cattle-ops
diff --git a/‎docker_machine.tf‎
Lines changed: 0 additions & 38 deletions b/‎docker_machine.tf‎
Lines changed: 0 additions & 38 deletions
diff --git a/‎locals.tf‎
Lines changed: 1 addition & 40 deletions b/‎locals.tf‎
Lines changed: 1 addition & 40 deletions
diff --git a/‎main.tf‎
Lines changed: 16 additions & 57 deletions b/‎main.tf‎
Lines changed: 16 additions & 57 deletions
@@ -1,41 +1,3 @@
-locals {
-  template_runner_docker_machine = templatefile("${path.module}/template/runner-docker-machine-config.tftpl",
-    {
-      runners_idle_count     = var.runner_worker_docker_machine_instance.idle_count
-      runners_idle_time      = var.runner_worker_docker_machine_instance.idle_time
-      runners_max_builds     = local.runners_max_builds_string
-      docker_machine_name    = format("%s-%s", local.runner_tags_merged["Name"], "%s") # %s is always needed
-      runners_instance_types = var.runner_worker_docker_machine_instance.types
-      aws_region             = data.aws_region.current.name
-      runners_aws_zone       = data.aws_availability_zone.runners.name_suffix
-      runners_userdata       = var.runner_worker_docker_machine_instance.start_script
-
-      runners_vpc_id           = var.vpc_id
-      runners_subnet_id        = var.subnet_id
-      runners_subnet_ids       = length(var.runner_worker_docker_machine_instance.subnet_ids) > 0 ? var.runner_worker_docker_machine_instance.subnet_ids : [var.subnet_id]
-      runners_instance_profile = var.runner_worker.type == "docker+machine" ? aws_iam_instance_profile.docker_machine[0].name : ""
-
-      runners_use_private_address_only = var.runner_worker_docker_machine_instance.private_address_only
-      runners_use_private_address      = !var.runner_worker_docker_machine_instance.private_address_only
-      runners_request_spot_instance    = var.runner_worker_docker_machine_instance_spot.enable
-      runners_spot_price_bid           = var.runner_worker_docker_machine_instance_spot.max_price == "on-demand-price" || var.runner_worker_docker_machine_instance_spot.max_price == null ? "" : var.runner_worker_docker_machine_instance_spot.max_price
-      runners_security_group_name      = var.runner_worker.type == "docker+machine" ? aws_security_group.docker_machine[0].name : ""
-
-      runners_tags                      = replace(replace(local.runner_tags_string, ",,", ","), "/,$/", "")
-      runners_ebs_optimized             = var.runner_worker_docker_machine_instance.ebs_optimized
-      runners_monitoring                = var.runner_worker_docker_machine_instance.monitoring
-      runners_iam_instance_profile_name = var.runner_worker_docker_machine_role.profile_name
-      runners_root_size                 = var.runner_worker_docker_machine_instance.root_size
-      runners_volume_type               = var.runner_worker_docker_machine_instance.volume_type
-      runners_ami                       = var.runner_worker.type == "docker+machine" ? (length(var.runner_worker_docker_machine_ami_id) > 0 ? var.runner_worker_docker_machine_ami_id : data.aws_ami.docker_machine_by_filter[0].id) : ""
-      use_fleet                         = var.runner_worker_docker_machine_fleet.enable
-      launch_template                   = var.runner_worker_docker_machine_fleet.enable == true ? aws_launch_template.fleet_gitlab_runner[0].name : ""
-      docker_machine_options            = length(local.docker_machine_options_string) == 1 ? "" : local.docker_machine_options_string
-      runners_max_growth_rate           = var.runner_worker_docker_machine_instance.max_growth_rate
-      runners_volume_kms_key            = local.kms_key_arn
-  })
-}
-
 resource "aws_iam_instance_profile" "docker_machine" {
   count = var.runner_worker.type == "docker+machine" ? 1 : 0
   name  = "${local.name_iam_objects}-docker-machine"
 
@@ -44,28 +44,7 @@ locals {
   )
   aws_iam_role_instance_arn = "arn:${data.aws_partition.current.partition}:iam::${data.aws_caller_identity.current.account_id}:role/${local.aws_iam_role_instance_name}"
 
-  # Convert list to a string separated and prepend by a comma
-  docker_machine_options_string = format(
-    ",\"amazonec2-metadata-token=${var.runner_worker_docker_machine_ec2_metadata_options.http_tokens}\", \"amazonec2-metadata-token-response-hop-limit=${var.runner_worker_docker_machine_ec2_metadata_options.http_put_response_hop_limit}\",%s",
-    join(",", formatlist("%q", concat(var.runner_worker_docker_machine_ec2_options, local.runners_docker_registry_mirror_option))),
-  )
-
-  runners_docker_registry_mirror_option = var.runner_worker_docker_machine_instance.docker_registry_mirror_url == "" ? [] : ["engine-registry-mirror=${var.runner_worker_docker_machine_instance.docker_registry_mirror_url}"]
-
-  runners_docker_options_toml = templatefile("${path.module}/template/runners_docker_options.tftpl", {
-    options = merge({
-      for key, value in var.runner_worker_docker_options : key => value if value != null && key != "volumes" && key != "pull_policies"
-      }, {
-      pull_policy = var.runner_worker_docker_options.pull_policies
-      volumes     = local.runners_volumes
-    })
-    }
-  )
-
-  # Ensure max builds is optional
-  runners_max_builds_string = var.runner_worker_docker_machine_instance.destroy_after_max_builds == 0 ? "" : format("MaxBuilds = %d", var.runner_worker_docker_machine_instance.destroy_after_max_builds)
-
-  # Define key for runner token for SSM
+    # Define key for runner token for SSM
   secure_parameter_store_runner_token_key  = "${var.environment}-${var.runner_gitlab_token_secure_parameter_store}"
   secure_parameter_store_runner_sentry_dsn = "${var.environment}-${var.runner_sentry_secure_parameter_store_name}"
 
@@ -74,24 +53,6 @@ locals {
   name_sg                    = var.security_group_prefix == "" ? local.tags["Name"] : var.security_group_prefix
   name_iam_objects           = var.iam_object_prefix == "" ? local.tags["Name"] : var.iam_object_prefix
 
-  runners_volumes = concat(var.runner_worker_docker_options.volumes, var.runner_worker_docker_add_dind_volumes ? ["/certs/client", "/builds", "/var/run/docker.sock:/var/run/docker.sock"] : [])
-
-  runners_docker_services = templatefile("${path.module}/template/runners_docker_services.tftpl", {
-    runners_docker_services = var.runner_worker_docker_services
-    }
-  )
-
-  /* determines if the docker machine executable adds the Name tag automatically (versions >= 0.16.2) */
-  # make sure to skip pre-release stuff in the semver by ignoring everything after "-"
-  docker_machine_version_used          = split(".", split("-", var.runner_install.docker_machine_version)[0])
-  docker_machine_version_with_name_tag = split(".", "0.16.2")
-  docker_machine_version_test = [
-    for i, j in reverse(range(length(local.docker_machine_version_used)))
-    : signum(local.docker_machine_version_with_name_tag[i] - local.docker_machine_version_used[i]) * pow(10, j)
-  ]
-
-  docker_machine_adds_name_tag = signum(sum(local.docker_machine_version_test)) <= 0
-
   runner_worker_graceful_terminate_heartbeat_timeout = (var.runner_terminate_ec2_lifecycle_timeout_duration == null
     ? min(7200, tonumber(coalesce(var.runner_gitlab_registration_config.maximum_timeout, 0)) + 300)
   : var.runner_terminate_ec2_lifecycle_timeout_duration)
 
@@ -85,74 +85,33 @@ locals {
       fleeting_plugin_version                                      = var.runner_worker_docker_autoscaler.fleeting_plugin_version
   })
 
-  template_runner_docker_autoscaler = templatefile("${path.module}/template/runner-docker-autoscaler-config.tftpl",
-    {
-      docker_autoscaling_name       = var.runner_worker.type == "docker-autoscaler" ? aws_autoscaling_group.autoscaler[0].name : ""
-      connector_config_user         = var.runner_worker_docker_autoscaler.connector_config_user
-      runners_capacity_per_instance = var.runner_worker_docker_autoscaler.capacity_per_instance
-      runners_max_use_count         = var.runner_worker_docker_autoscaler.max_use_count
-      runners_max_instances         = var.runner_worker.max_jobs
-
-      runners_update_interval                = var.runner_worker_docker_autoscaler.update_interval
-      runners_update_interval_when_expecting = var.runner_worker_docker_autoscaler.update_interval_when_expecting
-
-      runners_instance_ready_command = var.runner_worker_docker_autoscaler.instance_ready_command
-
-      use_private_key = var.runner_worker.use_private_key && var.runner_worker.type == "docker-autoscaler"
-
-      runners_autoscaling = [for config in var.runner_worker_docker_autoscaler_autoscaling_options : {
-        for key, value in config :
-        # Convert key from snake_case to PascalCase which is the casing for this section.
-        key => jsonencode(value) if value != null
-      }]
-  })
-
-  template_runner_worker_config = templatefile("${path.module}/template/runner-worker-config.tftpl",
-    {
-      aws_region       = data.aws_region.current.name
-      gitlab_url       = var.runner_gitlab.url
-      gitlab_clone_url = var.runner_gitlab.url_clone
-      tls_ca_file      = length(var.runner_gitlab.certificate) > 0 ? "tls-ca-file=\"/etc/gitlab-runner/certs/gitlab.crt\"" : ""
-      runners_machine_autoscaling = [for config in var.runner_worker_docker_machine_autoscaling_options : {
-        for key, value in config :
-        # Convert key from snake_case to PascalCase which is the casing for this section.
-        join("", [for subkey in split("_", key) : title(subkey)]) => jsonencode(value) if value != null
-      }]
-
-      runners_name                   = var.runner_instance.name
-      runners_token                  = var.runner_gitlab.registration_token
-      runners_executor               = var.runner_worker.type
-      runners_limit                  = var.runner_worker.max_jobs
-      runners_environment_vars       = jsonencode(var.runner_worker.environment_variables)
-      runners_pre_build_script       = var.runner_worker_gitlab_pipeline.pre_build_script
-      runners_post_build_script      = var.runner_worker_gitlab_pipeline.post_build_script
-      runners_pre_clone_script       = var.runner_worker_gitlab_pipeline.pre_clone_script
-      runners_request_concurrency    = var.runner_worker.request_concurrency
-      runners_output_limit           = var.runner_worker.output_limit
-      runners_volumes_tmpfs          = join("\n", [for v in var.runner_worker_docker_volumes_tmpfs : format("\"%s\" = \"%s\"", v.volume, v.options)])
-      runners_services_volumes_tmpfs = join("\n", [for v in var.runner_worker_docker_services_volumes_tmpfs : format("\"%s\" = \"%s\"", v.volume, v.options)])
-      runners_docker_services        = local.runners_docker_services
-      runners_docker_options         = local.runners_docker_options_toml
-      bucket_name                    = local.bucket_name
-      shared_cache                   = var.runner_worker_cache.shared
-      auth_type                      = var.runner_worker_cache.authentication_type
-      runners_docker_autoscaler      = var.runner_worker.type == "docker-autoscaler" ? local.template_runner_docker_autoscaler : ""
-      runners_docker_machine         = var.runner_worker.type == "docker+machine" ? local.template_runner_docker_machine : ""
-    }
-  )
-
   template_runner_config = templatefile("runner-agent.tftpl",
     {
       prometheus_listen_address      = var.runner_manager.prometheus_listen_address
       runners_check_interval         = var.runner_manager.gitlab_check_interval
       runners_concurrent             = var.runner_manager.maximum_concurrent_jobs
       sentry_dsn                     = var.runner_manager.sentry_dsn
 
-      runners = [local.template_runner_worker_config]
+      runners = [module.runner.runner_config]
     }
   )
 }
 
+module "runner" {
+  source = "./modules/runner-config"
+
+  kms_key_arn = local.kms_key_arn
+  cache_bucket_name = local.bucket_name
+  docker_autoscaler_asg_name = var.runner_worker.type == "docker-autoscaler" ? aws_autoscaling_group.autoscaler[0].name : ""
+  docker_machine_runner_name = local.runner_tags_merged["Name"]
+  docker_machine_availability_zone_name = data.aws_availability_zone.runners.name_suffix
+  docker_machine_instance_profile_name = var.runner_worker.type == "docker+machine" ? aws_iam_instance_profile.docker_machine[0].name : ""
+  docker_machine_security_group_name = var.runner_worker.type == "docker+machine" ? aws_security_group.docker_machine[0].name : ""
+  docker_machine_ami_id = data.aws_ami.docker_machine_by_filter[0].id
+  docker_machine_fleet_launch_template_name = var.runner_worker_docker_machine_fleet.enable == true ? aws_launch_template.fleet_gitlab_runner[0].name : ""
+  docker_machine_tags = local.runner_tags_merged
+}
+
 # ignores: Autoscaling Groups Supply Tags --> we use a "dynamic" block to create the tags
 # ignores: Auto Scaling Group With No Associated ELB --> that's simply not true, as the EC2 instance contacts GitLab. So no ELB needed here.
 # kics-scan ignore-line