feat: allow setting VPC and subnets per runner

Author: taharah

examples/multi-runner/main.tf

@@ -3,7 +3,19 @@ locals {
   aws_region  = "eu-west-1"
 
   # Load runner configurations from Yaml files
-  multi_runner_config = { for c in fileset("${path.module}/templates/runner-configs", "*.yaml") : trimsuffix(c, ".yaml") => yamldecode(file("${path.module}/templates/runner-configs/${c}")) }
+  multi_runner_config = {
+    for c in fileset("${path.module}/templates/runner-configs", "*.yaml") :
+
+    trimsuffix(c, ".yaml") => yamldecode(
+      templatefile(
+        "${path.module}/templates/runner-configs/${c}",
+        {
+          vpc_id     = module.base_other.vpc.vpc_id
+          subnet_ids = jsonencode(module.base_other.vpc.private_subnets)
+        }
+      )
+    )
+  }
 }
 
 resource "random_id" "random" {
@@ -16,6 +28,13 @@ module "base" {
   aws_region = local.aws_region
 }
 
+module "base_other" {
+  source = "../base"
+
+  prefix     = "${local.environment}-other"
+  aws_region = local.aws_region
+}
+
 module "multi-runner" {
   source                            = "../../modules/multi-runner"
   multi_runner_config               = local.multi_runner_config

examples/multi-runner/templates/runner-configs/linux-x64.yaml

@@ -10,6 +10,8 @@ runner_config:
   runner_extra_labels: amazon
   runner_name_prefix: amazon-x64_
   enable_ssm_on_runners: true
+  vpc_id: ${vpc_id}
+  subnet_ids: ${subnet_ids}
   instance_types:
     - m5ad.large
     - m5a.large

modules/multi-runner/README.md

@@ -3,8 +3,8 @@ module "runners" {
   for_each      = local.runner_config
   aws_region    = var.aws_region
   aws_partition = var.aws_partition
-  vpc_id        = var.vpc_id
-  subnet_ids    = var.subnet_ids
+  vpc_id        = coalesce(each.value.vpc_id, var.vpc_id)
+  subnet_ids    = coalesce(each.value.subnet_ids, var.subnet_ids)
   prefix        = "${var.prefix}-${each.key}"
   tags = merge(local.tags, {
     "ghr:environment" = "${var.prefix}-${each.key}"

modules/multi-runner/runners.tf

@@ -76,6 +76,8 @@ variable "multi_runner_config" {
       userdata_post_install                   = optional(string, "")
       runner_ec2_tags                         = optional(map(string), {})
       runner_iam_role_managed_policy_arns     = optional(list(string), [])
+      vpc_id                                  = optional(string, null)
+      subnet_ids                              = optional(list(string), null)
       idle_config = optional(list(object({
         cron             = string
         timeZone         = string
@@ -172,6 +174,8 @@ variable "multi_runner_config" {
         userdata_post_install: "Script to be ran after the GitHub Actions runner is installed on the EC2 instances"
         runner_ec2_tags: "Map of tags that will be added to the launch template instance tag specifications."
         runner_iam_role_managed_policy_arns: "Attach AWS or customer-managed IAM policies (by ARN) to the runner IAM role"
+        vpc_id: "The VPC for security groups of the action runners. If not set uses the value of `var.vpc_id`."
+        subnet_ids: "List of subnets in which the action runners will be launched, the subnets needs to be subnets in the `vpc_id`. If not set, uses the value of `var.subnet_ids`."
         idle_config: "List of time period that can be defined as cron expression to keep a minimum amount of runners active instead of scaling down to 0. By defining this list you can ensure that in time periods that match the cron expression within 5 seconds a runner is kept idle."
         runner_log_files: "(optional) Replaces the module default cloudwatch log config. See https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Agent-Configuration-File-Details.html for details."
         block_device_mappings: "The EC2 instance block device configuration. Takes the following keys: `device_name`, `delete_on_termination`, `volume_type`, `volume_size`, `encrypted`, `iops`, `throughput`, `kms_key_id`, `snapshot_id`."