feat: Add option to disable lambda to sync runner binaries

main.tf

@@ -3,7 +3,7 @@ locals {
     "ghr:environment" = var.prefix
   })
 
-  s3_action_runner_url = "s3://${module.runner_binaries.bucket.id}/${module.runner_binaries.runner_distribution_object_key}"
+  s3_action_runner_url = var.enable_runner_binaries_syncer ? "s3://${module.runner_binaries[0].bucket.id}/${module.runner_binaries[0].runner_distribution_object_key}" : null
   github_app_parameters = {
     id         = module.ssm.parameters.github_app_id
     key_base64 = module.ssm.parameters.github_app_key_base64
@@ -134,7 +134,7 @@ module "runners" {
   prefix        = var.prefix
   tags          = local.tags
 
-  s3_bucket_runner_binaries   = module.runner_binaries.bucket
+  s3_bucket_runner_binaries   = var.enable_runner_binaries_syncer ? module.runner_binaries[0].bucket : null
   s3_location_runner_binaries = local.s3_action_runner_url
 
   runner_os                     = var.runner_os
@@ -169,6 +169,7 @@ module "runners" {
   runner_additional_security_group_ids = var.runner_additional_security_group_ids
   metadata_options                     = var.runner_metadata_options
 
+  enable_runner_binaries_syncer    = var.enable_runner_binaries_syncer
   lambda_s3_bucket                 = var.lambda_s3_bucket
   runners_lambda_s3_key            = var.runners_lambda_s3_key
   runners_lambda_s3_object_version = var.runners_lambda_s3_object_version
@@ -218,6 +219,8 @@ module "runners" {
 }
 
 module "runner_binaries" {
+  count = var.enable_runner_binaries_syncer ? 1 : 0
+
   source = "./modules/runner-binaries-syncer"
 
   aws_region = var.aws_region

modules/runners/main.tf

@@ -126,7 +126,7 @@ resource "aws_launch_template" "runner" {
   user_data = var.enabled_userdata ? base64encode(templatefile(local.userdata_template, {
     pre_install = var.userdata_pre_install
     install_runner = templatefile(local.userdata_install_runner[var.runner_os], {
-      S3_LOCATION_RUNNER_DISTRIBUTION = var.s3_location_runner_binaries
+      S3_LOCATION_RUNNER_DISTRIBUTION = var.enable_runner_binaries_syncer ? var.s3_location_runner_binaries : ""
       RUNNER_ARCHITECTURE             = var.runner_architecture
     })
     post_install    = var.userdata_post_install

modules/runners/policies-runner.tf

@@ -33,6 +33,8 @@ resource "aws_iam_role_policy" "ssm_parameters" {
 }
 
 resource "aws_iam_role_policy" "dist_bucket" {
+  count = var.enable_runner_binaries_syncer ? 1 : 0
+
   name = "distribution-bucket"
   role = aws_iam_role.runner.name
   policy = templatefile("${path.module}/policies/instance-s3-policy.json",

modules/runners/variables.tf

@@ -566,4 +566,10 @@ variable "lambda_architecture" {
     condition     = contains(["arm64", "x86_64"], var.lambda_architecture)
     error_message = "`lambda_architecture` value is not valid, valid values are: `arm64` and `x86_64`."
   }
-}
+}
+
+variable "enable_runner_binaries_syncer" {
+  description = "Option to disable the lambda to sync GitHub runner distribution, usefull when using a pre-build AMI."
+  type        = bool
+  default     = true
+}

outputs.tf

@@ -14,12 +14,12 @@ output "runners" {
 }
 
 output "binaries_syncer" {
-  value = {
-    lambda      = module.runner_binaries.lambda
-    lambda_role = module.runner_binaries.lambda_role
+  value = var.enable_runner_binaries_syncer ? {
+    lambda      = module.runner_binaries[0].lambda
+    lambda_role = module.runner_binaries[0].lambda_role
     location    = local.s3_action_runner_url
-    bucket      = module.runner_binaries.bucket
-  }
+    bucket      = module.runner_binaries[0].bucket
+  } : null
 }
 
 output "webhook" {

variables.tf

@@ -662,4 +662,10 @@ variable "lambda_architecture" {
     condition     = contains(["arm64", "x86_64"], var.lambda_architecture)
     error_message = "`lambda_architecture` value is not valid, valid values are: `arm64` and `x86_64`."
   }
-}
+}
+
+variable "enable_runner_binaries_syncer" {
+  description = "Option to disable the lambda to sync GitHub runner distribution, usefull when using a pre-build AMI."
+  type        = bool
+  default     = true
+}