Merge pull request #1277 from philips-labs/develop

release

.github/workflows/terraform.yml

@@ -9,13 +9,19 @@ on:
       - "modules/*/lambdas/**"
 
 env:
-  tf_version: "0.13.5"
+  tf_version: "1.0."
   tf_working_dir: "."
   AWS_REGION: eu-west-1
 jobs:
-  terraform:
-    name: "Terraform"
+
+  verify_module:
+    name: Verify module
+    strategy:
+      matrix:
+        terraform: [1.0.8]    
     runs-on: ubuntu-latest
+    container:
+      image: hashicorp/terraform:${{ matrix.terraform }}
     steps:
       - name: "Checkout"
         uses: actions/checkout@v2
@@ -24,30 +30,36 @@ jobs:
           touch modules/webhook/lambdas/webhook/webhook.zip
           touch modules/runners/lambdas/runners/runners.zip
           touch modules/runner-binaries-syncer/lambdas/runner-binaries-syncer/runner-binaries-syncer.zip
-      - name: "Terraform Format"
-        uses: hashicorp/terraform-github-actions@master
-        with:
-          tf_actions_version: ${{ env.tf_version }}
-          tf_actions_subcommand: "fmt"
-          tf_actions_working_dir: ${{ env.tf_working_dir }}
-          tf_actions_comment: true
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - name: "Terraform Init"
-        uses: hashicorp/terraform-github-actions@master
-        with:
-          tf_actions_version: ${{ env.tf_version }}
-          tf_actions_subcommand: "init"
-          tf_actions_working_dir: ${{ env.tf_working_dir }}
-          tf_actions_comment: true
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - name: "Terraform Validate"
-        uses: hashicorp/terraform-github-actions@master
-        with:
-          tf_actions_version: ${{ env.tf_version }}
-          tf_actions_subcommand: "validate"
-          tf_actions_working_dir: ${{ env.tf_working_dir }}
-          tf_actions_comment: true
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: terraform init
+        run: terraform init -get -backend=false -input=false
+      - name: check terraform formatting
+        run: terraform fmt -recursive -check=true -write=false
+        continue-on-error: true
+      - name: validate terraform
+        run: terraform validate
+
+  verify_examples:
+    name: Verify examples
+    strategy:
+      fail-fast: false
+      matrix:
+        terraform: [0.14.1, 0.15.0, 1.0.8]
+        example: ["default", "ubuntu"]
+    defaults:
+      run:
+        working-directory: examples/${{ matrix.example }}
+    runs-on: ubuntu-latest
+    container:
+      image: hashicorp/terraform:${{ matrix.terraform }}
+    steps:   
+      - uses: actions/checkout@v2
+      - name: terraform init
+        run: terraform init -get -backend=false -input=false
+      - if: contains(matrix.terraform, '1.0.')
+        name: check terraform formatting
+        run: terraform fmt -recursive -check=true -write=false
+        continue-on-error: true
+      - name: validate terraform
+        run: terraform validate
+
+

.pre-commit-config.yaml

@@ -1,11 +1,11 @@
 repos:
   - repo: git://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.47.0
+    rev: v1.52.0
     hooks:
       - id: terraform_fmt
       - id: terraform_tflint
       - id: terraform_docs
   - repo: git://github.com/pre-commit/pre-commit-hooks
-    rev: v3.4.0
+    rev: v4.0.1
     hooks:
       - id: check-merge-conflict

CONTRIBUTING.md

@@ -62,7 +62,7 @@ Before you submit your merge request consider the following guidelines:
     ```
 
 * Create your patch, **including appropriate test cases**.
-* Run the test suite and ensure that all tests pass.
+* Install [Terraform](https://www.terraform.io/). We lock the version with [tvenv](https://github.com/tfutils/tfenv), check `.terraform-version` for the current development version of the module.
 * Install [pre-commit hooks](https://pre-commit.com/). The hooks runs some basic checks and update the docs. The commit will run the hooks, you can invoke the hooks manually `pre-commit run --all-files` as well.
 * Commit your changes using a descriptive commit message.
 
@@ -79,7 +79,7 @@ Before you submit your merge request consider the following guidelines:
     git push origin my-fix-branch
     ```
 
-In Github, send a pull request to original develop branch: f.e. `terraform-aws-vpc:develop`.
+In Github, send a pull request to original develop branch: f.e. `terraform-aws-github-runner:develop`.
 If we suggest changes, then:
 
 * Make the required updates.

examples/default/main.tf

@@ -27,8 +27,6 @@ module "runners" {
   github_app = {
     key_base64     = var.github_app_key_base64
     id             = var.github_app_id
-    client_id      = var.github_app_client_id
-    client_secret  = var.github_app_client_secret
     webhook_secret = random_password.random.result
   }
 
@@ -48,9 +46,14 @@ module "runners" {
   #   idleCount = 1
   # }]
 
-  # disable KMS and encryption
-  # encrypt_secrets = false
-
   # Let the module manage the service linked role
   # create_service_linked_role_spot = true
+
+  instance_types = ["m5.large", "c5.large"]
+
+  # override delay of events in seconds
+  delay_webhook_event = 5
+
+  # override scaling down
+  scale_down_schedule_expression = "cron(* * * * ? *)"
 }

examples/ubuntu/main.tf

@@ -22,8 +22,6 @@ module "runners" {
   github_app = {
     key_base64     = var.github_app_key_base64
     id             = var.github_app_id
-    client_id      = var.github_app_client_id
-    client_secret  = var.github_app_client_secret
     webhook_secret = random_password.random.result
   }
 

examples/ubuntu/providers.tf

@@ -1,15 +1,3 @@
-terraform {
-  required_providers {
-    aws = {
-      version = "3.27"
-    }
-    random = {
-      version = "3.1.0"
-    }
-  }
-}
-
-
 provider "aws" {
   region = local.aws_region
 

main.tf

@@ -9,10 +9,8 @@ locals {
   ami_filter = length(var.ami_filter) > 0 ? var.ami_filter : local.runner_architecture == "arm64" ? { name = ["amzn2-ami-hvm-2*-arm64-gp2"] } : { name = ["amzn2-ami-hvm-2.*-x86_64-ebs"] }
 
   github_app_parameters = {
-    client_id     = module.ssm.parameters.github_app_client_id
-    client_secret = module.ssm.parameters.github_app_client_secret
-    id            = module.ssm.parameters.github_app_id
-    key_base64    = module.ssm.parameters.github_app_key_base64
+    id         = module.ssm.parameters.github_app_id
+    key_base64 = module.ssm.parameters.github_app_key_base64
   }
 }
 
@@ -60,6 +58,7 @@ module "webhook" {
   lambda_timeout                   = var.webhook_lambda_timeout
   logging_retention_in_days        = var.logging_retention_in_days
   runner_extra_labels              = var.runner_extra_labels
+  disable_check_wokflow_job_labels = var.disable_check_wokflow_job_labels
 
   role_path                 = var.role_path
   role_permissions_boundary = var.role_permissions_boundary

modules/download-lambda/README.md

@@ -33,29 +33,29 @@ No requirements.
 
 | Name | Version |
 |------|---------|
-| null | n/a |
+| <a name="provider_null"></a> [null](#provider\_null) | 3.0.0 |
 
 ## Modules
 
-No Modules.
+No modules.
 
 ## Resources
 
-| Name |
-|------|
-| [null_resource](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) |
+| Name | Type |
+|------|------|
+| [null_resource.download](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| lambdas | Name and tag for lambdas to download. | <pre>list(object({<br>    name = string<br>    tag  = string<br>  }))</pre> | n/a | yes |
+| <a name="input_lambdas"></a> [lambdas](#input\_lambdas) | Name and tag for lambdas to download. | <pre>list(object({<br>    name = string<br>    tag  = string<br>  }))</pre> | n/a | yes |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
-| files | n/a |
+| <a name="output_files"></a> [files](#output\_files) | n/a |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 
 ## Philips Forest