Add option to set github server url #303

npalm · npalm · commit dd401f063ca9 · 2020-11-04T09:53:04.000+01:00
diff --git a/README.md b/README.md
@@ -305,6 +305,7 @@ No requirements.
 | encrypt\_secrets | Encrypt secret variables for lambda's such as secrets and private keys. | `bool` | `true` | no |
 | environment | A name that identifies the environment, used as prefix and for tagging. | `string` | n/a | yes |
 | github\_app | GitHub app parameters, see your github app. Ensure the key is base64 encoded. | <pre>object({<br>    key_base64     = string<br>    id             = string<br>    client_id      = string<br>    client_secret  = string<br>    webhook_secret = string<br>  })</pre> | n/a | yes |
+| github\_server\_url | (Optional) provide an alternative GitHub server url for GitHub on premise. | `string` | `"https://github.com/"` | no |
 | idle\_config | List of time period that can be defined as cron expression to keep a minimum amount of runners active instead of scaling down to 0. By defining this list you can ensure that in time periods that match the cron expression within 5 seconds a runner is kept idle. | <pre>list(object({<br>    cron      = string<br>    timeZone  = string<br>    idleCount = number<br>  }))</pre> | `[]` | no |
 | instance\_profile\_path | The path that will be added to the instance\_profile, if not set the environment name will be used. | `string` | `null` | no |
 | instance\_type | Instance type for the action runner. | `string` | `"m5.large"` | no |
diff --git a/main.tf b/main.tf
@@ -74,6 +74,7 @@ module "runners" {
   ami_filter          = local.ami_filter
   ami_owners          = var.ami_owners
 
+  github_server_url               = var.github_server_url
   sqs_build_queue                 = aws_sqs_queue.queued_builds
   github_app                      = var.github_app
   enable_organization_runners     = var.enable_organization_runners
diff --git a/modules/download-lambda/README.md b/modules/download-lambda/README.md
@@ -32,20 +32,20 @@ No requirements.
 ## Providers
 
 | Name | Version |
-| ---- | ------- |
-| null | n/a     |
+|------|---------|
+| null | n/a |
 
 ## Inputs
 
-| Name    | Description                           | Type                                                                        | Default | Required |
-| ------- | ------------------------------------- | --------------------------------------------------------------------------- | ------- | :------: |
-| lambdas | Name and tag for lambdas to download. | <pre>list(object({<br>    name = string<br>    tag  = string<br>  }))</pre> | n/a     |   yes    |
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| lambdas | Name and tag for lambdas to download. | <pre>list(object({<br>    name = string<br>    tag  = string<br>  }))</pre> | n/a | yes |
 
 ## Outputs
 
-| Name  | Description |
-| ----- | ----------- |
-| files | n/a         |
+| Name | Description |
+|------|-------------|
+| files | n/a |
 
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 
diff --git a/modules/runner-binaries-syncer/README.md b/modules/runner-binaries-syncer/README.md
@@ -51,6 +51,7 @@ No requirements.
 | aws\_region | AWS region. | `string` | n/a | yes |
 | distribution\_bucket\_name | Bucket for storing the action runner distribution. | `string` | n/a | yes |
 | environment | A name that identifies the environment, used as prefix and for tagging. | `string` | n/a | yes |
+| lambda\_s3\_bucket | S3 bucket from which to specify lambda functions. This is an alternative to providing local files directly. | `any` | `null` | no |
 | lambda\_schedule\_expression | Scheduler expression for action runner binary syncer. | `string` | `"cron(27 * * * ? *)"` | no |
 | lambda\_timeout | Time out of the lambda in seconds. | `number` | `300` | no |
 | lambda\_zip | File location of the lambda zip file. | `string` | `null` | no |
@@ -59,6 +60,8 @@ No requirements.
 | role\_permissions\_boundary | Permissions boundary that will be added to the created role for the lambda. | `string` | `null` | no |
 | runner\_allow\_prerelease\_binaries | Allow the runners to update to prerelease binaries. | `bool` | `false` | no |
 | runner\_architecture | The platform architecture for the runner instance (x64, arm64), defaults to 'x64' | `string` | `"x64"` | no |
+| syncer\_lambda\_s3\_key | S3 key for syncer lambda function. Required if using S3 bucket to specify lambdas. | `any` | `null` | no |
+| syncer\_lambda\_s3\_object\_version | S3 object version for syncer lambda function. Useful if S3 versioning is enabled on source bucket. | `any` | `null` | no |
 | tags | Map of tags that will be added to created resources. By default resources will be tagged with name and environment. | `map(string)` | `{}` | no |
 
 ## Outputs
diff --git a/modules/runners/README.md b/modules/runners/README.md
@@ -72,6 +72,7 @@ No requirements.
 | encryption | KMS key to encrypted lambda environment secrets. Either provide a key and `encrypt` set to `true`. Or set the key to `null` and encrypt to `false`. | <pre>object({<br>    kms_key_id = string<br>    encrypt    = bool<br>  })</pre> | n/a | yes |
 | environment | A name that identifies the environment, used as prefix and for tagging. | `string` | n/a | yes |
 | github\_app | GitHub app parameters, see your github app. Ensure the key is base64 encoded. | <pre>object({<br>    key_base64    = string<br>    id            = string<br>    client_id     = string<br>    client_secret = string<br>  })</pre> | n/a | yes |
+| github\_server\_url | (Optional) provide an alternative GitHub server url for GitHub on premise. | `string` | `"https://github.com/"` | no |
 | idle\_config | List of time period that can be defined as cron expression to keep a minimum amount of runners active instead of scaling down to 0. By defining this list you can ensure that in time periods that match the cron expression within 5 seconds a runner is kept idle. | <pre>list(object({<br>    cron      = string<br>    timeZone  = string<br>    idleCount = number<br>  }))</pre> | `[]` | no |
 | instance\_profile\_path | The path that will be added to the instance\_profile, if not set the environment name will be used. | `string` | `null` | no |
 | instance\_type | Default instance type for the action runner. | `string` | `"m5.large"` | no |
diff --git a/modules/runners/lambdas/runners/src/scale-runners/scale-up.test.ts b/modules/runners/lambdas/runners/src/scale-runners/scale-up.test.ts
@@ -38,6 +38,7 @@ describe('scaleUp', () => {
     process.env.GITHUB_APP_CLIENT_SECRET = 'TEST_CLIENT_SECRET';
     process.env.RUNNERS_MAXIMUM_COUNT = '3';
     process.env.ENVIRONMENT = 'unit-test-environment';
+    process.env.GITHUB_SERVER_URL = 'https://github.com/'
 
     jest.clearAllMocks();
     mockOctokit.actions.listWorkflowRunsForRepo.mockImplementation(() => ({
diff --git a/modules/runners/lambdas/runners/src/scale-runners/scale-up.ts b/modules/runners/lambdas/runners/src/scale-runners/scale-up.ts
@@ -56,6 +56,7 @@ export const scaleUp = async (eventSource: string, payload: ActionRequestMessage
   const environment = process.env.ENVIRONMENT as string;
   const githubAppAuth = await createGithubAppAuth(payload.installationId);
   const githubInstallationClient = await createInstallationClient(githubAppAuth);
+  const githubServerUrl = process.env.GITHUB_SERVER_URL as string;
   const queuedWorkflows = await githubInstallationClient.actions.listWorkflowRunsForRepo({
     owner: payload.repositoryOwner,
     repo: payload.repositoryName,
@@ -93,8 +94,8 @@ export const scaleUp = async (eventSource: string, payload: ActionRequestMessage
       await createRunner({
         environment: environment,
         runnerConfig: enableOrgLevel
-          ? `--url https://github.com/${payload.repositoryOwner} --token ${token} ${labelsArgument}`
-          : `--url https://github.com/${payload.repositoryOwner}/${payload.repositoryName} --token ${token} ${labelsArgument}`,
+          ? `--url ${githubServerUrl}${payload.repositoryOwner} --token ${token} ${labelsArgument}`
+          : `--url ${githubServerUrl}${payload.repositoryOwner}/${payload.repositoryName} --token ${token} ${labelsArgument}`,
         orgName: enableOrgLevel ? payload.repositoryOwner : undefined,
         repoName: enableOrgLevel ? undefined : `${payload.repositoryOwner}/${payload.repositoryName}`,
       });
diff --git a/modules/runners/scale-up.tf b/modules/runners/scale-up.tf
@@ -33,6 +33,7 @@ resource "aws_lambda_function" "scale_up" {
       ENABLE_ORGANIZATION_RUNNERS = var.enable_organization_runners
       RUNNER_EXTRA_LABELS         = var.runner_extra_labels
       RUNNERS_MAXIMUM_COUNT       = var.runners_maximum_count
+      GITHUB_SERVER_URL           = var.github_server_url
       GITHUB_APP_KEY_BASE64       = local.github_app_key_base64
       GITHUB_APP_ID               = var.github_app.id
       GITHUB_APP_CLIENT_ID        = var.github_app.client_id
diff --git a/modules/runners/variables.tf b/modules/runners/variables.tf
@@ -238,3 +238,9 @@ variable "create_service_linked_role_spot" {
   type        = bool
   default     = false
 }
+
+variable "github_server_url" {
+  description = "(Optional) provide an alternative GitHub server url for GitHub on premise."
+  type        = string
+  default     = "https://github.com/"
+}
diff --git a/modules/webhook/README.md b/modules/webhook/README.md
@@ -52,13 +52,16 @@ No requirements.
 | encryption | KMS key to encrypted lambda environment secrets. Either provide a key and `encrypt` set to `true`. Or set the key to `null` and encrypt to `false`. | <pre>object({<br>    kms_key_id = string<br>    encrypt    = bool<br>  })</pre> | n/a | yes |
 | environment | A name that identifies the environment, used as prefix and for tagging. | `string` | n/a | yes |
 | github\_app\_webhook\_secret | n/a | `string` | n/a | yes |
+| lambda\_s3\_bucket | S3 bucket from which to specify lambda functions. This is an alternative to providing local files directly. | `any` | `null` | no |
 | lambda\_timeout | Time out of the lambda in seconds. | `number` | `10` | no |
 | lambda\_zip | File location of the lambda zip file. | `string` | `null` | no |
 | logging\_retention\_in\_days | Specifies the number of days you want to retain log events for the lambda log group. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. | `number` | `7` | no |
 | role\_path | The path that will be added to the role, if not set the environment name will be used. | `string` | `null` | no |
 | role\_permissions\_boundary | Permissions boundary that will be added to the created role for the lambda. | `string` | `null` | no |
 | sqs\_build\_queue | SQS queue to publish accepted build events. | <pre>object({<br>    id  = string<br>    arn = string<br>  })</pre> | n/a | yes |
 | tags | Map of tags that will be added to created resources. By default resources will be tagged with name and environment. | `map(string)` | `{}` | no |
+| webhook\_lambda\_s3\_key | S3 key for webhook lambda function. Required if using S3 bucket to specify lambdas. | `any` | `null` | no |
+| webhook\_lambda\_s3\_object\_version | S3 object version for webhook lambda function. Useful if S3 versioning is enabled on source bucket. | `any` | `null` | no |
 
 ## Outputs
 
diff --git a/variables.tf b/variables.tf
@@ -256,3 +256,9 @@ variable "create_service_linked_role_spot" {
   type        = bool
   default     = false
 }
+
+variable "github_server_url" {
+  description = "(Optional) provide an alternative GitHub server url for GitHub on premise."
+  type        = string
+  default     = "https://github.com/"
+}
