add terraform script and workflow for create ami

e e e e create ami e e final touches :)
Kuadrant · Jun 26, 2024 · 4bdee2b · 4bdee2b
1 parent 636a721
commit 4bdee2b
Show file tree

Hide file tree

Showing 4 changed files with 76 additions and 17 deletions.
diff --git a/.github/workflows/create-self-hosted-runner-ami.yaml b/.github/workflows/create-self-hosted-runner-ami.yaml
@@ -0,0 +1,32 @@
+name: Create Self Hosted Runner AMI
+
+on:
+    push:
+        paths:
+            - self-hosted-runner.tf
+
+jobs: 
+    create-self-hosted-runner-ami:
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v2
+            - uses: hashicorp/setup-terraform@v3
+
+            - name: Initialize Terraform Environment
+              run: |
+                terraform init
+            
+            - name: Create PEM file
+              run: |
+                echo "${{ secrets.AWS_PEM_KEY }}" > ${{ secrets.AWS_KEY_NAME }}.pem
+                chmod 400 ${{ secrets.AWS_KEY_NAME }}.pem
+            
+            - name: Apply Terraform Configuration
+              run: |
+                terraform apply -auto-approve -var=aws_access_key=${{ secrets.AWS_ACCESS_KEY_ID }} -var=aws_secret_key=${{ secrets.AWS_SECRET_ACCESS_KEY }} -var=aws_key_name=${{ secrets.AWS_KEY_NAME }}
+            
+            - name: Destroy Terraform Configuration (should retain AMI from config)
+              run: |
+                # Remove AMI from terraform so it does not destroy
+                terraform state rm aws_ami_from_instance.self_hosted_runner_ami
+                terraform destroy -auto-approve -var=aws_access_key=${{ secrets.AWS_ACCESS_KEY_ID }} -var=aws_secret_key=${{ secrets.AWS_SECRET_ACCESS_KEY }} -var=aws_key_name=${{ secrets.AWS_KEY_NAME }}
diff --git a/.github/workflows/verify-dashboards-alerts.yaml b/.github/workflows/verify-dashboards-alerts.yaml
@@ -2,15 +2,15 @@ name: Verify Dashboards and Alerts OK
 
 on: 
   push:
-    # paths:
-    #   # Dashboards
-    #   - examples/dashboards/app_developer.json
-    #   - examples/dashboards/business_user.json
-    #   - examples/dashboards/platform_engineer.json
-    #   # Alerts
-    #   - examples/alerts/prometheusrules_policies_missing.yaml
-    #   - examples/alerts/slo-availability.yaml
-    #   - examples/alerts/slo-latency.yaml
+     paths:
+       # Dashboards
+       - examples/dashboards/app_developer.json
+       - examples/dashboards/business_user.json
+       - examples/dashboards/platform_engineer.json
+       # Alerts
+       - examples/alerts/prometheusrules_policies_missing.yaml
+       - examples/alerts/slo-availability.yaml
+       - examples/alerts/slo-latency.yaml
 jobs:
   deploy-register-self-runner:
     runs-on: ubuntu-latest
@@ -20,7 +20,10 @@ jobs:
       - uses: hashicorp/setup-terraform@v3
 
       - name: Initialize Terraform Environment
-        run: terraform init
+        run: |
+          # Remove ami-self-hosted-runner.tf to prevent constant creation of AMIs
+          rm ami-self-hosted-runner.tf
+          terraform init
 
       - name: Create PEM files
         run: |
@@ -260,6 +263,8 @@ jobs:
 
       - name: Initialize Terraform Environment
         run: |
+          # Remove ami-self-hosted-runner.tf to prevent constant creation of AMIs
+          rm ami-self-hosted-runner.tf
           terraform init
 
       - name: Download statefile to teardown resources

diff --git a/ami-self-hosted-runner.tf b/ami-self-hosted-runner.tf
@@ -0,0 +1,20 @@
+data "aws_instance" "self_hosted_runner_instance" {
+  instance_id = aws_instance.self_hosted_runner.id
+  depends_on = [ null_resource.wait_for_user_data ]
+}
+
+resource "aws_ami_from_instance" "self_hosted_runner_ami" {
+  name               = "self-hosted-runner-ami"
+  source_instance_id = data.aws_instance.self_hosted_runner_instance.id
+  description        = "An AMI created from an existing EC2 instance which contains the environment needed for self-hosted runner on kuadrant-operator."
+
+  tags = {
+    Name = "self-hosted-runner-ami"
+  }
+
+  lifecycle {
+    prevent_destroy = true
+  }
+
+  depends_on = [ null_resource.wait_for_user_data ]
+}
diff --git a/self-hosted-runner.tf b/self-hosted-runner.tf
@@ -19,8 +19,8 @@ variable "aws_key_name" {
   type = string
 }
 
-resource "aws_instance" "example" {
-  ami           = "ami-0776c814353b4814d"
+resource "aws_instance" "self_hosted_runner" {
+  ami           = "ami-055032149717ffb30" # change to ami-0776c814353b4814d when creating an AMI. 
   instance_type = "t2.xlarge"
 
   root_block_device {
@@ -36,7 +36,9 @@ resource "aws_instance" "example" {
   // Security Group for SSH, HTTP, and HTTPS access
   security_groups = ["ssh-http-https-access"]
 
-  user_data = <<-EOL
+  # Uncomment when creating an AMI . 
+
+  /* user_data = <<-EOL
     #!/bin/bash
     echo "Starting user_data script..."
     sudo apt-get update -y
@@ -60,7 +62,7 @@ resource "aws_instance" "example" {
     sudo chmod 7777 kuadrant-operator/hack
     echo "user_data script execution completed."
     touch /tmp/user_data_done
-  EOL
+  EOL */
 }
 
 
@@ -105,17 +107,17 @@ resource "aws_security_group" "ssh_http_https_access" {
 resource "null_resource" "wait_for_user_data" {
   provisioner "local-exec" {
     command = <<EOT
-    while ! ssh -o StrictHostKeyChecking=no -i ${aws_instance.example.key_name}.pem ubuntu@${aws_instance.example.public_ip} 'test -f /tmp/user_data_done'; do
+    while ! ssh -o StrictHostKeyChecking=no -i ${aws_instance.self_hosted_runner.key_name}.pem ubuntu@${aws_instance.self_hosted_runner.public_ip} 'test -f /tmp/user_data_done'; do
       echo "Waiting for user_data script to complete..."
       sleep 10
     done
     echo "user_data script completed."
     EOT
   }
 
-  depends_on = [aws_instance.example]
+  depends_on = [aws_instance.self_hosted_runner]
 }
 
 output "instance_public_ip" {
-  value = aws_instance.example.public_ip
+  value = aws_instance.self_hosted_runner.public_ip
 }