feat: Conditionally create node pool (#12)

README.md

@@ -7,7 +7,7 @@ The runners created by the module use preemptible instances by default for runni
 - Shared cache in GCS with life cycle management to clear objects after x days.
 - Runner agents registered automatically.
 
-The runner supports 2 main scenarios:
+The runner supports:
 
 ### GitLab CI docker-machine runner 
 
@@ -17,6 +17,11 @@ In this scenario the runner agent is running on a GCP Compute Instance and runne
 
 In this scenario _not_ docker machine is used but docker to schedule the builds. Builds will run on the same compute instance as the agent. 
 
+### GitLab CI Kubernetes Runner
+
+See [gke-runner](./modules/gke-runner)
+
+
 ## Autoscaling the Runners
 Both docker-machine runner and docker runners autoscale using GCP Custom metrics. The runner publishes running jobs metrics to stackdriver which is then used to scale up/down the number of active runners. `var.runners_min_replicas` and `var.runners_max_replicas` defined variables for the minimum and maximum number of runners respectively. It uses Google Managed Instance Group Autoscaler to scale when the average of running jobs exceeds `var.runners_concurrent`. 
 
@@ -50,10 +55,10 @@ By default the module creates a a cache for the runner in Google Cloud Storage.
 module "runner" {
   source  = "DeimosCloud/gitlab-ci-runner/google"
 
-  network = "default"
+  network    = "default"
   subnetwork = "someNetwork"
-  region  = "europe-west1"
-  project = local.project_id
+  region     = "europe-west1"
+  project    = local.project_id
 
   runners_name       = "docker-default"
   runners_gitlab_url = "https://gitlab.com"

modules/gke-runner/README.md

@@ -1,23 +1,20 @@
-# Terraform Kubernetes Gitlab-Runner On GKE Module
+# Gitlab-Runner On GKE
+
 Setup Gitlab Runner on a GKE cluster using terraform. The runner is installed via the [Deimos kubernetes gitlab runner module](https://registry.terraform.io/modules/DeimosCloud/gitlab-runner/kubernetes/latest)
 
-Ensure Kubernetes Provider and Helm Provider settings are correct
-https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/guides/getting-started#provider-setup
+Ensure Kubernetes Provider and Helm Provider are configured properly https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/guides/getting-started#provider-setup
 
 ## Usage
 ```hcl
-
 module "runner" {
-    source                    = "DeimosCloud/gitlab-ci-runner/google"
-
-    project                   = var.project_id
-    cluster_name              = var.cluster_name
-    cluster_location          = var.cluster_location
+    source            = "DeimosCloud/gitlab-ci-runner/google//modules/gke-runner"
+    project           = var.project_id
+    region            = var.region
+    cluster_name      = var.cluster_name
+    cluster_location  = var.cluster_location
     
     runner_registration_token = var.runner_registration_token
     runner_tags               = var.runner_tags
-
-    cache_location            = var.region
 }
 ```
 
@@ -138,4 +135,4 @@ To pass in custom values use `var.values_file` which specifies a path containing
 | <a name="output_cache_bucket_name"></a> [cache\_bucket\_name](#output\_cache\_bucket\_name) | name of the gcs bucket used a s runner cache |
 | <a name="output_namespace"></a> [namespace](#output\_namespace) | namespace in which the runners were created |
 | <a name="output_node_pool_name"></a> [node\_pool\_name](#output\_node\_pool\_name) | name of the node pool where the runner pods are created |
-<!-- END_TF_DOCS -->
+<!-- END_TF_DOCS -->

modules/gke-runner/main.tf

@@ -33,11 +33,12 @@ resource "random_id" "random_suffix" {
   byte_length = 4
 }
 
-resource "google_container_node_pool" "gitlab_runner_pool" {
+resource "google_container_node_pool" "this" {
+  count              = var.create_node_pool ? 1 : 0
   name               = local.node_pool_name
   cluster            = data.google_container_cluster.this_cluster.id
   initial_node_count = var.initial_node_count
-  node_locations     = var.runner_node_pool_zones
+  node_locations     = var.runner_node_locations
 
   autoscaling {
     min_node_count = var.runner_node_pool_min_node_count
@@ -96,10 +97,6 @@ resource "kubernetes_namespace" "runner_namespace" {
   metadata {
     name = var.runner_namespace
   }
-
-  depends_on = [
-    google_container_node_pool.gitlab_runner_pool
-  ]
 }
 
 resource "kubernetes_secret" "cache_secret" {
@@ -113,7 +110,7 @@ resource "kubernetes_secret" "cache_secret" {
   }
 
   depends_on = [
-    google_container_node_pool.gitlab_runner_pool,
+    google_container_node_pool.this,
     kubernetes_namespace.runner_namespace
   ]
 }
@@ -124,7 +121,7 @@ resource "kubernetes_secret" "cache_secret" {
 #-----------------------------------------------------------------------
 module "kubernetes_gitlab_runner" {
   source  = "DeimosCloud/gitlab-runner/kubernetes"
-  version = "~>1.3.0"
+  version = "~>1.4.0"
 
   release_name  = var.runner_release_name
   chart_version = var.chart_version
@@ -143,7 +140,7 @@ module "kubernetes_gitlab_runner" {
   run_untagged_jobs         = var.run_untagged_jobs
   unregister_runners        = var.unregister_runners
 
-  manager_node_selectors   = var.runner_node_pool_node_labels
+  manager_node_selectors   = var.manager_node_selectors
   manager_node_tolerations = var.manager_node_tolerations
   manager_pod_annotations  = var.manager_pod_annotations
   manager_pod_labels       = var.manager_pod_labels
@@ -153,6 +150,8 @@ module "kubernetes_gitlab_runner" {
   build_job_secret_volumes        = var.build_job_secret_volumes
   build_job_mount_docker_socket   = var.build_job_mount_docker_socket
   build_job_run_container_as_user = var.build_job_run_container_as_user
+  build_job_requests              = var.build_job_requests
+  build_job_limits                = var.build_job_limits
 
   docker_fs_group = var.docker_fs_group
 
@@ -190,8 +189,4 @@ module "kubernetes_gitlab_runner" {
       protected = var.runner_protected
     }
   }
-
-  depends_on = [
-    google_container_node_pool.gitlab_runner_pool
-  ]
-}
+}

modules/gke-runner/output.tf

@@ -4,7 +4,7 @@
 # }
 
 output "node_pool_name" {
-  value       = google_container_node_pool.gitlab_runner_pool.name
+  value       = var.create_node_pool ? google_container_node_pool.this.0.name : var.runner_node_pool_name
   description = "name of the node pool where the runner pods are created"
 }
 
@@ -16,4 +16,4 @@ output "cache_bucket_name" {
 output "namespace" {
   value       = module.kubernetes_gitlab_runner.namespace
   description = "namespace in which the runners were created"
-}
+}

modules/gke-runner/variables.tf

@@ -1,4 +1,3 @@
-
 variable "project" {
   description = "project in which to create iam binding for the cluster node service account"
   type        = string
@@ -19,9 +18,14 @@ variable "cluster_location" {
   type        = string
 }
 
-variable "runner_node_pool_zones" {
+variable "create_node_pool" {
+  description = "if true, a node pool for running the jobs will be created"
+  default     = true
+}
+
+variable "runner_node_locations" {
   type        = list(string)
-  description = "The zones to host the cluster in (optional if regional cluster / required if zonal)"
+  description = "The list of zones in which the node pool's nodes should be located. Nodes must be in the region of their regional cluster or in the same region as their cluster's zone for zonal clusters. If unspecified, the cluster-level node_locations will be used"
   default     = null
 }
 
@@ -228,7 +232,7 @@ variable "unregister_runners" {
 variable "runner_namespace" {
   description = "kubernetes namespace in which to create the runner"
   type        = string
-  default     = "runner"
+  default     = "gitlab-runner"
 }
 
 variable "gitlab_url" {
@@ -251,13 +255,12 @@ variable "runner_locked" {
 
 variable "manager_node_tolerations" {
   description = "tolerations to apply to the manager pod"
-  default = [
-    {
-      key      = "role"
-      operator = "Exists"
-      effect   = "NoSchedule"
-    }
-  ]
+  default     = []
+}
+
+variable "manager_node_selectors" {
+  description = "A map of node selectors to apply to the pods"
+  default     = {}
 }
 
 variable "runner_name" {
@@ -358,7 +361,7 @@ variable "build_job_secret_volumes" {
 
 variable "build_job_mount_docker_socket" {
   default     = true
-  description = "whether to enable docker build commands in CI jobs run on the runner. without running container in privileged mode"
+  description = "Whether to enable docker build commands in CI jobs run on the runner. without running container in privileged mode"
   type        = bool
 }
 
@@ -376,17 +379,42 @@ variable "build_job_run_container_as_user" {
 
 variable "run_untagged_jobs" {
   description = "Specify if jobs without tags should be run. https://docs.gitlab.com/ce/ci/runners/#runner-is-allowed-to-run-untagged-jobs"
-  default     = true
+  default     = false
 }
 
 variable "runner_token" {
   description = "token of already registered runer. to use this var.runner_registration_token must be set to null"
   type        = string
   default     = null
 }
+
 variable "runner_protected" {
   description = ""
   type        = bool
-  default     = true
+  default     = false
+}
+
+variable "build_job_limits" {
+  description = "The CPU and memory limits for job containers"
+  type = object({
+    cpu    = string
+    memory = string
+  })
+  default = {
+    cpu    = "2"
+    memory = "1Gi"
+  }
+}
+
+variable "build_job_requests" {
+  description = "The CPU and memory requests for job containers"
+  type = object({
+    cpu    = string
+    memory = string
+  })
+  default = {
+    cpu    = "1"
+    memory = "512Mi"
+  }
 }
 

modules/gke-runner/versions.tf

@@ -0,0 +1,17 @@
+terraform {
+  required_version = ">= 0.13"
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = ">= 3.40"
+    }
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = ">= 1.12"
+    }
+    helm = {
+      source  = "hashicorp/helm"
+      version = ">= 1.2"
+    }
+  }
+}

versions.tf

@@ -1,19 +1,9 @@
-/**
- * Copyright 2021 Mantel Group Pty Ltd
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
 terraform {
-  required_version = ">= 0.14"
+  required_version = ">= 0.13"
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = ">= 3.40"
+    }
+  }
 }