From 47a7f6a7175b2d5472b0be1d3cda5eb6ecd79902 Mon Sep 17 00:00:00 2001 From: Uchinda Padmaperuma Date: Tue, 6 Sep 2022 17:30:26 +0800 Subject: [PATCH 1/9] change the kubernetes_manifest resource --- org_runners.tf | 90 ++++++++++++++++++++++++++++++++++---------------- 1 file changed, 62 insertions(+), 28 deletions(-) diff --git a/org_runners.tf b/org_runners.tf index d3643a2..52ac573 100644 --- a/org_runners.tf +++ b/org_runners.tf @@ -1,33 +1,67 @@ -resource "kubernetes_manifest" "github_org_runners" { +# resource "kubernetes_manifest" "github_org_runners" { +# for_each = { for org in var.github_org_runners : org.name => org } +# depends_on = [helm_release.release] + +# manifest = { +# apiVersion = "actions.summerwind.dev/v1alpha1" +# kind = "RunnerDeployment" + +# metadata = { +# name = "${lower(each.value.name)}-runner-deployment" +# namespace = var.chart_namespace +# } + +# spec = { +# replicas = each.value.replicas +# template = { +# spec = { +# organization = each.value.name +# serviceAccountName = var.service_account_name +# group = each.value.group +# imagePullPolicy = "IfNotPresent" +# securityContext = { +# fsGroup = 1000 +# } +# labels = [each.value.label] +# resources = each.value.resources +# tolerations = each.value.tolerations +# affinity = each.value.affinity +# } +# } +# } +# } +# } + +resource "helm_release" "github_org_runners" { for_each = { for org in var.github_org_runners : org.name => org } depends_on = [helm_release.release] - manifest = { - apiVersion = "actions.summerwind.dev/v1alpha1" - kind = "RunnerDeployment" - - metadata = { - name = "${lower(each.value.name)}-runner-deployment" - namespace = var.chart_namespace - } + name = "external-secrets-cluster-store" + repository = "https://charts.itscontained.io" + chart = "raw" + version = "0.2.5" - spec = { - replicas = each.value.replicas - template = { - spec = { - organization = each.value.name - serviceAccountName = var.service_account_name - group = each.value.group - imagePullPolicy = "IfNotPresent" - securityContext = { - fsGroup = 1000 - } - labels = [each.value.label] - resources = each.value.resources - tolerations = each.value.tolerations - affinity = each.value.affinity - } - } - } - } + values = [ + <<-EOF + apiVersion: actions.summerwind.dev/v1alpha1 + kind: RunnerDeployment + metadata: + name: "${lower(each.value.name)}-runner-deployment" + namespace: "${var.chart_namespace}" + spec: + replicas: "${each.value.replicas}" + template: + spec: + organization: "${each.value.name}" + serviceAccountName: "${var.service_account_name}" + group: "${each.value.group}" + imagePullPolicy: IfNotPresent + securityContext: + fsGroup: 1000 + labels: "${each.value.label}" + resources: "${each.value.resources}" + tolerations: "${each.value.tolerations}" + affinity: "${each.value.affinity}" + EOF + ] } From c536bbdc7e751e84f67047c8c85229d4ddc081fe Mon Sep 17 00:00:00 2001 From: Uchinda Padmaperuma Date: Tue, 6 Sep 2022 17:50:44 +0800 Subject: [PATCH 2/9] fix the output --- outputs.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/outputs.tf b/outputs.tf index 0d00bb6..f004c4d 100644 --- a/outputs.tf +++ b/outputs.tf @@ -5,5 +5,5 @@ output "helm_release" { output "org_runners" { description = "Output of Github Org Runners" - value = kubernetes_manifest.github_org_runners + value = helm_release.github_org_runners } From 5713bf0aa004147df89cbeb0f34c05ba1ead7ec9 Mon Sep 17 00:00:00 2001 From: Uchinda Padmaperuma Date: Tue, 6 Sep 2022 18:09:39 +0800 Subject: [PATCH 3/9] hardcode the value of affinity and tolerents --- org_runners.tf | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/org_runners.tf b/org_runners.tf index 52ac573..71c25e6 100644 --- a/org_runners.tf +++ b/org_runners.tf @@ -60,8 +60,31 @@ resource "helm_release" "github_org_runners" { fsGroup: 1000 labels: "${each.value.label}" resources: "${each.value.resources}" - tolerations: "${each.value.tolerations}" - affinity: "${each.value.affinity}" + tolerations: + - key: "dedicated" + operator: "Equal" + value: "cicd" + effect: "NoSchedule" + affinity: + podAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - nodeSelectorTerms: + matchExpressions: + - key: dedicated + operator: In + values: + - cicd + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 100 + podAffinityTerm: + labelSelector: + matchExpressions: + - key: dedicated + operator: In + values: + - cicd + topologyKey: topology.kubernetes.io/zone EOF ] } From d6bc6a07be85bc4251c7a83b3d9071dde60dc7da Mon Sep 17 00:00:00 2001 From: Uchinda Padmaperuma Date: Tue, 6 Sep 2022 18:14:40 +0800 Subject: [PATCH 4/9] fix resource manifest --- org_runners.tf | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/org_runners.tf b/org_runners.tf index 71c25e6..04300cc 100644 --- a/org_runners.tf +++ b/org_runners.tf @@ -59,7 +59,13 @@ resource "helm_release" "github_org_runners" { securityContext: fsGroup: 1000 labels: "${each.value.label}" - resources: "${each.value.resources}" + resources: + requests: + cpu: "500m" + memory: "2Gi" + limits: + cpu: "500m" + memory: "4Gi" tolerations: - key: "dedicated" operator: "Equal" From 2b11324dad1b18e98f77149ea0f9e056b341f785 Mon Sep 17 00:00:00 2001 From: Uchinda Padmaperuma Date: Wed, 7 Sep 2022 00:19:50 +0800 Subject: [PATCH 5/9] change the name --- org_runners.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/org_runners.tf b/org_runners.tf index 04300cc..60323c9 100644 --- a/org_runners.tf +++ b/org_runners.tf @@ -36,7 +36,7 @@ resource "helm_release" "github_org_runners" { for_each = { for org in var.github_org_runners : org.name => org } depends_on = [helm_release.release] - name = "external-secrets-cluster-store" + name = "github-org-runners" repository = "https://charts.itscontained.io" chart = "raw" version = "0.2.5" From 8e136c08853a2235728b2c99c8bbf706b9b30440 Mon Sep 17 00:00:00 2001 From: Uchinda Padmaperuma Date: Wed, 7 Sep 2022 01:59:00 +0800 Subject: [PATCH 6/9] uncomment the manifest --- org_runners.tf | 180 ++++++++++++++++++++++++------------------------- outputs.tf | 2 +- 2 files changed, 91 insertions(+), 91 deletions(-) diff --git a/org_runners.tf b/org_runners.tf index 60323c9..d21ba72 100644 --- a/org_runners.tf +++ b/org_runners.tf @@ -1,96 +1,96 @@ -# resource "kubernetes_manifest" "github_org_runners" { -# for_each = { for org in var.github_org_runners : org.name => org } -# depends_on = [helm_release.release] +resource "kubernetes_manifest" "github_org_runners" { + for_each = { for org in var.github_org_runners : org.name => org } + # depends_on = [helm_release.release] -# manifest = { -# apiVersion = "actions.summerwind.dev/v1alpha1" -# kind = "RunnerDeployment" + manifest = { + apiVersion = "actions.summerwind.dev/v1alpha1" + kind = "RunnerDeployment" -# metadata = { -# name = "${lower(each.value.name)}-runner-deployment" -# namespace = var.chart_namespace -# } + metadata = { + name = "${lower(each.value.name)}-runner-deployment" + namespace = var.chart_namespace + } -# spec = { -# replicas = each.value.replicas -# template = { -# spec = { -# organization = each.value.name -# serviceAccountName = var.service_account_name -# group = each.value.group -# imagePullPolicy = "IfNotPresent" -# securityContext = { -# fsGroup = 1000 -# } -# labels = [each.value.label] -# resources = each.value.resources -# tolerations = each.value.tolerations -# affinity = each.value.affinity -# } -# } -# } -# } -# } + spec = { + replicas = each.value.replicas + template = { + spec = { + organization = each.value.name + serviceAccountName = var.service_account_name + group = each.value.group + imagePullPolicy = "IfNotPresent" + securityContext = { + fsGroup = 1000 + } + labels = [each.value.label] + resources = each.value.resources + tolerations = each.value.tolerations + affinity = each.value.affinity + } + } + } + } +} -resource "helm_release" "github_org_runners" { - for_each = { for org in var.github_org_runners : org.name => org } - depends_on = [helm_release.release] +# resource "helm_release" "github_org_runners" { +# for_each = { for org in var.github_org_runners : org.name => org } +# depends_on = [helm_release.release] - name = "github-org-runners" - repository = "https://charts.itscontained.io" - chart = "raw" - version = "0.2.5" +# name = "github-org-runners" +# repository = "https://charts.itscontained.io" +# chart = "raw" +# version = "0.2.5" - values = [ - <<-EOF - apiVersion: actions.summerwind.dev/v1alpha1 - kind: RunnerDeployment - metadata: - name: "${lower(each.value.name)}-runner-deployment" - namespace: "${var.chart_namespace}" - spec: - replicas: "${each.value.replicas}" - template: - spec: - organization: "${each.value.name}" - serviceAccountName: "${var.service_account_name}" - group: "${each.value.group}" - imagePullPolicy: IfNotPresent - securityContext: - fsGroup: 1000 - labels: "${each.value.label}" - resources: - requests: - cpu: "500m" - memory: "2Gi" - limits: - cpu: "500m" - memory: "4Gi" - tolerations: - - key: "dedicated" - operator: "Equal" - value: "cicd" - effect: "NoSchedule" - affinity: - podAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - nodeSelectorTerms: - matchExpressions: - - key: dedicated - operator: In - values: - - cicd - podAntiAffinity: - preferredDuringSchedulingIgnoredDuringExecution: - - weight: 100 - podAffinityTerm: - labelSelector: - matchExpressions: - - key: dedicated - operator: In - values: - - cicd - topologyKey: topology.kubernetes.io/zone - EOF - ] -} +# values = [ +# <<-EOF +# apiVersion: actions.summerwind.dev/v1alpha1 +# kind: RunnerDeployment +# metadata: +# name: "${lower(each.value.name)}-runner-deployment" +# namespace: "${var.chart_namespace}" +# spec: +# replicas: "${each.value.replicas}" +# template: +# spec: +# organization: "${each.value.name}" +# serviceAccountName: "${var.service_account_name}" +# group: "${each.value.group}" +# imagePullPolicy: IfNotPresent +# securityContext: +# fsGroup: 1000 +# labels: "${each.value.label}" +# resources: +# requests: +# cpu: "500m" +# memory: "2Gi" +# limits: +# cpu: "500m" +# memory: "4Gi" +# tolerations: +# - key: "dedicated" +# operator: "Equal" +# value: "cicd" +# effect: "NoSchedule" +# affinity: +# podAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# - nodeSelectorTerms: +# matchExpressions: +# - key: dedicated +# operator: In +# values: +# - cicd +# podAntiAffinity: +# preferredDuringSchedulingIgnoredDuringExecution: +# - weight: 100 +# podAffinityTerm: +# labelSelector: +# matchExpressions: +# - key: dedicated +# operator: In +# values: +# - cicd +# topologyKey: topology.kubernetes.io/zone +# EOF +# ] +# } diff --git a/outputs.tf b/outputs.tf index f004c4d..0d00bb6 100644 --- a/outputs.tf +++ b/outputs.tf @@ -5,5 +5,5 @@ output "helm_release" { output "org_runners" { description = "Output of Github Org Runners" - value = helm_release.github_org_runners + value = kubernetes_manifest.github_org_runners } From a3e062186fec67729e1c382d7d52ae4fd8ab1d19 Mon Sep 17 00:00:00 2001 From: Uchinda Padmaperuma Date: Wed, 7 Sep 2022 02:18:35 +0800 Subject: [PATCH 7/9] clean up the code --- org_runners.tf | 63 -------------------------------------------------- 1 file changed, 63 deletions(-) diff --git a/org_runners.tf b/org_runners.tf index d21ba72..13b923f 100644 --- a/org_runners.tf +++ b/org_runners.tf @@ -31,66 +31,3 @@ resource "kubernetes_manifest" "github_org_runners" { } } } - -# resource "helm_release" "github_org_runners" { -# for_each = { for org in var.github_org_runners : org.name => org } -# depends_on = [helm_release.release] - -# name = "github-org-runners" -# repository = "https://charts.itscontained.io" -# chart = "raw" -# version = "0.2.5" - -# values = [ -# <<-EOF -# apiVersion: actions.summerwind.dev/v1alpha1 -# kind: RunnerDeployment -# metadata: -# name: "${lower(each.value.name)}-runner-deployment" -# namespace: "${var.chart_namespace}" -# spec: -# replicas: "${each.value.replicas}" -# template: -# spec: -# organization: "${each.value.name}" -# serviceAccountName: "${var.service_account_name}" -# group: "${each.value.group}" -# imagePullPolicy: IfNotPresent -# securityContext: -# fsGroup: 1000 -# labels: "${each.value.label}" -# resources: -# requests: -# cpu: "500m" -# memory: "2Gi" -# limits: -# cpu: "500m" -# memory: "4Gi" -# tolerations: -# - key: "dedicated" -# operator: "Equal" -# value: "cicd" -# effect: "NoSchedule" -# affinity: -# podAffinity: -# requiredDuringSchedulingIgnoredDuringExecution: -# - nodeSelectorTerms: -# matchExpressions: -# - key: dedicated -# operator: In -# values: -# - cicd -# podAntiAffinity: -# preferredDuringSchedulingIgnoredDuringExecution: -# - weight: 100 -# podAffinityTerm: -# labelSelector: -# matchExpressions: -# - key: dedicated -# operator: In -# values: -# - cicd -# topologyKey: topology.kubernetes.io/zone -# EOF -# ] -# } From 1fc47b38a454a4638f9de47bbaa215a466c535e0 Mon Sep 17 00:00:00 2001 From: Uchinda Padmaperuma Date: Thu, 8 Sep 2022 10:13:31 +0800 Subject: [PATCH 8/9] move from kubernetes_manifest to kubectl_manifest --- org_runners.tf | 56 ++++++++++++++++++++++---------------------------- 1 file changed, 25 insertions(+), 31 deletions(-) diff --git a/org_runners.tf b/org_runners.tf index 13b923f..566423c 100644 --- a/org_runners.tf +++ b/org_runners.tf @@ -1,33 +1,27 @@ -resource "kubernetes_manifest" "github_org_runners" { - for_each = { for org in var.github_org_runners : org.name => org } - # depends_on = [helm_release.release] +resource "kubectl_manifest" "github_org_runners" { + for_each = { for org in var.github_org_runners : org.name => org } + yaml_body = < Date: Thu, 8 Sep 2022 11:07:00 +0800 Subject: [PATCH 9/9] adding implicit dependency --- org_runners.tf | 55 +++++++++++++++++++++++++++----------------------- 1 file changed, 30 insertions(+), 25 deletions(-) diff --git a/org_runners.tf b/org_runners.tf index 566423c..dac321f 100644 --- a/org_runners.tf +++ b/org_runners.tf @@ -1,27 +1,32 @@ -resource "kubectl_manifest" "github_org_runners" { - for_each = { for org in var.github_org_runners : org.name => org } - yaml_body = < org } - depends_on = [helm_release.release] + manifest = { + apiVersion = "actions.summerwind.dev/v1alpha1" + kind = "RunnerDeployment" + + metadata = { + name = "${lower(each.value.name)}-runner-deployment" + namespace = helm_release.release.namespace + } + + spec = { + replicas = each.value.replicas + template = { + spec = { + organization = each.value.name + serviceAccountName = var.service_account_name + group = each.value.group + imagePullPolicy = "IfNotPresent" + securityContext = { + fsGroup = 1000 + } + labels = [each.value.label] + resources = each.value.resources + tolerations = each.value.tolerations + affinity = each.value.affinity + } + } + } + } }