Skip to content

Commit

Permalink
feat(init): initial release
Browse files Browse the repository at this point in the history
  • Loading branch information
Marius Boden committed Dec 4, 2023
1 parent 2e48d4d commit 8c6c23f
Show file tree
Hide file tree
Showing 20 changed files with 1,026 additions and 0 deletions.
34 changes: 34 additions & 0 deletions .devcontainer/devcontainer.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
// For format details, see https://aka.ms/devcontainer.json. For config options, see the
// README at: https://github.com/devcontainers/templates/tree/main/src/ubuntu
{
"name": "Ubuntu",
// Or use a Dockerfile or Docker Compose file. More info: https://containers.dev/guide/dockerfile
"image": "mcr.microsoft.com/devcontainers/base:jammy",
"features": {
"ghcr.io/devcontainers/features/terraform:1": {},
"ghcr.io/devcontainers-contrib/features/terraform-docs:1": {},
"ghcr.io/devcontainers/features/azure-cli:1": {},
"ghcr.io/devcontainers/features/docker-in-docker:2": {},
"ghcr.io/devcontainers-contrib/features/kind:1": {},
"ghcr.io/devcontainers/features/kubectl-helm-minikube:1": {},
"ghcr.io/dhoeric/features/stern:1": {}
},
"customizations": {
"vscode": {
"extensions": [
"github.vscode-github-actions",
"redhat.vscode-yaml"
]
}
}
// Features to add to the dev container. More info: https://containers.dev/features.
// "features": {},
// Use 'forwardPorts' to make a list of ports inside the container available locally.
// "forwardPorts": [],
// Use 'postCreateCommand' to run commands after the container is created.
// "postCreateCommand": "uname -a",
// Configure tool-specific properties.
// "customizations": {},
// Uncomment to connect as root instead. More info: https://aka.ms/dev-containers-non-root.
// "remoteUser": "root"
}
28 changes: 28 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates

version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
# Check for updates to GitHub Actions every week
interval: "weekly"
reviewers:
- infinite-automations/admins
- package-ecosystem: "terraform"
directory: "/"
schedule:
# Check for updates to terraform every week
interval: "weekly"
reviewers:
- infinite-automations/admins
- package-ecosystem: "terraform"
directory: "examples/full"
schedule:
# Check for updates to terraform every week
interval: "weekly"
reviewers:
- infinite-automations/admins
159 changes: 159 additions & 0 deletions .github/workflows/test-and-release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,159 @@
name: Test & Release

on:
push:
branches: ["main"]
pull_request:
branches: ["main"]

permissions:
actions: read
contents: write
statuses: read

env:
TF_VAR_github_app_id: ${{ secrets.GH_APP_ID }}
TF_VAR_github_app_install_id: ${{ secrets.GH_APP_INSTALL_ID }}
TF_VAR_github_app_private_key: ${{ secrets.GH_APP_KEY }}
TF_VAR_labels: '["test", "${{ github.run_id }}"]'

jobs:
lint:
name: Lint
runs-on: ubuntu-latest
strategy:
matrix:
directory:
- "."
- "examples/full"
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Lint Example
uses: "infinite-automations/tflint-all-in-one@v1.0.0"
with:
directory: ${{ matrix.directory }}

update-docs:
name: Update Docs
needs:
- lint
runs-on: ubuntu-latest
concurrency:
group: ${{ github.ref }}-docs
cancel-in-progress: false
outputs:
changed: ${{ steps.terraform-docs.outputs.num_changed > 0 }}
steps:
- name: Checkout
uses: actions/checkout@v4
if: ${{ github.event_name == 'push' }}
- name: Checkout
uses: actions/checkout@v4
if: ${{ github.event_name == 'pull_request' }}
with:
ref: ${{ github.event.pull_request.head.ref }}
- name: Render terraform docs inside the README.md
id: terraform-docs
uses: terraform-docs/gh-actions@v1.0.0
with:
working-dir: .,examples/full
output-file: README.md
output-method: inject
git-push: ${{ github.event_name == 'pull_request' }}
git-commit-message: "docs(terraform): update README.md"
- name: Cache Docs
if: ${{ github.event_name == 'push' }}
uses: actions/cache@v3
with:
path: |
README.md
examples/full/README.md
key: ${{ runner.os }}-docs-${{ github.sha }}

setup-runner:
name: Setup Runner
needs:
- lint
- update-docs
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Create k8s Kind Cluster
uses: helm/kind-action@v1.8.0
with:
wait: "120s"
- name: Create Runners
uses: infinite-automations/terraform-all-in-one@v1.2.0
id: apply-example
with:
directory: "examples/full"
apply: true
destroy: false
- name: Wait For Test
uses: yogeshlonkar/wait-for-jobs@v0
with:
gh-token: ${{ secrets.GITHUB_TOKEN }}
jobs: "Test"
prefix: true
ttl: "10"
- name: Destroy Runners
uses: infinite-automations/terraform-all-in-one@v1.2.0
with:
directory: "examples/full"
apply: false
destroy: true

test-runner:
name: Test
needs:
- lint
- update-docs
runs-on:
- self-hosted
- test
- ${{ github.run_id }}
strategy:
matrix:
image:
- alpine:latest
- ubuntu:latest
- debian:latest
container:
image: ${{ matrix.image }}
steps:
- name: Print Environment Information
run: |
echo "Operating System: $OSTYPE"
echo "Hostname: $(hostname)"
echo "CPU Architecture: $(uname -m)"
echo "Kernel Version: $(uname -r)"
echo
cat /etc/os-release
release:
name: Release
needs:
- update-docs
- test-runner
concurrency:
group: ${{ github.ref }}-release
cancel-in-progress: false
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Restore Cached Docs
if: ${{ github.event_name == 'push' }}
uses: actions/cache@v3
with:
path: README.md
key: ${{ runner.os }}-docs-${{ github.sha }}
- name: Semantic Release
uses: cycjimmy/semantic-release-action@v4
with:
dry_run: ${{ github.event_name == 'pull_request' }}
ci: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
3 changes: 3 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
# local dev
/dev

# Local .terraform directories
**/.terraform/*

Expand Down
45 changes: 45 additions & 0 deletions .terraform-docs.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
# .terraform-docs.yml
formatter: "markdown table"

sections:
show:
- header
- requirements
- providers
- resources
- inputs
- outputs
- footer

content: |-
{{ .Header }}
## Module Usage
```hcl
{{ include "examples/full/main.tf" }}
```
{{ .Requirements }}
{{ .Providers }}
{{ .Resources }}
{{ .Inputs }}
{{ .Outputs }}
{{ .Footer }}
sort:
enabled: true
by: required

settings:
anchor: true
default: true
required: true
type: true
hide-empty: true
indent: 2
78 changes: 78 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,2 +1,80 @@
# terraform-helm-github-actions-runner-controller
Setup the GitHub Actions Runner Controller (ARC) in an existing kubernetes cluster

<!-- BEGIN_TF_DOCS -->


## Module Usage

```hcl
# setup actions-runner-controller
module "actions-runner-controller" {
source = "../.."
namespace = "github-actions-runner-controller"
create_namespace = true
allow_granting_container_mode_permissions = false
github_app_id = var.github_app_id
github_app_install_id = var.github_app_install_id
github_app_private_key = var.github_app_private_key
kubernetes_secret_name = "github-auth-secret"
helm_deployment_name = "actions-runner-controller"
helm_chart_version = "0.23.5"
replicas = 1
atomic = true
timeout = 600
depends_on = [
helm_release.cert_manager
]
}
```

## Requirements

| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13 |
| <a name="requirement_helm"></a> [helm](#requirement\_helm) | >= 2.11.0 |
| <a name="requirement_kubernetes"></a> [kubernetes](#requirement\_kubernetes) | >= 2.23.0 |

## Providers

| Name | Version |
|------|---------|
| <a name="provider_helm"></a> [helm](#provider\_helm) | >= 2.11.0 |
| <a name="provider_kubernetes"></a> [kubernetes](#provider\_kubernetes) | >= 2.23.0 |

## Resources

| Name | Type |
|------|------|
| [helm_release.this](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
| [kubernetes_namespace.this](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace) | resource |
| [kubernetes_secret.this](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/secret) | resource |

## Inputs

| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_github_app_id"></a> [github\_app\_id](#input\_github\_app\_id) | GitHub App ID | `string` | n/a | yes |
| <a name="input_github_app_install_id"></a> [github\_app\_install\_id](#input\_github\_app\_install\_id) | GitHub App Install ID | `string` | n/a | yes |
| <a name="input_github_app_private_key"></a> [github\_app\_private\_key](#input\_github\_app\_private\_key) | GitHub App Private Key | `string` | n/a | yes |
| <a name="input_allow_granting_container_mode_permissions"></a> [allow\_granting\_container\_mode\_permissions](#input\_allow\_granting\_container\_mode\_permissions) | If true, the runner controller will be allowed to grant container mode permissions | `bool` | `false` | no |
| <a name="input_atomic"></a> [atomic](#input\_atomic) | If true, installation process purges chart on fail. If false, installation process deletes resources created by chart, but not purge them | `bool` | `true` | no |
| <a name="input_create_namespace"></a> [create\_namespace](#input\_create\_namespace) | If true, the namespace will be created | `bool` | `true` | no |
| <a name="input_helm_chart_version"></a> [helm\_chart\_version](#input\_helm\_chart\_version) | The version of the helm chart to deploy | `string` | `"0.23.5"` | no |
| <a name="input_helm_deployment_name"></a> [helm\_deployment\_name](#input\_helm\_deployment\_name) | The name of the helm deployment | `string` | `"actions-runner-controller"` | no |
| <a name="input_kubernetes_secret_name"></a> [kubernetes\_secret\_name](#input\_kubernetes\_secret\_name) | The name of the secret to create | `string` | `"github-auth-secret"` | no |
| <a name="input_namespace"></a> [namespace](#input\_namespace) | The namespace to deploy the runner controller into | `string` | `"github-actions-runner-controller"` | no |
| <a name="input_replicas"></a> [replicas](#input\_replicas) | The number of replicas for the runner controller | `number` | `3` | no |
| <a name="input_timeout"></a> [timeout](#input\_timeout) | Time in seconds to wait for helm deployment operation (like Jobs for hooks) | `number` | `600` | no |

## Outputs

| Name | Description |
|------|-------------|
| <a name="output_helm_deployment_name"></a> [helm\_deployment\_name](#output\_helm\_deployment\_name) | The name of the helm deployment |
| <a name="output_namespace"></a> [namespace](#output\_namespace) | The namespace runner controller was deployed into |
| <a name="output_secret_name"></a> [secret\_name](#output\_secret\_name) | The name of the secret created |


<!-- END_TF_DOCS -->
Loading

0 comments on commit 8c6c23f

Please sign in to comment.