feat: add outputs for lambda and lambda log groups (#3033)

* feat: add outputs for lambda and lambda log groups * fix: typo. * update docs --------- Co-authored-by: navdeepg2021 <navdeepg2021@gmail.com>
philips-labs · Mar 8, 2023 · e1ce8be · e1ce8be
1 parent f77c57d
commit e1ce8be
Show file tree

Hide file tree

Showing 11 changed files with 156 additions and 97 deletions.
diff --git a/README.md b/README.md
@@ -446,6 +446,7 @@ We welcome any improvement to the standard module to make the default as secure
 |------|-------------|------|---------|:--------:|
 | <a name="input_ami_filter"></a> [ami\_filter](#input\_ami\_filter) | List of maps used to create the AMI filter for the action runner AMI. By default amazon linux 2 is used. | `map(list(string))` | `null` | no |
 | <a name="input_ami_id_ssm_parameter_name"></a> [ami\_id\_ssm\_parameter\_name](#input\_ami\_id\_ssm\_parameter\_name) | Externally managed SSM parameter (of data type aws:ec2:image) that contains the AMI ID to launch runner instances from. Overrides ami\_filter | `string` | `null` | no |
+| <a name="input_ami_kms_key_arn"></a> [ami\_kms\_key\_arn](#input\_ami\_kms\_key\_arn) | Optional CMK Key ARN to be used to launch an instance from a shared encrypted AMI | `string` | `null` | no |
 | <a name="input_ami_owners"></a> [ami\_owners](#input\_ami\_owners) | The list of owners used to select the AMI of action runner instances. | `list(string)` | <pre>[<br>  "amazon"<br>]</pre> | no |
 | <a name="input_aws_partition"></a> [aws\_partition](#input\_aws\_partition) | (optiona) partition in the arn namespace to use if not 'aws' | `string` | `"aws"` | no |
 | <a name="input_aws_region"></a> [aws\_region](#input\_aws\_region) | AWS region. | `string` | n/a | yes |
@@ -534,7 +535,7 @@ We welcome any improvement to the standard module to make the default as secure
 | <a name="input_scale_down_schedule_expression"></a> [scale\_down\_schedule\_expression](#input\_scale\_down\_schedule\_expression) | Scheduler expression to check every x for scale down. | `string` | `"cron(*/5 * * * ? *)"` | no |
 | <a name="input_scale_up_reserved_concurrent_executions"></a> [scale\_up\_reserved\_concurrent\_executions](#input\_scale\_up\_reserved\_concurrent\_executions) | Amount of reserved concurrent executions for the scale-up lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. | `number` | `1` | no |
 | <a name="input_ssm_paths"></a> [ssm\_paths](#input\_ssm\_paths) | The root path used in SSM to store configuration and secreets. | <pre>object({<br>    root       = optional(string, "github-action-runners")<br>    app        = optional(string, "app")<br>    runners    = optional(string, "runners")<br>    use_prefix = optional(bool, true)<br>  })</pre> | `{}` | no |
-| <a name="input_subnet_ids"></a> [subnet\_ids](#input\_subnet\_ids) | List of subnets in which the action runners will be launched. The subnets need to exist in the configured VPC (`vpc_id`), and must reside on different availability zones (see https://github.com/philips-labs/terraform-aws-github-runner/issues/2904) | `list(string)` | n/a | yes |
+| <a name="input_subnet_ids"></a> [subnet\_ids](#input\_subnet\_ids) | List of subnets in which the action runners will be launched, the subnets needs to be subnets in the `vpc_id`. | `list(string)` | n/a | yes |
 | <a name="input_syncer_lambda_s3_key"></a> [syncer\_lambda\_s3\_key](#input\_syncer\_lambda\_s3\_key) | S3 key for syncer lambda function. Required if using S3 bucket to specify lambdas. | `string` | `null` | no |
 | <a name="input_syncer_lambda_s3_object_version"></a> [syncer\_lambda\_s3\_object\_version](#input\_syncer\_lambda\_s3\_object\_version) | S3 object version for syncer lambda function. Useful if S3 versioning is enabled on source bucket. | `string` | `null` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Map of tags that will be added to created resources. By default resources will be tagged with name and environment. | `map(string)` | `{}` | no |

diff --git a/modules/multi-runner/README.md b/modules/multi-runner/README.md
diff --git a/modules/multi-runner/outputs.tf b/modules/multi-runner/outputs.tf
@@ -5,7 +5,11 @@ output "runners" {
     launch_template_version = runner.launch_template.latest_version
     launch_template_ami_id  = runner.launch_template.image_id
     lambda_up               = runner.lambda_scale_up
+    lambda_up_log_group     = runner.lambda_scale_up_log_group
     lambda_down             = runner.lambda_scale_down
+    lambda_down_log_group   = runner.lambda_scale_down_log_group
+    lambda_pool             = runner.lambda_pool
+    lambda_pool_log_group   = runner.lambda_pool_log_group
     role_runner             = runner.role_runner
     role_scale_up           = runner.role_scale_up
     role_scale_down         = runner.role_scale_down
@@ -16,19 +20,21 @@ output "runners" {
 
 output "binaries_syncer" {
   value = [for runner_binary in module.runner_binaries : {
-    lambda      = runner_binary.lambda
-    lambda_role = runner_binary.lambda_role
-    location    = "s3://runner_binary.bucket.id}/runner_binary.bucket.key"
-    bucket      = runner_binary.bucket
+    lambda           = runner_binary.lambda
+    lambda_log_group = runner_binary.lambda_log_group
+    lambda_role      = runner_binary.lambda_role
+    location         = "s3://runner_binary.bucket.id}/runner_binary.bucket.key"
+    bucket           = runner_binary.bucket
   }]
 }
 
 output "webhook" {
   value = {
-    gateway     = module.webhook.gateway
-    lambda      = module.webhook.lambda
-    lambda_role = module.webhook.role
-    endpoint    = "${module.webhook.gateway.api_endpoint}/${module.webhook.endpoint_relative_path}"
+    gateway          = module.webhook.gateway
+    lambda           = module.webhook.lambda
+    lambda_log_group = module.webhook.lambda_log_group
+    lambda_role      = module.webhook.role
+    endpoint         = "${module.webhook.gateway.api_endpoint}/${module.webhook.endpoint_relative_path}"
   }
 }
 

diff --git a/modules/runner-binaries-syncer/README.md b/modules/runner-binaries-syncer/README.md
@@ -122,6 +122,7 @@ No modules.
 |------|-------------|
 | <a name="output_bucket"></a> [bucket](#output\_bucket) | n/a |
 | <a name="output_lambda"></a> [lambda](#output\_lambda) | n/a |
+| <a name="output_lambda_log_group"></a> [lambda\_log\_group](#output\_lambda\_log\_group) | n/a |
 | <a name="output_lambda_role"></a> [lambda\_role](#output\_lambda\_role) | n/a |
 | <a name="output_runner_distribution_object_key"></a> [runner\_distribution\_object\_key](#output\_runner\_distribution\_object\_key) | n/a |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
diff --git a/modules/runner-binaries-syncer/outputs.tf b/modules/runner-binaries-syncer/outputs.tf
@@ -10,6 +10,10 @@ output "lambda" {
   value = aws_lambda_function.syncer
 }
 
+output "lambda_log_group" {
+  value = aws_cloudwatch_log_group.syncer
+}
+
 output "lambda_role" {
   value = aws_iam_role.syncer_lambda
 }