cppal initial commit

Author: sdarwin

README.md

@@ -1,5 +1,7 @@
 # Terraform module for scalable self hosted GitHub action runners <!-- omit in toc -->
 
+see [README-CPP.md](README-CPP.md) for the C++ specific admin info.
+
 [![awesome-runners](https://img.shields.io/badge/listed%20on-awesome--runners-blue.svg)](https://github.com/jonico/awesome-runners)[![Terraform registry](https://img.shields.io/github/v/release/philips-labs/terraform-aws-github-runner?label=Terraform%20Registry)](https://registry.terraform.io/modules/philips-labs/github-runner/aws/) [![Terraform checks](https://github.com/philips-labs/terraform-aws-github-runner/actions/workflows/terraform.yml/badge.svg)](https://github.com/philips-labs/terraform-aws-github-runner/actions/workflows/terraform.yml) [![Lambdas](https://github.com/philips-labs/terraform-aws-github-runner/actions/workflows/lambda.yml/badge.svg)](https://github.com/philips-labs/terraform-aws-github-runner/actions/workflows/lambda.yml)
 
 This [Terraform](https://www.terraform.io/) module creates the required infrastructure needed to host [GitHub Actions](https://github.com/features/actions) self-hosted, auto-scaling runners on [AWS spot instances](https://aws.amazon.com/ec2/spot/). It provides the required logic to handle the life cycle for scaling up and down using a set of AWS Lambda functions. Runners are scaled down to zero to avoid costs when no workflows are active.

examples/lambdas-download-cppal/.terraform.lock.hcl

@@ -0,0 +1,42 @@
+# Wrapper module to download lambda's for running the examples
+
+Module is used by examples to download Lambda distribution from the GitHub release.
+
+```bash
+terraform init
+terraform apply -var=module_version=<VERSION>
+```
+
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1 |
+
+## Providers
+
+No providers.
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_lambdas"></a> [lambdas](#module\_lambdas) | ../../modules/download-lambda | n/a |
+
+## Resources
+
+No resources.
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_module_version"></a> [module\_version](#input\_module\_version) | Module release version. | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_files"></a> [files](#output\_files) | n/a |
+<!-- END_TF_DOCS -->

examples/lambdas-download-cppal/README.md

@@ -0,0 +1,21 @@
+module "lambdas" {
+  source = "../../modules/download-lambda"
+  lambdas = [
+    {
+      name = "webhook"
+      tag  = var.module_version
+    },
+    {
+      name = "runners"
+      tag  = var.module_version
+    },
+    {
+      name = "runner-binaries-syncer"
+      tag  = var.module_version
+    }
+  ]
+}
+
+output "files" {
+  value = module.lambdas.files
+}

examples/lambdas-download-cppal/main.tf

@@ -0,0 +1,4 @@
+variable "module_version" {
+  description = "Module release version."
+  type        = string
+}

examples/lambdas-download-cppal/variables.tf

@@ -0,0 +1,3 @@
+terraform {
+  required_version = ">= 1"
+}

examples/lambdas-download-cppal/versions.tf

@@ -0,0 +1,92 @@
+# Action runners deployment of Multiple-Runner-Configurations-Together example
+
+This module shows how to create GitHub action runners with multiple runner configuration together in one deployment. This example has the configurations for the following runner types with the relevant labels supported by them as matchers:
+
+- Linux ARM64 `["self-hosted", "linux", "arm64", "amazon"]`
+- Linux Ubuntu `["self-hosted", "linux", "x64", "ubuntu-latest"]` or `["self-hosted", "linux", "x64", "ubuntu-2204"]``
+- Linux X64 `["self-hosted", "linux", "x64", "amazon"]`
+- Windows X64 `["self-hosted", "windows", "x64", "servercore-2022"]`
+
+The module will decide the runner for the workflow job based on the match in the labels defined in the workflow job and runner configuration. Also the runner configuration allows the match to be exact or non-exact match. We recommend to use only exact matches.
+
+For exact match, all the labels defined in the workflow should be present in the runner configuration matchers and for non-exact match, some of the labels in the workflow, when present in runner configuration, shall be enough for the runner configuration to be used for the job. First the exact matchers are applied, next the non exact ones.
+
+## Webhook
+
+For the list of provided runner configurations, there will be a single webhook and only a single Github App to receive the notifications for all types of workflow triggers.
+
+## Lambda distribution
+
+Per combination of OS and architecture a lambda distribution syncer will be created. For this example there will be three instances (windows X64, linux X64, linux ARM).
+
+## Usages
+
+Steps for the full setup, such as creating a GitHub app can be found in the root module's [README](../../README.md). First download the Lambda releases from GitHub. Alternatively you can build the lambdas locally with Node or Docker, there is a simple build script in `<root>/.ci/build.sh`. In the `main.tf` you can simply remove the location of the lambda zip files, the default location will work in this case.
+
+> Ensure you have set the version in `lambdas-download/main.tf` for running the example. The version needs to be set to a GitHub release version, see https://github.com/philips-labs/terraform-aws-github-runner/releases
+
+```bash
+cd ../lambdas-download
+terraform init
+terraform apply -var=module_version=<VERSION>
+cd -
+```
+
+Before running Terraform, ensure the GitHub app is configured. See the [configuration details](../../README.md#usages) for more details.
+
+```bash
+terraform init
+terraform apply
+```
+
+You can receive the webhook details by running:
+
+```bash
+terraform output -raw webhook_secret
+```
+
+Be-aware some shells will print some end of line character `%`.
+
+<!-- BEGIN_TF_DOCS -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.0 |
+| <a name="requirement_local"></a> [local](#requirement\_local) | ~> 2.0 |
+| <a name="requirement_random"></a> [random](#requirement\_random) | ~> 3.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_random"></a> [random](#provider\_random) | 3.4.3 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_multi-runner"></a> [multi-runner](#module\_multi-runner) | ../../modules/multi-runner | n/a |
+| <a name="module_vpc"></a> [vpc](#module\_vpc) | terraform-aws-modules/vpc/aws | 3.11.2 |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [random_id.random](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_environment"></a> [environment](#input\_environment) | n/a | `string` | `null` | no |
+| <a name="input_github_app"></a> [github\_app](#input\_github\_app) | GitHub for API usages. | <pre>object({<br>    id         = string<br>    key_base64 = string<br>  })</pre> | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_webhook_endpoint"></a> [webhook\_endpoint](#output\_webhook\_endpoint) | n/a |
+| <a name="output_webhook_secret"></a> [webhook\_secret](#output\_webhook\_secret) | n/a |
+<!-- END_TF_DOCS -->

examples/multi-runner-cppal/.terraform.lock.hcl

@@ -0,0 +1,66 @@
+
+data "aws_route_table" "gha_public_rt" {
+  vpc_id        = module.vpc.vpc_id
+  tags		= {
+    Name        = "vpc-gha-public"
+    Environment = "gha"
+  }
+}
+
+data "aws_route_table" "gha_private_rt" {
+  vpc_id        = module.vpc.vpc_id
+  tags		= {
+    Name        = "vpc-gha-private"
+    Environment = "gha"
+  }
+}
+
+resource "aws_vpc_peering_connection" "peering1" {
+  peer_vpc_id   = var.aws_default_vpc
+  vpc_id        = module.vpc.vpc_id
+  auto_accept   = true
+}
+
+resource "aws_route" "default_vpc_route_1" {
+  route_table_id            = var.aws_default_route_table
+  destination_cidr_block    = "10.0.1.0/24"
+  vpc_peering_connection_id = aws_vpc_peering_connection.peering1.id
+}
+
+resource "aws_route" "default_vpc_route_2" {
+  route_table_id            = var.aws_default_route_table
+  destination_cidr_block    = "10.0.2.0/24"
+  vpc_peering_connection_id = aws_vpc_peering_connection.peering1.id
+}
+resource "aws_route" "default_vpc_route_3" {
+  route_table_id            = var.aws_default_route_table
+  destination_cidr_block    = "10.0.3.0/24"
+  vpc_peering_connection_id = aws_vpc_peering_connection.peering1.id
+}
+resource "aws_route" "default_vpc_route_101" {
+  route_table_id            = var.aws_default_route_table
+  destination_cidr_block    = "10.0.101.0/24"
+  vpc_peering_connection_id = aws_vpc_peering_connection.peering1.id
+}
+resource "aws_route" "default_vpc_route_102" {
+  route_table_id            = var.aws_default_route_table
+  destination_cidr_block    = "10.0.102.0/24"
+  vpc_peering_connection_id = aws_vpc_peering_connection.peering1.id
+}
+resource "aws_route" "default_vpc_route_103" {
+  route_table_id            = var.aws_default_route_table
+  destination_cidr_block    = "10.0.103.0/24"
+  vpc_peering_connection_id = aws_vpc_peering_connection.peering1.id
+}
+
+resource "aws_route" "gha_vpc_route_public_1" {
+   route_table_id            = data.aws_route_table.gha_public_rt.id
+  destination_cidr_block    = var.aws_default_cidr_range
+  vpc_peering_connection_id = aws_vpc_peering_connection.peering1.id
+}
+
+resource "aws_route" "gha_vpc_route_private_1" {
+  route_table_id            = data.aws_route_table.gha_private_rt.id
+  destination_cidr_block    = var.aws_default_cidr_range
+  vpc_peering_connection_id = aws_vpc_peering_connection.peering1.id
+}