minor fixes

Add chart-level API to customize internal resources
2026-03-18 23:58:27 +08:00 · 2026-03-17 23:12:24 +01:00 · 2026-03-17 22:11:53 +01:00
9 changed files with 386 additions and 1 deletions
--- a/charts/gha-runner-scale-set-experimental/templates/_autoscalingrunnerset.tpl
+++ b/charts/gha-runner-scale-set-experimental/templates/_autoscalingrunnerset.tpl
@@ -26,6 +26,20 @@ Reserved annotations are excluded from both levels.
 {{- end }}
 {{- end }}

+{{/*
+Render a ResourceMeta block for AutoscalingRunnerSet spec fields.
+*/}}
+{{- define "autoscaling-runner-set.spec-resource-metadata" -}}
+{{- with .labels }}
+labels:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .annotations }}
+annotations:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- end }}
+
 {{- define "autoscaling-runner-set.template-service-account" -}}
 {{- $runner := (.Values.runner | default dict) -}}
 {{- $runnerMode := (index $runner "mode" | default "") -}}
--- a/charts/gha-runner-scale-set-experimental/templates/autoscalingrunnserset.yaml
+++ b/charts/gha-runner-scale-set-experimental/templates/autoscalingrunnserset.yaml
@@ -163,6 +163,46 @@ spec:
    {{- toYaml . | nindent 4 }}
  {{- end }}

+  {{- with .Values.resource.autoscalingListener.metadata }}
+  autoscalingListener:
+    {{- include "autoscaling-runner-set.spec-resource-metadata" . | nindent 4 }}
+  {{- end }}
+
+  {{- with .Values.resource.listenerServiceAccount.metadata }}
+  listenerServiceAccountMetadata:
+    {{- include "autoscaling-runner-set.spec-resource-metadata" . | nindent 4 }}
+  {{- end }}
+
+  {{- with .Values.resource.listenerRole.metadata }}
+  listenerRoleMetadata:
+    {{- include "autoscaling-runner-set.spec-resource-metadata" . | nindent 4 }}
+  {{- end }}
+
+  {{- with .Values.resource.listenerRoleBinding.metadata }}
+  listenerRoleBindingMetadata:
+    {{- include "autoscaling-runner-set.spec-resource-metadata" . | nindent 4 }}
+  {{- end }}
+
+  {{- with .Values.resource.listenerConfigSecret.metadata }}
+  listenerConfigSecretMetadata:
+    {{- include "autoscaling-runner-set.spec-resource-metadata" . | nindent 4 }}
+  {{- end }}
+
+  {{- with .Values.resource.ephemeralRunnerSet.metadata }}
+  ephemeralRunnerSetMetadata:
+    {{- include "autoscaling-runner-set.spec-resource-metadata" . | nindent 4 }}
+  {{- end }}
+
+  {{- with .Values.resource.ephemeralRunner.metadata }}
+  ephemeralRunnerMetadata:
+    {{- include "autoscaling-runner-set.spec-resource-metadata" . | nindent 4 }}
+  {{- end }}
+
+  {{- with .Values.resource.ephemeralRunnerConfigSecret.metadata }}
+  ephemeralRunnerConfigSecretMetadata:
+    {{- include "autoscaling-runner-set.spec-resource-metadata" . | nindent 4 }}
+  {{- end }}
+
  template:
    {{- $runnerPodLabels := (include "autoscaling-runner-set.runner-pod.labels" .) -}}
    {{- $runnerPodAnnotations := (include "autoscaling-runner-set.runner-pod.annotations" .) -}}
--- a/charts/gha-runner-scale-set-experimental/tests/autoscaling_runner_set_annotations_test.yaml
+++ b/charts/gha-runner-scale-set-experimental/tests/autoscaling_runner_set_annotations_test.yaml
@@ -77,3 +77,73 @@ tests:
          value: "user-value"
      - notExists:
          path: metadata.annotations["actions.github.com/cleanup-something"]
+
+  - it: should render internal resource metadata annotations in autoscaling runner set spec
+    set:
+      scaleset.name: "test"
+      auth.url: "https://github.com/org"
+      auth.githubToken: "gh_token12345"
+      controllerServiceAccount.name: "arc"
+      controllerServiceAccount.namespace: "arc-system"
+      resource:
+        autoscalingListener:
+          metadata:
+            annotations:
+              listener: "true"
+        listenerServiceAccount:
+          metadata:
+            annotations:
+              service-account: "true"
+        listenerRole:
+          metadata:
+            annotations:
+              role: "true"
+        listenerRoleBinding:
+          metadata:
+            annotations:
+              role-binding: "true"
+        listenerConfigSecret:
+          metadata:
+            annotations:
+              config-secret: "true"
+        ephemeralRunnerSet:
+          metadata:
+            annotations:
+              runner-set: "true"
+        ephemeralRunner:
+          metadata:
+            annotations:
+              runner: "true"
+        ephemeralRunnerConfigSecret:
+          metadata:
+            annotations:
+              runner-secret: "true"
+    release:
+      name: "test-name"
+      namespace: "test-namespace"
+    asserts:
+      - equal:
+          path: spec.autoscalingListener.annotations.listener
+          value: "true"
+      - equal:
+          path: spec.listenerServiceAccountMetadata.annotations.service-account
+          value: "true"
+      - equal:
+          path: spec.listenerRoleMetadata.annotations.role
+          value: "true"
+      - equal:
+          path: spec.listenerRoleBindingMetadata.annotations.role-binding
+          value: "true"
+      - equal:
+          path: spec.listenerConfigSecretMetadata.annotations.config-secret
+          value: "true"
+      - equal:
+          path: spec.ephemeralRunnerSetMetadata.annotations.runner-set
+          value: "true"
+      - equal:
+          path: spec.ephemeralRunnerMetadata.annotations.runner
+          value: "true"
+      - equal:
+          path: spec.ephemeralRunnerConfigSecretMetadata.annotations.runner-secret
+          value: "true"
+
--- a/charts/gha-runner-scale-set-experimental/tests/autoscaling_runner_set_labels_test.yaml
+++ b/charts/gha-runner-scale-set-experimental/tests/autoscaling_runner_set_labels_test.yaml
@@ -290,4 +290,73 @@ tests:
          path: metadata.labels["actions.github.com/global-custom"]
      - equal:
          path: metadata.labels["actions.github.com/scale-set-name"]
-          value: "test-name"
+          value: "test-name"
+
+  - it: should render internal resource metadata labels in autoscaling runner set spec
+    set:
+      scaleset.name: "test"
+      auth.url: "https://github.com/org"
+      auth.githubToken: "gh_token12345"
+      controllerServiceAccount.name: "arc"
+      controllerServiceAccount.namespace: "arc-system"
+      resource:
+        autoscalingListener:
+          metadata:
+            labels:
+              listener: "true"
+        listenerServiceAccount:
+          metadata:
+            labels:
+              service-account: "true"
+        listenerRole:
+          metadata:
+            labels:
+              role: "true"
+        listenerRoleBinding:
+          metadata:
+            labels:
+              role-binding: "true"
+        listenerConfigSecret:
+          metadata:
+            labels:
+              config-secret: "true"
+        ephemeralRunnerSet:
+          metadata:
+            labels:
+              runner-set: "true"
+        ephemeralRunner:
+          metadata:
+            labels:
+              runner: "true"
+        ephemeralRunnerConfigSecret:
+          metadata:
+            labels:
+              runner-secret: "true"
+    release:
+      name: "test-name"
+      namespace: "test-namespace"
+    asserts:
+      - equal:
+          path: spec.autoscalingListener.labels.listener
+          value: "true"
+      - equal:
+          path: spec.listenerServiceAccountMetadata.labels.service-account
+          value: "true"
+      - equal:
+          path: spec.listenerRoleMetadata.labels.role
+          value: "true"
+      - equal:
+          path: spec.listenerRoleBindingMetadata.labels.role-binding
+          value: "true"
+      - equal:
+          path: spec.listenerConfigSecretMetadata.labels.config-secret
+          value: "true"
+      - equal:
+          path: spec.ephemeralRunnerSetMetadata.labels.runner-set
+          value: "true"
+      - equal:
+          path: spec.ephemeralRunnerMetadata.labels.runner
+          value: "true"
+      - equal:
+          path: spec.ephemeralRunnerConfigSecretMetadata.labels.runner-secret
+          value: "true"
--- a/charts/gha-runner-scale-set-experimental/values.yaml
+++ b/charts/gha-runner-scale-set-experimental/values.yaml
@@ -103,6 +103,55 @@ resource:
      labels: {}
      annotations: {}

+  # Specifies metadata that will be applied to the AutoscalingListener resource
+  # created by the AutoscalingRunnerSet controller.
+  autoscalingListener:
+    metadata:
+      labels: {}
+      annotations: {}
+
+  # Specifies metadata that will be applied to the listener ServiceAccount.
+  listenerServiceAccount:
+    metadata:
+      labels: {}
+      annotations: {}
+
+  # Specifies metadata that will be applied to the listener Role.
+  listenerRole:
+    metadata:
+      labels: {}
+      annotations: {}
+
+  # Specifies metadata that will be applied to the listener RoleBinding.
+  listenerRoleBinding:
+    metadata:
+      labels: {}
+      annotations: {}
+
+  # Specifies metadata that will be applied to the listener config Secret.
+  listenerConfigSecret:
+    metadata:
+      labels: {}
+      annotations: {}
+
+  # Specifies metadata that will be applied to the EphemeralRunnerSet resource.
+  ephemeralRunnerSet:
+    metadata:
+      labels: {}
+      annotations: {}
+
+  # Specifies metadata that will be applied to the EphemeralRunner resource.
+  ephemeralRunner:
+    metadata:
+      labels: {}
+      annotations: {}
+
+  # Specifies metadata that will be applied to the EphemeralRunner config Secret.
+  ephemeralRunnerConfigSecret:
+    metadata:
+      labels: {}
+      annotations: {}
+
  # Specifies metadata that will be applied to the manager Role resource
  managerRole:
    metadata:
--- a/charts/gha-runner-scale-set/templates/_helpers.tpl
+++ b/charts/gha-runner-scale-set/templates/_helpers.tpl
@@ -54,6 +54,20 @@ app.kubernetes.io/name: {{ include "gha-runner-scale-set.scale-set-name" . }}
 app.kubernetes.io/instance: {{ include "gha-runner-scale-set.scale-set-name" . }}
 {{- end }}

+{{/*
+Render a ResourceMeta block for AutoscalingRunnerSet spec fields.
+*/}}
+{{- define "gha-runner-scale-set.resourceMetaSpec" -}}
+{{- with .labels }}
+labels:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- with .annotations }}
+annotations:
+  {{- toYaml . | nindent 2 }}
+{{- end }}
+{{- end }}
+
 {{- define "gha-runner-scale-set.githubsecret" -}}
  {{- if kindIs "string" .Values.githubConfigSecret }}
    {{- if not (empty .Values.githubConfigSecret) }}
--- a/charts/gha-runner-scale-set/templates/autoscalingrunnerset.yaml
+++ b/charts/gha-runner-scale-set/templates/autoscalingrunnerset.yaml
@@ -1,3 +1,4 @@
+{{- $resourceMeta := default (dict) .Values.resourceMeta }}
 {{- $hasCustomResourceMeta := (and .Values.resourceMeta .Values.resourceMeta.autoscalingRunnerSet) }}
 apiVersion: actions.github.com/v1alpha1
 kind: AutoscalingRunnerSet
@@ -154,6 +155,46 @@ spec:
    {{- toYaml . | nindent 4 }}
  {{- end }}

+  {{- with (index $resourceMeta "autoscalingListener") }}
+  autoscalingListener:
+    {{- include "gha-runner-scale-set.resourceMetaSpec" . | nindent 4 }}
+  {{- end }}
+
+  {{- with (index $resourceMeta "listenerServiceAccount") }}
+  listenerServiceAccountMetadata:
+    {{- include "gha-runner-scale-set.resourceMetaSpec" . | nindent 4 }}
+  {{- end }}
+
+  {{- with (index $resourceMeta "listenerRole") }}
+  listenerRoleMetadata:
+    {{- include "gha-runner-scale-set.resourceMetaSpec" . | nindent 4 }}
+  {{- end }}
+
+  {{- with (index $resourceMeta "listenerRoleBinding") }}
+  listenerRoleBindingMetadata:
+    {{- include "gha-runner-scale-set.resourceMetaSpec" . | nindent 4 }}
+  {{- end }}
+
+  {{- with (index $resourceMeta "listenerConfigSecret") }}
+  listenerConfigSecretMetadata:
+    {{- include "gha-runner-scale-set.resourceMetaSpec" . | nindent 4 }}
+  {{- end }}
+
+  {{- with (index $resourceMeta "ephemeralRunnerSet") }}
+  ephemeralRunnerSetMetadata:
+    {{- include "gha-runner-scale-set.resourceMetaSpec" . | nindent 4 }}
+  {{- end }}
+
+  {{- with (index $resourceMeta "ephemeralRunner") }}
+  ephemeralRunnerMetadata:
+    {{- include "gha-runner-scale-set.resourceMetaSpec" . | nindent 4 }}
+  {{- end }}
+
+  {{- with (index $resourceMeta "ephemeralRunnerConfigSecret") }}
+  ephemeralRunnerConfigSecretMetadata:
+    {{- include "gha-runner-scale-set.resourceMetaSpec" . | nindent 4 }}
+  {{- end }}
+
  template:
    {{- with .Values.template.metadata }}
    metadata:
--- a/charts/gha-runner-scale-set/tests/template_test.go
+++ b/charts/gha-runner-scale-set/tests/template_test.go
@@ -2386,6 +2386,14 @@ func TestCustomLabels(t *testing.T) {
 			"resourceMeta.kubernetesModeServiceAccount.labels.kmsa-custom": "kmsa-custom-value",
 			"resourceMeta.managerRole.labels.mr-custom":                    "mr-custom-value",
 			"resourceMeta.managerRoleBinding.labels.mrb-custom":            "mrb-custom-value",
+			"resourceMeta.autoscalingListener.labels.al-custom":            "al-custom-value",
+			"resourceMeta.listenerServiceAccount.labels.lsa-custom":        "lsa-custom-value",
+			"resourceMeta.listenerRole.labels.lr-custom":                   "lr-custom-value",
+			"resourceMeta.listenerRoleBinding.labels.lrb-custom":           "lrb-custom-value",
+			"resourceMeta.listenerConfigSecret.labels.lcs-custom":          "lcs-custom-value",
+			"resourceMeta.ephemeralRunnerSet.labels.ers-custom":            "ers-custom-value",
+			"resourceMeta.ephemeralRunner.labels.er-custom":                "er-custom-value",
+			"resourceMeta.ephemeralRunnerConfigSecret.labels.ercs-custom":  "ercs-custom-value",
 		},
 		KubectlOptions: k8s.NewKubectlOptions("", "", namespaceName),
 	}
@@ -2423,6 +2431,22 @@ func TestCustomLabels(t *testing.T) {
 	assert.Equal(t, wantCustomValue, ars.Labels[targetLabel])
 	assert.Equal(t, wantReservedValue, ars.Labels[reservedLabel])
 	assert.Equal(t, "ars-custom-value", ars.Labels["ars-custom"])
+	require.NotNil(t, ars.Spec.AutoscalingListenerMetadata)
+	assert.Equal(t, "al-custom-value", ars.Spec.AutoscalingListenerMetadata.Labels["al-custom"])
+	require.NotNil(t, ars.Spec.ListenerServiceAccountMetadata)
+	assert.Equal(t, "lsa-custom-value", ars.Spec.ListenerServiceAccountMetadata.Labels["lsa-custom"])
+	require.NotNil(t, ars.Spec.ListenerRoleMetadata)
+	assert.Equal(t, "lr-custom-value", ars.Spec.ListenerRoleMetadata.Labels["lr-custom"])
+	require.NotNil(t, ars.Spec.ListenerRoleBindingMetadata)
+	assert.Equal(t, "lrb-custom-value", ars.Spec.ListenerRoleBindingMetadata.Labels["lrb-custom"])
+	require.NotNil(t, ars.Spec.ListenerConfigSecretMetadata)
+	assert.Equal(t, "lcs-custom-value", ars.Spec.ListenerConfigSecretMetadata.Labels["lcs-custom"])
+	require.NotNil(t, ars.Spec.EphemeralRunnerSetMetadata)
+	assert.Equal(t, "ers-custom-value", ars.Spec.EphemeralRunnerSetMetadata.Labels["ers-custom"])
+	require.NotNil(t, ars.Spec.EphemeralRunnerMetadata)
+	assert.Equal(t, "er-custom-value", ars.Spec.EphemeralRunnerMetadata.Labels["er-custom"])
+	require.NotNil(t, ars.Spec.EphemeralRunnerConfigSecretMetadata)
+	assert.Equal(t, "ercs-custom-value", ars.Spec.EphemeralRunnerConfigSecretMetadata.Labels["ercs-custom"])

 	output = helm.RenderTemplate(t, options, helmChartPath, releaseName, []string{"templates/kube_mode_serviceaccount.yaml"})
 	var serviceAccount corev1.ServiceAccount
@@ -2492,6 +2516,14 @@ func TestCustomAnnotations(t *testing.T) {
 			"resourceMeta.kubernetesModeServiceAccount.annotations.kmsa-custom": "kmsa-custom-value",
 			"resourceMeta.managerRole.annotations.mr-custom":                    "mr-custom-value",
 			"resourceMeta.managerRoleBinding.annotations.mrb-custom":            "mrb-custom-value",
+			"resourceMeta.autoscalingListener.annotations.al-custom":            "al-custom-value",
+			"resourceMeta.listenerServiceAccount.annotations.lsa-custom":        "lsa-custom-value",
+			"resourceMeta.listenerRole.annotations.lr-custom":                   "lr-custom-value",
+			"resourceMeta.listenerRoleBinding.annotations.lrb-custom":           "lrb-custom-value",
+			"resourceMeta.listenerConfigSecret.annotations.lcs-custom":          "lcs-custom-value",
+			"resourceMeta.ephemeralRunnerSet.annotations.ers-custom":            "ers-custom-value",
+			"resourceMeta.ephemeralRunner.annotations.er-custom":                "er-custom-value",
+			"resourceMeta.ephemeralRunnerConfigSecret.annotations.ercs-custom":  "ercs-custom-value",
 		},
 		KubectlOptions: k8s.NewKubectlOptions("", "", namespaceName),
 	}
@@ -2523,6 +2555,22 @@ func TestCustomAnnotations(t *testing.T) {
 	helm.UnmarshalK8SYaml(t, output, &ars)
 	assert.Equal(t, wantCustomValue, ars.Annotations[targetAnnotations])
 	assert.Equal(t, "ars-custom-value", ars.Annotations["ars-custom"])
+	require.NotNil(t, ars.Spec.AutoscalingListenerMetadata)
+	assert.Equal(t, "al-custom-value", ars.Spec.AutoscalingListenerMetadata.Annotations["al-custom"])
+	require.NotNil(t, ars.Spec.ListenerServiceAccountMetadata)
+	assert.Equal(t, "lsa-custom-value", ars.Spec.ListenerServiceAccountMetadata.Annotations["lsa-custom"])
+	require.NotNil(t, ars.Spec.ListenerRoleMetadata)
+	assert.Equal(t, "lr-custom-value", ars.Spec.ListenerRoleMetadata.Annotations["lr-custom"])
+	require.NotNil(t, ars.Spec.ListenerRoleBindingMetadata)
+	assert.Equal(t, "lrb-custom-value", ars.Spec.ListenerRoleBindingMetadata.Annotations["lrb-custom"])
+	require.NotNil(t, ars.Spec.ListenerConfigSecretMetadata)
+	assert.Equal(t, "lcs-custom-value", ars.Spec.ListenerConfigSecretMetadata.Annotations["lcs-custom"])
+	require.NotNil(t, ars.Spec.EphemeralRunnerSetMetadata)
+	assert.Equal(t, "ers-custom-value", ars.Spec.EphemeralRunnerSetMetadata.Annotations["ers-custom"])
+	require.NotNil(t, ars.Spec.EphemeralRunnerMetadata)
+	assert.Equal(t, "er-custom-value", ars.Spec.EphemeralRunnerMetadata.Annotations["er-custom"])
+	require.NotNil(t, ars.Spec.EphemeralRunnerConfigSecretMetadata)
+	assert.Equal(t, "ercs-custom-value", ars.Spec.EphemeralRunnerConfigSecretMetadata.Annotations["ercs-custom"])

 	output = helm.RenderTemplate(t, options, helmChartPath, releaseName, []string{"templates/kube_mode_serviceaccount.yaml"})
 	var serviceAccount corev1.ServiceAccount
--- a/charts/gha-runner-scale-set/values.yaml
+++ b/charts/gha-runner-scale-set/values.yaml
@@ -488,3 +488,43 @@ namespaceOverride: ""
 #       key: value
 #     annotations:
 #       key: value
+#   autoscalingListener:
+#     labels:
+#       key: value
+#     annotations:
+#       key: value
+#   listenerServiceAccount:
+#     labels:
+#       key: value
+#     annotations:
+#       key: value
+#   listenerRole:
+#     labels:
+#       key: value
+#     annotations:
+#       key: value
+#   listenerRoleBinding:
+#     labels:
+#       key: value
+#     annotations:
+#       key: value
+#   listenerConfigSecret:
+#     labels:
+#       key: value
+#     annotations:
+#       key: value
+#   ephemeralRunnerSet:
+#     labels:
+#       key: value
+#     annotations:
+#       key: value
+#   ephemeralRunner:
+#     labels:
+#       key: value
+#     annotations:
+#       key: value
+#   ephemeralRunnerConfigSecret:
+#     labels:
+#       key: value
+#     annotations:
+#       key: value
Author	SHA1	Message	Date
Nikola Jokic	9045b24917	minor fixes	2026-03-17 23:12:24 +01:00
Nikola Jokic	3fb402491c	Add chart-level API to customize internal resources	2026-03-17 22:11:53 +01:00