Is your feature request related to a problem? Please describe.
My GitHub account owns many repositories, and it would be safer to provide a token scoped to a single repo or organization, rather than a PAT with admin access to every repository/org. I'm referring to the token that is provided when going through these steps https://docs.github.com/en/actions/hosting-your-own-runners/adding-self-hosted-runners.
Describe the solution you'd like
Take advantage of the changes implemented in redhat-actions/openshift-actions-runners#10, which may include resolving #9. Additionally, this would include a pre-install (and maybe pre-upgrade) hook in the chart to run registration.sh as a Job before creating the Deployment.
Describe alternatives you've considered
Currently, I could supply a bogus $GITHUB_PAT along with a valid $RUNNER_TOKEN, and everything would work until the Pod is recreated, at which point the runner would fail to authenticate because the RUNNER_TOKEN would have expired and the local creds file would be deleted.
Additional context
I should have time to make a PR for this in the next week or two, unless someone pipes up that this is actually impossible, or that it would not be merged for some reason.
Is your feature request related to a problem? Please describe.
My GitHub account owns many repositories, and it would be safer to provide a token scoped to a single repo or organization, rather than a PAT with admin access to every repository/org. I'm referring to the token that is provided when going through these steps https://docs.github.com/en/actions/hosting-your-own-runners/adding-self-hosted-runners.
Describe the solution you'd like
Take advantage of the changes implemented in redhat-actions/openshift-actions-runners#10, which may include resolving #9. Additionally, this would include a pre-install (and maybe pre-upgrade) hook in the chart to run
registration.shas a Job before creating the Deployment.Describe alternatives you've considered
Currently, I could supply a bogus $GITHUB_PAT along with a valid $RUNNER_TOKEN, and everything would work until the Pod is recreated, at which point the runner would fail to authenticate because the RUNNER_TOKEN would have expired and the local creds file would be deleted.
Additional context
I should have time to make a PR for this in the next week or two, unless someone pipes up that this is actually impossible, or that it would not be merged for some reason.