Upstream EKS Action Runner Controller (cloudposse/terraform-aws-components#528)

milldr · web-flow · commit 1599b16e29ad · 2023-01-10T17:16:07.000-08:00
diff --git a/src/README.md b/src/README.md
@@ -165,7 +165,6 @@ After the webhook is created, select "edit" for the webhook and go to the "Recen
 (of a "ping" event) with a green check mark. If not, verify all the settings and consult
 the logs of the `actions-runner-controller-github-webhook-server` pod.
 
-Useful Reference
 
 ### Updating CRDs
 
@@ -180,6 +179,9 @@ If new CRDs are needed, install them manually via a command like
 kubectl create -f https://raw.githubusercontent.com/actions-runner-controller/actions-runner-controller/master/charts/actions-runner-controller/crds/actions.summerwind.dev_horizontalrunnerautoscalers.yaml
 ```
 
+
+### Useful Reference
+
 Consult [actions-runner-controller](https://github.com/actions-runner-controller/actions-runner-controller) documentation for further details.
 
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
@@ -264,7 +266,7 @@ Consult [actions-runner-controller](https://github.com/actions-runner-controller
 | <a name="input_regex_replace_chars"></a> [regex\_replace\_chars](#input\_regex\_replace\_chars) | Terraform regular expression (regex) string.<br>Characters matching the regex will be removed from the ID elements.<br>If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no |
 | <a name="input_region"></a> [region](#input\_region) | AWS Region. | `string` | n/a | yes |
 | <a name="input_resources"></a> [resources](#input\_resources) | The cpu and memory of the deployment's limits and requests. | <pre>object({<br>    limits = object({<br>      cpu    = string<br>      memory = string<br>    })<br>    requests = object({<br>      cpu    = string<br>      memory = string<br>    })<br>  })</pre> | n/a | yes |
-| <a name="input_runners"></a> [runners](#input\_runners) | Map of Action Runner configurations, with the key being the name of the runner. Please note that the name must be in<br>kebab-case.<br><br>For example:<pre>hcl<br>organization_runner = {<br>  type = "organization" # can be either 'organization' or 'repository'<br>  dind_enabled: false # A Docker sidecar container will be deployed<br>  image: summerwind/actions-runner # If dind_enabled=true, set this to 'summerwind/actions-runner-dind'<br>  scope = "ACME"  # org name for Organization runners, repo name for Repository runners<br>  scale_down_delay_seconds = 300<br>  min_replicas = 1<br>  max_replicas = 5<br>  busy_metrics = {<br>    scale_up_threshold = 0.75<br>    scale_down_threshold = 0.25<br>    scale_up_factor = 2<br>    scale_down_factor = 0.5<br>  }<br>  labels = [<br>    "Ubuntu",<br>    "core-automation",<br>  ]<br>}</pre> | <pre>map(object({<br>    type                     = string<br>    scope                    = string<br>    image                    = optional(string, "")<br>    dind_enabled             = bool<br>    scale_down_delay_seconds = number<br>    min_replicas             = number<br>    max_replicas             = number<br>    busy_metrics = optional(object({<br>      scale_up_threshold    = string<br>      scale_down_threshold  = string<br>      scale_up_adjustment   = optional(string)<br>      scale_down_adjustment = optional(string)<br>      scale_up_factor       = optional(string)<br>      scale_down_factor     = optional(string)<br>    }))<br>    webhook_driven_scaling_enabled = bool<br>    pull_driven_scaling_enabled    = bool<br>    labels                         = list(string)<br>    storage                        = optional(string, "")<br>    resources = object({<br>      limits = object({<br>        cpu               = string<br>        memory            = string<br>        ephemeral_storage = optional(string, "")<br>      })<br>      requests = object({<br>        cpu    = string<br>        memory = string<br>      })<br>    })<br>  }))</pre> | n/a | yes |
+| <a name="input_runners"></a> [runners](#input\_runners) | Map of Action Runner configurations, with the key being the name of the runner. Please note that the name must be in<br>kebab-case.<br><br>For example:<pre>hcl<br>organization_runner = {<br>  type = "organization" # can be either 'organization' or 'repository'<br>  dind_enabled: false # A Docker sidecar container will be deployed<br>  image: summerwind/actions-runner # If dind_enabled=true, set this to 'summerwind/actions-runner-dind'<br>  scope = "ACME"  # org name for Organization runners, repo name for Repository runners<br>  scale_down_delay_seconds = 300<br>  min_replicas = 1<br>  max_replicas = 5<br>  busy_metrics = {<br>    scale_up_threshold = 0.75<br>    scale_down_threshold = 0.25<br>    scale_up_factor = 2<br>    scale_down_factor = 0.5<br>  }<br>  labels = [<br>    "Ubuntu",<br>    "core-automation",<br>  ]<br>}</pre> | <pre>map(object({<br>    type                     = string<br>    scope                    = string<br>    image                    = optional(string, "")<br>    dind_enabled             = bool<br>    scale_down_delay_seconds = number<br>    min_replicas             = number<br>    max_replicas             = number<br>    busy_metrics = optional(object({<br>      scale_up_threshold    = string<br>      scale_down_threshold  = string<br>      scale_up_adjustment   = optional(string)<br>      scale_down_adjustment = optional(string)<br>      scale_up_factor       = optional(string)<br>      scale_down_factor     = optional(string)<br>    }))<br>    webhook_driven_scaling_enabled = bool<br>    webhook_startup_timeout        = optional(string, null)<br>    pull_driven_scaling_enabled    = bool<br>    labels                         = list(string)<br>    storage                        = optional(string, false)<br>    pvc_enabled                    = optional(string, false)<br>    resources = object({<br>      limits = object({<br>        cpu               = string<br>        memory            = string<br>        ephemeral_storage = optional(string, false)<br>      })<br>      requests = object({<br>        cpu    = string<br>        memory = string<br>      })<br>    })<br>  }))</pre> | n/a | yes |
 | <a name="input_s3_bucket_arns"></a> [s3\_bucket\_arns](#input\_s3\_bucket\_arns) | List of ARNs of S3 Buckets to which the runners will have read-write access to. | `list(string)` | `[]` | no |
 | <a name="input_ssm_github_secret_path"></a> [ssm\_github\_secret\_path](#input\_ssm\_github\_secret\_path) | The path in SSM to the GitHub app private key file contents or GitHub PAT token. | `string` | `""` | no |
 | <a name="input_ssm_github_webhook_secret_token_path"></a> [ssm\_github\_webhook\_secret\_token\_path](#input\_ssm\_github\_webhook\_secret\_token\_path) | The path in SSM to the GitHub Webhook Secret token. | `string` | `""` | no |
diff --git a/src/charts/actions-runner/templates/horizontalrunnerautoscaler.yaml b/src/charts/actions-runner/templates/horizontalrunnerautoscaler.yaml
@@ -31,5 +31,5 @@ spec:
   - githubEvent:
       workflowJob: {}
     amount: 1
-    duration: "{{ .Values.scale_down_delay_seconds }}s"
+    duration: "{{ .Values.webhook_startup_timeout }}"
   {{- end }}
diff --git a/src/charts/actions-runner/templates/runnerdeployment.yaml b/src/charts/actions-runner/templates/runnerdeployment.yaml
@@ -1,3 +1,24 @@
+{{- if .Values.pvc_enabled }}
+---
+# Persistent Volumes can be used for image caching
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ .Values.release_name }}
+spec:
+  accessModes:
+    - ReadWriteMany
+  # StorageClassName comes from efs-controller and must be deployed first.
+  storageClassName: efs-sc
+  resources:
+    requests:
+      # EFS is not actually storage constrained, but this storage request is
+      # required. 100Gi is a ballpark for how much we initially request, but this
+      # may grow. We are responsible for docker pruning this periodically to 
+      # save space.
+      storage: 100Gi 
+{{- end }}
+---
 apiVersion: actions.summerwind.dev/v1alpha1
 kind: RunnerDeployment
 metadata:
@@ -56,7 +77,15 @@ spec:
       dockerVolumeMounts:
       - mountPath: /var/lib/docker
         name: docker-volume
+      {{- end }}
+      {{- if .Values.pvc_enabled }}
+      volumeMounts:
+      - mountPath: /home/runner/work/shared
+        name: shared-volume
+      {{- end }}
+      {{- if or (and .Values.dind_enabled .Values.storage) (.Values.pvc_enabled) }}
       volumes:
+      {{- if and .Values.dind_enabled .Values.storage }}
       - name: docker-volume
         ephemeral:
           volumeClaimTemplate:
@@ -66,3 +95,9 @@ spec:
                 requests:
                   storage: {{ .Values.storage }}
       {{- end }}
+      {{- if .Values.pvc_enabled }}
+      - name: shared-volume
+        persistentVolumeClaim:
+          claimName: {{ .Values.release_name }}
+      {{- end }}
+      {{- end }}
diff --git a/src/charts/actions-runner/values.yaml b/src/charts/actions-runner/values.yaml
@@ -20,7 +20,9 @@ resources:
     cpu: 0.5
     memory: 1Gi
 storage: "10Gi"
+pvc_enabled: false
 webhook_driven_scaling_enabled: false
+webhook_startup_timeout: "30m"
 pull_driven_scaling_enabled: false
 labels:
   - "Ubuntu"
diff --git a/src/main.tf b/src/main.tf
@@ -216,7 +216,9 @@ module "actions_runner" {
       min_replicas                   = each.value.min_replicas
       max_replicas                   = each.value.max_replicas
       webhook_driven_scaling_enabled = each.value.webhook_driven_scaling_enabled
+      webhook_startup_timeout        = try(each.value.webhook_startup_timeout, "${each.value.scale_down_delay_seconds}s") # if webhook_startup_timeout isnt defined, use scale_down_delay_seconds
       pull_driven_scaling_enabled    = each.value.pull_driven_scaling_enabled
+      pvc_enabled                    = each.value.pvc_enabled
     }),
     local.busy_metrics_filtered[each.key] == null ? "" : yamlencode(local.busy_metrics_filtered[each.key]),
   ])
diff --git a/src/variables.tf b/src/variables.tf
@@ -178,14 +178,16 @@ variable "runners" {
       scale_down_factor     = optional(string)
     }))
     webhook_driven_scaling_enabled = bool
+    webhook_startup_timeout        = optional(string, null)
     pull_driven_scaling_enabled    = bool
     labels                         = list(string)
-    storage                        = optional(string, "")
+    storage                        = optional(string, false)
+    pvc_enabled                    = optional(string, false)
     resources = object({
       limits = object({
         cpu               = string
         memory            = string
-        ephemeral_storage = optional(string, "")
+        ephemeral_storage = optional(string, false)
       })
       requests = object({
         cpu    = string
