Fred Damstra [afs macbook] 4e2cfe2ba7 Adds module for github runners using philips labs 3rd party module		3 年之前
..
docs	4e2cfe2ba7 Adds module for github runners using philips labs 3rd party module	3 年之前
examples	4e2cfe2ba7 Adds module for github runners using philips labs 3rd party module	3 年之前
images	4e2cfe2ba7 Adds module for github runners using philips labs 3rd party module	3 年之前
modules	4e2cfe2ba7 Adds module for github runners using philips labs 3rd party module	3 年之前
policies	4e2cfe2ba7 Adds module for github runners using philips labs 3rd party module	3 年之前
templates	4e2cfe2ba7 Adds module for github runners using philips labs 3rd party module	3 年之前
CHANGELOG.md	4e2cfe2ba7 Adds module for github runners using philips labs 3rd party module	3 年之前
CONTRIBUTING.md	4e2cfe2ba7 Adds module for github runners using philips labs 3rd party module	3 年之前
LICENSE.md	4e2cfe2ba7 Adds module for github runners using philips labs 3rd party module	3 年之前
MAINTAINERS.md	4e2cfe2ba7 Adds module for github runners using philips labs 3rd party module	3 年之前
README.XDR.md	4e2cfe2ba7 Adds module for github runners using philips labs 3rd party module	3 年之前
README.md	4e2cfe2ba7 Adds module for github runners using philips labs 3rd party module	3 年之前
main.tf	4e2cfe2ba7 Adds module for github runners using philips labs 3rd party module	3 年之前
outputs.tf	4e2cfe2ba7 Adds module for github runners using philips labs 3rd party module	3 年之前
variables.tf	4e2cfe2ba7 Adds module for github runners using philips labs 3rd party module	3 年之前
versions.tf	4e2cfe2ba7 Adds module for github runners using philips labs 3rd party module	3 年之前

XDR's Submodule for GitHub Runners

Original Source: https://github.com/philips-labs/terraform-aws-github-runner

For USAGE, see the module documentation at

~/xdr-terraform-modules/base/github-runners/README.md

Significant Changes

in modules/runners/policies/lambda-scale-up.json, added section for KMS access:

    {
        "Effect": "Allow",
        "Action": [
            "kms:CreateGrant",
            "kms:Decrypt",
            "kms:DescribeKey",
            "kms:Encrypt",
            "kms:GenerateDataKey*",
            "kms:ReEncrypt*"
        ],
        "Resource": "*"

in modules/runners/scale-{up,down}.tf, modules/webhook/webhook.tf, and ./modules/runner-binaries-syncer/runner-binaries-syncer.tf changed architectures line to be:
```
architectures     = var.lambda_architecture == "x86_64" ? [] : [var.lambda_architecture]
```
This solves an issue where terraform thinks there's a change every time.

Similarly, for ./modules/runners/pool/main.tf, changed architectures line to be:

architectures     = var.config.lambda_architecture == "x86_64" ? [] : [var.config.lambda_architecture]

Process

Cloned repo
rm -rf .git
Follow the Setup GitHub App (part 1) instructions at https://github.com/philips-labs/terraform-aws-github-runner#setup-github-app-part-1 a. App name: mdr-engineering-runners b. Everything else as instructed.
Download the lambdas from the 'releases' page into ~/Downloads/terraform-aws-github

Upload the lambdas:

cd ~/Downloads/
aws --profile mdr-common-services-gov s3 sync terraform-aws-github s3://afsxdr-binaries/terraform-aws-github
aws --profile mdr-common-services     s3 sync terraform-aws-github s3://afsxdr-binaries/terraform-aws-github

Add variables to ~/xdr-terraform-modules/base/github-runners/locals.tf
Modify variables in ~/xdr-terraform-live/test/aws-us-gov/mdr-test-c2/093-github-runners-mdr-engineering
terragrunt-local init && terragrunt-local apply
Follow the instructions at 'Setup the webhook'

README.XDR.md

XDR's Submodule for GitHub Runners

For USAGE, see the module documentation at

Significant Changes

Process