Merge branch 'master' into 'master'

Cleanup & Enhancements See merge request !13

Merge branch 'master' into 'master'
Cleanup & Enhancements See merge request !13
b21982db · Michael Irwin · 6865c18d · d69cf537 · b21982db · b21982db
Commit b21982db authored 4 years ago by Michael Irwin
--- a/README.md
+++ b/README.md
@@ -109,6 +109,7 @@ This module provides no outputs.
 | Version | Major changes |
 | ------- | ------------- |
 | 1     | Created module |
+| 1.1   | Cleanup key pairs, terminate EC2 instances and use same AMI for docker machines |

 ## TODO


--- a/ec2.tf
+++ b/ec2.tf
@@ -31,11 +31,13 @@ data "template_file" "gitlab_config" {
    token                = var.gitlab_token
    cache_bucket         = aws_s3_bucket.cache.bucket
    region               = var.aws_region
+    ami                  = data.aws_ami.ami.image_id
    vpc_id               = var.vpc_id
    subnet_id            = data.aws_subnet.subnet.id
    subnet_az            = substr(data.aws_subnet.subnet.availability_zone, -1, 1)
    instance_type        = var.instance_type
    security_group       = aws_security_group.security-group.name
+    runner_version       = var.gitlab_runner_version
    runner_name          = var.runner_name
    runner_tags          = var.runner_tags
    gitlab_url           = var.gitlab_url

--- a/iam.tf
+++ b/iam.tf
@@ -58,8 +58,10 @@ resource "aws_iam_policy" "policy" {
        "ec2:DescribeSecurityGroups",
        "ec2:DescribeSubnets",
        "ec2:ImportKeyPair",
+        "ec2:DeleteKeyPair",
        "ec2:RunInstances",
        "ec2:StopInstances",
+        "ec2:TerminateInstances",
        "ec2messages:GetMessages",
        "ssm:GetDocument",
        "ssm:ListInstanceAssociations",
@@ -94,7 +96,7 @@ data "aws_iam_instance_profile" "worker_machine" {
  name  = var.machine_iam_instance_profile
 }

-resource "aws_iam_policy" "runner_pass_role_to_machine" {
+resource "aws_iam_policy" "runner_pass_role_to_worker" {
  count = var.machine_iam_instance_profile != "" ? 1 : 0

  name   = "gitlab-runner-policy-pass-role-to-worker"
@@ -117,10 +119,10 @@ EOF

 }

-resource "aws_iam_policy_attachment" "runner_pass_role_to_machine" {
+resource "aws_iam_policy_attachment" "runner_pass_role_to_worker" {
  count = var.machine_iam_instance_profile != "" ? 1 : 0

-  name       = "runner-pass-role-to-machine"
+  name       = "runner-pass-role-to-worker"
  roles      = [aws_iam_role.role.name]
-  policy_arn = aws_iam_policy.runner_pass_role_to_machine[0].arn
+  policy_arn = aws_iam_policy.runner_pass_role_to_worker[0].arn
 }
--- a/logging.tf
+++ b/logging.tf
 resource "aws_cloudwatch_log_group" "log_group" {
-  name              = "gitlab-runner-${var.service_name}"
+  name              = "gitlab-runner-supervisor-${var.service_name}"
  retention_in_days = var.log_retention

-  tags = merge(local.service_tags, { "Name" : "gitlab-runner-${var.service_name}" })
+  tags = merge(local.service_tags, { "Name" : "gitlab-runner-supervisor-${var.service_name}" })
 }

--- a/templates/user-data.sh
+++ b/templates/user-data.sh
@@ -65,8 +65,10 @@ base=https://github.com/docker/machine/releases/download/v0.16.0 &&
 ####

 # Install the runner
-curl -L https://packages.gitlab.com/install/repositories/runner/gitlab-runner/script.deb.sh | sudo bash
-apt-get install -y gitlab-runner
+runner_deb=gitlab-runner_amd64.deb
+curl --silent --location --remote-name --remote-header-name https://gitlab-runner-downloads.s3.amazonaws.com/${runner_version}/deb/$runner_deb
+dpkg -i $runner_deb
+rm -f $runner_deb

 # Register the runner
 cat >/tmp/gitlab-register.sh <<EOF
@@ -110,6 +112,7 @@ gitlab-runner register \
  --machine-off-peak-periods '* * * * * sat,sun *' \
  --machine-machine-driver "amazonec2" \
  --machine-machine-name "${runner_name}-%s" \
+  --machine-machine-options "amazonec2-ami=${ami}" \
  --machine-machine-options "amazonec2-region=${region}" \
  --machine-machine-options "amazonec2-vpc-id=${vpc_id}" \
  --machine-machine-options "amazonec2-subnet-id=${subnet_id}" \

--- a/variables.tf
+++ b/variables.tf
@@ -79,6 +79,11 @@ variable "gitlab_url" {
  default     = "https://code.vt.edu/"
 }

+variable "gitlab_runner_version" {
+  description = "version string for the gitlab runner to install"
+  default     = "latest"
+}
+
 variable "instance_type" {
  description = "The EC2 instance type to use for the docker machines"
  default     = "m4.large"
@@ -151,7 +156,7 @@ variable "use_public_ip_for_bastion" {

 locals {
  service_tags = {
-    Name              = "gitlab-runner-bastion-${var.service_name}"
+    Name              = "gitlab-runner-supervisor-${var.service_name}"
    Service           = var.service_name
    Environment       = var.environment
    ResponsibleParty  = var.responsible_party