Sample Terraform Code
resource "google_compute_network" "vpc" {
name = "vpc"
auto_create_subnetworks = "false"
}
resource "google_compute_subnetwork" "vm-subnet" {
name = "github-build"
ip_cidr_range = "192.168.222.0/24"
network = google_compute_network.vpc.name
depends_on = [google_compute_network.vpc]
region = var.region
private_ip_google_access = true
}
module "ci" {
source = "git::https://github.com/evildotuk/terraform-google-github-actions-runner"
gcp_project = var.gcp_project
gcp_zone = var.gcp_zone
ci_token = var.ci_token
ci_repo = var.ci_repo
ci_owner = var.ci_owner
boot_disk_type = "pd-ssd"
ci_runner_disk_size = 200
ci_runner_instance_type = "n2-custom-8-8192"
network_interface = google_compute_network.vpc.name
network_subnetwork = google_compute_subnetwork.vm-subnet.name
depends_on = [
google_compute_network.vpc,
google_compute_subnetwork.vm-subnet
]
}
resource "google_compute_firewall" "docker-ssh" {
name = "docker-internal-ssh"
network = google_compute_network.vpc.name
allow {
protocol = "icmp"
}
allow {
protocol = "tcp"
ports = ["22"]
}
source_ranges = [google_compute_subnetwork.vm-subnet.ip_cidr_range, "35.235.240.0/20"] # our subnet + google IAP (https://cloud.google.com/iap/docs/using-tcp-forwarding)
}Copyright 2022-2024 EDOT Ltd Copyright 2021 Mantel Group Pty Ltd
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
| Name | Version |
|---|---|
| terraform | >= 0.14 |
| Name | Version |
|---|---|
| n/a |
No modules.
| Name | Type |
|---|---|
| google_compute_instance_group_manager.ci-runner-gm | resource |
| google_compute_instance_template.ci_runner | resource |
| google_project_iam_binding.monitoring-writer-role | resource |
| google_service_account.ci_runner | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| boot_disk_type | n/a | string |
"pd-balanced" |
no |
| boot_image | n/a | string |
"ubuntu-2404-lts" |
no |
| ci_owner | The repository organisation name / username from GitHub. | string |
n/a | yes |
| ci_repo | The runner repository from GitHub. | string |
n/a | yes |
| ci_runner_disk_size | The size of the persistent disk in GB. | string |
"20" |
no |
| ci_runner_instance_type | The instance type used for the runner. This shouldn't need to be changed because the builds themselves run on separate worker instances. |
string |
"n2-standard-4" |
no |
| ci_token | The runner registration token obtained from GitHub. | string |
n/a | yes |
| gcp_project | The GCP project to deploy the runner into. | string |
n/a | yes |
| gcp_resource_prefix | The prefix to apply to all GCP resource names (e.g. -runner, -worker-1). | string |
"github-ci" |
no |
| gcp_zone | The GCP zone to deploy the runner into. | string |
n/a | yes |
| network_interface | (Required) Networks to attach to the instance. This can be specified multiple times. Structure is documented below. | string |
"default" |
no |
| network_subnetwork | (Optional) The name or self_link of the subnetwork to attach this interface to. The subnetwork must exist in the same region this instance will be created in. If network isn't provided it will be inferred from the subnetwork. | string |
null |
no |
| preemptible | n/a | bool |
true |
no |
No outputs.