From cbff3d281d4a3f74dca4b3773dd9d0ceb439cf54 Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Thu, 9 Mar 2023 08:03:26 +0100 Subject: [PATCH 1/6] feat: add support to prefix the runner update start scripts fix scripts refactor names and manage fixed tags via terraform --- README.md | 1 + examples/multi-runner/main.tf | 4 ++++ main.tf | 1 + modules/multi-runner/README.md | 2 +- modules/multi-runner/runners.tf | 1 + modules/multi-runner/variables.tf | 2 ++ modules/runners/README.md | 1 + .../runners/lambdas/runners/src/aws/runners.test.ts | 5 +++++ modules/runners/lambdas/runners/src/aws/runners.ts | 2 ++ modules/runners/lambdas/runners/src/pool/pool.ts | 2 ++ .../runners/src/scale-runners/scale-down.test.ts | 4 ++-- .../lambdas/runners/src/scale-runners/scale-down.ts | 2 +- .../lambdas/runners/src/scale-runners/scale-up.test.ts | 5 +++++ .../lambdas/runners/src/scale-runners/scale-up.ts | 3 +++ modules/runners/main.tf | 3 +++ modules/runners/pool.tf | 1 + modules/runners/pool/main.tf | 1 + modules/runners/pool/variables.tf | 5 +++-- modules/runners/scale-up.tf | 1 + modules/runners/templates/start-runner.ps1 | 5 ++++- modules/runners/templates/start-runner.sh | 4 +++- modules/runners/variables.tf | 10 ++++++++++ variables.tf | 10 ++++++++++ 23 files changed, 67 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 7d3e9ceaa3..7096c07fe9 100644 --- a/README.md +++ b/README.md @@ -524,6 +524,7 @@ We welcome any improvement to the standard module to make the default as secure | [runner\_iam\_role\_managed\_policy\_arns](#input\_runner\_iam\_role\_managed\_policy\_arns) | Attach AWS or customer-managed IAM policies (by ARN) to the runner IAM role | `list(string)` | `[]` | no | | [runner\_log\_files](#input\_runner\_log\_files) | (optional) Replaces the module default cloudwatch log config. See https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Agent-Configuration-File-Details.html for details. | 
list(object({
    log_group_name   = string
    prefix_log_group = bool
    file_path        = string
    log_stream_name  = string
  }))
| `null` | no | | [runner\_metadata\_options](#input\_runner\_metadata\_options) | Metadata options for the ec2 runner instances. By default, the module uses metadata tags for bootstrapping the runner, only disable `instance_metadata_tags` when using custom scripts for starting the runner. | `map(any)` | 
{
  "http_endpoint": "enabled",
  "http_put_response_hop_limit": 1,
  "http_tokens": "optional",
  "instance_metadata_tags": "enabled"
}
| no | +| [runner\_name\_prefix](#input\_runner\_name\_prefix) | The prefix used for the GitHub runner name. The prefix will be used in the default start script to prefix the instance name when register the runner in GitHub. The value is availabe via an EC2 tag 'ghr:runner\_name\_prefix'. | `string` | `""` | no | | [runner\_os](#input\_runner\_os) | The EC2 Operating System type to use for action runner instances (linux,windows). | `string` | `"linux"` | no | | [runner\_run\_as](#input\_runner\_run\_as) | Run the GitHub actions agent as user. | `string` | `"ec2-user"` | no | | [runners\_lambda\_s3\_key](#input\_runners\_lambda\_s3\_key) | S3 key for runners lambda function. Required if using S3 bucket to specify lambdas. | `string` | `null` | no | diff --git a/examples/multi-runner/main.tf b/examples/multi-runner/main.tf index 3c591e5cb4..6778692c5e 100644 --- a/examples/multi-runner/main.tf +++ b/examples/multi-runner/main.tf @@ -25,6 +25,7 @@ module "multi-runner" { runner_os = "linux" runner_architecture = "arm64" runner_extra_labels = "amazon" + runner_name_prefix = "amazon-arm64_" enable_ssm_on_runners = true instance_types = ["t4g.large", "c6g.large"] runners_maximum_count = 1 @@ -47,6 +48,7 @@ module "multi-runner" { runner_architecture = "x64" runner_extra_labels = "ubuntu-latest,ubuntu-2204" runner_run_as = "ubuntu" + runner_name_prefix = "ubuntu-2204-x64_" enable_ssm_on_runners = true instance_types = ["m5ad.large", "m5a.large"] runners_maximum_count = 1 @@ -101,6 +103,7 @@ module "multi-runner" { runner_config = { runner_os = "windows" runner_architecture = "x64" + runner_name_prefix = "servercore-2022-x64_" enable_ssm_on_runners = true instance_types = ["m5.large", "c5.large"] runner_extra_labels = "servercore-2022" @@ -129,6 +132,7 @@ module "multi-runner" { } runner_os = "linux" runner_architecture = "x64" + runner_name_prefix = "amazon-x64_" create_service_linked_role_spot = true enable_ssm_on_runners = true instance_types = ["m5ad.large", "m5a.large"] diff --git a/main.tf b/main.tf index 3839f42558..36952aa758 100644 --- a/main.tf +++ b/main.tf @@ -242,6 +242,7 @@ module "runners" { cloudwatch_config = var.cloudwatch_config runner_log_files = var.runner_log_files runner_group_name = var.runner_group_name + runner_name_prefix = var.runner_name_prefix scale_up_reserved_concurrent_executions = var.scale_up_reserved_concurrent_executions diff --git a/modules/multi-runner/README.md b/modules/multi-runner/README.md index b5cdc1335e..f5cf286e5b 100644 --- a/modules/multi-runner/README.md +++ b/modules/multi-runner/README.md @@ -139,7 +139,7 @@ module "multi-runner" { | [log\_type](#input\_log\_type) | Logging format for lambda logging. Valid values are 'json', 'pretty', 'hidden'. | `string` | `"pretty"` | no | | [logging\_kms\_key\_id](#input\_logging\_kms\_key\_id) | Specifies the kms key id to encrypt the logs with | `string` | `null` | no | | [logging\_retention\_in\_days](#input\_logging\_retention\_in\_days) | Specifies the number of days you want to retain log events for the lambda log group. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. | `number` | `7` | no | -| [multi\_runner\_config](#input\_multi\_runner\_config) | multi\_runner\_config = {
runner\_config: {
runner\_os: "The EC2 Operating System type to use for action runner instances (linux,windows)."
runner\_architecture: "The platform architecture of the runner instance\_type."
runner\_metadata\_options: "(Optional) Metadata options for the ec2 runner instances."
ami\_filter: "(Optional) List of maps used to create the AMI filter for the action runner AMI. By default amazon linux 2 is used."
ami\_owners: "(Optional) The list of owners used to select the AMI of action runner instances."
create\_service\_linked\_role\_spot: (Optional) create the serviced linked role for spot instances that is required by the scale-up lambda.
delay\_webhook\_event: "The number of seconds the event accepted by the webhook is invisible on the queue before the scale up lambda will receive the event."
disable\_runner\_autoupdate: "Disable the auto update of the github runner agent. Be-aware there is a grace period of 30 days, see also the [GitHub article](https://github.blog/changelog/2022-02-01-github-actions-self-hosted-runners-can-now-disable-automatic-updates/)"
enable\_ephemeral\_runners: "Enable ephemeral runners, runners will only be used once."
enable\_job\_queued\_check: "Only scale if the job event received by the scale up lambda is is in the state queued. By default enabled for non ephemeral runners and disabled for ephemeral. Set this variable to overwrite the default behavior." = optional(bool, null)
enable\_organization\_runners: "Register runners to organization, instead of repo level"
enable\_runner\_binaries\_syncer: "Option to disable the lambda to sync GitHub runner distribution, useful when using a pre-build AMI."
enable\_ssm\_on\_runners: "Enable to allow access the runner instances for debugging purposes via SSM. Note that this adds additional permissions to the runner instances."
enable\_userdata: "Should the userdata script be enabled for the runner. Set this to false if you are using your own prebuilt AMI."
instance\_allocation\_strategy: "The allocation strategy for spot instances. AWS recommends to use `capacity-optimized` however the AWS default is `lowest-price`."
instance\_max\_spot\_price: "Max price price for spot intances per hour. This variable will be passed to the create fleet as max spot price for the fleet."
instance\_target\_capacity\_type: "Default lifecycle used for runner instances, can be either `spot` or `on-demand`."
instance\_types: "List of instance types for the action runner. Defaults are based on runner\_os (amzn2 for linux and Windows Server Core for win)."
job\_queue\_retention\_in\_seconds: "The number of seconds the job is held in the queue before it is purged"
minimum\_running\_time\_in\_minutes: "The time an ec2 action runner should be running at minimum before terminated if not busy."
pool\_runner\_owner: "The pool will deploy runners to the GitHub org ID, set this value to the org to which you want the runners deployed. Repo level is not supported."
runner\_as\_root: "Run the action runner under the root user. Variable `runner_run_as` will be ignored."
runner\_boot\_time\_in\_minutes: "The minimum time for an EC2 runner to boot and register as a runner."
runner\_extra\_labels: "Extra (custom) labels for the runners (GitHub). Separate each label by a comma. Labels checks on the webhook can be enforced by setting `enable_workflow_job_labels_check`. GitHub read-only labels should not be provided."
runner\_group\_name: "Name of the runner group."
runner\_run\_as: "Run the GitHub actions agent as user."
runners\_maximum\_count: "The maximum number of runners that will be created."
scale\_down\_schedule\_expression: "Scheduler expression to check every x for scale down."
scale\_up\_reserved\_concurrent\_executions: "Amount of reserved concurrent executions for the scale-up lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations."
userdata\_template: "Alternative user-data template, replacing the default template. By providing your own user\_data you have to take care of installing all required software, including the action runner. Variables userdata\_pre/post\_install are ignored."
enable\_runner\_detailed\_monitoring: "Should detailed monitoring be enabled for the runner. Set this to true if you want to use detailed monitoring. See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html for details."
enable\_cloudwatch\_agent: "Enabling the cloudwatch agent on the ec2 runner instances, the runner contains default config. Configuration can be overridden via `cloudwatch_config`."
userdata\_pre\_install: "Script to be ran before the GitHub Actions runner is installed on the EC2 instances"
userdata\_post\_install: "Script to be ran after the GitHub Actions runner is installed on the EC2 instances"
runner\_ec2\_tags: "Map of tags that will be added to the launch template instance tag specifications."
runner\_iam\_role\_managed\_policy\_arns: "Attach AWS or customer-managed IAM policies (by ARN) to the runner IAM role"
idle\_config: "List of time period that can be defined as cron expression to keep a minimum amount of runners active instead of scaling down to 0. By defining this list you can ensure that in time periods that match the cron expression within 5 seconds a runner is kept idle."
runner\_log\_files: "(optional) Replaces the module default cloudwatch log config. See https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Agent-Configuration-File-Details.html for details."
block\_device\_mappings: "The EC2 instance block device configuration. Takes the following keys: `device_name`, `delete_on_termination`, `volume_type`, `volume_size`, `encrypted`, `iops`, `throughput`, `kms_key_id`, `snapshot_id`."
pool\_config: "The configuration for updating the pool. The `pool_size` to adjust to by the events triggered by the `schedule_expression`. For example you can configure a cron expression for week days to adjust the pool to 10 and another expression for the weekend to adjust the pool to 1."
}
matcherConfig: {
labelMatchers: "The list of list of labels supported by the runner configuration. `[[self-hosted, linux, x64, example]]`"
exactMatch: "If set to true all labels in the workflow job must match the GitHub labels (os, architecture and `self-hosted`). When false if __any__ workflow label matches it will trigger the webhook."
}
fifo: "Enable a FIFO queue to remain the order of events received by the webhook. Suggest to set to true for repo level runners."
redrive\_build\_queue: "Set options to attach (optional) a dead letter queue to the build queue, the queue between the webhook and the scale up lambda. You have the following options. 1. Disable by setting `enabled` to false. 2. Enable by setting `enabled` to `true`, `maxReceiveCount` to a number of max retries."
} | 
map(object({
    runner_config = object({
      runner_os           = string
      runner_architecture = string
      runner_metadata_options = optional(map(any), {
        instance_metadata_tags      = "enabled"
        http_endpoint               = "enabled"
        http_tokens                 = "optional"
        http_put_response_hop_limit = 1
      })
      ami_filter                              = optional(map(list(string)), null)
      ami_owners                              = optional(list(string), ["amazon"])
      ami_id_ssm_parameter_name               = optional(string, null)
      ami_kms_key_arn                         = optional(string, "")
      create_service_linked_role_spot         = optional(bool, false)
      delay_webhook_event                     = optional(number, 30)
      disable_runner_autoupdate               = optional(bool, false)
      enable_ephemeral_runners                = optional(bool, false)
      enable_job_queued_check                 = optional(bool, null)
      enable_organization_runners             = optional(bool, false)
      enable_runner_binaries_syncer           = optional(bool, true)
      enable_ssm_on_runners                   = optional(bool, false)
      enable_userdata                         = optional(bool, true)
      instance_allocation_strategy            = optional(string, "lowest-price")
      instance_max_spot_price                 = optional(string, null)
      instance_target_capacity_type           = optional(string, "spot")
      instance_types                          = list(string)
      job_queue_retention_in_seconds          = optional(number, 86400)
      minimum_running_time_in_minutes         = optional(number, null)
      pool_runner_owner                       = optional(string, null)
      runner_as_root                          = optional(bool, false)
      runner_boot_time_in_minutes             = optional(number, 5)
      runner_extra_labels                     = string
      runner_group_name                       = optional(string, "Default")
      runner_run_as                           = optional(string, "ec2-user")
      runners_maximum_count                   = number
      scale_down_schedule_expression          = optional(string, "cron(*/5 * * * ? *)")
      scale_up_reserved_concurrent_executions = optional(number, 1)
      userdata_template                       = optional(string, null)
      enable_runner_detailed_monitoring       = optional(bool, false)
      enable_cloudwatch_agent                 = optional(bool, true)
      userdata_pre_install                    = optional(string, "")
      userdata_post_install                   = optional(string, "")
      runner_ec2_tags                         = optional(map(string), {})
      runner_iam_role_managed_policy_arns     = optional(list(string), [])
      idle_config = optional(list(object({
        cron      = string
        timeZone  = string
        idleCount = number
      })), [])
      runner_log_files = optional(list(object({
        log_group_name   = string
        prefix_log_group = bool
        file_path        = string
        log_stream_name  = string
      })), null)
      block_device_mappings = optional(list(object({
        delete_on_termination = bool
        device_name           = string
        encrypted             = bool
        iops                  = number
        kms_key_id            = string
        snapshot_id           = string
        throughput            = number
        volume_size           = number
        volume_type           = string
        })), [{
        delete_on_termination = true
        device_name           = "/dev/xvda"
        encrypted             = true
        iops                  = null
        kms_key_id            = null
        snapshot_id           = null
        throughput            = null
        volume_size           = 30
        volume_type           = "gp3"
      }])
      pool_config = optional(list(object({
        schedule_expression = string
        size                = number
      })), [])
    })

    matcherConfig = object({
      labelMatchers = list(list(string))
      exactMatch    = optional(bool, false)
    })
    fifo = optional(bool, false)
    redrive_build_queue = optional(object({
      enabled         = bool
      maxReceiveCount = number
      }), {
      enabled         = false
      maxReceiveCount = null
    })
  }))
| n/a | yes | +| [multi\_runner\_config](#input\_multi\_runner\_config) | multi\_runner\_config = {
runner\_config: {
runner\_os: "The EC2 Operating System type to use for action runner instances (linux,windows)."
runner\_architecture: "The platform architecture of the runner instance\_type."
runner\_metadata\_options: "(Optional) Metadata options for the ec2 runner instances."
ami\_filter: "(Optional) List of maps used to create the AMI filter for the action runner AMI. By default amazon linux 2 is used."
ami\_owners: "(Optional) The list of owners used to select the AMI of action runner instances."
create\_service\_linked\_role\_spot: (Optional) create the serviced linked role for spot instances that is required by the scale-up lambda.
delay\_webhook\_event: "The number of seconds the event accepted by the webhook is invisible on the queue before the scale up lambda will receive the event."
disable\_runner\_autoupdate: "Disable the auto update of the github runner agent. Be-aware there is a grace period of 30 days, see also the [GitHub article](https://github.blog/changelog/2022-02-01-github-actions-self-hosted-runners-can-now-disable-automatic-updates/)"
enable\_ephemeral\_runners: "Enable ephemeral runners, runners will only be used once."
enable\_job\_queued\_check: "Only scale if the job event received by the scale up lambda is is in the state queued. By default enabled for non ephemeral runners and disabled for ephemeral. Set this variable to overwrite the default behavior." = optional(bool, null)
enable\_organization\_runners: "Register runners to organization, instead of repo level"
enable\_runner\_binaries\_syncer: "Option to disable the lambda to sync GitHub runner distribution, useful when using a pre-build AMI."
enable\_ssm\_on\_runners: "Enable to allow access the runner instances for debugging purposes via SSM. Note that this adds additional permissions to the runner instances."
enable\_userdata: "Should the userdata script be enabled for the runner. Set this to false if you are using your own prebuilt AMI."
instance\_allocation\_strategy: "The allocation strategy for spot instances. AWS recommends to use `capacity-optimized` however the AWS default is `lowest-price`."
instance\_max\_spot\_price: "Max price price for spot intances per hour. This variable will be passed to the create fleet as max spot price for the fleet."
instance\_target\_capacity\_type: "Default lifecycle used for runner instances, can be either `spot` or `on-demand`."
instance\_types: "List of instance types for the action runner. Defaults are based on runner\_os (amzn2 for linux and Windows Server Core for win)."
job\_queue\_retention\_in\_seconds: "The number of seconds the job is held in the queue before it is purged"
minimum\_running\_time\_in\_minutes: "The time an ec2 action runner should be running at minimum before terminated if not busy."
pool\_runner\_owner: "The pool will deploy runners to the GitHub org ID, set this value to the org to which you want the runners deployed. Repo level is not supported."
runner\_as\_root: "Run the action runner under the root user. Variable `runner_run_as` will be ignored."
runner\_boot\_time\_in\_minutes: "The minimum time for an EC2 runner to boot and register as a runner."
runner\_extra\_labels: "Extra (custom) labels for the runners (GitHub). Separate each label by a comma. Labels checks on the webhook can be enforced by setting `enable_workflow_job_labels_check`. GitHub read-only labels should not be provided."
runner\_group\_name: "Name of the runner group."
runner\_name\_prefix: "Prefix for the GitHub runner name."
runner\_run\_as: "Run the GitHub actions agent as user."
runners\_maximum\_count: "The maximum number of runners that will be created."
scale\_down\_schedule\_expression: "Scheduler expression to check every x for scale down."
scale\_up\_reserved\_concurrent\_executions: "Amount of reserved concurrent executions for the scale-up lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations."
userdata\_template: "Alternative user-data template, replacing the default template. By providing your own user\_data you have to take care of installing all required software, including the action runner. Variables userdata\_pre/post\_install are ignored."
enable\_runner\_detailed\_monitoring: "Should detailed monitoring be enabled for the runner. Set this to true if you want to use detailed monitoring. See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html for details."
enable\_cloudwatch\_agent: "Enabling the cloudwatch agent on the ec2 runner instances, the runner contains default config. Configuration can be overridden via `cloudwatch_config`."
userdata\_pre\_install: "Script to be ran before the GitHub Actions runner is installed on the EC2 instances"
userdata\_post\_install: "Script to be ran after the GitHub Actions runner is installed on the EC2 instances"
runner\_ec2\_tags: "Map of tags that will be added to the launch template instance tag specifications."
runner\_iam\_role\_managed\_policy\_arns: "Attach AWS or customer-managed IAM policies (by ARN) to the runner IAM role"
idle\_config: "List of time period that can be defined as cron expression to keep a minimum amount of runners active instead of scaling down to 0. By defining this list you can ensure that in time periods that match the cron expression within 5 seconds a runner is kept idle."
runner\_log\_files: "(optional) Replaces the module default cloudwatch log config. See https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Agent-Configuration-File-Details.html for details."
block\_device\_mappings: "The EC2 instance block device configuration. Takes the following keys: `device_name`, `delete_on_termination`, `volume_type`, `volume_size`, `encrypted`, `iops`, `throughput`, `kms_key_id`, `snapshot_id`."
pool\_config: "The configuration for updating the pool. The `pool_size` to adjust to by the events triggered by the `schedule_expression`. For example you can configure a cron expression for week days to adjust the pool to 10 and another expression for the weekend to adjust the pool to 1."
}
matcherConfig: {
labelMatchers: "The list of list of labels supported by the runner configuration. `[[self-hosted, linux, x64, example]]`"
exactMatch: "If set to true all labels in the workflow job must match the GitHub labels (os, architecture and `self-hosted`). When false if __any__ workflow label matches it will trigger the webhook."
}
fifo: "Enable a FIFO queue to remain the order of events received by the webhook. Suggest to set to true for repo level runners."
redrive\_build\_queue: "Set options to attach (optional) a dead letter queue to the build queue, the queue between the webhook and the scale up lambda. You have the following options. 1. Disable by setting `enabled` to false. 2. Enable by setting `enabled` to `true`, `maxReceiveCount` to a number of max retries."
} | 
map(object({
    runner_config = object({
      runner_os           = string
      runner_architecture = string
      runner_metadata_options = optional(map(any), {
        instance_metadata_tags      = "enabled"
        http_endpoint               = "enabled"
        http_tokens                 = "optional"
        http_put_response_hop_limit = 1
      })
      ami_filter                              = optional(map(list(string)), null)
      ami_owners                              = optional(list(string), ["amazon"])
      ami_id_ssm_parameter_name               = optional(string, null)
      ami_kms_key_arn                         = optional(string, "")
      create_service_linked_role_spot         = optional(bool, false)
      delay_webhook_event                     = optional(number, 30)
      disable_runner_autoupdate               = optional(bool, false)
      enable_ephemeral_runners                = optional(bool, false)
      enable_job_queued_check                 = optional(bool, null)
      enable_organization_runners             = optional(bool, false)
      enable_runner_binaries_syncer           = optional(bool, true)
      enable_ssm_on_runners                   = optional(bool, false)
      enable_userdata                         = optional(bool, true)
      instance_allocation_strategy            = optional(string, "lowest-price")
      instance_max_spot_price                 = optional(string, null)
      instance_target_capacity_type           = optional(string, "spot")
      instance_types                          = list(string)
      job_queue_retention_in_seconds          = optional(number, 86400)
      minimum_running_time_in_minutes         = optional(number, null)
      pool_runner_owner                       = optional(string, null)
      runner_as_root                          = optional(bool, false)
      runner_boot_time_in_minutes             = optional(number, 5)
      runner_extra_labels                     = string
      runner_group_name                       = optional(string, "Default")
      runner_name_prefix                      = optional(string, "")
      runner_run_as                           = optional(string, "ec2-user")
      runners_maximum_count                   = number
      scale_down_schedule_expression          = optional(string, "cron(*/5 * * * ? *)")
      scale_up_reserved_concurrent_executions = optional(number, 1)
      userdata_template                       = optional(string, null)
      enable_runner_detailed_monitoring       = optional(bool, false)
      enable_cloudwatch_agent                 = optional(bool, true)
      userdata_pre_install                    = optional(string, "")
      userdata_post_install                   = optional(string, "")
      runner_ec2_tags                         = optional(map(string), {})
      runner_iam_role_managed_policy_arns     = optional(list(string), [])
      idle_config = optional(list(object({
        cron      = string
        timeZone  = string
        idleCount = number
      })), [])
      runner_log_files = optional(list(object({
        log_group_name   = string
        prefix_log_group = bool
        file_path        = string
        log_stream_name  = string
      })), null)
      block_device_mappings = optional(list(object({
        delete_on_termination = bool
        device_name           = string
        encrypted             = bool
        iops                  = number
        kms_key_id            = string
        snapshot_id           = string
        throughput            = number
        volume_size           = number
        volume_type           = string
        })), [{
        delete_on_termination = true
        device_name           = "/dev/xvda"
        encrypted             = true
        iops                  = null
        kms_key_id            = null
        snapshot_id           = null
        throughput            = null
        volume_size           = 30
        volume_type           = "gp3"
      }])
      pool_config = optional(list(object({
        schedule_expression = string
        size                = number
      })), [])
    })

    matcherConfig = object({
      labelMatchers = list(list(string))
      exactMatch    = optional(bool, false)
    })
    fifo = optional(bool, false)
    redrive_build_queue = optional(object({
      enabled         = bool
      maxReceiveCount = number
      }), {
      enabled         = false
      maxReceiveCount = null
    })
  }))
| n/a | yes | | [pool\_lambda\_reserved\_concurrent\_executions](#input\_pool\_lambda\_reserved\_concurrent\_executions) | Amount of reserved concurrent executions for the scale-up lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. | `number` | `1` | no | | [pool\_lambda\_timeout](#input\_pool\_lambda\_timeout) | Time out for the pool lambda in seconds. | `number` | `60` | no | | [prefix](#input\_prefix) | The prefix used for naming resources | `string` | `"github-actions"` | no | diff --git a/modules/multi-runner/runners.tf b/modules/multi-runner/runners.tf index 19f6e13b9a..d2fff91f1a 100644 --- a/modules/multi-runner/runners.tf +++ b/modules/multi-runner/runners.tf @@ -69,6 +69,7 @@ module "runners" { cloudwatch_config = var.cloudwatch_config runner_log_files = each.value.runner_config.runner_log_files runner_group_name = each.value.runner_config.runner_group_name + runner_name_prefix = each.value.runner_config.runner_name_prefix scale_up_reserved_concurrent_executions = each.value.runner_config.scale_up_reserved_concurrent_executions diff --git a/modules/multi-runner/variables.tf b/modules/multi-runner/variables.tf index 596345a3f7..14973f9d0c 100644 --- a/modules/multi-runner/variables.tf +++ b/modules/multi-runner/variables.tf @@ -60,6 +60,7 @@ variable "multi_runner_config" { runner_boot_time_in_minutes = optional(number, 5) runner_extra_labels = string runner_group_name = optional(string, "Default") + runner_name_prefix = optional(string, "") runner_run_as = optional(string, "ec2-user") runners_maximum_count = number scale_down_schedule_expression = optional(string, "cron(*/5 * * * ? *)") @@ -150,6 +151,7 @@ variable "multi_runner_config" { runner_boot_time_in_minutes: "The minimum time for an EC2 runner to boot and register as a runner." runner_extra_labels: "Extra (custom) labels for the runners (GitHub). Separate each label by a comma. Labels checks on the webhook can be enforced by setting `enable_workflow_job_labels_check`. GitHub read-only labels should not be provided." runner_group_name: "Name of the runner group." + runner_name_prefix: "Prefix for the GitHub runner name." runner_run_as: "Run the GitHub actions agent as user." runners_maximum_count: "The maximum number of runners that will be created." scale_down_schedule_expression: "Scheduler expression to check every x for scale down." diff --git a/modules/runners/README.md b/modules/runners/README.md index 9751fb88fc..e975a95ba1 100644 --- a/modules/runners/README.md +++ b/modules/runners/README.md @@ -185,6 +185,7 @@ yarn run dist | [runner\_group\_name](#input\_runner\_group\_name) | Name of the runner group. | `string` | `"Default"` | no | | [runner\_iam\_role\_managed\_policy\_arns](#input\_runner\_iam\_role\_managed\_policy\_arns) | Attach AWS or customer-managed IAM policies (by ARN) to the runner IAM role | `list(string)` | `[]` | no | | [runner\_log\_files](#input\_runner\_log\_files) | (optional) List of logfiles to send to CloudWatch, will only be used if `enable_cloudwatch_agent` is set to true. Object description: `log_group_name`: Name of the log group, `prefix_log_group`: If true, the log group name will be prefixed with `/github-self-hosted-runners/`, `file_path`: path to the log file, `log_stream_name`: name of the log stream. | 
list(object({
    log_group_name   = string
    prefix_log_group = bool
    file_path        = string
    log_stream_name  = string
  }))
| `null` | no | +| [runner\_name\_prefix](#input\_runner\_name\_prefix) | The prefix used for the GitHub runner name. The prefix will be used in the default start script to prefix the instance name when register the runner in GitHub. The value is availabe via an EC2 tag 'ghr:runner\_name\_prefix'. | `string` | `""` | no | | [runner\_os](#input\_runner\_os) | The EC2 Operating System type to use for action runner instances (linux,windows). | `string` | `"linux"` | no | | [runner\_run\_as](#input\_runner\_run\_as) | Run the GitHub actions agent as user. | `string` | `"ec2-user"` | no | | [runners\_lambda\_s3\_key](#input\_runners\_lambda\_s3\_key) | S3 key for runners lambda function. Required if using S3 bucket to specify lambdas. | `string` | `null` | no | diff --git a/modules/runners/lambdas/runners/src/aws/runners.test.ts b/modules/runners/lambdas/runners/src/aws/runners.test.ts index e4a124c79a..895ac24bff 100644 --- a/modules/runners/lambdas/runners/src/aws/runners.test.ts +++ b/modules/runners/lambdas/runners/src/aws/runners.test.ts @@ -16,6 +16,7 @@ const ORG_NAME = 'SomeAwesomeCoder'; const REPO_NAME = `${ORG_NAME}/some-amazing-library`; const ENVIRONMENT = 'unit-test-environment'; const SSM_TOKEN_PATH = '/github-action-runners/default/runners/tokens'; +const RUNNER_NAME_PREFIX = ''; const mockDescribeInstances = { promise: jest.fn() }; mockEC2.describeInstances.mockImplementation(() => mockDescribeInstances); @@ -28,6 +29,8 @@ const mockRunningInstances: AWS.EC2.DescribeInstancesResult = { InstanceId: 'i-1234', Tags: [ { Key: 'ghr:Application', Value: 'github-action-runner' }, + { Key: 'ghr:runner_name_prefix', Value: RUNNER_NAME_PREFIX }, + { Key: 'ghr:created_by', Value: 'scale-up-lambda' }, { Key: 'Type', Value: 'Org' }, { Key: 'Owner', Value: 'CoderToCat' }, ], @@ -474,6 +477,7 @@ function createRunnerConfig(runnerConfig: RunnerConfig): RunnerInputParameters { }, subnets: ['subnet-123', 'subnet-456'], amiIdSsmParameterName: runnerConfig.amiIdSsmParameterName, + runnerNamePrefix: RUNNER_NAME_PREFIX, }; } @@ -523,6 +527,7 @@ function expectedCreateFleetRequest(expectedValues: ExpectedFleetRequestValues): ResourceType: 'instance', Tags: [ { Key: 'ghr:Application', Value: 'github-action-runner' }, + { Key: 'ghr:created_by', Value: expectedValues.totalTargetCapacity > 1 ? 'pool-lambda' : 'scale-up-lambda' }, { Key: 'Type', Value: expectedValues.type }, { Key: 'Owner', Value: REPO_NAME }, ], diff --git a/modules/runners/lambdas/runners/src/aws/runners.ts b/modules/runners/lambdas/runners/src/aws/runners.ts index 0cc5dddb54..bb6240aa6b 100644 --- a/modules/runners/lambdas/runners/src/aws/runners.ts +++ b/modules/runners/lambdas/runners/src/aws/runners.ts @@ -44,6 +44,7 @@ export interface RunnerInputParameters { instanceAllocationStrategy: EC2.SpotAllocationStrategy; }; numberOfRunners?: number; + runnerNamePrefix: string; amiIdSsmParameterName?: string; } @@ -214,6 +215,7 @@ export async function createRunner(runnerParameters: RunnerInputParameters): Pro ResourceType: 'instance', Tags: [ { Key: 'ghr:Application', Value: 'github-action-runner' }, + { Key: 'ghr:created_by', Value: numberOfRunners === 1 ? 'scale-up-lambda' : 'pool-lambda' }, { Key: 'Type', Value: runnerParameters.runnerType }, { Key: 'Owner', Value: runnerParameters.runnerOwner }, ], diff --git a/modules/runners/lambdas/runners/src/pool/pool.ts b/modules/runners/lambdas/runners/src/pool/pool.ts index 0d07b6001b..c362924c88 100644 --- a/modules/runners/lambdas/runners/src/pool/pool.ts +++ b/modules/runners/lambdas/runners/src/pool/pool.ts @@ -33,6 +33,7 @@ export async function adjust(event: PoolEvent): Promise { const instanceAllocationStrategy = process.env.INSTANCE_ALLOCATION_STRATEGY || 'lowest-price'; // same as AWS default const runnerOwner = process.env.RUNNER_OWNER; const amiIdSsmParameterName = process.env.AMI_ID_SSM_PARAMETER_NAME; + const runnerNamePrefix = process.env.RUNNER_NAME_PREFIX || ''; let ghesApiUrl = ''; if (ghesBaseUrl) { @@ -111,6 +112,7 @@ export async function adjust(event: PoolEvent): Promise { subnets, numberOfRunners: topUp, amiIdSsmParameterName, + runnerNamePrefix, }, githubInstallationClient, ); diff --git a/modules/runners/lambdas/runners/src/scale-runners/scale-down.test.ts b/modules/runners/lambdas/runners/src/scale-runners/scale-down.test.ts index 9e123401df..9caea3f849 100644 --- a/modules/runners/lambdas/runners/src/scale-runners/scale-down.test.ts +++ b/modules/runners/lambdas/runners/src/scale-runners/scale-down.test.ts @@ -184,11 +184,11 @@ const DEFAULT_RUNNERS_ORIGINAL = [ const DEFAULT_REGISTERED_RUNNERS = [ { id: 101, - name: 'i-idle-101', + name: 'my-runner-i-idle-101', }, { id: 102, - name: 'i-idle-102', + name: 'my-runner-i-idle-102', }, { id: 103, diff --git a/modules/runners/lambdas/runners/src/scale-runners/scale-down.ts b/modules/runners/lambdas/runners/src/scale-runners/scale-down.ts index 6657f9d859..2a9d060982 100644 --- a/modules/runners/lambdas/runners/src/scale-runners/scale-down.ts +++ b/modules/runners/lambdas/runners/src/scale-runners/scale-down.ts @@ -165,7 +165,7 @@ async function evaluateAndRemoveRunners( for (const ec2Runner of ec2RunnersFiltered) { const ghRunners = await listGitHubRunners(ec2Runner); const ghRunnersFiltered = ghRunners.filter((runner: { name: string }) => - runner.name.startsWith(ec2Runner.instanceId), + runner.name.endsWith(ec2Runner.instanceId), ); if (ghRunnersFiltered.length) { if (runnerMinimumTimeExceeded(ec2Runner)) { diff --git a/modules/runners/lambdas/runners/src/scale-runners/scale-up.test.ts b/modules/runners/lambdas/runners/src/scale-runners/scale-up.test.ts index eca7bd350d..e5a8d9d2ac 100644 --- a/modules/runners/lambdas/runners/src/scale-runners/scale-up.test.ts +++ b/modules/runners/lambdas/runners/src/scale-runners/scale-up.test.ts @@ -64,6 +64,7 @@ const EXPECTED_RUNNER_PARAMS: RunnerInputParameters = { }, ssmTokenPath: '/github-action-runners/default/runners/config', subnets: ['subnet-123'], + runnerNamePrefix: 'unit-test', }; let expectedRunnerParams: RunnerInputParameters; @@ -175,6 +176,7 @@ describe('scaleUp with GHES', () => { describe('on org level', () => { beforeEach(() => { process.env.ENABLE_ORGANIZATION_RUNNERS = 'true'; + process.env.RUNNER_NAME_PREFIX = 'unit-test'; expectedRunnerParams = { ...EXPECTED_RUNNER_PARAMS }; }); @@ -251,6 +253,7 @@ describe('scaleUp with GHES', () => { describe('on repo level', () => { beforeEach(() => { process.env.ENABLE_ORGANIZATION_RUNNERS = 'false'; + process.env.RUNNER_NAME_PREFIX = 'unit-test'; expectedRunnerParams = { ...EXPECTED_RUNNER_PARAMS }; expectedRunnerParams.runnerType = 'Repo'; expectedRunnerParams.runnerOwner = `${TEST_DATA.repositoryOwner}/${TEST_DATA.repositoryName}`; @@ -402,6 +405,7 @@ describe('scaleUp with public GH', () => { describe('on org level', () => { beforeEach(() => { process.env.ENABLE_ORGANIZATION_RUNNERS = 'true'; + process.env.RUNNER_NAME_PREFIX = 'unit-test'; expectedRunnerParams = { ...EXPECTED_RUNNER_PARAMS }; expectedRunnerParams.runnerServiceConfig = [ `--url https://github.com/${TEST_DATA.repositoryOwner}`, @@ -454,6 +458,7 @@ describe('scaleUp with public GH', () => { describe('on repo level', () => { beforeEach(() => { process.env.ENABLE_ORGANIZATION_RUNNERS = 'false'; + process.env.RUNNER_NAME_PREFIX = 'unit-test'; expectedRunnerParams = { ...EXPECTED_RUNNER_PARAMS }; expectedRunnerParams.runnerType = 'Repo'; expectedRunnerParams.runnerOwner = `${TEST_DATA.repositoryOwner}/${TEST_DATA.repositoryName}`; diff --git a/modules/runners/lambdas/runners/src/scale-runners/scale-up.ts b/modules/runners/lambdas/runners/src/scale-runners/scale-up.ts index 9dc7809f6a..1f10bf742f 100644 --- a/modules/runners/lambdas/runners/src/scale-runners/scale-up.ts +++ b/modules/runners/lambdas/runners/src/scale-runners/scale-up.ts @@ -34,6 +34,7 @@ interface CreateEC2RunnerConfig { ec2instanceCriteria: RunnerInputParameters['ec2instanceCriteria']; numberOfRunners?: number; amiIdSsmParameterName?: string; + runnerNamePrefix: string; } function generateRunnerServiceConfig(githubRunnerConfig: CreateGitHubRunnerConfig, token: string) { @@ -156,6 +157,7 @@ export async function scaleUp(eventSource: string, payload: ActionRequestMessage const instanceAllocationStrategy = process.env.INSTANCE_ALLOCATION_STRATEGY || 'lowest-price'; // same as AWS default const enableJobQueuedCheck = yn(process.env.ENABLE_JOB_QUEUED_CHECK, { default: true }); const amiIdSsmParameterName = process.env.AMI_ID_SSM_PARAMETER_NAME; + const runnerNamePrefix = process.env.RUNNER_NAME_PREFIX || ''; if (ephemeralEnabled && payload.eventType !== 'workflow_job') { logger.warn( @@ -221,6 +223,7 @@ export async function scaleUp(eventSource: string, payload: ActionRequestMessage ssmTokenPath, subnets, amiIdSsmParameterName, + runnerNamePrefix, }, githubInstallationClient, ); diff --git a/modules/runners/main.tf b/modules/runners/main.tf index fe53a43199..d286a45969 100644 --- a/modules/runners/main.tf +++ b/modules/runners/main.tf @@ -6,6 +6,9 @@ locals { { "ghr:ssm_config_path" = "${var.ssm_paths.root}/${var.ssm_paths.config}" }, + { + "ghr:runner_name_prefix" = var.runner_name_prefix + }, var.tags, ) diff --git a/modules/runners/pool.tf b/modules/runners/pool.tf index 03fd9f71f6..2052be0165 100644 --- a/modules/runners/pool.tf +++ b/modules/runners/pool.tf @@ -42,6 +42,7 @@ module "pool" { extra_labels = var.runner_extra_labels launch_template = aws_launch_template.runner group_name = var.runner_group_name + name_prefix = var.runner_name_prefix pool_owner = var.pool_runner_owner role = aws_iam_role.runner } diff --git a/modules/runners/pool/main.tf b/modules/runners/pool/main.tf index cc60568083..a621fa7077 100644 --- a/modules/runners/pool/main.tf +++ b/modules/runners/pool/main.tf @@ -34,6 +34,7 @@ resource "aws_lambda_function" "pool" { RUNNER_BOOT_TIME_IN_MINUTES = var.config.runner.boot_time_in_minutes RUNNER_EXTRA_LABELS = var.config.runner.extra_labels RUNNER_GROUP_NAME = var.config.runner.group_name + RUNNER_NAME_PREFIX = var.config.runner.name_prefix RUNNER_OWNER = var.config.runner.pool_owner SSM_TOKEN_PATH = var.config.ssm_token_path SUBNET_IDS = join(",", var.config.subnet_ids) diff --git a/modules/runners/pool/variables.tf b/modules/runners/pool/variables.tf index b4e156743c..6acffbc9aa 100644 --- a/modules/runners/pool/variables.tf +++ b/modules/runners/pool/variables.tf @@ -34,8 +34,9 @@ variable "config" { launch_template = object({ name = string }) - group_name = string - pool_owner = string + group_name = string + name_prefix = string + pool_owner = string role = object({ arn = string }) diff --git a/modules/runners/scale-up.tf b/modules/runners/scale-up.tf index a3cc0f9e91..221bc4fee0 100644 --- a/modules/runners/scale-up.tf +++ b/modules/runners/scale-up.tf @@ -34,6 +34,7 @@ resource "aws_lambda_function" "scale_up" { PARAMETER_GITHUB_APP_KEY_BASE64_NAME = var.github_app_parameters.key_base64.name RUNNER_EXTRA_LABELS = lower(var.runner_extra_labels) RUNNER_GROUP_NAME = var.runner_group_name + RUNNER_NAME_PREFIX = var.runner_name_prefix RUNNERS_MAXIMUM_COUNT = var.runners_maximum_count SSM_TOKEN_PATH = "${var.ssm_paths.root}/${var.ssm_paths.tokens}" SUBNET_IDS = join(",", var.subnet_ids) diff --git a/modules/runners/templates/start-runner.ps1 b/modules/runners/templates/start-runner.ps1 index be7421c05e..85e9957fef 100644 --- a/modules/runners/templates/start-runner.ps1 +++ b/modules/runners/templates/start-runner.ps1 @@ -20,6 +20,9 @@ Write-Host "Retrieved tags from AWS API" $environment=$tags.Tags.where( {$_.Key -eq 'ghr:environment'}).value Write-Host "Reteieved ghr:environment tag - ($environment)" +$runner_name_prefix=$tags.Tags.where( {$_.Key -eq 'ghr:runner_name_prefix'}).value +Write-Host "Reteieved ghr:runner_name_prefix tag - ($runner_name_prefix)" + $ssm_config_path=$tags.Tags.where( {$_.Key -eq 'ghr:ssm_config_path'}).value Write-Host "Retrieved ghr:ssm_config_path tag - ($ssm_config_path)" @@ -91,7 +94,7 @@ foreach ($group in @("Administrators", "docker-users")) { Set-ItemProperty HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System -Name ConsentPromptBehaviorAdmin -Value 0 -Force Write-Host "Disabled User Access Control (UAC)" -$configCmd = ".\config.cmd --unattended --name $InstanceId --work `"_work`" $config" +$configCmd = ".\config.cmd --unattended --name $runner_name_prefix$InstanceId --work `"_work`" $config" Write-Host "Configure GH Runner as user $run_as" Invoke-Expression $configCmd diff --git a/modules/runners/templates/start-runner.sh b/modules/runners/templates/start-runner.sh index b93aadbc42..2e35a3c5c5 100644 --- a/modules/runners/templates/start-runner.sh +++ b/modules/runners/templates/start-runner.sh @@ -27,6 +27,8 @@ ssm_config_path=$(echo "$tags" | jq -r '.Tags[] | select(.Key == "ghr:ssm_confi echo "Retrieved ghr:environment tag - ($environment)" echo "Retrieved ghr:ssm_config_path tag - ($ssm_config_path)" +runner_name_prefix=$(curl -f -H "X-aws-ec2-metadata-token: $token" -v http://169.254.169.254/latest/meta-data/tags/instance/ghr:runner_name_prefix) || true +echo "Retrieved ghr:runner_name_prefix tag - ($runner_name_prefix)" parameters=$(aws ssm get-parameters-by-path --path "$ssm_config_path" --region "$region" --query "Parameters[*].{Name:Name,Value:Value}") echo "Retrieved parameters from AWS SSM ($parameters)" @@ -74,7 +76,7 @@ fi chown -R $run_as . echo "Configure GH Runner as user $run_as" -sudo --preserve-env=RUNNER_ALLOW_RUNASROOT -u "$run_as" -- ./config.sh --unattended --name "$instance_id" --work "_work" $${config} +sudo --preserve-env=RUNNER_ALLOW_RUNASROOT -u "$run_as" -- ./config.sh --unattended --name "$runner_name_prefix$instance_id" --work "_work" $${config} info_arch=$(uname -p) info_os=$(( lsb_release -ds || cat /etc/*release || uname -om ) 2>/dev/null | head -n1 | cut -d "=" -f2- | tr -d '"') diff --git a/modules/runners/variables.tf b/modules/runners/variables.tf index 254486b622..9a30ba6290 100644 --- a/modules/runners/variables.tf +++ b/modules/runners/variables.tf @@ -582,3 +582,13 @@ variable "ssm_paths" { config = string }) } + +variable "runner_name_prefix" { + description = "The prefix used for the GitHub runner name. The prefix will be used in the default start script to prefix the instance name when register the runner in GitHub. The value is availabe via an EC2 tag 'ghr:runner_name_prefix'." + type = string + default = "" + validation { + condition = length(var.runner_name_prefix) <= 45 + error_message = "The prefix used for the GitHub runner name must be less than 32 characters. AWS instances id are 17 chars, https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/resource-ids.html" + } +} diff --git a/variables.tf b/variables.tf index 88aabb7c77..8b876d712e 100644 --- a/variables.tf +++ b/variables.tf @@ -753,3 +753,13 @@ variable "ssm_paths" { }) default = {} } + +variable "runner_name_prefix" { + description = "The prefix used for the GitHub runner name. The prefix will be used in the default start script to prefix the instance name when register the runner in GitHub. The value is availabe via an EC2 tag 'ghr:runner_name_prefix'." + type = string + default = "" + validation { + condition = length(var.runner_name_prefix) <= 45 + error_message = "The prefix used for the GitHub runner name must be less than 32 characters. AWS instances id are 17 chars, https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/resource-ids.html" + } +} From f17ee22d3170347435a297762729b8c23f53f15d Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Mon, 13 Mar 2023 12:51:41 +0100 Subject: [PATCH 2/6] sync with main, and clenup --- examples/default/main.tf | 3 +++ modules/runners/lambdas/runners/src/aws/runners.test.ts | 1 - modules/runners/lambdas/runners/src/aws/runners.ts | 1 - modules/runners/lambdas/runners/src/pool/pool.ts | 2 -- .../lambdas/runners/src/scale-runners/scale-up.test.ts | 1 - modules/runners/lambdas/runners/src/scale-runners/scale-up.ts | 3 --- modules/runners/templates/start-runner.sh | 4 +++- 7 files changed, 6 insertions(+), 9 deletions(-) diff --git a/examples/default/main.tf b/examples/default/main.tf index de89b063d0..faef591d4a 100644 --- a/examples/default/main.tf +++ b/examples/default/main.tf @@ -87,4 +87,7 @@ module "runners" { # enable_workflow_job_events_queue = true enable_user_data_debug_logging_runner = true + + # prefix GitHub runners with the environment name + runner_name_prefix = local.environment } diff --git a/modules/runners/lambdas/runners/src/aws/runners.test.ts b/modules/runners/lambdas/runners/src/aws/runners.test.ts index 895ac24bff..fd234789e6 100644 --- a/modules/runners/lambdas/runners/src/aws/runners.test.ts +++ b/modules/runners/lambdas/runners/src/aws/runners.test.ts @@ -477,7 +477,6 @@ function createRunnerConfig(runnerConfig: RunnerConfig): RunnerInputParameters { }, subnets: ['subnet-123', 'subnet-456'], amiIdSsmParameterName: runnerConfig.amiIdSsmParameterName, - runnerNamePrefix: RUNNER_NAME_PREFIX, }; } diff --git a/modules/runners/lambdas/runners/src/aws/runners.ts b/modules/runners/lambdas/runners/src/aws/runners.ts index bb6240aa6b..32902ff978 100644 --- a/modules/runners/lambdas/runners/src/aws/runners.ts +++ b/modules/runners/lambdas/runners/src/aws/runners.ts @@ -44,7 +44,6 @@ export interface RunnerInputParameters { instanceAllocationStrategy: EC2.SpotAllocationStrategy; }; numberOfRunners?: number; - runnerNamePrefix: string; amiIdSsmParameterName?: string; } diff --git a/modules/runners/lambdas/runners/src/pool/pool.ts b/modules/runners/lambdas/runners/src/pool/pool.ts index c362924c88..0d07b6001b 100644 --- a/modules/runners/lambdas/runners/src/pool/pool.ts +++ b/modules/runners/lambdas/runners/src/pool/pool.ts @@ -33,7 +33,6 @@ export async function adjust(event: PoolEvent): Promise { const instanceAllocationStrategy = process.env.INSTANCE_ALLOCATION_STRATEGY || 'lowest-price'; // same as AWS default const runnerOwner = process.env.RUNNER_OWNER; const amiIdSsmParameterName = process.env.AMI_ID_SSM_PARAMETER_NAME; - const runnerNamePrefix = process.env.RUNNER_NAME_PREFIX || ''; let ghesApiUrl = ''; if (ghesBaseUrl) { @@ -112,7 +111,6 @@ export async function adjust(event: PoolEvent): Promise { subnets, numberOfRunners: topUp, amiIdSsmParameterName, - runnerNamePrefix, }, githubInstallationClient, ); diff --git a/modules/runners/lambdas/runners/src/scale-runners/scale-up.test.ts b/modules/runners/lambdas/runners/src/scale-runners/scale-up.test.ts index e5a8d9d2ac..73c3eed508 100644 --- a/modules/runners/lambdas/runners/src/scale-runners/scale-up.test.ts +++ b/modules/runners/lambdas/runners/src/scale-runners/scale-up.test.ts @@ -64,7 +64,6 @@ const EXPECTED_RUNNER_PARAMS: RunnerInputParameters = { }, ssmTokenPath: '/github-action-runners/default/runners/config', subnets: ['subnet-123'], - runnerNamePrefix: 'unit-test', }; let expectedRunnerParams: RunnerInputParameters; diff --git a/modules/runners/lambdas/runners/src/scale-runners/scale-up.ts b/modules/runners/lambdas/runners/src/scale-runners/scale-up.ts index 1f10bf742f..9dc7809f6a 100644 --- a/modules/runners/lambdas/runners/src/scale-runners/scale-up.ts +++ b/modules/runners/lambdas/runners/src/scale-runners/scale-up.ts @@ -34,7 +34,6 @@ interface CreateEC2RunnerConfig { ec2instanceCriteria: RunnerInputParameters['ec2instanceCriteria']; numberOfRunners?: number; amiIdSsmParameterName?: string; - runnerNamePrefix: string; } function generateRunnerServiceConfig(githubRunnerConfig: CreateGitHubRunnerConfig, token: string) { @@ -157,7 +156,6 @@ export async function scaleUp(eventSource: string, payload: ActionRequestMessage const instanceAllocationStrategy = process.env.INSTANCE_ALLOCATION_STRATEGY || 'lowest-price'; // same as AWS default const enableJobQueuedCheck = yn(process.env.ENABLE_JOB_QUEUED_CHECK, { default: true }); const amiIdSsmParameterName = process.env.AMI_ID_SSM_PARAMETER_NAME; - const runnerNamePrefix = process.env.RUNNER_NAME_PREFIX || ''; if (ephemeralEnabled && payload.eventType !== 'workflow_job') { logger.warn( @@ -223,7 +221,6 @@ export async function scaleUp(eventSource: string, payload: ActionRequestMessage ssmTokenPath, subnets, amiIdSsmParameterName, - runnerNamePrefix, }, githubInstallationClient, ); diff --git a/modules/runners/templates/start-runner.sh b/modules/runners/templates/start-runner.sh index 2e35a3c5c5..9d1cae27f9 100644 --- a/modules/runners/templates/start-runner.sh +++ b/modules/runners/templates/start-runner.sh @@ -16,6 +16,7 @@ echo "Retrieved INSTANCE_ID from AWS API ($instance_id)" %{ if metadata_tags == "enabled" } environment=$(curl -f -H "X-aws-ec2-metadata-token: $token" -v http://169.254.169.254/latest/meta-data/tags/instance/ghr:environment) ssm_config_path=$(curl -f -H "X-aws-ec2-metadata-token: $token" -v http://169.254.169.254/latest/meta-data/tags/instance/ghr:ssm_config_path) +runner_name_prefix=$(curl -f -H "X-aws-ec2-metadata-token: $token" -v http://169.254.169.254/latest/meta-data/tags/instance/ghr:runner_name_prefix) || true %{ else } tags=$(aws ec2 describe-tags --region "$region" --filters "Name=resource-id,Values=$instance_id") @@ -23,11 +24,12 @@ echo "Retrieved tags from AWS API ($tags)" environment=$(echo "$tags" | jq -r '.Tags[] | select(.Key == "ghr:environment") | .Value') ssm_config_path=$(echo "$tags" | jq -r '.Tags[] | select(.Key == "ghr:ssm_config_path") | .Value') +runner_name_prefix=$(echo "$tags" | jq -r '.Tags[] | select(.Key == "ghr:runner_name_prefix") | .Value') + %{ endif } echo "Retrieved ghr:environment tag - ($environment)" echo "Retrieved ghr:ssm_config_path tag - ($ssm_config_path)" -runner_name_prefix=$(curl -f -H "X-aws-ec2-metadata-token: $token" -v http://169.254.169.254/latest/meta-data/tags/instance/ghr:runner_name_prefix) || true echo "Retrieved ghr:runner_name_prefix tag - ($runner_name_prefix)" parameters=$(aws ssm get-parameters-by-path --path "$ssm_config_path" --region "$region" --query "Parameters[*].{Name:Name,Value:Value}") From e5b9eaabe7c0b538f8552093538916329872dcfd Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Mon, 13 Mar 2023 12:52:35 +0100 Subject: [PATCH 3/6] update docs --- modules/runners/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/runners/README.md b/modules/runners/README.md index e975a95ba1..193f7673b7 100644 --- a/modules/runners/README.md +++ b/modules/runners/README.md @@ -219,4 +219,5 @@ yarn run dist | [role\_runner](#output\_role\_runner) | n/a | | [role\_scale\_down](#output\_role\_scale\_down) | n/a | | [role\_scale\_up](#output\_role\_scale\_up) | n/a | +| [runners\_log\_groups](#output\_runners\_log\_groups) | List of log groups from different log files of runner machine. | From a748e4a5e547baca0dd47e91ed44ce78e987fff8 Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Mon, 13 Mar 2023 13:09:03 +0100 Subject: [PATCH 4/6] Only tag ec2 --- modules/runners/main.tf | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/modules/runners/main.tf b/modules/runners/main.tf index d286a45969..047276b706 100644 --- a/modules/runners/main.tf +++ b/modules/runners/main.tf @@ -6,9 +6,6 @@ locals { { "ghr:ssm_config_path" = "${var.ssm_paths.root}/${var.ssm_paths.config}" }, - { - "ghr:runner_name_prefix" = var.runner_name_prefix - }, var.tags, ) @@ -124,6 +121,9 @@ resource "aws_launch_template" "runner" { { "Name" = format("%s", local.name_runner) }, + { + "ghr:runner_name_prefix" = var.runner_name_prefix + }, var.runner_ec2_tags ) } @@ -135,6 +135,9 @@ resource "aws_launch_template" "runner" { { "Name" = format("%s", local.name_runner) }, + { + "ghr:runner_name_prefix" = var.runner_name_prefix + }, var.runner_ec2_tags ) } From 603f3d4ca27162a18c7f7f3fcc7136d1323d78aa Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Mon, 13 Mar 2023 14:50:35 +0100 Subject: [PATCH 5/6] set default prefix to empty string in case of an error --- modules/runners/templates/start-runner.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/runners/templates/start-runner.sh b/modules/runners/templates/start-runner.sh index 9d1cae27f9..f4bb3fe81a 100644 --- a/modules/runners/templates/start-runner.sh +++ b/modules/runners/templates/start-runner.sh @@ -16,7 +16,7 @@ echo "Retrieved INSTANCE_ID from AWS API ($instance_id)" %{ if metadata_tags == "enabled" } environment=$(curl -f -H "X-aws-ec2-metadata-token: $token" -v http://169.254.169.254/latest/meta-data/tags/instance/ghr:environment) ssm_config_path=$(curl -f -H "X-aws-ec2-metadata-token: $token" -v http://169.254.169.254/latest/meta-data/tags/instance/ghr:ssm_config_path) -runner_name_prefix=$(curl -f -H "X-aws-ec2-metadata-token: $token" -v http://169.254.169.254/latest/meta-data/tags/instance/ghr:runner_name_prefix) || true +runner_name_prefix=$(curl -f -H "X-aws-ec2-metadata-token: $token" -v http://169.254.169.254/latest/meta-data/tags/instance/ghr:runner_name_prefix || echo "") %{ else } tags=$(aws ec2 describe-tags --region "$region" --filters "Name=resource-id,Values=$instance_id") @@ -24,7 +24,7 @@ echo "Retrieved tags from AWS API ($tags)" environment=$(echo "$tags" | jq -r '.Tags[] | select(.Key == "ghr:environment") | .Value') ssm_config_path=$(echo "$tags" | jq -r '.Tags[] | select(.Key == "ghr:ssm_config_path") | .Value') -runner_name_prefix=$(echo "$tags" | jq -r '.Tags[] | select(.Key == "ghr:runner_name_prefix") | .Value') +runner_name_prefix=$(echo "$tags" | jq -r '.Tags[] | select(.Key == "ghr:runner_name_prefix") | .Value' || echo "") %{ endif } From e12f2cb7ef3f7072ec7975c0cdf60a10986835df Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Mon, 13 Mar 2023 15:27:07 +0100 Subject: [PATCH 6/6] Add separator in example for prefix --- examples/default/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/default/main.tf b/examples/default/main.tf index faef591d4a..1368554ef0 100644 --- a/examples/default/main.tf +++ b/examples/default/main.tf @@ -89,5 +89,5 @@ module "runners" { enable_user_data_debug_logging_runner = true # prefix GitHub runners with the environment name - runner_name_prefix = local.environment + runner_name_prefix = "${local.environment}_" }