From a1e0479258e51391bb39c278cc88bba029fbb316 Mon Sep 17 00:00:00 2001 From: Gertjan Maas Date: Thu, 7 May 2020 08:29:23 +0200 Subject: [PATCH] WIP commit --- examples/default/main.tf | 8 +- examples/default/variables.tf | 13 + main.tf | 13 +- modules/agent/webhook_queue.tf | 2 +- .../lambdas/scale-runners/package.json | 6 +- .../lambdas/scale-runners/src/lambda.ts | 8 +- .../lambdas/scale-runners/src/local.ts | 6 +- .../src/scale-runners/handler.test.ts | 57 +++- .../src/scale-runners/handler.ts | 54 +-- .../src/scale-runners/runners.test.ts | 18 + .../src/scale-runners/runners.ts | 27 ++ .../runners/lambdas/scale-runners/yarn.lock | 308 +++++++++++++++++- modules/runners/scale-runners-lambda.tf | 13 +- modules/runners/variables.tf | 13 + variables.tf | 12 + 15 files changed, 509 insertions(+), 49 deletions(-) create mode 100644 examples/default/variables.tf create mode 100644 modules/runners/lambdas/scale-runners/src/scale-runners/runners.test.ts create mode 100644 modules/runners/lambdas/scale-runners/src/scale-runners/runners.ts diff --git a/examples/default/main.tf b/examples/default/main.tf index a5ff6decd9..cfe77e4aed 100644 --- a/examples/default/main.tf +++ b/examples/default/main.tf @@ -20,8 +20,14 @@ module "runners" { Project = "ProjectX" } - github_app_webhook_secret = random_password.random.result + github_app_webhook_secret = var.github_app_webhook_secret + github_app_client_id = var.github_app_client_id + github_app_client_secret = var.github_app_client_secret + github_app_id = var.github_app_id + github_app_key_base64 = var.github_app_key_base64 + + enable_organization_runners = var.enable_organization_runners } diff --git a/examples/default/variables.tf b/examples/default/variables.tf new file mode 100644 index 0000000000..c45e02f469 --- /dev/null +++ b/examples/default/variables.tf @@ -0,0 +1,13 @@ +variable "enable_organization_runners" { + type = bool +} + +variable "github_app_key_base64" {} + +variable "github_app_id" {} + +variable "github_app_client_id" {} + +variable "github_app_client_secret" {} + +variable "github_app_webhook_secret" {} diff --git a/main.tf b/main.tf index 3ec6784377..f535c14cc7 100644 --- a/main.tf +++ b/main.tf @@ -30,18 +30,15 @@ module "runners" { s3_location_runner_distribution = module.dsitrubtion_cache.s3_location_runner_distribution sqs = module.agent.sqs -} -module "agent" { - source = "./modules/agent" + github_app_client_id = var.github_app_client_id + github_app_client_secret = var.github_app_client_secret + github_app_id = var.github_app_id + github_app_key_base64 = var.github_app_key_base64 - aws_region = var.aws_region - environment = var.environment - tags = var.tags - github_app_webhook_secret = "blaat" + enable_organization_runners = var.enable_organization_runners } - module "agent" { source = "./modules/agent" diff --git a/modules/agent/webhook_queue.tf b/modules/agent/webhook_queue.tf index 8b08b23d02..ec4b278aa1 100644 --- a/modules/agent/webhook_queue.tf +++ b/modules/agent/webhook_queue.tf @@ -1,6 +1,6 @@ resource "aws_sqs_queue" "webhook_events" { name = "${var.environment}-webhook-events.fifo" - delay_seconds = 30 + delay_seconds = 0 fifo_queue = true receive_wait_time_seconds = 10 content_based_deduplication = true diff --git a/modules/runners/lambdas/scale-runners/package.json b/modules/runners/lambdas/scale-runners/package.json index 28d3449033..563fa024a8 100644 --- a/modules/runners/lambdas/scale-runners/package.json +++ b/modules/runners/lambdas/scale-runners/package.json @@ -11,11 +11,12 @@ "dist": "yarn build && cd dist && zip ../scale-runners.zip index.js" }, "devDependencies": { + "@types/aws-lambda": "^8.10.51", "@types/express": "^4.17.3", "@types/jest": "^25.2.1", "@types/node": "^13.13.4", "@zeit/ncc": "^0.22.1", - "aws-sdk": "^2.645.0", + "aws-sdk": "^2.671.0", "body-parser": "^1.19.0", "express": "^4.17.1", "jest": "^25.4.0", @@ -25,6 +26,7 @@ }, "dependencies": { "@octokit/auth-app": "^2.4.5", - "@octokit/rest": "^17.6.0" + "@octokit/rest": "^17.6.0", + "yn": "^4.0.0" } } diff --git a/modules/runners/lambdas/scale-runners/src/lambda.ts b/modules/runners/lambdas/scale-runners/src/lambda.ts index ae80085202..78dda84b63 100644 --- a/modules/runners/lambdas/scale-runners/src/lambda.ts +++ b/modules/runners/lambdas/scale-runners/src/lambda.ts @@ -1,8 +1,12 @@ import { handle } from './scale-runners/handler'; +import { SQSEvent } from 'aws-lambda'; -module.exports.handler = async (event: any, context: any, callback: any) => { +module.exports.handler = async (event: SQSEvent, context: any, callback: any) => { + console.log(event); try { - await handle(event.eventSource, JSON.parse(event.body)); + for (const e of event.Records) { + await handle(e.eventSource, JSON.parse(e.body)); + } return callback(null); } catch (e) { console.error(e); diff --git a/modules/runners/lambdas/scale-runners/src/local.ts b/modules/runners/lambdas/scale-runners/src/local.ts index 45bddd6a37..1993f8f68d 100644 --- a/modules/runners/lambdas/scale-runners/src/local.ts +++ b/modules/runners/lambdas/scale-runners/src/local.ts @@ -1,14 +1,14 @@ import express from 'express'; import bodyParser from 'body-parser'; -import { handle } from './scale-runners/handler'; +import { handle, ActionRequestMessage } from './scale-runners/handler'; const app = express(); app.use(bodyParser.json()); app.post('/event_handler', (req, res) => { - handle(req.headers, JSON.stringify(req.body)) - .then((c) => res.status(c).end()) + handle('aws:sqs', JSON.parse(req.body) as ActionRequestMessage) + .then() .catch((e) => { console.log(e); res.status(404); diff --git a/modules/runners/lambdas/scale-runners/src/scale-runners/handler.test.ts b/modules/runners/lambdas/scale-runners/src/scale-runners/handler.test.ts index c64d3f8807..cf2bc61862 100644 --- a/modules/runners/lambdas/scale-runners/src/scale-runners/handler.test.ts +++ b/modules/runners/lambdas/scale-runners/src/scale-runners/handler.test.ts @@ -6,7 +6,14 @@ import { Octokit } from '@octokit/rest'; jest.mock('@octokit/auth-app', () => ({ createAppAuth: jest.fn().mockImplementation(() => jest.fn().mockImplementation(() => ({ token: 'Blaat' }))), })); -const mockOctokit = { checks: { get: jest.fn() }, actions: { listRepoWorkflowRuns: jest.fn() } }; +const mockOctokit = { + checks: { get: jest.fn() }, + actions: { + listRepoWorkflowRuns: jest.fn(), + listSelfHostedRunnersForOrg: jest.fn(), + listSelfHostedRunnersForRepo: jest.fn(), + }, +}; jest.mock('@octokit/rest', () => ({ Octokit: jest.fn().mockImplementation(() => mockOctokit), })); @@ -21,14 +28,31 @@ const TEST_DATA: ActionRequestMessage = { describe('handler', () => { beforeEach(() => { - process.env.GITHUB_APP_KEY = 'TEST_CERTIFICATE_DATA'; + process.env.GITHUB_APP_KEY_BASE64 = 'TEST_CERTIFICATE_DATA'; process.env.GITHUB_APP_ID = '1337'; process.env.GITHUB_APP_CLIENT_ID = 'TEST_CLIENT_ID'; process.env.GITHUB_APP_CLIENT_SECRET = 'TEST_CLIENT_SECRET'; jest.clearAllMocks(); mockOctokit.actions.listRepoWorkflowRuns.mockImplementation(() => ({ - total_count: 1, + data: { + total_count: 1, + }, })); + const mockRunnersReturnValue = { + data: { + total_count: 1, + runners: [ + { + id: 23, + name: 'Test Runner', + status: 'online', + os: 'linux', + }, + ], + }, + }; + mockOctokit.actions.listSelfHostedRunnersForOrg.mockImplementation(() => mockRunnersReturnValue); + mockOctokit.actions.listSelfHostedRunnersForRepo.mockImplementation(() => mockRunnersReturnValue); }); it('ignores non-sqs events', async () => { @@ -44,4 +68,31 @@ describe('handler', () => { status: 'queued', }); }); + + // describe('on org level', () => { + // beforeAll(() => { + // process.env.ENABLE_ORGANIZATION_RUNNERS = 'true'; + // }); + + // it('gets the current org level runners', async () => { + // await handle('aws:sqs', TEST_DATA); + // expect(mockOctokit.actions.listSelfHostedRunnersForOrg).toBeCalledWith({ + // org: TEST_DATA.repositoryOwner, + // }); + // }); + // }); + + // describe('on repo level', () => { + // beforeAll(() => { + // delete process.env.ENABLE_ORGANIZATION_RUNNERS; + // }); + + // it('gets the current repo level runners', async () => { + // await handle('aws:sqs', TEST_DATA); + // expect(mockOctokit.actions.listSelfHostedRunnersForRepo).toBeCalledWith({ + // owner: TEST_DATA.repositoryOwner, + // repo: TEST_DATA.repositoryName, + // }); + // }); + // }); }); diff --git a/modules/runners/lambdas/scale-runners/src/scale-runners/handler.ts b/modules/runners/lambdas/scale-runners/src/scale-runners/handler.ts index fe5acf2122..41de66c668 100644 --- a/modules/runners/lambdas/scale-runners/src/scale-runners/handler.ts +++ b/modules/runners/lambdas/scale-runners/src/scale-runners/handler.ts @@ -1,5 +1,7 @@ import { createAppAuth } from '@octokit/auth-app'; import { Octokit } from '@octokit/rest'; +import { AppAuth } from '@octokit/auth-app/dist-types/types'; +import yn from 'yn'; export interface ActionRequestMessage { id: number; @@ -9,40 +11,52 @@ export interface ActionRequestMessage { installationId: number; } -async function createGithubClient(installationId: number): Promise { - const privateKey = process.env.GITHUB_APP_KEY as string; +function createGithubAppAuth(installationId: number): AppAuth { + const privateKey = Buffer.from(process.env.GITHUB_APP_KEY_BASE64 as string, 'base64').toString(); const appId: number = parseInt(process.env.GITHUB_APP_ID as string); const clientId = process.env.GITHUB_APP_CLIENT_ID as string; const clientSecret = process.env.GITHUB_APP_CLIENT_SECRET as string; - try { - const auth = createAppAuth({ - id: appId, - privateKey: privateKey, - installationId: installationId, - clientId: clientId, - clientSecret: clientSecret, - }); - const installationAuthentication = await auth({ type: 'installation' }); + return createAppAuth({ + id: appId, + privateKey: privateKey, + installationId: installationId, + clientId: clientId, + clientSecret: clientSecret, + }); +} - return new Octokit({ - auth: installationAuthentication.token, - }); - } catch (e) { - Promise.reject(e); - } +async function createInstallationClient(githubAppAuth: AppAuth): Promise { + const auth = await githubAppAuth({ type: 'installation' }); + return new Octokit({ auth: auth.token }); } export const handle = async (eventSource: string, payload: ActionRequestMessage): Promise => { if (eventSource !== 'aws:sqs') throw Error('Cannot handle non-SQS events!'); - const githubClient = await createGithubClient(payload.installationId); - const queuedWorkflows = await githubClient.actions.listRepoWorkflowRuns({ + const enableOrgLevel = yn(process.env.ENABLE_ORGANIZATION_RUNNERS); + const githubAppAuth = createGithubAppAuth(payload.installationId); + const githubInstallationClient = await createInstallationClient(githubAppAuth); + const queuedWorkflows = await githubInstallationClient.actions.listRepoWorkflowRuns({ owner: payload.repositoryOwner, repo: payload.repositoryName, // @ts-ignore (typing is incorrect) status: 'queued', }); console.info( - `Repo ${payload.repositoryOwner}/${payload.repositoryName} has ${queuedWorkflows.total_count} queued workflow runs`, + `Repo ${payload.repositoryOwner}/${payload.repositoryName} has ${queuedWorkflows.data.total_count} queued workflow runs`, ); + + if (queuedWorkflows.data.total_count > 0) { + // console.log(enableOrgLevel); + // const currentRunners = enableOrgLevel + // ? await githubInstallationClient.actions.listSelfHostedRunnersForOrg({ + // org: payload.repositoryOwner, + // }) + // : await githubInstallationClient.actions.listSelfHostedRunnersForRepo({ + // owner: payload.repositoryOwner, + // repo: payload.repositoryName, + // }); + // // const currentOnlineRunners = currentRunners.data.runners.filter((r) => r.status === 'online'); + // // if (currentOnlineRunners.length > 0) + } }; diff --git a/modules/runners/lambdas/scale-runners/src/scale-runners/runners.test.ts b/modules/runners/lambdas/scale-runners/src/scale-runners/runners.test.ts new file mode 100644 index 0000000000..679250547d --- /dev/null +++ b/modules/runners/lambdas/scale-runners/src/scale-runners/runners.test.ts @@ -0,0 +1,18 @@ +import { listRunners } from './runners'; +import { handle } from './handler'; +import { EC2 } from 'aws-sdk'; + +jest.mock('./handler'); +const mockEC2 = { describeInstances: jest.fn() }; +jest.mock('aws-sdk', () => ({ + EC2: jest.fn().mockImplementation(() => mockEC2), +})); + +describe('list instances', () => { + beforeAll(() => { + jest.clearAllMocks(); + }); + it('returns a list of instances', () => { + listRunners(); + }); +}); diff --git a/modules/runners/lambdas/scale-runners/src/scale-runners/runners.ts b/modules/runners/lambdas/scale-runners/src/scale-runners/runners.ts new file mode 100644 index 0000000000..1e2873c0d8 --- /dev/null +++ b/modules/runners/lambdas/scale-runners/src/scale-runners/runners.ts @@ -0,0 +1,27 @@ +import { EC2 } from 'aws-sdk'; + +export interface RunnerInfo { + instanceId: string; + launchTime: Date; + repo: string; + org: string; +} + +const ec2 = new EC2(); +export async function listRunners( + repoName: string | undefined = undefined, + orgName: string | undefined = undefined, +): Promise { + let filters = [ + { Name: 'tag:Application', Values: ['github-action-runner'] }, + { Name: 'instance-state-name', Values: ['running', 'pending'] }, + ]; + if (repoName !== undefined) { + filters.push({ Name: 'tag:Repo', Values: [repoName] }); + } + if (orgName !== undefined) { + filters.push({ Name: 'tag:Org', Values: [orgName] }); + } + const runningInstances = await ec2.describeInstances({ Filters: filters }).promise(); + return [{ instanceId: 'i-123', launchTime: new Date(), repo: 'bla', org: 'bla' }]; +} diff --git a/modules/runners/lambdas/scale-runners/yarn.lock b/modules/runners/lambdas/scale-runners/yarn.lock index e884017bb2..b91bd4af9f 100644 --- a/modules/runners/lambdas/scale-runners/yarn.lock +++ b/modules/runners/lambdas/scale-runners/yarn.lock @@ -437,6 +437,116 @@ "@types/yargs" "^15.0.0" chalk "^3.0.0" +"@octokit/auth-app@^2.4.5": + version "2.4.5" + resolved "https://registry.yarnpkg.com/@octokit/auth-app/-/auth-app-2.4.5.tgz#4156bca2a64164dfee7adad1f3cf8e85a5952481" + integrity sha512-GI2wIrH9FcvKdUA45yOToLv/474jFuCfQUiAzagyt54K8wb7AYjLUz/CzNwBFPJ9k9W5pyUKLpcIQOL4RER9yw== + dependencies: + "@octokit/request" "^5.3.0" + "@octokit/request-error" "^2.0.0" + "@octokit/types" "^2.8.1" + "@types/lru-cache" "^5.1.0" + lru-cache "^5.1.1" + universal-github-app-jwt "^1.0.1" + universal-user-agent "^5.0.0" + +"@octokit/auth-token@^2.4.0": + version "2.4.0" + resolved "https://registry.yarnpkg.com/@octokit/auth-token/-/auth-token-2.4.0.tgz#b64178975218b99e4dfe948253f0673cbbb59d9f" + integrity sha512-eoOVMjILna7FVQf96iWc3+ZtE/ZT6y8ob8ZzcqKY1ibSQCnu4O/B7pJvzMx5cyZ/RjAff6DAdEb0O0Cjcxidkg== + dependencies: + "@octokit/types" "^2.0.0" + +"@octokit/core@^2.4.3": + version "2.5.0" + resolved "https://registry.yarnpkg.com/@octokit/core/-/core-2.5.0.tgz#4706258893a7ac6ab35d58d2fb9f2d2ba19a41a5" + integrity sha512-uvzmkemQrBgD8xuGbjhxzJN1darJk9L2cS+M99cHrDG2jlSVpxNJVhoV86cXdYBqdHCc9Z995uLCczaaHIYA6Q== + dependencies: + "@octokit/auth-token" "^2.4.0" + "@octokit/graphql" "^4.3.1" + "@octokit/request" "^5.4.0" + "@octokit/types" "^2.0.0" + before-after-hook "^2.1.0" + universal-user-agent "^5.0.0" + +"@octokit/endpoint@^6.0.1": + version "6.0.1" + resolved "https://registry.yarnpkg.com/@octokit/endpoint/-/endpoint-6.0.1.tgz#16d5c0e7a83e3a644d1ddbe8cded6c3d038d31d7" + integrity sha512-pOPHaSz57SFT/m3R5P8MUu4wLPszokn5pXcB/pzavLTQf2jbU+6iayTvzaY6/BiotuRS0qyEUkx3QglT4U958A== + dependencies: + "@octokit/types" "^2.11.1" + is-plain-object "^3.0.0" + universal-user-agent "^5.0.0" + +"@octokit/graphql@^4.3.1": + version "4.3.1" + resolved "https://registry.yarnpkg.com/@octokit/graphql/-/graphql-4.3.1.tgz#9ee840e04ed2906c7d6763807632de84cdecf418" + integrity sha512-hCdTjfvrK+ilU2keAdqNBWOk+gm1kai1ZcdjRfB30oA3/T6n53UVJb7w0L5cR3/rhU91xT3HSqCd+qbvH06yxA== + dependencies: + "@octokit/request" "^5.3.0" + "@octokit/types" "^2.0.0" + universal-user-agent "^4.0.0" + +"@octokit/plugin-paginate-rest@^2.2.0": + version "2.2.0" + resolved "https://registry.yarnpkg.com/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-2.2.0.tgz#9ae0c14c1b90ec0d96d2ef1b44706b4505a91cee" + integrity sha512-KoNxC3PLNar8UJwR+1VMQOw2IoOrrFdo5YOiDKnBhpVbKpw+zkBKNMNKwM44UWL25Vkn0Sl3nYIEGKY+gW5ebw== + dependencies: + "@octokit/types" "^2.12.1" + +"@octokit/plugin-request-log@^1.0.0": + version "1.0.0" + resolved "https://registry.yarnpkg.com/@octokit/plugin-request-log/-/plugin-request-log-1.0.0.tgz#eef87a431300f6148c39a7f75f8cfeb218b2547e" + integrity sha512-ywoxP68aOT3zHCLgWZgwUJatiENeHE7xJzYjfz8WI0goynp96wETBF+d95b8g/uL4QmS6owPVlaxiz3wyMAzcw== + +"@octokit/plugin-rest-endpoint-methods@3.9.0": + version "3.9.0" + resolved "https://registry.yarnpkg.com/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-3.9.0.tgz#ce14568bf705c74001e2f2c3039ed83a916ee32e" + integrity sha512-SreIipNkdRkU+rYVi/9+euKhPifjxdAMn1FFRtM8YZVCBeVawAhNmyrXPH+yLZPOBUY2eyL2Mkl7uzTzGeMVew== + dependencies: + "@octokit/types" "^2.13.0" + deprecation "^2.3.1" + +"@octokit/request-error@^2.0.0": + version "2.0.0" + resolved "https://registry.yarnpkg.com/@octokit/request-error/-/request-error-2.0.0.tgz#94ca7293373654400fbb2995f377f9473e00834b" + integrity sha512-rtYicB4Absc60rUv74Rjpzek84UbVHGHJRu4fNVlZ1mCcyUPPuzFfG9Rn6sjHrd95DEsmjSt1Axlc699ZlbDkw== + dependencies: + "@octokit/types" "^2.0.0" + deprecation "^2.0.0" + once "^1.4.0" + +"@octokit/request@^5.3.0", "@octokit/request@^5.4.0": + version "5.4.2" + resolved "https://registry.yarnpkg.com/@octokit/request/-/request-5.4.2.tgz#74f8e5bbd39dc738a1b127629791f8ad1b3193ee" + integrity sha512-zKdnGuQ2TQ2vFk9VU8awFT4+EYf92Z/v3OlzRaSh4RIP0H6cvW1BFPXq4XYvNez+TPQjqN+0uSkCYnMFFhcFrw== + dependencies: + "@octokit/endpoint" "^6.0.1" + "@octokit/request-error" "^2.0.0" + "@octokit/types" "^2.11.1" + deprecation "^2.0.0" + is-plain-object "^3.0.0" + node-fetch "^2.3.0" + once "^1.4.0" + universal-user-agent "^5.0.0" + +"@octokit/rest@^17.6.0": + version "17.7.0" + resolved "https://registry.yarnpkg.com/@octokit/rest/-/rest-17.7.0.tgz#73e188023fd68bee6449c2f69319b0a0ee079e0e" + integrity sha512-/NcXO3hkZJBYkosWHARhj8wQ7ICEgppqJXK0GmrGwoov+p+1Jykfb1rd7sX/V7d9CxiGoYHpUZrRCrem9okINg== + dependencies: + "@octokit/core" "^2.4.3" + "@octokit/plugin-paginate-rest" "^2.2.0" + "@octokit/plugin-request-log" "^1.0.0" + "@octokit/plugin-rest-endpoint-methods" "3.9.0" + +"@octokit/types@^2.0.0", "@octokit/types@^2.11.1", "@octokit/types@^2.12.1", "@octokit/types@^2.13.0", "@octokit/types@^2.8.1": + version "2.13.0" + resolved "https://registry.yarnpkg.com/@octokit/types/-/types-2.13.0.tgz#b2de9983d79a3d8a000d9bf90293ddbbe611e561" + integrity sha512-aSHYeR01V/ZDyU6BaCGqndC8qAjUBH/OFw3Y6EmHdP2uVFsgoPtxUJLPJEfhhr8f7F2cGS9QZ0tUqnfItHxKug== + dependencies: + "@types/node" ">= 8" + "@sinonjs/commons@^1.7.0": version "1.7.2" resolved "https://registry.yarnpkg.com/@sinonjs/commons/-/commons-1.7.2.tgz#505f55c74e0272b43f6c52d81946bed7058fc0e2" @@ -444,6 +554,11 @@ dependencies: type-detect "4.0.8" +"@types/aws-lambda@^8.10.51": + version "8.10.51" + resolved "https://registry.yarnpkg.com/@types/aws-lambda/-/aws-lambda-8.10.51.tgz#7ad774507a3cf1d2e949ca305380c23b5af635a0" + integrity sha512-XK7RerpXj4r+IO0r7qIeNqUSU6L4qhPMwNhISxozJJiUX/jdXj9WYzTShRVisEcUQHXgJ4TTBqTArM8f9Mjb8g== + "@types/babel__core@^7.1.7": version "7.1.7" resolved "https://registry.yarnpkg.com/@types/babel__core/-/babel__core-7.1.7.tgz#1dacad8840364a57c98d0dd4855c6dd3752c6b89" @@ -542,6 +657,18 @@ jest-diff "^25.2.1" pretty-format "^25.2.1" +"@types/jsonwebtoken@^8.3.3": + version "8.3.9" + resolved "https://registry.yarnpkg.com/@types/jsonwebtoken/-/jsonwebtoken-8.3.9.tgz#48da9a49997e4eb046733e6878f583d7448f0594" + integrity sha512-00rI8GbOKuRtoYxltFSRTVUXCRLbuYwln2/nUMPtFU9JGS7if+nnmLjeoFGmqsNCmblPLAaeQ/zMLVsHr6T5bg== + dependencies: + "@types/node" "*" + +"@types/lru-cache@^5.1.0": + version "5.1.0" + resolved "https://registry.yarnpkg.com/@types/lru-cache/-/lru-cache-5.1.0.tgz#57f228f2b80c046b4a1bd5cac031f81f207f4f03" + integrity sha512-RaE0B+14ToE4l6UqdarKPnXwVDuigfFv+5j9Dze/Nqr23yyuqdNvzcZi3xB+3Agvi5R4EOgAksfv3lXX4vBt9w== + "@types/mime@*": version "2.0.1" resolved "https://registry.yarnpkg.com/@types/mime/-/mime-2.0.1.tgz#dc488842312a7f075149312905b5e3c0b054c79d" @@ -552,6 +679,11 @@ resolved "https://registry.yarnpkg.com/@types/node/-/node-13.9.5.tgz#59738bf30b31aea1faa2df7f4a5f55613750cf00" integrity sha512-hkzMMD3xu6BrJpGVLeQ3htQQNAcOrJjX7WFmtK8zWQpz2UJf13LCFF2ALA7c9OVdvc2vQJeDdjfR35M0sBCxvw== +"@types/node@>= 8": + version "13.13.5" + resolved "https://registry.yarnpkg.com/@types/node/-/node-13.13.5.tgz#96ec3b0afafd64a4ccea9107b75bf8489f0e5765" + integrity sha512-3ySmiBYJPqgjiHA7oEaIo2Rzz0HrOZ7yrNO5HWyaE5q0lQ3BppDZ3N53Miz8bw2I7gh1/zir2MGVZBvpb1zq9g== + "@types/node@^13.13.4": version "13.13.4" resolved "https://registry.yarnpkg.com/@types/node/-/node-13.13.4.tgz#1581d6c16e3d4803eb079c87d4ac893ee7501c2c" @@ -785,10 +917,10 @@ atob@^2.1.2: resolved "https://registry.yarnpkg.com/atob/-/atob-2.1.2.tgz#6d9517eb9e030d2436666651e86bd9f6f13533c9" integrity sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg== -aws-sdk@^2.645.0: - version "2.645.0" - resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.645.0.tgz#20865d693a5150fb6d5770ba3ce1efd558d4bd0a" - integrity sha512-zElxkYl5lRxf1wiByd6C3kBKBNtA04ltC++DhcL3OypNBAn/LjnHLR1r7TOn6XyM9xgM7wPwm7MS43n0AS2qYg== +aws-sdk@^2.671.0: + version "2.671.0" + resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.671.0.tgz#2c6e164a0f540d6fc428c123f2994ac081663ff5" + integrity sha512-i83+/TIOLlhAxvV2xVLz5+XGtNqJgQJwP/e8J49rzDkyMV6OE2FgxU8utujGrComrSJFpITqMFqug+ZfdHoLIQ== dependencies: buffer "4.9.1" events "1.1.1" @@ -895,6 +1027,11 @@ bcrypt-pbkdf@^1.0.0: dependencies: tweetnacl "^0.14.3" +before-after-hook@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/before-after-hook/-/before-after-hook-2.1.0.tgz#b6c03487f44e24200dd30ca5e6a1979c5d2fb635" + integrity sha512-IWIbu7pMqyw3EAJHzzHbWa85b6oud/yfKYg5rqB5hNE8CeMi3nX+2C2sj0HswfblST86hpVEOAb9x34NZd6P7A== + body-parser@1.19.0, body-parser@^1.19.0: version "1.19.0" resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.19.0.tgz#96b2709e57c9c4e09a6fd66a8fd979844f69f08a" @@ -968,6 +1105,11 @@ bser@2.1.1: dependencies: node-int64 "^0.4.0" +buffer-equal-constant-time@1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz#f8e71132f7ffe6e01a5c9697a4c6f3e48d5cc819" + integrity sha1-+OcRMvf/5uAaXJaXpMbz5I1cyBk= + buffer-from@1.x, buffer-from@^1.0.0: version "1.1.1" resolved "https://registry.yarnpkg.com/buffer-from/-/buffer-from-1.1.1.tgz#32713bc028f75c02fdb710d7c7bcec1f2c6070ef" @@ -1315,6 +1457,11 @@ depd@~1.1.2: resolved "https://registry.yarnpkg.com/depd/-/depd-1.1.2.tgz#9bcd52e14c097763e749b274c4346ed2e560b5a9" integrity sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak= +deprecation@^2.0.0, deprecation@^2.3.1: + version "2.3.1" + resolved "https://registry.yarnpkg.com/deprecation/-/deprecation-2.3.1.tgz#6368cbdb40abf3373b525ac87e4a260c3a700919" + integrity sha512-xmHIy4F3scKVwMsQ4WnVaS8bHOx0DmVwRywosKhaILI0ywMDWPtBSku2HNxRvF7jtwDRsoEwYQSfbxj8b7RlJQ== + destroy@~1.0.4: version "1.0.4" resolved "https://registry.yarnpkg.com/destroy/-/destroy-1.0.4.tgz#978857442c44749e4206613e37946205826abd80" @@ -1357,6 +1504,13 @@ ecc-jsbn@~0.1.1: jsbn "~0.1.0" safer-buffer "^2.1.0" +ecdsa-sig-formatter@1.0.11: + version "1.0.11" + resolved "https://registry.yarnpkg.com/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz#ae0f0fa2d85045ef14a817daa3ce9acd0489e5bf" + integrity sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ== + dependencies: + safe-buffer "^5.0.1" + ee-first@1.1.1: version "1.1.1" resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d" @@ -2042,6 +2196,13 @@ is-plain-object@^2.0.3, is-plain-object@^2.0.4: dependencies: isobject "^3.0.1" +is-plain-object@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/is-plain-object/-/is-plain-object-3.0.0.tgz#47bfc5da1b5d50d64110806c199359482e75a928" + integrity sha512-tZIpofR+P05k8Aocp7UI/2UTa9lTJSebCXpFFoR9aibpokDj/uXBsJ8luUu0tTVYKkMU6URDUuOfJZ7koewXvg== + dependencies: + isobject "^4.0.0" + is-stream@^1.1.0: version "1.1.0" resolved "https://registry.yarnpkg.com/is-stream/-/is-stream-1.1.0.tgz#12d4a3dd4e68e0b79ceb8dbc84173ae80d91ca44" @@ -2099,6 +2260,11 @@ isobject@^3.0.0, isobject@^3.0.1: resolved "https://registry.yarnpkg.com/isobject/-/isobject-3.0.1.tgz#4e431e92b11a9731636aa1f9c8d1ccbcfdab78df" integrity sha1-TkMekrEalzFjaqH5yNHMvP2reN8= +isobject@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/isobject/-/isobject-4.0.0.tgz#3f1c9155e73b192022a80819bacd0343711697b0" + integrity sha512-S/2fF5wH8SJA/kmwr6HYhK/RI/OkhD84k8ntalo0iJjZikgq1XFvR5M8NPT1x5F7fBwCG3qHfnzeP/Vh/ZxCUA== + isstream@~0.1.2: version "0.1.2" resolved "https://registry.yarnpkg.com/isstream/-/isstream-0.1.2.tgz#47e63f7af55afa6f92e1500e690eb8b8529c099a" @@ -2589,6 +2755,22 @@ json5@2.x, json5@^2.1.2: dependencies: minimist "^1.2.5" +jsonwebtoken@^8.5.1: + version "8.5.1" + resolved "https://registry.yarnpkg.com/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz#00e71e0b8df54c2121a1f26137df2280673bcc0d" + integrity sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w== + dependencies: + jws "^3.2.2" + lodash.includes "^4.3.0" + lodash.isboolean "^3.0.3" + lodash.isinteger "^4.0.4" + lodash.isnumber "^3.0.3" + lodash.isplainobject "^4.0.6" + lodash.isstring "^4.0.1" + lodash.once "^4.0.0" + ms "^2.1.1" + semver "^5.6.0" + jsprim@^1.2.2: version "1.4.1" resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-1.4.1.tgz#313e66bc1e5cc06e438bc1b7499c2e5c56acb6a2" @@ -2599,6 +2781,23 @@ jsprim@^1.2.2: json-schema "0.2.3" verror "1.10.0" +jwa@^1.4.1: + version "1.4.1" + resolved "https://registry.yarnpkg.com/jwa/-/jwa-1.4.1.tgz#743c32985cb9e98655530d53641b66c8645b039a" + integrity sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA== + dependencies: + buffer-equal-constant-time "1.0.1" + ecdsa-sig-formatter "1.0.11" + safe-buffer "^5.0.1" + +jws@^3.2.2: + version "3.2.2" + resolved "https://registry.yarnpkg.com/jws/-/jws-3.2.2.tgz#001099f3639468c9414000e99995fa52fb478304" + integrity sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA== + dependencies: + jwa "^1.4.1" + safe-buffer "^5.0.1" + kind-of@^3.0.2, kind-of@^3.0.3, kind-of@^3.2.0: version "3.2.2" resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-3.2.2.tgz#31ea21a734bab9bbb0f32466d893aea51e4a3c64" @@ -2664,11 +2863,46 @@ locate-path@^5.0.0: dependencies: p-locate "^4.1.0" +lodash.includes@^4.3.0: + version "4.3.0" + resolved "https://registry.yarnpkg.com/lodash.includes/-/lodash.includes-4.3.0.tgz#60bb98a87cb923c68ca1e51325483314849f553f" + integrity sha1-YLuYqHy5I8aMoeUTJUgzFISfVT8= + +lodash.isboolean@^3.0.3: + version "3.0.3" + resolved "https://registry.yarnpkg.com/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz#6c2e171db2a257cd96802fd43b01b20d5f5870f6" + integrity sha1-bC4XHbKiV82WgC/UOwGyDV9YcPY= + +lodash.isinteger@^4.0.4: + version "4.0.4" + resolved "https://registry.yarnpkg.com/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz#619c0af3d03f8b04c31f5882840b77b11cd68343" + integrity sha1-YZwK89A/iwTDH1iChAt3sRzWg0M= + +lodash.isnumber@^3.0.3: + version "3.0.3" + resolved "https://registry.yarnpkg.com/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz#3ce76810c5928d03352301ac287317f11c0b1ffc" + integrity sha1-POdoEMWSjQM1IwGsKHMX8RwLH/w= + +lodash.isplainobject@^4.0.6: + version "4.0.6" + resolved "https://registry.yarnpkg.com/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz#7c526a52d89b45c45cc690b88163be0497f550cb" + integrity sha1-fFJqUtibRcRcxpC4gWO+BJf1UMs= + +lodash.isstring@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/lodash.isstring/-/lodash.isstring-4.0.1.tgz#d527dfb5456eca7cc9bb95d5daeaf88ba54a5451" + integrity sha1-1SfftUVuynzJu5XV2ur4i6VKVFE= + lodash.memoize@4.x: version "4.1.2" resolved "https://registry.yarnpkg.com/lodash.memoize/-/lodash.memoize-4.1.2.tgz#bcc6c49a42a2840ed997f323eada5ecd182e0bfe" integrity sha1-vMbEmkKihA7Zl/Mj6tpezRguC/4= +lodash.once@^4.0.0: + version "4.1.1" + resolved "https://registry.yarnpkg.com/lodash.once/-/lodash.once-4.1.1.tgz#0dd3971213c7c56df880977d504c88fb471a97ac" + integrity sha1-DdOXEhPHxW34gJd9UEyI+0cal6w= + lodash.sortby@^4.7.0: version "4.7.0" resolved "https://registry.yarnpkg.com/lodash.sortby/-/lodash.sortby-4.7.0.tgz#edd14c824e2cc9c1e0b0a1b42bb5210516a42438" @@ -2694,6 +2928,18 @@ loud-rejection@^1.0.0: currently-unhandled "^0.4.1" signal-exit "^3.0.0" +lru-cache@^5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-5.1.1.tgz#1da27e6710271947695daf6848e847f01d84b920" + integrity sha512-KpNARQA3Iwv+jTA0utUVVbrh+Jlrr1Fv0e56GGzAFOXN7dk/FviaDW8LHmK52DlcH4WP2n6gI8vN1aesBFgo9w== + dependencies: + yallist "^3.0.2" + +macos-release@^2.2.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/macos-release/-/macos-release-2.3.0.tgz#eb1930b036c0800adebccd5f17bc4c12de8bb71f" + integrity sha512-OHhSbtcviqMPt7yfw5ef5aghS2jzFVKEFyCJndQt2YpSQ9qRVSEv2axSJI1paVThEu+FFGs584h/1YhxjVqajA== + make-dir@^3.0.0: version "3.1.0" resolved "https://registry.yarnpkg.com/make-dir/-/make-dir-3.1.0.tgz#415e967046b3a7f1d185277d84aa58203726a13f" @@ -2906,6 +3152,11 @@ nice-try@^1.0.4: resolved "https://registry.yarnpkg.com/nice-try/-/nice-try-1.0.5.tgz#a3378a7696ce7d223e88fc9b764bd7ef1089e366" integrity sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ== +node-fetch@^2.3.0: + version "2.6.0" + resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.0.tgz#e633456386d4aa55863f676a7ab0daa8fdecb0fd" + integrity sha512-8dG4H5ujfvFiqDmVu9fQ5bOHUC15JMjMY/Zumv26oOvvVJjM67KF8koCWIabKQ1GJIa9r2mMZscBq/TbdOcmNA== + node-int64@^0.4.0: version "0.4.0" resolved "https://registry.yarnpkg.com/node-int64/-/node-int64-0.4.0.tgz#87a9065cdb355d3182d8f94ce11188b825c68a3b" @@ -3045,6 +3296,14 @@ optionator@^0.8.1: type-check "~0.3.2" word-wrap "~1.2.3" +os-name@^3.1.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/os-name/-/os-name-3.1.0.tgz#dec19d966296e1cd62d701a5a66ee1ddeae70801" + integrity sha512-h8L+8aNjNcMpo/mAIBPn5PXCM16iyPGjHNWo6U1YO8sJTMHtEtyczI6QJnLoplswm6goopQkqc7OAnjhWcugVg== + dependencies: + macos-release "^2.2.0" + windows-release "^3.1.0" + p-each-series@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/p-each-series/-/p-each-series-2.1.0.tgz#961c8dd3f195ea96c747e636b262b800a6b1af48" @@ -3542,7 +3801,7 @@ saxes@^3.1.9: dependencies: xmlchars "^2.1.1" -"semver@2 || 3 || 4 || 5", semver@^5.4.1, semver@^5.5.0: +"semver@2 || 3 || 4 || 5", semver@^5.4.1, semver@^5.5.0, semver@^5.6.0: version "5.7.1" resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7" integrity sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ== @@ -4120,6 +4379,28 @@ union-value@^1.0.0: is-extendable "^0.1.1" set-value "^2.0.1" +universal-github-app-jwt@^1.0.1: + version "1.0.2" + resolved "https://registry.yarnpkg.com/universal-github-app-jwt/-/universal-github-app-jwt-1.0.2.tgz#9a7305e44b2a0eb565d83d11682eebe5be8bde8b" + integrity sha512-bJ3hVBdPREry3vob+JBOjXkO76QAQkYTIJvQ62Ja7XBSrKv6v6gHaRBWADddvS0HiLF0Q6lCK1kg4ZJrj/Kl9g== + dependencies: + "@types/jsonwebtoken" "^8.3.3" + jsonwebtoken "^8.5.1" + +universal-user-agent@^4.0.0: + version "4.0.1" + resolved "https://registry.yarnpkg.com/universal-user-agent/-/universal-user-agent-4.0.1.tgz#fd8d6cb773a679a709e967ef8288a31fcc03e557" + integrity sha512-LnST3ebHwVL2aNe4mejI9IQh2HfZ1RLo8Io2HugSif8ekzD1TlWpHpColOB/eh8JHMLkGH3Akqf040I+4ylNxg== + dependencies: + os-name "^3.1.0" + +universal-user-agent@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/universal-user-agent/-/universal-user-agent-5.0.0.tgz#a3182aa758069bf0e79952570ca757de3579c1d9" + integrity sha512-B5TPtzZleXyPrUMKCpEHFmVhMN6EhmJYjG5PQna9s7mXeSqGTLap4OpqLl5FCEFUI3UBmllkETwKf/db66Y54Q== + dependencies: + os-name "^3.1.0" + unpipe@1.0.0, unpipe@~1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/unpipe/-/unpipe-1.0.0.tgz#b2bf4ee8514aae6165b4817829d21b2ef49904ec" @@ -4272,6 +4553,13 @@ which@^2.0.1, which@^2.0.2: dependencies: isexe "^2.0.0" +windows-release@^3.1.0: + version "3.3.0" + resolved "https://registry.yarnpkg.com/windows-release/-/windows-release-3.3.0.tgz#dce167e9f8be733f21c849ebd4d03fe66b29b9f0" + integrity sha512-2HetyTg1Y+R+rUgrKeUEhAG/ZuOmTrI1NBb3ZyAGQMYmOJjBBPe4MTodghRkmLJZHwkuPi02anbeGP+Zf401LQ== + dependencies: + execa "^1.0.0" + word-wrap@~1.2.3: version "1.2.3" resolved "https://registry.yarnpkg.com/word-wrap/-/word-wrap-1.2.3.tgz#610636f6b1f703891bd34771ccb17fb93b47079c" @@ -4339,6 +4627,11 @@ y18n@^4.0.0: resolved "https://registry.yarnpkg.com/y18n/-/y18n-4.0.0.tgz#95ef94f85ecc81d007c264e190a120f0a3c8566b" integrity sha512-r9S/ZyXu/Xu9q1tYlpsLIsa3EeLXXk0VwlxqTcFRfg9EhMW+17kbt9G0NrgCmhGb5vT2hyhJZLfDGx+7+5Uj/w== +yallist@^3.0.2: + version "3.1.1" + resolved "https://registry.yarnpkg.com/yallist/-/yallist-3.1.1.tgz#dbb7daf9bfd8bac9ab45ebf602b8cbad0d5d08fd" + integrity sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g== + yargs-parser@18.x, yargs-parser@^18.1.1: version "18.1.3" resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-18.1.3.tgz#be68c4975c6b2abf469236b0c870362fab09a7b0" @@ -4368,3 +4661,8 @@ yn@3.1.1: version "3.1.1" resolved "https://registry.yarnpkg.com/yn/-/yn-3.1.1.tgz#1e87401a09d767c1d5eab26a6e4c185182d2eb50" integrity sha512-Ux4ygGWsu2c7isFWe8Yu1YluJmqVhxqK2cLXNQA5AcC3QfbGNpM7fu0Y8b/z16pXLnFxZYvWhd3fhBY9DLmC6Q== + +yn@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/yn/-/yn-4.0.0.tgz#611480051ea43b510da1dfdbe177ed159f00a979" + integrity sha512-huWiiCS4TxKc4SfgmTwW1K7JmXPPAmuXWYy4j9qjQo4+27Kni8mGhAAi1cloRWmBe2EqcLgt3IGqQoRL/MtPgg== diff --git a/modules/runners/scale-runners-lambda.tf b/modules/runners/scale-runners-lambda.tf index 716d9b0cb8..b3ae4e2f26 100644 --- a/modules/runners/scale-runners-lambda.tf +++ b/modules/runners/scale-runners-lambda.tf @@ -6,10 +6,15 @@ resource "aws_lambda_function" "scale_runners_lambda" { handler = "index.handler" runtime = "nodejs12.x" - # environment { - # variables = { - # } - # } + environment { + variables = { + ENABLE_ORGANIZATION_RUNNERS = var.enable_organization_runners + GITHUB_APP_KEY_BASE64 = var.github_app_key_base64 + GITHUB_APP_ID = var.github_app_id + GITHUB_APP_CLIENT_ID = var.github_app_client_id + GITHUB_APP_CLIENT_SECRET = var.github_app_client_secret + } + } } resource "aws_lambda_event_source_mapping" "scale_runners_lambda" { diff --git a/modules/runners/variables.tf b/modules/runners/variables.tf index dec8424be9..35ee41b2c6 100644 --- a/modules/runners/variables.tf +++ b/modules/runners/variables.tf @@ -78,4 +78,17 @@ variable "userdata_post_install" { type = string default = "" } + variable "sqs" {} + +variable "enable_organization_runners" { + type = bool +} + +variable "github_app_key_base64" {} + +variable "github_app_id" {} + +variable "github_app_client_id" {} + +variable "github_app_client_secret" {} diff --git a/variables.tf b/variables.tf index b3c4b6f1f8..2c7ec146d4 100644 --- a/variables.tf +++ b/variables.tf @@ -23,3 +23,15 @@ variable "github_app_webhook_secret" { description = "Secret for the GitHub App webhook" type = string } + +variable "enable_organization_runners" { + type = bool +} + +variable "github_app_key_base64" {} + +variable "github_app_id" {} + +variable "github_app_client_id" {} + +variable "github_app_client_secret" {}