Skip to content

Releases: philips-labs/terraform-aws-github-runner

v6.0.0

20 Dec 14:50
ee4b92f
Compare
Choose a tag to compare

6.0.0 (2024-12-20)

This release contains several breaking changes

  • Terraform AWS provider minimal version is upgraded to support node 22
  • EventBridge is used by default, opt out can be configured
  • FIFO queued are removed, an update will re-crate all queues. This can cause loss of messages. When the EventBridge is enabled messages can be replayed if needed.
  • Deprecated variables are removed

⚠ BREAKING CHANGES

  • Enable eventbridge by default (#4320)
  • remove deprecated metric feature flag (#4319)
  • Upgrade Node to 22 (LTS) (#4318)
  • remove deprecated variables (#4073)
  • Remove FIFO queues (#4072)
  • remove deprecated runners_scale_up_Lambda_memory_size as it breaks CDKTF (#4276) @stefanrusu-loctax

Features

Bug Fixes

v5.21.0

20 Dec 12:59
dd4591e
Compare
Choose a tag to compare

5.21.0 (2024-12-20)

Features

Bug Fixes

  • Incorrect syncer binary location in tf outputs (#4274) (401a373), closes #4137 @winwinashwin
  • lambda: bump @octokit/types from 13.6.1 to 13.6.2 in /lambdas in the octokit group (#4303) (9f76c4c)
  • lambda: bump axios from 1.7.7 to 1.7.9 in /lambdas (#4305) (e3cd5b4)
  • lambda: bump the aws group across 1 directory with 7 updates (#4314) (3f9b768)

v5.20.1

09 Dec 10:38
d70952f
Compare
Choose a tag to compare

5.20.1 (2024-12-09)

Bug Fixes

  • lambda: bump @octokit/types from 13.6.1 to 13.6.2 in /lambdas in the octokit group (#4291) (d8d7519)
  • lambda: bump the aws group across 1 directory with 7 updates (#4288) (039f5db)
  • lambda: bump the aws group in /lambdas with 4 updates (#4290) (eb9c123)
  • lambda: bump the aws-powertools group in /lambdas with 4 updates (#4281) (e1f330b)
  • lambda: bump typescript from 5.6.3 to 5.7.2 in /lambdas (#4293) (f6e4b92)

v5.20.0

19 Nov 21:31
232818d
Compare
Choose a tag to compare

5.20.0 (2024-11-19)

Features

Bug Fixes

  • lambda: bump cross-spawn from 7.0.3 to 7.0.6 in /lambdas (#4273) (dcec236)
  • lambda: bump the aws group in /lambdas with 7 updates (#4266) (849549e)

v5.19.0

12 Nov 12:27
26ad5c1
Compare
Choose a tag to compare

5.19.0 (2024-11-12)

Features

  • remove deprecated bata feature workflow job queue (#4249) (4066c4e)

Bug Fixes

  • dispatch only queued events to runners (#4257) (a0a8322)
  • lambda: bump @octokit/auth-app from 6.1.2 to 6.1.3 in /lambdas in the octokit group (#4252) (25f3538)
  • lambda: bump the aws group in /lambdas with 7 updates (#4251) (6a98712)

Migration notes

This release removes experimental / beta feature enable_workflow_job_events_queue. When depending on the events on this queue you can migrate to using the EventBridgge.

Enable eventbridge

module "runners" {

  ...
  eventbridge {
    enable = true
  }
  ...

Add rule to forward events to a queue

resource "aws_cloudwatch_event_rule" "workflow_job_in_progress" {
  name           = "workflow-job-in-progress"
  event_bus_name = modules.runners.webhook.eventbridge.name # The name of the event bus output by the module

  event_pattern = <<EOF
{
  "detail-type": ["workflow_job"],
  "detail": {
    "action": ["in_progress"]
  }
}
EOF
}

resource "aws_sqs_queue" "workflow_job_in_progress" {
  name = "workflow_job_in_progress
}


resource "aws_sqs_queue_policy" "workflow_job_in_progress" {
  queue_url = aws_sqs_queue.workflow_job_in_progress.id
  policy    = data.aws_iam_policy_document.sqs_policy.json
}

data "aws_iam_policy_document" "sqs_policy" {
  statement {
    sid     = "AllowFromEventBridge"
    actions = ["sqs:SendMessage"]

    principals {
      type        = "Service"
      identifiers = ["events.amazonaws.com"]
    }

    resources = [aws_sqs_queue.workflow_job_in_progress.arn]

    condition {
      test     = "ArnEquals"
      variable = "aws:SourceArn"
      values   = [aws_cloudwatch_event_rule.workflow_job_in_progress.arn]
    }
  }
}

v5.18.4

07 Nov 17:29
52ce9c1
Compare
Choose a tag to compare

5.18.4 (2024-11-07)

Bug Fixes

  • trigger cold start dispatcher after update SSM parameters (#4243) (580d24b)

v5.18.3

06 Nov 14:09
98e6a8c
Compare
Choose a tag to compare

5.18.3 (2024-11-05)

Bug Fixes

  • lambda: bump the aws group in /lambdas with 6 updates (#4235) (ef89b98)
  • remove unused example spot_instance_termination_watcher (#4226) (ad865a7) @piscue

v5.18.2

31 Oct 12:29
0d87aec
Compare
Choose a tag to compare

5.18.2 (2024-10-31)

Bug Fixes

  • webhook: add missing permission to workflow job queue (EventBridge) (#4224) (d7e516c)

v5.18.1

30 Oct 07:04
0c52580
Compare
Choose a tag to compare

5.18.1 (2024-10-29)

Bug Fixes

  • lambda: bump the aws group in /lambdas with 7 updates (#4211) (d18dcaa)
  • lambda: bump the aws-powertools group in /lambdas with 4 updates (#4212) (9c9219b)
  • webhook: grant KMS permission to decrypt when using EventBridge (#4220) (380bcaf)
  • webhook: result message webhook (#4221) (8099c17)

v5.18.0

28 Oct 17:02
7983143
Compare
Choose a tag to compare

5.18.0 (2024-10-28)

Features

Migration directions

This release is adding optional the EventBridge as option to the webhook. No matter if the feature is enabled or not resources are moved internally. Which will destroy all webhook related resources update to this verions.

To retain data for the Loggroup of the webhook or mmetrics for the webhook the resources not to be moved in the Terraform state. You can add HCL moved blocked to your deployment to instruct Terraform to move the resources instead of re-create.

Examples Terraform `moved` blockes

With module defaults or eventbridge is not eanavbled

# log group
moved {
   from = module.<runner-module-name>.module.webhook.aws_cloudwatch_log_group.webhook
   to = module.<runner-module-name>.module.webhook.module.direct[0].aws_cloudwatch_log_group.webhook
}

# lambda
moved {
   from = module.<runner-module-name>.module.webhook.aws_lambda_function.webhook
   to = module.<runner-module-name>.module.webhook.module.direct[0].aws_lambda_function.webhook
}

With EventBridge enabled

# log group
moved {
   from = module.<runner-module-name>.module.webhook.aws_cloudwatch_log_group.webhook
   to = module.<runner-module-name>.module.webhook.module.direct[0].aws_cloudwatch_log_group.webhook
}

# lambda
moved {
   from = module.<runner-module-name>.module.webhook.aws_lambda_function.webhook
   to = module.<runner-module-name>.module.webhook.module.direct[0].aws_lambda_function.webhook
}

Ater upgrade swithcing between webhook to EventBridge

When enable mode eventbridge

# log group
moved {
  from = module.runners.module.webhook.module.direct[0].aws_cloudwatch_log_group.webhook
  to = module.runners.module.webhook.module.eventbridge[0].aws_cloudwatch_log_group.webhook
}

# lambda
moved {
  from = module.runners.module.webhook.module.direct[0].aws_lambda_function.webhook
  to = module.runners.module.webhook.module.eventbridge[0].aws_lambda_function.webhook
}

Or vice versa for moving from eventbride to webhook