-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathmain.tf
151 lines (125 loc) · 3.17 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
terraform {
required_version = ">= 1.0"
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 5.0"
}
}
backend "remote" {
hostname = "app.terraform.io"
organization = "wallet-connect"
workspaces {
name = "github-actions-runners"
}
}
}
provider "aws" {
region = "eu-central-1"
default_tags {
tags = {
Application = "github-actions-runners"
}
}
}
variable "run_task" {
type = bool
default = false
}
variable "cpu" {
type = number
default = 256
}
variable "memory" {
type = number
default = 512
}
variable "runner_token" {
type = string
default = null
}
variable "repo_url" {
type = string
default = null
}
variable "labels" {
type = string
default = null
}
variable "desired_count" {
type = number
default = null
}
variable "timeout" {
type = string
default = null
}
locals {
availability_zone = "eu-central-1a"
}
resource "aws_vpc" "this" {
cidr_block = "10.0.0.0/16"
# Required for EFS
enable_dns_hostnames = true
}
resource "aws_subnet" "public" {
vpc_id = aws_vpc.this.id
cidr_block = "10.0.1.0/24"
availability_zone = local.availability_zone
}
resource "aws_route_table" "public" {
vpc_id = aws_vpc.this.id
}
resource "aws_internet_gateway" "this" {
vpc_id = aws_vpc.this.id
}
resource "aws_route" "internet_gateway" {
route_table_id = aws_route_table.public.id
destination_cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.this.id
}
resource "aws_route_table_association" "public" {
subnet_id = aws_subnet.public.id
route_table_id = aws_route_table.public.id
}
resource "aws_eip" "this" {}
resource "aws_nat_gateway" "this" {
allocation_id = aws_eip.this.id
subnet_id = aws_subnet.public.id
depends_on = [aws_internet_gateway.this]
}
module "cache-server" {
source = "./cache-server"
vpc_id = aws_vpc.this.id
availability_zone = local.availability_zone
nat_gateway_id = aws_nat_gateway.this.id
}
module "runner" {
source = "./runner"
vpc_id = aws_vpc.this.id
availability_zone = local.availability_zone
nat_gateway_id = aws_nat_gateway.this.id
cache_url = module.cache-server.url
}
module "setup-runners" {
count = var.run_task ? 1 : 0
source = "./setup-runners"
cpu = var.cpu
memory = var.memory
runner_token = var.runner_token
repo_url = var.repo_url
labels = var.labels
desired_count = var.desired_count
timeout = var.timeout
}
module "webhook-runners" {
source = "./webhook-runners"
github_app_id = var.webhook_runners_github_app_id
github_app_private_key = var.webhook_runners_github_app_private_key
github_app_installation_id = var.webhook_runners_github_app_installation_id
github_webhook_secret = var.webhook_runners_github_webhook_secret
cluster_arn = module.runner.cluster_arn
task_definition_arn = module.runner.task_definition_arn
subnet_id = module.runner.subnet_id
iam_role_arn = module.runner.iam_role_arn
}