Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

current value turned to default under new variable, for issue #748 #1112

Merged
merged 2 commits into from
Aug 19, 2021
Merged

current value turned to default under new variable, for issue #748 #1112

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8d9ad74
current value turned to default under new variable
new23d Aug 18, 2021
55c54d4
added defaults to submodule as well
new23d Aug 18, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,7 @@ module "runners" {
runners_maximum_count = var.runners_maximum_count
idle_config = var.idle_config
enable_ssm_on_runners = var.enable_ssm_on_runners
egress_rules = var.runner_egress_rules
runner_additional_security_group_ids = var.runner_additional_security_group_ids
volume_size = var.volume_size

Expand Down
21 changes: 16 additions & 5 deletions modules/runners/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -128,12 +128,23 @@ resource "aws_security_group" "runner_sg" {

vpc_id = var.vpc_id

egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
dynamic "egress" {
for_each = var.egress_rules
iterator = each

content {
cidr_blocks = each.value.cidr_blocks
ipv6_cidr_blocks = each.value.ipv6_cidr_blocks
prefix_list_ids = each.value.prefix_list_ids
from_port = each.value.from_port
protocol = each.value.protocol
security_groups = each.value.security_groups
self = each.value.self
to_port = each.value.to_port
description = each.value.description
}
}

tags = merge(
local.tags,
{
Expand Down
26 changes: 26 additions & 0 deletions modules/runners/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -332,3 +332,29 @@ variable "kms_key_arn" {
type = string
default = null
}

variable "egress_rules" {
description = "List of egress rules for the GitHub runner instances."
type = list(object({
cidr_blocks = list(string)
ipv6_cidr_blocks = list(string)
prefix_list_ids = list(string)
from_port = number
protocol = string
security_groups = list(string)
self = bool
to_port = number
description = string
}))
new23d marked this conversation as resolved.
Show resolved Hide resolved
default = [{
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
prefix_list_ids = null
from_port = 0
protocol = "-1"
security_groups = null
self = null
to_port = 0
description = null
}]
}
26 changes: 26 additions & 0 deletions variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -360,3 +360,29 @@ variable "delay_webhook_event" {
type = number
default = 30
}

variable "runner_egress_rules" {
description = "List of egress rules for the GitHub runner instances."
type = list(object({
cidr_blocks = list(string)
ipv6_cidr_blocks = list(string)
prefix_list_ids = list(string)
from_port = number
protocol = string
security_groups = list(string)
self = bool
to_port = number
description = string
}))
default = [{
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
prefix_list_ids = null
from_port = 0
protocol = "-1"
security_groups = null
self = null
to_port = 0
description = null
}]
}