Allow configuring docker machine egress rules #351
Conversation
mhulscher
changed the title
|
Please can you check the failing CI job, the modules is still on version 0.13.6. Assume you have used another terraform version. We use tfenv ot set the used terraform version. Examples are verified with multiple terraform versions |
|
Hi @npalm , It looks like ❯ ~/.bins/terraform-0.13.6 fmt -recursive -check=true -diff
main.tf
--- old/main.tf
+++ new/main.tf
@@ -38,7 +38,7 @@
}
locals {
- enable_asg_recreation = var.enable_forced_updates != null ? !var.enable_forced_updates : var.enable_asg_recreation
+ enable_asg_recreation = var.enable_forced_updates != null ? ! var.enable_forced_updates : var.enable_asg_recreation
template_user_data = templatefile("${path.module}/template/user-data.tpl",
{
@@ -125,7 +125,7 @@
runners_root_size = var.runners_root_size
runners_iam_instance_profile_name = var.runners_iam_instance_profile_name
runners_use_private_address_only = var.runners_use_private_address
- runners_use_private_address = !var.runners_use_private_address
+ runners_use_private_address = ! var.runners_use_private_address
runners_request_spot_instance = var.runners_request_spot_instance
runners_environment_vars = jsonencode(var.runners_environment_vars)
runners_pre_build_script = var.runners_pre_build_scriptIf I update |
|
Please update to please the current TF version for the module, I will upgrade sources and formating asap to a newer version |
|
@npalm done! |
There was a problem hiding this comment.
Made a small suggestion for a change. Furthermore there is a small migration required. I ran a upgrade on the default example, which fails. After tainting the security group an upgrade was smooth.
terraform taint module.runner.aws_security_group.docker_machinePlease can you update the PR description with a small not for the required migration
…upgrade instructions Co-authored-by: Niek Palm <[email protected]>
mhulscher
deleted the
conditionally-create-docker-machine-security-group
branch
## [4.29.0](4.28.0...4.29.0) (2021-08-28) ### Features * Allow configuring docker machine egress rules, see PR [#351](#351) for upgrade instructions ([845e018](845e018)) * Parametrize runner instance launch configuration metadata options ([#348](#348)) ([a4406dc](a4406dc)) * replace launch configuration with launch template ([#337](#337)) ([b805fb6](b805fb6)) * support for settings Sentry DSN ([#352](#352)) ([2a07466](2a07466)) ### Bug Fixes * Use better ressources names ([#356](#356)) ([817e040](817e040))
|
🎉 This PR is included in version 4.29.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
## [4.29.0](4.28.0...4.29.0) (2021-08-28) ### Features * Allow configuring docker machine egress rules, see PR [#351](#351) for upgrade instructions ([845e018](845e018)) * Parametrize runner instance launch configuration metadata options ([#348](#348)) ([a4406dc](a4406dc)) * replace launch configuration with launch template ([#337](#337)) ([b805fb6](b805fb6)) * support for settings Sentry DSN ([#352](#352)) ([2a07466](2a07466)) ### Bug Fixes * Use better ressources names ([#356](#356)) ([817e040](817e040))
Description
I would like to be able to configure the egress rules of the docker-machine security group. This PR introduces a new variable called
docker_machine_egress_rulesto configure these egress rules. It defaults to allow all egress traffic to maintain backwards compatibility.Migrations required
YES, for a smooth upgrade the security group for docker machine needs to be tainted
Verification
Ran a
terraform planin therunner-dockerexample.Documentation
Ran pre-commit with latest version of each tool; this also re-generates larges portions of the README.