From ad9a7b04ab24a730b7972b32e3667d3d843ef5cb Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sat, 12 Jan 2019 15:21:34 +0100 Subject: [PATCH 1/6] Add option to set docker machine options, based on repo of @@rsrchboy --- README.md | 5 +++-- main.tf | 7 +++++++ template/runner-config.tpl | 15 ++++++++++++++- variables.tf | 6 ++++++ 4 files changed, 30 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 86333e842..4ad38b41d 100644 --- a/README.md +++ b/README.md @@ -111,12 +111,13 @@ All variables and defaults: | cache_expiration_days | Number of days before cache objects expires. | string | `1` | no | | cache_user | User name of the user to create to write and read to the s3 cache. | string | `cache_user` | no | | docker_machine_instance_type | Instance type used for the instances hosting docker-machine. | string | `m4.large` | no | +| docker_machine_options | Additional to set options for docker machien. Each element of the list should be key and value. E.g. '["--amazonec2-zone=a"]' | list | `` | no | | docker_machine_spot_price_bid | Spot price bid. | string | `0.04` | no | | docker_machine_user | User name for the user to create spot instances to host docker-machine. | string | `docker-machine` | no | -| docker_machine_version | Version of docker-machine. | string | `0.15.0` | no | +| docker_machine_version | Version of docker-machine. | string | `0.16.0` | no | | enable_cloudwatch_logging | Enable or disable the CloudWatch logging. | string | `1` | no | | environment | A name that identifies the environment, will used as prefix and for tagging. | string | - | yes | -| gitlab_runner_version | Version for the gitlab runner. | string | `11.3.1` | no | +| gitlab_runner_version | Version for the gitlab runner. | string | `11.6.0` | no | | instance_type | Instance type used for the gitlab-runner. | string | `t2.micro` | no | | runners_concurrent | Concurrent value for the runners, will be used in the runner config.toml | string | `10` | no | | runners_gitlab_url | URL of the gitlab instance to connect to. | string | - | yes | diff --git a/main.tf b/main.tf index 918882419..4b9f70a55 100644 --- a/main.tf +++ b/main.tf @@ -90,6 +90,11 @@ data "template_file" "gitlab_runner" { } } +locals { + // Convert list to a string seperated and prepend by a comma + docker_machine_options_string = "${format(",%s", join(",", formatlist("%q", var.docker_machine_options)))}" +} + data "template_file" "runners" { template = "${file("${path.module}/template/runner-config.tpl")}" @@ -105,6 +110,8 @@ data "template_file" "runners" { runners_security_group_name = "${aws_security_group.docker_machine.name}" runners_monitoring = "${var.runners_monitoring}" + docker_machine_options = "${length(var.docker_machine_options) == 0 ? "" : local.docker_machine_options_string}" + runners_name = "${var.runners_name}" runners_token = "${var.runners_token}" runners_limit = "${var.runners_limit}" diff --git a/template/runner-config.tpl b/template/runner-config.tpl index d629aeec6..fcca804e0 100644 --- a/template/runner-config.tpl +++ b/template/runner-config.tpl @@ -31,7 +31,20 @@ check_interval = 0 IdleTime = ${runners_idle_time} MachineDriver = "amazonec2" MachineName = "runner-%s" - MachineOptions = ["amazonec2-instance-type=${runners_instance_type}", "amazonec2-region=${aws_region}", "amazonec2-vpc-id=${runners_vpc_id}", "amazonec2-subnet-id=${runners_subnet_id}", "amazonec2-private-address-only=${runners_use_private_address}", "amazonec2-request-spot-instance=true", "amazonec2-spot-price=${runners_spot_price_bid}", "amazonec2-security-group=${runners_security_group_name}", "amazonec2-tags=environment,${environment}", "amazonec2-monitoring=${runners_monitoring}", "amazonec2-root-size=${runners_root_size}", "amazonec2-iam-instance-profile=${runners_iam_instance_profile_name}"] + MachineOptions = [ + "amazonec2-instance-type=${runners_instance_type}", + "amazonec2-region=${aws_region}", + "amazonec2-vpc-id=${runners_vpc_id}", + "amazonec2-subnet-id=${runners_subnet_id}", + "amazonec2-private-address-only=${runners_use_private_address}", + "amazonec2-request-spot-instance=true", "amazonec2-spot-price=${runners_spot_price_bid}", + "amazonec2-security-group=${runners_security_group_name}", + "amazonec2-tags=environment,${environment}", + "amazonec2-monitoring=${runners_monitoring}", + "amazonec2-root-size=${runners_root_size}", + "amazonec2-iam-instance-profile=${runners_iam_instance_profile_name}" + ${docker_machine_options} + ] OffPeakTimezone = "${runners_off_peak_timezone}" OffPeakIdleCount = ${runners_off_peak_idle_count} OffPeakIdleTime = ${runners_off_peak_idle_time} diff --git a/variables.tf b/variables.tf index 10d3dcb74..5e61d3a52 100644 --- a/variables.tf +++ b/variables.tf @@ -249,3 +249,9 @@ variable "allow_iam_service_linked_role_creation" { description = "Attach policy to runner instance to create service linked roles." default = true } + +variable "docker_machine_options" { + description = "Additional to set options for docker machien. Each element of the list should be key and value. E.g. '[\"--amazonec2-zone=a\"]'" + type = "list" + default = [] +} From b94b097efee3027d55204c3489bf3fc2d21fb90f Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sat, 12 Jan 2019 15:31:04 +0100 Subject: [PATCH 2/6] Add option to overwrite instance profile. based on repo of @@rsrchboy --- README.md | 2 ++ main.tf | 2 +- variables.tf | 6 ++++++ 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 4ad38b41d..f6f938db6 100644 --- a/README.md +++ b/README.md @@ -102,6 +102,7 @@ module "gitlab-runner" { All variables and defaults: + | Name | Description | Type | Default | Required | |------|-------------|:----:|:-----:|:-----:| | allow_iam_service_linked_role_creation | Attach policy to runner instance to create service linked roles. | string | `true` | no | @@ -118,6 +119,7 @@ All variables and defaults: | enable_cloudwatch_logging | Enable or disable the CloudWatch logging. | string | `1` | no | | environment | A name that identifies the environment, will used as prefix and for tagging. | string | - | yes | | gitlab_runner_version | Version for the gitlab runner. | string | `11.6.0` | no | +| instance_role_json | Instance role json to override the default. | string | `` | no | | instance_type | Instance type used for the gitlab-runner. | string | `t2.micro` | no | | runners_concurrent | Concurrent value for the runners, will be used in the runner config.toml | string | `10` | no | | runners_gitlab_url | URL of the gitlab instance to connect to. | string | - | yes | diff --git a/main.tf b/main.tf index 4b9f70a55..b7b700309 100644 --- a/main.tf +++ b/main.tf @@ -176,7 +176,7 @@ resource "aws_iam_instance_profile" "instance" { } data "template_file" "instance_role_trust_policy" { - template = "${file("${path.module}/policies/instance-role-trust-policy.json")}" + template = "${length(var.instance_role_json) > 0 ? var.instance_role_json : file("${path.module}/policies/instance-role-trust-policy.json")}" } resource "aws_iam_role" "instance" { diff --git a/variables.tf b/variables.tf index 5e61d3a52..ae80ad86e 100644 --- a/variables.tf +++ b/variables.tf @@ -255,3 +255,9 @@ variable "docker_machine_options" { type = "list" default = [] } + +variable "instance_role_json" { + description = "Instance role json to override the default." + type = "string" + default = "" +} From 0063860981a75f15919e4678484267eb59ad8bbe Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sat, 12 Jan 2019 16:30:15 +0100 Subject: [PATCH 3/6] Replaced hard coded ami list by a filter --- CHANGELOG.md | 4 ++++ README.md | 10 ++++++++++ main.tf | 10 +++++++++- outputs.tf | 9 +++++++++ variables.tf | 43 ++++++++++++++++--------------------------- 5 files changed, 48 insertions(+), 28 deletions(-) create mode 100644 outputs.tf diff --git a/CHANGELOG.md b/CHANGELOG.md index b26ee2a7b..8ba26b3c1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,10 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](http://semver.org/). ## [Unreleased] +- Changed: The variable `amazon_optimized_amis` is removed an replaced by a filter to select the AMI. To use the default of the latest AMI set the filter `ami_filter` to `amzn-ami-hvm-2018.03.0.20180622-x86_64-ebs`. +- Added: Option to set docker machine options via `docker_machine_optionns`. +- Added: Several output variables. + ## [1.8.0] - 2018-12-30 - Changed: Updated default docker-machine version to 0.16.0 diff --git a/README.md b/README.md index f6f938db6..86bfd3252 100644 --- a/README.md +++ b/README.md @@ -77,6 +77,9 @@ gitlab_url = "GIT_LAB_URL" runner_token = "RUNNER_TOKEN" ``` +The base image used to host the GitLab Runner agent is the latest available Amazon Linux HVM EBS AMI. In previous version of the module an hard coded list of AMI per region was available. This list is replaced by a search filter to find the latest AMI. By setting the filter for example to `amzn-ami-hvm-2018.03.0.20180622-x86_64-ebs` you can lock the version of the AMI. + + ### Usage module. ```hcl @@ -151,6 +154,13 @@ All variables and defaults: | userdata_pre_install | User-data script snippet to insert before gitlab-runner install | string | `` | no | | vpc_id | The VPC that is used for the instances. | string | - | yes | +## Outputs + +| Name | Description | +|------|-------------| +| runner_as_group_name | Name of the autoscaling group for the gitlab-runner instance | +| runner_cache_bucket_arn | ARN of the S3 for the build cache. | + ## Example An example is provided, execute the following steps to run the sample. Ensure your AWS and Terraform environment is set up correctly. All commands below are supposed to be run inside the directory `example`. diff --git a/main.tf b/main.tf index b7b700309..d342c609d 100644 --- a/main.tf +++ b/main.tf @@ -152,10 +152,18 @@ resource "aws_autoscaling_group" "gitlab_runner_instance" { tags = ["${data.null_data_source.tags.*.outputs}"] } +data "aws_ami" "runner" { + most_recent = "true" + + filter = "${var.ami_filter}" + + owners = ["${var.ami_owners}"] +} + resource "aws_launch_configuration" "gitlab_runner_instance" { security_groups = ["${aws_security_group.runner.id}"] key_name = "${aws_key_pair.key.key_name}" - image_id = "${lookup(var.amazon_optimized_amis, var.aws_region)}" + image_id = "${data.aws_ami.runner.id}" user_data = "${data.template_file.user_data.rendered}" instance_type = "${var.instance_type}" iam_instance_profile = "${aws_iam_instance_profile.instance.name}" diff --git a/outputs.tf b/outputs.tf new file mode 100644 index 000000000..01303d6c6 --- /dev/null +++ b/outputs.tf @@ -0,0 +1,9 @@ +output "runner_as_group_name" { + description = "Name of the autoscaling group for the gitlab-runner instance" + value = "${aws_autoscaling_group.gitlab_runner_instance.name}" +} + +output "runner_cache_bucket_arn" { + description = "ARN of the S3 for the build cache." + value = "${aws_s3_bucket.build_cache.arn}" +} diff --git a/variables.tf b/variables.tf index ae80ad86e..b4ddf4ec9 100644 --- a/variables.tf +++ b/variables.tf @@ -29,33 +29,6 @@ variable "instance_type" { default = "t2.micro" } -# list with amazon linux optimized images per region -# HVM (SSD) EBS-Backed 64-bit -# Amazon Linux AMI 2018.03 was released on 2018-06-28 https://aws.amazon.com/amazon-linux-ami/ -variable "amazon_optimized_amis" { - description = "AMI map per region-zone for the gitlab-runner instance AMI." - type = "map" - - default = { - us-east-1 = "ami-97785bed" # N. Virginia - us-east-2 = "ami-f63b1193" # Ohio - us-west-1 = "ami-824c4ee2" # N. California - us-west-2 = "ami-f2d3638a" # Oregon - eu-west-1 = "ami-d834aba1" # Ireland - eu-west-2 = "ami-403e2524" # London - eu-central-1 = "ami-5652ce39" # Frankfurt - eu-central-2 = "ami-8ee056f3" # Paris - ap-northeast-1 = "ami-ceafcba8" # Tokyo - ap-northeast-2 = "ami-863090e8" # Seoel - ap-southeast-1 = "ami-68097514" # Singapore - ap-southeast-2 = "ami-942dd1f6" # Sydney - ap-south-1 = "ami-531a4c3c" # Mumbai - ca-central-1 = "ami-a954d1cd" # Canada - sa-east-1 = "ami-84175ae8" # São Paulo - cn-north-1 = "ami-cb19c4a6" # Beijing - } -} - variable "ssh_public_key" { description = "Public SSH key used for the gitlab-runner ec2 instance." type = "string" @@ -261,3 +234,19 @@ variable "instance_role_json" { type = "string" default = "" } + +variable "ami_filter" { + description = "AMI filter to select the AMI used to host the gitlab runner agent. By default the pattern `amzn-ami-hvm-2018.03*-x86_64-ebs` is used for the name. Currently Amazon Linux 2 `amzn2-ami-hvm-2.0.????????-x86_64-ebs` looks *not* working for this configuration." + type = "list" + + default = [{ + name = "name" + values = ["amzn-ami-hvm-2018.03*-x86_64-ebs"] + }] +} + +variable "ami_owners" { + description = "A list of owners used to select the AMI for the instance." + type = "list" + default = ["amazon"] +} From 0a761a56469b68f21dd30f4fe9947d92e0005416 Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sun, 13 Jan 2019 13:13:04 +0100 Subject: [PATCH 4/6] Replace cache user by an instance profile --- policies/cache.json | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 policies/cache.json diff --git a/policies/cache.json b/policies/cache.json new file mode 100644 index 000000000..ca138e004 --- /dev/null +++ b/policies/cache.json @@ -0,0 +1,18 @@ +{ + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "allowGitLabRunnersAccessCache", + "Effect": "Allow", + "Action": [ + "s3:PutObject", + "s3:PutObjectAcl", + "s3:GetObject", + "s3:GetObjectAcl" + ], + "Resource": [ + "${s3_cache_arn}/*" + ] + } + ] +} From 798d4116a807cd2ba090f0120c1a95c9679df8fe Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sun, 13 Jan 2019 22:07:29 +0100 Subject: [PATCH 5/6] Replace cache user by an instance profile --- CHANGELOG.md | 7 ++++--- README.md | 9 ++++++--- bucket.tf | 33 ------------------------------ main.tf | 41 ++++++++++++++++++++++++++++++++++++-- outputs.tf | 10 ++++++++++ template/runner-config.tpl | 12 +++++------ variables.tf | 14 ++++++------- 7 files changed, 71 insertions(+), 55 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8ba26b3c1..3adad9771 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,14 +5,15 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](http://semver.org/). ## [Unreleased] +- Changed: Replaced cache user by a instance profile to access the cache from the build +- Changed: Update gitlab toml cache section, removed deprecated usages of s3 - Changed: The variable `amazon_optimized_amis` is removed an replaced by a filter to select the AMI. To use the default of the latest AMI set the filter `ami_filter` to `amzn-ami-hvm-2018.03.0.20180622-x86_64-ebs`. - Added: Option to set docker machine options via `docker_machine_optionns`. - Added: Several output variables. - ## [1.8.0] - 2018-12-30 -- Changed: Updated default docker-machine version to 0.16.0 -- Changed: Updated default gitlab runner to 11.6.0 +- Changed: Update default docker-machine version to 0.16.0 +- Changed: Update default gitlab runner to 11.6.0 - Added: Configuration parameters for post_build_script, pre_clone_script, request_concurrency and output_limit. #22 - Added: Configurable docker image for runner #27 - Added: Add pre/post install user-data snippets for runners #26 diff --git a/README.md b/README.md index 86bfd3252..bac13027c 100644 --- a/README.md +++ b/README.md @@ -109,11 +109,11 @@ All variables and defaults: | Name | Description | Type | Default | Required | |------|-------------|:----:|:-----:|:-----:| | allow_iam_service_linked_role_creation | Attach policy to runner instance to create service linked roles. | string | `true` | no | -| amazon_optimized_amis | AMI map per region-zone for the gitlab-runner instance AMI. | map | `` | no | +| ami_filter | AMI filter to select the AMI used to host the gitlab runner agent. By default the pattern `amzn-ami-hvm-2018.03*-x86_64-ebs` is used for the name. Currently Amazon Linux 2 `amzn2-ami-hvm-2.0.????????-x86_64-ebs` looks *not* working for this configuration. | list | `` | no | +| ami_owners | A list of owners used to select the AMI for the instance. | list | `` | no | | aws_region | AWS region. | string | - | yes | | cache_bucket_prefix | Prefix for s3 cache bucket name. | string | `` | no | | cache_expiration_days | Number of days before cache objects expires. | string | `1` | no | -| cache_user | User name of the user to create to write and read to the s3 cache. | string | `cache_user` | no | | docker_machine_instance_type | Instance type used for the instances hosting docker-machine. | string | `m4.large` | no | | docker_machine_options | Additional to set options for docker machien. Each element of the list should be key and value. E.g. '["--amazonec2-zone=a"]' | list | `` | no | | docker_machine_spot_price_bid | Spot price bid. | string | `0.04` | no | @@ -122,7 +122,8 @@ All variables and defaults: | enable_cloudwatch_logging | Enable or disable the CloudWatch logging. | string | `1` | no | | environment | A name that identifies the environment, will used as prefix and for tagging. | string | - | yes | | gitlab_runner_version | Version for the gitlab runner. | string | `11.6.0` | no | -| instance_role_json | Instance role json to override the default. | string | `` | no | +| instance_role_json | Instance role json for the runner agent ec2 instance to override the default. | string | `` | no | +| instance_role_runner_json | Instance role json for the docker machine runners to override the default. | string | `` | no | | instance_type | Instance type used for the gitlab-runner. | string | `t2.micro` | no | | runners_concurrent | Concurrent value for the runners, will be used in the runner config.toml | string | `10` | no | | runners_gitlab_url | URL of the gitlab instance to connect to. | string | - | yes | @@ -158,8 +159,10 @@ All variables and defaults: | Name | Description | |------|-------------| +| runner_agent role | ARN of the rule used for the ec2 instance for the GitLab runner agent. | | runner_as_group_name | Name of the autoscaling group for the gitlab-runner instance | | runner_cache_bucket_arn | ARN of the S3 for the build cache. | +| runner_role | ARN of the rule used for the docker machine runners. | ## Example diff --git a/bucket.tf b/bucket.tf index 33b81ace0..01dcac7df 100644 --- a/bucket.tf +++ b/bucket.tf @@ -23,36 +23,3 @@ resource "aws_s3_bucket" "build_cache" { } } } - -resource "aws_iam_user" "cache_user" { - name = "${var.cache_user}" -} - -resource "aws_iam_access_key" "cache_user" { - user = "${aws_iam_user.cache_user.name}" -} - -data "aws_iam_policy_document" "bucket-policy-doc" { - statement { - actions = [ - "s3:PutObject", - "s3:PutObjectAcl", - "s3:GetObject", - "s3:GetObjectAcl", - ] - - principals = { - type = "AWS" - identifiers = ["${aws_iam_user.cache_user.arn}"] - } - - resources = [ - "${aws_s3_bucket.build_cache.arn}/*", - ] - } -} - -resource "aws_s3_bucket_policy" "bucket-policy" { - bucket = "${aws_s3_bucket.build_cache.id}" - policy = "${data.aws_iam_policy_document.bucket-policy-doc.json}" -} diff --git a/main.tf b/main.tf index d342c609d..eec5dbdbe 100644 --- a/main.tf +++ b/main.tf @@ -109,6 +109,7 @@ data "template_file" "runners" { runners_spot_price_bid = "${var.docker_machine_spot_price_bid}" runners_security_group_name = "${aws_security_group.docker_machine.name}" runners_monitoring = "${var.runners_monitoring}" + runners_instance_profile = "${aws_iam_instance_profile.runners.name}" docker_machine_options = "${length(var.docker_machine_options) == 0 ? "" : local.docker_machine_options_string}" @@ -132,8 +133,6 @@ data "template_file" "runners" { runners_pre_clone_script = "${var.runners_pre_clone_script}" runners_request_concurrency = "${var.runners_request_concurrency}" runners_output_limit = "${var.runners_output_limit}" - bucket_user_access_key = "${aws_iam_access_key.cache_user.id}" - bucket_user_secret_key = "${aws_iam_access_key.cache_user.secret}" bucket_name = "${aws_s3_bucket.build_cache.bucket}" } } @@ -237,3 +236,41 @@ resource "aws_iam_role_policy_attachment" "service_linked_role" { role = "${aws_iam_role.instance.name}" policy_arn = "${aws_iam_policy.service_linked_role.arn}" } + +################################################################################ +### docker machine runner role and policies +################################################################################ +data "template_file" "runners_role_trust_policy" { + template = "${length(var.instance_role_runner_json) > 0 ? var.instance_role_runner_json : file("${path.module}/policies/instance-role-trust-policy.json")}" +} + +resource "aws_iam_role" "runners" { + name = "${var.environment}-runners-role" + assume_role_policy = "${data.template_file.runners_role_trust_policy.rendered}" +} + +resource "aws_iam_instance_profile" "runners" { + name = "${var.environment}-runners-profile" + role = "${aws_iam_role.runners.name}" +} + +data "template_file" "cache_policy" { + template = "${file("${path.module}/policies/cache.json")}" + + vars { + s3_cache_arn = "${aws_s3_bucket.build_cache.arn}" + } +} + +resource "aws_iam_policy" "runners" { + name = "${var.environment}-runners-cache-policy" + path = "/" + description = "Policy for Runners." + + policy = "${data.template_file.cache_policy.rendered}" +} + +resource "aws_iam_role_policy_attachment" "runners" { + role = "${aws_iam_role.runners.name}" + policy_arn = "${aws_iam_policy.runners.arn}" +} diff --git a/outputs.tf b/outputs.tf index 01303d6c6..3f031808d 100644 --- a/outputs.tf +++ b/outputs.tf @@ -7,3 +7,13 @@ output "runner_cache_bucket_arn" { description = "ARN of the S3 for the build cache." value = "${aws_s3_bucket.build_cache.arn}" } + +output "runner_agent role" { + description = "ARN of the rule used for the ec2 instance for the GitLab runner agent." + value = "${aws_iam_role.instance.arn}" +} + +output "runner_role" { + description = "ARN of the rule used for the docker machine runners." + value = "${aws_iam_role.runners.arn}" +} diff --git a/template/runner-config.tpl b/template/runner-config.tpl index fcca804e0..97ab2ea60 100644 --- a/template/runner-config.tpl +++ b/template/runner-config.tpl @@ -19,11 +19,8 @@ check_interval = 0 disable_cache = false volumes = ["/cache"] shm_size = 0 - [runners.cache] - Type = "s3" + [runners.cache.s3] ServerAddress = "s3-${aws_region}.amazonaws.com" - AccessKey = "${bucket_user_access_key}" - SecretKey = "${bucket_user_secret_key}" BucketName = "${bucket_name}" Insecure = false [runners.machine] @@ -37,12 +34,13 @@ check_interval = 0 "amazonec2-vpc-id=${runners_vpc_id}", "amazonec2-subnet-id=${runners_subnet_id}", "amazonec2-private-address-only=${runners_use_private_address}", - "amazonec2-request-spot-instance=true", "amazonec2-spot-price=${runners_spot_price_bid}", + "amazonec2-request-spot-instance=true", + "amazonec2-spot-price=${runners_spot_price_bid}", "amazonec2-security-group=${runners_security_group_name}", "amazonec2-tags=environment,${environment}", "amazonec2-monitoring=${runners_monitoring}", - "amazonec2-root-size=${runners_root_size}", - "amazonec2-iam-instance-profile=${runners_iam_instance_profile_name}" + "amazonec2-iam-instance-profile=${runners_instance_profile}", + "amazonec2-root-size=${runners_root_size}" ${docker_machine_options} ] OffPeakTimezone = "${runners_off_peak_timezone}" diff --git a/variables.tf b/variables.tf index b4ddf4ec9..e867a46dc 100644 --- a/variables.tf +++ b/variables.tf @@ -184,12 +184,6 @@ variable "docker_machine_user" { default = "docker-machine" } -variable "cache_user" { - description = "User name of the user to create to write and read to the s3 cache." - type = "string" - default = "cache_user" -} - variable "cache_bucket_prefix" { description = "Prefix for s3 cache bucket name." type = "string" @@ -230,7 +224,13 @@ variable "docker_machine_options" { } variable "instance_role_json" { - description = "Instance role json to override the default." + description = "Instance role json for the runner agent ec2 instance to override the default." + type = "string" + default = "" +} + +variable "instance_role_runner_json" { + description = "Instance role json for the docker machine runners to override the default." type = "string" default = "" } From 9a2e95447595cbb148244a2900f881e39988db22 Mon Sep 17 00:00:00 2001 From: Niek Palm Date: Sun, 13 Jan 2019 22:32:58 +0100 Subject: [PATCH 6/6] Release 2.0.0 --- CHANGELOG.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 61d3716f4..d17ef5f13 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,8 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](http://semver.org/). ## [Unreleased] + +## [2.0.0] - 2019-01-13 - Changed: Replaced cache user by a instance profile to access the cache from the build - Changed: Update gitlab toml cache section, removed deprecated usages of s3 - Changed: The variable `amazon_optimized_amis` is removed an replaced by a filter to select the AMI. To use the default of the latest AMI set the filter `ami_filter` to `amzn-ami-hvm-2018.03.0.20180622-x86_64-ebs`. @@ -82,7 +84,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/). - Update default AMI's to The latest Amazon Linux AMI 2017.09.1 - released on 2018-01-17. - Minor updates in the example -[Unreleased]: https://github.com/npalm/terraform-aws-gitlab-runner/compare/1.8.0...HEAD +[Unreleased]: https://github.com/npalm/terraform-aws-gitlab-runner/compare/2.0.0...HEAD +[2.0.0]: https://github.com/npalm/terraform-aws-gitlab-runner/compare/1.8.0...2.0.0 [1.8.0]: https://github.com/npalm/terraform-aws-gitlab-runner/compare/1.7.0...1.8.0 [1.7.0]: https://github.com/npalm/terraform-aws-gitlab-runner/compare/1.6.0...1.7.0 [1.6.0]: https://github.com/npalm/terraform-aws-gitlab-runner/compare/1.5.0...1.6.0