Skip to content

Commit

Permalink
feat: update to latest downstream module
Browse files Browse the repository at this point in the history
  • Loading branch information
sgtoj committed Dec 29, 2023
1 parent 54b2a2d commit b394aa2
Show file tree
Hide file tree
Showing 4 changed files with 15 additions and 14 deletions.
1 change: 0 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,6 @@ other optional variables (e.g., `name`, `tags`, etc.) provided by the
| `github_organization_runner_enabled` | Toggle to activate runners for all projects in the organization. | `bool` | `true` | no |
| `runner_binaries_path` | Path to the GitHub Action runner binaries saved locally before pushed to S3. | `string` | `""` | no |
| `runner_ephemeral_mode_enabled` | Toggle to activate ephemeral runners. | `bool` | `false` | no |
| `runner_version` | Version of the GitHub Action runner. | `string` | n/a | yes |
| `runner_os` | Operating system for the GitHub Action runner. | `string` | `"linux"` | no |
| `instance_ami_name` | Name of the Amazon Machine Image (AMI) for the GitHub Action runner. | `string` | `"al2023-ami-2023.*-kernel-*-x86_64"` | no |
| `instance_types` | Set of instance types for the action runner. | `set(string)` | `["m5ad.large", "m5d.large"]` | no |
Expand Down
15 changes: 10 additions & 5 deletions assets/instance/userdata.sh
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,9 @@ AWS_EC2_METADATA_TOKEN=$(curl -f -X PUT "http://169.254.169.254/latest/api/token
AWS_REGION=$(curl -f -H "X-aws-ec2-metadata-token: $AWS_EC2_METADATA_TOKEN" -v http://169.254.169.254/latest/dynamic/instance-identity/document | jq -r .region)
AWS_INSTANCE_ID=$(curl -f -H "X-aws-ec2-metadata-token: $AWS_EC2_METADATA_TOKEN" -v http://169.254.169.254/latest/meta-data/instance-id)
AWS_INSTANCE_AMI_ID=$(curl -f -H "X-aws-ec2-metadata-token: $AWS_EC2_METADATA_TOKEN" -v http://169.254.169.254/latest/meta-data/ami-id)
AWS_INSTANCE_AZ=$(curl -f -H "X-aws-ec2-metadata-token: $AWS_EC2_METADATA_TOKEN" -v http://169.254.169.254/latest/meta-data/placement/availability-zone)
AWS_INSTANCE_TAGS=$(aws ec2 describe-tags --region "$AWS_REGION" --filters "Name=resource-id,Values=$AWS_INSTANCE_ID")
AWS_INSTANCE_TYPE=$(curl -f -H "X-aws-ec2-metadata-token: $AWS_EC2_METADATA_TOKEN" -v http://169.254.169.254/latest/meta-data/instance-type)

# --- configure: docker ---------------------------

Expand Down Expand Up @@ -159,29 +161,31 @@ while [[ -z "$GHR_CONFIG" ]]; do
done
aws ssm delete-parameter --name "$GHR_CORE_CONFIG_TOKEN_PATH/$AWS_INSTANCE_ID" --region "$AWS_REGION"

chown -R "$GHR_CORE_CONFIG_RUN_AS" .

if [ -z "$GHR_CORE_CONFIG_RUN_AS" ]; then
GHR_CORE_CONFIG_RUN_AS="ec2-user"
elif [[ "$GHR_CORE_CONFIG_RUN_AS" == "root" ]]; then
export RUNNER_ALLOW_RUNASROOT=1
fi

echo "configuring runner..."
chown -R "$GHR_CORE_CONFIG_RUN_AS" .
sudo --preserve-env=RUNNER_ALLOW_RUNASROOT -u "$GHR_CORE_CONFIG_RUN_AS" -- ./config.sh --unattended --name "$AWS_INSTANCE_ID" --work "$GHR_CORE_WORK_DIRECTORY" $${GHR_CONFIG}

tee /opt/actions-runner/.setup_info <<EOL
[{
"group": "Operating System",
"detail": "Distribution: $GHR_SYS_OS\nArchitecture: $GHR_SYS_ARCHITECTURE"
}, {
"group": "Runner Image",
"detail": "AMI id: $ami_id"
"detail": "AMI id: $AWS_INSTANCE_AMI_ID"
},{
"group": "EC2",
"detail": "Instance type: $AWS_INSTANCE_TYPE\nAvailability zone: $AWS_INSTANCE_AZ"
}]
EOL

echo "creating ephemeral script..."
cat >/opt/start-runner-service.sh <<-EOF
sudo --preserve-env=RUNNER_ALLOW_RUNASROOT -u "$GHR_CORE_CONFIG_RUN_AS" -- ./run.sh
sudo --preserve-env=RUNNER_ALLOW_RUNASROOT -u "$GHR_CORE_CONFIG_RUN_AS" -- ./run.sh --jitconfig $${GHR_CONFIG}
echo "runner is cleaning up..."
echo "stopping cloudwatch service..."
systemctl stop amazon-cloudwatch-agent.service
Expand All @@ -198,6 +202,7 @@ if [[ $GHR_CORE_CONFIG_AGENT_MODE == "ephemeral" ]]; then
echo "starting runner as user $GHR_CORE_CONFIG_RUN_AS in ephemeral mode..."
nohup /opt/start-runner-service.sh &
else
sudo --preserve-env=RUNNER_ALLOW_RUNASROOT -u "$GHR_CORE_CONFIG_RUN_AS" -- ./config.sh --unattended --name "$AWS_INSTANCE_ID" --work "$GHR_CORE_WORK_DIRECTORY" $${GHR_CONFIG}
echo "starting runner as user $GHR_CORE_CONFIG_RUN_AS..."
./svc.sh install "$GHR_CORE_CONFIG_RUN_AS"
./svc.sh start
Expand Down
8 changes: 5 additions & 3 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@ locals {
enabled = coalesce(var.enabled, module.this.enabled, true)
name = coalesce(var.name, module.this.name, "github-runner-${random_string.github_runner_random_suffix.result}")

runner_module_version = "v5.6.0"

aws_account_id = module.this.enabled && var.aws_account_id != "" ? var.aws_account_id : try(data.aws_caller_identity.current[0].account_id, "")
aws_region_name = module.this.enabled && var.aws_region_name != "" ? var.aws_region_name : try(data.aws_region.current[0].name, "")
aws_kv_namespace = trim(coalesce(var.aws_kv_namespace, "github-runner/${module.github_runner_label.id}"), "/")
Expand Down Expand Up @@ -38,13 +40,13 @@ resource "random_string" "github_runner_random_suffix" {

module "github_runner" {
source = "philips-labs/github-runner/aws"
version = "v3.6.1"
version = "v5.6.0" # should match local.runner_module_version

prefix = module.github_runner_label.id
enable_ephemeral_runners = var.runner_ephemeral_mode_enabled
enable_organization_runners = var.github_organization_runner_enabled
minimum_running_time_in_minutes = var.runner_min_running_time
runner_extra_labels = join(",", var.runner_labels)
runner_extra_labels = var.runner_labels
runner_as_root = true # required for docker
runner_iam_role_managed_policy_arns = [aws_iam_policy.runner.arn]
runner_binaries_s3_sse_configuration = { rule = { apply_server_side_encryption_by_default = { sse_algorithm = "AES256" } } }
Expand Down Expand Up @@ -134,7 +136,7 @@ module "runner_binaries" {
artifact_src_path = "/tmp/runner-binaries"
docker_build_context = "${path.module}/assets/runner-binaries"
docker_build_target = "package"
docker_build_args = { RUNNER_VERSION = trimprefix(var.runner_version, "v") }
docker_build_args = { RUNNER_VERSION = trimprefix(local.runner_module_version, "v") }

context = module.github_runner_label.context
}
Expand Down
5 changes: 0 additions & 5 deletions variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -31,11 +31,6 @@ variable "runner_ephemeral_mode_enabled" {
default = false
}

variable "runner_version" {
type = string
description = "Version of the GitHub Action runner."
}

variable "runner_binaries_path" {
type = string
description = "Path to the GitHub Action runner binaries saved locally before pushed to S3."
Expand Down

0 comments on commit b394aa2

Please sign in to comment.