From e73a267c63444a3ff07db549f9cee05fd94fc2f2 Mon Sep 17 00:00:00 2001 From: Ryan McKern <344926+mckern@users.noreply.github.com> Date: Mon, 9 May 2022 07:30:41 -0700 Subject: [PATCH] feat: Add option to enable detailed monitoring for runner launch template (#2024) * Expose detailed monitoring config for runners `enable_runner_detailed_monitoring` exposes the explicit enabling or disabling of detailed monitoring (1 minute increments vs default 5 minute increments) for the runner EC2 launch template. * Automatic README update --- README.md | 3 ++- main.tf | 1 + modules/runners/README.md | 1 + modules/runners/main.tf | 4 ++++ modules/runners/variables.tf | 6 ++++++ variables.tf | 8 +++++++- 6 files changed, 21 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 667d6fbcac..2ddc1965f6 100644 --- a/README.md +++ b/README.md @@ -408,8 +408,9 @@ In case the setup does not work as intended follow the trace of events: | [enable\_job\_queued\_check](#input\_enable\_job\_queued\_check) | Only scale if the job event received by the scale up lambda is is in the state queued. By default enabled for non ephemeral runners and disabled for ephemeral. Set this variable to overwrite the default behavior. | `bool` | `null` | no | | [enable\_managed\_runner\_security\_group](#input\_enable\_managed\_runner\_security\_group) | Enabling the default managed security group creation. Unmanaged security groups can be specified via `runner_additional_security_group_ids`. | `bool` | `true` | no | | [enable\_organization\_runners](#input\_enable\_organization\_runners) | Register runners to organization, instead of repo level | `bool` | `false` | no | +| [enable\_runner\_detailed\_monitoring](#input\_enable\_runner\_detailed\_monitoring) | Should detailed monitoring be enabled for the runner. Set this to true if you want to use detailed monitoring. See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html for details. | `bool` | `false` | no | | [enable\_ssm\_on\_runners](#input\_enable\_ssm\_on\_runners) | Enable to allow access the runner instances for debugging purposes via SSM. Note that this adds additional permissions to the runner instances. | `bool` | `false` | no | -| [enabled\_userdata](#input\_enabled\_userdata) | Should the userdata script be enabled for the runner. Set this to false if you are using your own prebuilt AMI | `bool` | `true` | no | +| [enabled\_userdata](#input\_enabled\_userdata) | Should the userdata script be enabled for the runner. Set this to false if you are using your own prebuilt AMI. | `bool` | `true` | no | | [environment](#input\_environment) | A name that identifies the environment, used as prefix and for tagging. | `string` | n/a | yes | | [fifo\_build\_queue](#input\_fifo\_build\_queue) | Enable a FIFO queue to remain the order of events received by the webhook. Suggest to set to true for repo level runners. | `bool` | `false` | no | | [ghes\_ssl\_verify](#input\_ghes\_ssl\_verify) | GitHub Enterprise SSL verification. Set to 'false' when custom certificate (chains) is used for GitHub Enterprise Server (insecure). | `bool` | `true` | no | diff --git a/main.tf b/main.tf index b9754fb511..c7f5601cba 100644 --- a/main.tf +++ b/main.tf @@ -151,6 +151,7 @@ module "runners" { enable_job_queued_check = var.enable_job_queued_check disable_runner_autoupdate = var.disable_runner_autoupdate enable_managed_runner_security_group = var.enable_managed_runner_security_group + enable_runner_detailed_monitoring = var.enable_runner_detailed_monitoring scale_down_schedule_expression = var.scale_down_schedule_expression minimum_running_time_in_minutes = var.minimum_running_time_in_minutes runner_boot_time_in_minutes = var.runner_boot_time_in_minutes diff --git a/modules/runners/README.md b/modules/runners/README.md index 990746456d..4c6b82a082 100644 --- a/modules/runners/README.md +++ b/modules/runners/README.md @@ -127,6 +127,7 @@ yarn run dist | [enable\_job\_queued\_check](#input\_enable\_job\_queued\_check) | Only scale if the job event received by the scale up lambda is is in the state queued. By default enabled for non ephemeral runners and disabled for ephemeral. Set this variable to overwrite the default behavior. | `bool` | `null` | no | | [enable\_managed\_runner\_security\_group](#input\_enable\_managed\_runner\_security\_group) | Enabling the default managed security group creation. Unmanaged security groups can be specified via `runner_additional_security_group_ids`. | `bool` | `true` | no | | [enable\_organization\_runners](#input\_enable\_organization\_runners) | n/a | `bool` | n/a | yes | +| [enable\_runner\_detailed\_monitoring](#input\_enable\_runner\_detailed\_monitoring) | Enable detailed monitoring for runners | `bool` | `false` | no | | [enable\_ssm\_on\_runners](#input\_enable\_ssm\_on\_runners) | Enable to allow access to the runner instances for debugging purposes via SSM. Note that this adds additional permissions to the runner instances. | `bool` | n/a | yes | | [enabled\_userdata](#input\_enabled\_userdata) | Should the userdata script be enabled for the runner. Set this to false if you are using your own prebuilt AMI | `bool` | `true` | no | | [environment](#input\_environment) | A name that identifies the environment, used as prefix and for tagging. | `string` | n/a | yes | diff --git a/modules/runners/main.tf b/modules/runners/main.tf index b6c4b78fc8..f8fc25d97c 100644 --- a/modules/runners/main.tf +++ b/modules/runners/main.tf @@ -81,6 +81,10 @@ resource "aws_launch_template" "runner" { } } + monitoring { + enabled = var.enable_runner_detailed_monitoring + } + iam_instance_profile { name = aws_iam_instance_profile.runner.name } diff --git a/modules/runners/variables.tf b/modules/runners/variables.tf index ca3e4a7255..91b77806fa 100644 --- a/modules/runners/variables.tf +++ b/modules/runners/variables.tf @@ -409,6 +409,12 @@ variable "kms_key_arn" { default = null } +variable "enable_runner_detailed_monitoring" { + description = "Enable detailed monitoring for runners" + type = bool + default = false +} + variable "egress_rules" { description = "List of egress rules for the GitHub runner instances." type = list(object({ diff --git a/variables.tf b/variables.tf index 7617506d09..fc0102c61b 100644 --- a/variables.tf +++ b/variables.tf @@ -165,8 +165,14 @@ variable "kms_key_arn" { default = null } +variable "enable_runner_detailed_monitoring" { + description = "Should detailed monitoring be enabled for the runner. Set this to true if you want to use detailed monitoring. See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html for details." + type = bool + default = false +} + variable "enabled_userdata" { - description = "Should the userdata script be enabled for the runner. Set this to false if you are using your own prebuilt AMI" + description = "Should the userdata script be enabled for the runner. Set this to false if you are using your own prebuilt AMI." type = bool default = true }