \
+    && mkdir -p /usr/local/lib/docker/cli-plugins \
+    && curl -fLo /usr/local/lib/docker/cli-plugins/docker-buildx \
+        "https://github.com/docker/buildx/releases/download/v${BUILDX_VERSION}/buildx-v${BUILDX_VERSION}.linux-${TARGETARCH}" \
+    && chmod +x /usr/local/lib/docker/cli-plugins/docker-buildx
+
+FROM mcr.microsoft.com/dotnet/runtime-deps:8.0-jammy
+
+ENV DEBIAN_FRONTEND=noninteractive
+ENV RUNNER_MANUALLY_TRAP_SIG=1
+ENV ACTIONS_RUNNER_PRINT_LOG_TO_STDOUT=1
+ENV ImageOS=ubuntu22
+
+RUN apt update -y \
+    && apt install -y --no-install-recommends sudo lsb-release gpg-agent software-properties-common curl jq unzip \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN add-apt-repository ppa:git-core/ppa \
+    && apt update -y \
+    && apt install -y git \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN adduser --disabled-password --gecos "" --uid 1001 runner \
+    && groupadd docker --gid 123 \
+    && usermod -aG sudo runner \
+    && usermod -aG docker runner \
+    && echo "%sudo   ALL=(ALL:ALL) NOPASSWD:ALL" > /etc/sudoers \
+    && echo "Defaults env_keep += \"DEBIAN_FRONTEND\"" >> /etc/sudoers
+
+# Install own dependencies in final image
+RUN curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \
+    && apt-get install -y nodejs \
+    && apt-get install -y gh jq git
+
+WORKDIR /home/runner
+
+COPY --chown=runner:docker --from=build /actions-runner .
+COPY --from=build /usr/local/lib/docker/cli-plugins/docker-buildx /usr/local/lib/docker/cli-plugins/docker-buildx
+RUN install -o root -g root -m 755 docker/* /usr/bin/ && rm -rf docker
+
+USER runner

.github/workflows/auto-update-app-headers.yml

@@ -10,7 +10,7 @@ on:
 
 jobs:
   update-app-files:
-    runs-on: ubuntu-latest
+    runs-on: runner-cluster-htl-set
 
     permissions:
       contents: write

.github/workflows/autolabeler.yml

@@ -7,7 +7,7 @@ on:
 
 jobs:
   autolabeler:
-    runs-on: ubuntu-latest
+    runs-on: runner-cluster-htl-set
     permissions:
       pull-requests: write
     env:

.github/workflows/changelog-pr.yml

@@ -7,7 +7,7 @@ on:
 
 jobs:
   update-changelog-pull-request:
-    runs-on: ubuntu-latest
+    runs-on: runner-cluster-htl-set
     env:
       CONFIG_PATH: .github/changelog-pr-config.json
       BRANCH_NAME: github-action-update-changelog

.github/workflows/close-discussion.yml

@@ -6,7 +6,7 @@ on:
 
 jobs:
   close-discussion:
-    runs-on: ubuntu-latest
+    runs-on: runner-cluster-htl-set
 
     steps:
       - name: Checkout Repository

.github/workflows/create-docker-for-runner.yml

@@ -0,0 +1,37 @@
+name: Build and Publish Docker Image
+
+on:
+  push:
+    branches:
+      - main 
+    paths:
+      - '.github/runner/docker/**' 
+  schedule:
+    - cron: '0 0 * * *'  
+
+jobs:
+  build:
+    runs-on: ubuntu-latest #To ensure it always builds we use the github runner with all the right tooling
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Log in to GHCR
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build Docker image
+        run: |
+          repo_name=${{ github.repository }}  # Get repository name
+          repo_name_lower=$(echo $repo_name | tr '[:upper:]' '[:lower:]')  # Convert to lowercase
+          docker build -t ghcr.io/$repo_name_lower/gh-runner-self:latest -f .github/runner/docker/gh-runner-self.dockerfile .
+  
+      - name: Push Docker image to GHCR
+        run: |
+          repo_name=${{ github.repository }}  # Get repository name
+          repo_name_lower=$(echo $repo_name | tr '[:upper:]' '[:lower:]')  # Convert to lowercase
+          docker push ghcr.io/$repo_name_lower/gh-runner-self:latest

.github/workflows/delete-json-branch.yml

@@ -9,7 +9,7 @@ on:
 
 jobs:
   delete_branch:
-    runs-on: ubuntu-latest
+    runs-on: runner-cluster-htl-set
     steps:
       - name: Checkout the code
         uses: actions/checkout@v3

.github/workflows/frontend-cicd.yml

@@ -27,7 +27,7 @@ concurrency:
 
 jobs:
   build:
-    runs-on: ubuntu-latest
+    runs-on: runner-cluster-htl-set
     defaults:
       run:
         working-directory: frontend  # Set default working directory for all run steps

.github/workflows/github-release.yml

@@ -7,7 +7,7 @@ on:
 
 jobs:
   create-new-release:
-    runs-on: ubuntu-latest
+    runs-on: runner-cluster-htl-set
     permissions:
       contents: write
     steps:

.github/workflows/update-json-date.yml

@@ -10,7 +10,7 @@ on:
 
 jobs:
   update-app-files:
-    runs-on: ubuntu-latest
+    runs-on: runner-cluster-htl-set
 
     permissions:
       contents: write

.github/workflows/validate-filenames.yml

@@ -10,7 +10,7 @@ on:
 jobs:
   check-files:
     name: Check changed files
-    runs-on: ubuntu-latest
+    runs-on: runner-cluster-htl-set
     permissions:
       pull-requests: write