From 4bdee2b5f991b57570dd2efff380ee3577bf8584 Mon Sep 17 00:00:00 2001 From: ehearneredhat Date: Wed, 26 Jun 2024 13:55:21 +0100 Subject: [PATCH] add terraform script and workflow for create ami e e e e create ami e e final touches :) --- .../create-self-hosted-runner-ami.yaml | 32 +++++++++++++++++++ .../workflows/verify-dashboards-alerts.yaml | 25 +++++++++------ ami-self-hosted-runner.tf | 20 ++++++++++++ self-hosted-runner.tf | 16 ++++++---- 4 files changed, 76 insertions(+), 17 deletions(-) create mode 100644 .github/workflows/create-self-hosted-runner-ami.yaml create mode 100644 ami-self-hosted-runner.tf diff --git a/.github/workflows/create-self-hosted-runner-ami.yaml b/.github/workflows/create-self-hosted-runner-ami.yaml new file mode 100644 index 000000000..bd7bbc1db --- /dev/null +++ b/.github/workflows/create-self-hosted-runner-ami.yaml @@ -0,0 +1,32 @@ +name: Create Self Hosted Runner AMI + +on: + push: + paths: + - self-hosted-runner.tf + +jobs: + create-self-hosted-runner-ami: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - uses: hashicorp/setup-terraform@v3 + + - name: Initialize Terraform Environment + run: | + terraform init + + - name: Create PEM file + run: | + echo "${{ secrets.AWS_PEM_KEY }}" > ${{ secrets.AWS_KEY_NAME }}.pem + chmod 400 ${{ secrets.AWS_KEY_NAME }}.pem + + - name: Apply Terraform Configuration + run: | + terraform apply -auto-approve -var=aws_access_key=${{ secrets.AWS_ACCESS_KEY_ID }} -var=aws_secret_key=${{ secrets.AWS_SECRET_ACCESS_KEY }} -var=aws_key_name=${{ secrets.AWS_KEY_NAME }} + + - name: Destroy Terraform Configuration (should retain AMI from config) + run: | + # Remove AMI from terraform so it does not destroy + terraform state rm aws_ami_from_instance.self_hosted_runner_ami + terraform destroy -auto-approve -var=aws_access_key=${{ secrets.AWS_ACCESS_KEY_ID }} -var=aws_secret_key=${{ secrets.AWS_SECRET_ACCESS_KEY }} -var=aws_key_name=${{ secrets.AWS_KEY_NAME }} \ No newline at end of file diff --git a/.github/workflows/verify-dashboards-alerts.yaml b/.github/workflows/verify-dashboards-alerts.yaml index eca678440..c3d3d02ff 100644 --- a/.github/workflows/verify-dashboards-alerts.yaml +++ b/.github/workflows/verify-dashboards-alerts.yaml @@ -2,15 +2,15 @@ name: Verify Dashboards and Alerts OK on: push: - # paths: - # # Dashboards - # - examples/dashboards/app_developer.json - # - examples/dashboards/business_user.json - # - examples/dashboards/platform_engineer.json - # # Alerts - # - examples/alerts/prometheusrules_policies_missing.yaml - # - examples/alerts/slo-availability.yaml - # - examples/alerts/slo-latency.yaml + paths: + # Dashboards + - examples/dashboards/app_developer.json + - examples/dashboards/business_user.json + - examples/dashboards/platform_engineer.json + # Alerts + - examples/alerts/prometheusrules_policies_missing.yaml + - examples/alerts/slo-availability.yaml + - examples/alerts/slo-latency.yaml jobs: deploy-register-self-runner: runs-on: ubuntu-latest @@ -20,7 +20,10 @@ jobs: - uses: hashicorp/setup-terraform@v3 - name: Initialize Terraform Environment - run: terraform init + run: | + # Remove ami-self-hosted-runner.tf to prevent constant creation of AMIs + rm ami-self-hosted-runner.tf + terraform init - name: Create PEM files run: | @@ -260,6 +263,8 @@ jobs: - name: Initialize Terraform Environment run: | + # Remove ami-self-hosted-runner.tf to prevent constant creation of AMIs + rm ami-self-hosted-runner.tf terraform init - name: Download statefile to teardown resources diff --git a/ami-self-hosted-runner.tf b/ami-self-hosted-runner.tf new file mode 100644 index 000000000..cd0cf1cd9 --- /dev/null +++ b/ami-self-hosted-runner.tf @@ -0,0 +1,20 @@ +data "aws_instance" "self_hosted_runner_instance" { + instance_id = aws_instance.self_hosted_runner.id + depends_on = [ null_resource.wait_for_user_data ] +} + +resource "aws_ami_from_instance" "self_hosted_runner_ami" { + name = "self-hosted-runner-ami" + source_instance_id = data.aws_instance.self_hosted_runner_instance.id + description = "An AMI created from an existing EC2 instance which contains the environment needed for self-hosted runner on kuadrant-operator." + + tags = { + Name = "self-hosted-runner-ami" + } + + lifecycle { + prevent_destroy = true + } + + depends_on = [ null_resource.wait_for_user_data ] +} \ No newline at end of file diff --git a/self-hosted-runner.tf b/self-hosted-runner.tf index 4b0caa004..fe603e407 100644 --- a/self-hosted-runner.tf +++ b/self-hosted-runner.tf @@ -19,8 +19,8 @@ variable "aws_key_name" { type = string } -resource "aws_instance" "example" { - ami = "ami-0776c814353b4814d" +resource "aws_instance" "self_hosted_runner" { + ami = "ami-055032149717ffb30" # change to ami-0776c814353b4814d when creating an AMI. instance_type = "t2.xlarge" root_block_device { @@ -36,7 +36,9 @@ resource "aws_instance" "example" { // Security Group for SSH, HTTP, and HTTPS access security_groups = ["ssh-http-https-access"] - user_data = <<-EOL + # Uncomment when creating an AMI . + + /* user_data = <<-EOL #!/bin/bash echo "Starting user_data script..." sudo apt-get update -y @@ -60,7 +62,7 @@ resource "aws_instance" "example" { sudo chmod 7777 kuadrant-operator/hack echo "user_data script execution completed." touch /tmp/user_data_done - EOL + EOL */ } @@ -105,7 +107,7 @@ resource "aws_security_group" "ssh_http_https_access" { resource "null_resource" "wait_for_user_data" { provisioner "local-exec" { command = <