generated from pahud/awscdk-jsii-template
-
-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathinteg.api.ts
46 lines (43 loc) · 1.6 KB
/
integ.api.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
import { App, Stack, CfnOutput } from 'aws-cdk-lib';
import { BlockDeviceVolume, Port, Vpc } from 'aws-cdk-lib/aws-ec2';
import { ManagedPolicy, Role, ServicePrincipal } from 'aws-cdk-lib/aws-iam';
import { GitlabContainerRunner } from './index';
const env = {
region: process.env.CDK_DEFAULT_REGION,
account: process.env.CDK_DEFAULT_ACCOUNT,
};
const mockApp = new App();
const stack = new Stack(mockApp, 'testing-stack', { env });
const role = new Role(stack, 'runner-role', {
assumedBy: new ServicePrincipal('ec2.amazonaws.com'),
description: 'For Gitlab EC2 Runner Test Role',
roleName: 'TestRole',
});
const vpc = Vpc.fromLookup(stack, 'defaultVpc', {
isDefault: true,
});
const runner = new GitlabContainerRunner(stack, 'testing', {
gitlabtoken: stack.node.tryGetContext('GITLAB_TOKEN') ?? 'glrt-GITLAB_TOKEN',
ec2type: 't3.large',
ec2iamrole: role,
onDemandEbsConfig: BlockDeviceVolume.ebs(100),
selfvpc: vpc,
// spotFleet: true,
dockerVolumes: [
{
hostPath: '/tmp/cahce',
containerPath: '/tmp/cahce',
},
],
gitlabRunnerVersion: '15.10',
enabledIMDSv2: true,
});
//runner.expireAfter(Duration.hours(1));
runner.runnerRole.addManagedPolicy(
ManagedPolicy.fromAwsManagedPolicyName('AmazonS3ReadOnlyAccess'),
);
runner.defaultRunnerSG.connections.allowFromAnyIpv4(Port.tcp(80));
runner.defaultRunnerSG.connections.allowFromAnyIpv4(Port.tcp(443));
//runner.runnerEc2.connections.allowFrom(Peer.ipv4('0.0.0.0/0'), Port.tcp(8080));
new CfnOutput(stack, 'role', { value: runner.runnerRole.roleArn });
//new CfnOutput(stack, 'InstanceID', { value: runner.runnerEc2.instanceId });