From 4e9704892f8f008cb467342ae5e8c565f4c68e39 Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Thu, 5 May 2022 16:48:19 +0200 Subject: [PATCH] feat: Remove var.volume_size in favour of var.block_device_mappings BREAKING CHANGE: var.volume_size replaced by var.block_device_mappings --- README.md | 5 ++--- examples/default/main.tf | 8 ++++---- main.tf | 1 - modules/download-lambda/README.md | 2 +- modules/runner-binaries-syncer/README.md | 12 +++++++++--- modules/runners/README.md | 5 ++--- modules/runners/main.tf | 10 +++++----- modules/runners/variables.tf | 6 ------ modules/setup-iam-permissions/README.md | 4 ++-- modules/webhook/README.md | 4 ++-- variables.tf | 6 ------ 11 files changed, 27 insertions(+), 36 deletions(-) diff --git a/README.md b/README.md index 2186036bcf..d3669ab436 100644 --- a/README.md +++ b/README.md @@ -360,13 +360,13 @@ In case the setup does not work as intended follow the trace of events: | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.14.1 | -| [aws](#requirement\_aws) | ~> 3.50 | +| [aws](#requirement\_aws) | ~> 4.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | ~> 3.50 | +| [aws](#provider\_aws) | ~> 4.0 | | [random](#provider\_random) | n/a | ## Modules @@ -476,7 +476,6 @@ In case the setup does not work as intended follow the trace of events: | [userdata\_post\_install](#input\_userdata\_post\_install) | Script to be ran after the GitHub Actions runner is installed on the EC2 instances | `string` | `""` | no | | [userdata\_pre\_install](#input\_userdata\_pre\_install) | Script to be ran before the GitHub Actions runner is installed on the EC2 instances | `string` | `""` | no | | [userdata\_template](#input\_userdata\_template) | Alternative user-data template, replacing the default template. By providing your own user\_data you have to take care of installing all required software, including the action runner. Variables userdata\_pre/post\_install are ignored. | `string` | `null` | no | -| [volume\_size](#input\_volume\_size) | (Deprecaated, use block\_device\_mappings. Size of runner volume, if set it overrides the value provide via block\_device\_mappings. | `number` | `null` | no | | [vpc\_id](#input\_vpc\_id) | The VPC for security groups of the action runners. | `string` | n/a | yes | | [webhook\_lambda\_s3\_key](#input\_webhook\_lambda\_s3\_key) | S3 key for webhook lambda function. Required if using S3 bucket to specify lambdas. | `any` | `null` | no | | [webhook\_lambda\_s3\_object\_version](#input\_webhook\_lambda\_s3\_object\_version) | S3 object version for webhook lambda function. Useful if S3 versioning is enabled on source bucket. | `any` | `null` | no | diff --git a/examples/default/main.tf b/examples/default/main.tf index 5dc56b2423..98e6e41533 100644 --- a/examples/default/main.tf +++ b/examples/default/main.tf @@ -33,11 +33,11 @@ module "runners" { block_device_mappings = [] # Grab zip files via lambda_download - # webhook_lambda_zip = "lambdas-download/webhook.zip" - # runner_binaries_syncer_lambda_zip = "lambdas-download/runner-binaries-syncer.zip" - # runners_lambda_zip = "lambdas-download/runners.zip" + webhook_lambda_zip = "lambdas-download/webhook.zip" + runner_binaries_syncer_lambda_zip = "lambdas-download/runner-binaries-syncer.zip" + runners_lambda_zip = "lambdas-download/runners.zip" - enable_organization_runners = true + enable_organization_runners = false runner_extra_labels = "default,example" # enable access to the runners via SSM diff --git a/main.tf b/main.tf index 6620da3fcf..b9754fb511 100644 --- a/main.tf +++ b/main.tf @@ -162,7 +162,6 @@ module "runners" { enable_ssm_on_runners = var.enable_ssm_on_runners egress_rules = var.runner_egress_rules runner_additional_security_group_ids = var.runner_additional_security_group_ids - volume_size = var.volume_size metadata_options = var.runner_metadata_options lambda_s3_bucket = var.lambda_s3_bucket diff --git a/modules/download-lambda/README.md b/modules/download-lambda/README.md index 246bb82ffc..a5e188bec2 100644 --- a/modules/download-lambda/README.md +++ b/modules/download-lambda/README.md @@ -30,7 +30,7 @@ module "lambdas" { | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.14.1 | -| [aws](#requirement\_aws) | ~> 3.38 | +| [aws](#requirement\_aws) | ~> 4.0 | ## Providers diff --git a/modules/runner-binaries-syncer/README.md b/modules/runner-binaries-syncer/README.md index 76e197a67f..6659e092e1 100644 --- a/modules/runner-binaries-syncer/README.md +++ b/modules/runner-binaries-syncer/README.md @@ -39,13 +39,13 @@ yarn run dist | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.14.1 | -| [aws](#requirement\_aws) | ~> 3.38 | +| [aws](#requirement\_aws) | ~> 4.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | ~> 3.38 | +| [aws](#provider\_aws) | ~> 4.0 | ## Modules @@ -59,16 +59,22 @@ No modules. | [aws_cloudwatch_event_target.syncer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_target) | resource | | [aws_cloudwatch_log_group.syncer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource | | [aws_iam_role.syncer_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource | +| [aws_iam_role_policy.lambda_kms](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource | | [aws_iam_role_policy.lambda_logging](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource | | [aws_iam_role_policy.syncer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource | | [aws_lambda_function.syncer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource | | [aws_lambda_permission.on_deploy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource | | [aws_lambda_permission.syncer](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource | | [aws_s3_bucket.action_dist](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource | +| [aws_s3_bucket_acl.action_dist_acl](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_acl) | resource | +| [aws_s3_bucket_lifecycle_configuration.bucket-config](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_lifecycle_configuration) | resource | | [aws_s3_bucket_notification.on_deploy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_notification) | resource | -| [aws_s3_bucket_object.trigger](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_object) | resource | +| [aws_s3_bucket_policy.action_dist_sse_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource | | [aws_s3_bucket_public_access_block.action_dist](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource | +| [aws_s3_bucket_server_side_encryption_configuration.action_dist](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_server_side_encryption_configuration) | resource | +| [aws_s3_object.trigger](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object) | resource | | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source | +| [aws_iam_policy_document.action_dist_sse_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | | [aws_iam_policy_document.lambda_assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source | ## Inputs diff --git a/modules/runners/README.md b/modules/runners/README.md index 4b5ea25787..2d6fc342d7 100644 --- a/modules/runners/README.md +++ b/modules/runners/README.md @@ -53,13 +53,13 @@ yarn run dist | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.14.1 | -| [aws](#requirement\_aws) | ~> 3.38 | +| [aws](#requirement\_aws) | ~> 4.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | ~> 3.38 | +| [aws](#provider\_aws) | ~> 4.0 | ## Modules @@ -186,7 +186,6 @@ yarn run dist | [userdata\_post\_install](#input\_userdata\_post\_install) | User-data script snippet to insert after GitHub action runner install | `string` | `""` | no | | [userdata\_pre\_install](#input\_userdata\_pre\_install) | User-data script snippet to insert before GitHub action runner install | `string` | `""` | no | | [userdata\_template](#input\_userdata\_template) | Alternative user-data template, replacing the default template. By providing your own user\_data you have to take care of installing all required software, including the action runner. Variables userdata\_pre/post\_install are ignored. | `string` | `null` | no | -| [volume\_size](#input\_volume\_size) | (Deprecaated, use block\_device\_mappings. Size of runner volume, if set it overrides the value provide via block\_device\_mappings. | `number` | `null` | no | | [vpc\_id](#input\_vpc\_id) | The VPC for the security groups. | `string` | n/a | yes | ## Outputs diff --git a/modules/runners/main.tf b/modules/runners/main.tf index 036b23f91d..89040b16fa 100644 --- a/modules/runners/main.tf +++ b/modules/runners/main.tf @@ -62,11 +62,11 @@ resource "aws_launch_template" "runner" { device_name = lookup(block_device_mappings.value, "device_name", "/dev/xvda") ebs { - delete_on_termination = lookup(block_device_mappings.value, "delete_on_termination", true) - volume_type = lookup(block_device_mappings.value, "volume_type", "gp3") - volume_size = var.volume_size == null ? lookup(block_device_mappings.value, "volume_size", "30") : var.volume_size - encrypted = lookup(block_device_mappings.value, "encrypted", true) - iops = lookup(block_device_mappings.value, "iops", null) + delete_on_termination = block_device_mappings.value.delete_on_termination + volume_type = block_device_mappings.value.volume_type + volume_size = block_device_mappings.value.volume_size + encrypted = block_device_mappings.value.encrypted + iops = block_device_mappings.value.iops } } } diff --git a/modules/runners/variables.tf b/modules/runners/variables.tf index 8582136ad3..2108a53b5e 100644 --- a/modules/runners/variables.tf +++ b/modules/runners/variables.tf @@ -403,12 +403,6 @@ variable "runner_additional_security_group_ids" { default = [] } -variable "volume_size" { - description = "(Deprecaated, use block_device_mappings. Size of runner volume, if set it overrides the value provide via block_device_mappings." - type = number - default = null -} - variable "kms_key_arn" { description = "Optional CMK Key ARN to be used for Parameter Store." type = string diff --git a/modules/setup-iam-permissions/README.md b/modules/setup-iam-permissions/README.md index b66adb7e50..3ed8213706 100644 --- a/modules/setup-iam-permissions/README.md +++ b/modules/setup-iam-permissions/README.md @@ -42,13 +42,13 @@ Next execute the created Terraform code `terraform init && terraform apply` The | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.14.1 | -| [aws](#requirement\_aws) | ~> 3.38 | +| [aws](#requirement\_aws) | ~> 4.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | ~> 3.38 | +| [aws](#provider\_aws) | ~> 4.0 | ## Modules diff --git a/modules/webhook/README.md b/modules/webhook/README.md index c57474258f..e800a904ed 100644 --- a/modules/webhook/README.md +++ b/modules/webhook/README.md @@ -39,13 +39,13 @@ yarn run dist | Name | Version | |------|---------| | [terraform](#requirement\_terraform) | >= 0.14.1 | -| [aws](#requirement\_aws) | ~> 3.38 | +| [aws](#requirement\_aws) | ~> 4.0 | ## Providers | Name | Version | |------|---------| -| [aws](#provider\_aws) | ~> 3.38 | +| [aws](#provider\_aws) | ~> 4.0 | ## Modules diff --git a/variables.tf b/variables.tf index edbe990f30..cf4713dd1d 100644 --- a/variables.tf +++ b/variables.tf @@ -396,12 +396,6 @@ variable "instance_max_spot_price" { default = null } -variable "volume_size" { - description = "(Deprecaated, use block_device_mappings. Size of runner volume, if set it overrides the value provide via block_device_mappings." - type = number - default = null -} - variable "instance_type" { description = "[DEPRECATED] See instance_types." type = string