From 6b44f4b8c293f4fed8594801c3ffdc1da3d578bc Mon Sep 17 00:00:00 2001 From: Grant Sorbo Date: Fri, 20 Sep 2024 14:59:58 +0000 Subject: [PATCH 1/8] fix: reformat secondary range --- modules/gh-runner-gke/main.tf | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/modules/gh-runner-gke/main.tf b/modules/gh-runner-gke/main.tf index 46d7abd..a44eaaf 100644 --- a/modules/gh-runner-gke/main.tf +++ b/modules/gh-runner-gke/main.tf @@ -35,16 +35,18 @@ resource "google_compute_subnetwork" "gh-subnetwork" { ip_cidr_range = var.subnet_ip region = var.region network = google_compute_network.gh-network[0].name - secondary_ip_range = [ - { - range_name = var.ip_range_pods_name - ip_cidr_range = var.ip_range_pods_cidr - }, - { range_name = var.ip_range_services_name - ip_cidr_range = var.ip_range_services_cider - } - ] + + secondary_ip_range { + range_name = var.ip_range_pods_name + ip_cidr_range = var.ip_range_pods_cidr + } + + secondary_ip_range { + range_name = var.ip_range_services_name + ip_cidr_range = var.ip_range_services_cider + } } + /***************************************** Runner GKE *****************************************/ From c9589a65b02f393bc748d38f16a4612fa7ac53c9 Mon Sep 17 00:00:00 2001 From: Grant Sorbo Date: Fri, 20 Sep 2024 15:39:22 +0000 Subject: [PATCH 2/8] fix: bump GKE and add OIDC condition --- examples/oidc-simple/main.tf | 7 ++++--- modules/gh-runner-gke/main.tf | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/examples/oidc-simple/main.tf b/examples/oidc-simple/main.tf index a8fae5b..4065df5 100644 --- a/examples/oidc-simple/main.tf +++ b/examples/oidc-simple/main.tf @@ -30,9 +30,10 @@ module "oidc" { source = "terraform-google-modules/github-actions-runners/google//modules/gh-oidc" version = "~> 3.0" - project_id = var.project_id - pool_id = "example-pool" - provider_id = "example-gh-provider" + project_id = var.project_id + pool_id = "example-pool" + provider_id = "example-gh-provider" + attribute_condition = "assertion.repository_owner_id=='1342004'" sa_mapping = { (google_service_account.sa.account_id) = { sa_name = google_service_account.sa.name diff --git a/modules/gh-runner-gke/main.tf b/modules/gh-runner-gke/main.tf index a44eaaf..ce66128 100644 --- a/modules/gh-runner-gke/main.tf +++ b/modules/gh-runner-gke/main.tf @@ -52,7 +52,7 @@ resource "google_compute_subnetwork" "gh-subnetwork" { *****************************************/ module "runner-cluster" { source = "terraform-google-modules/kubernetes-engine/google//modules/beta-public-cluster/" - version = "~> 32.0" + version = "~> 33.0" project_id = var.project_id name = "gh-runner-${var.cluster_suffix}" regional = false From 3d8f0be00f5860328cddbf7748154b2b10dc8d4d Mon Sep 17 00:00:00 2001 From: Grant Sorbo Date: Fri, 20 Sep 2024 16:21:07 +0000 Subject: [PATCH 3/8] fix: revert and add provider constraint --- examples/oidc-simple/main.tf | 7 +++---- modules/gh-runner-gke/main.tf | 3 +-- modules/gh-runner-gke/versions.tf | 2 +- 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/examples/oidc-simple/main.tf b/examples/oidc-simple/main.tf index 4065df5..a8fae5b 100644 --- a/examples/oidc-simple/main.tf +++ b/examples/oidc-simple/main.tf @@ -30,10 +30,9 @@ module "oidc" { source = "terraform-google-modules/github-actions-runners/google//modules/gh-oidc" version = "~> 3.0" - project_id = var.project_id - pool_id = "example-pool" - provider_id = "example-gh-provider" - attribute_condition = "assertion.repository_owner_id=='1342004'" + project_id = var.project_id + pool_id = "example-pool" + provider_id = "example-gh-provider" sa_mapping = { (google_service_account.sa.account_id) = { sa_name = google_service_account.sa.name diff --git a/modules/gh-runner-gke/main.tf b/modules/gh-runner-gke/main.tf index ce66128..9abc5b6 100644 --- a/modules/gh-runner-gke/main.tf +++ b/modules/gh-runner-gke/main.tf @@ -46,13 +46,12 @@ resource "google_compute_subnetwork" "gh-subnetwork" { ip_cidr_range = var.ip_range_services_cider } } - /***************************************** Runner GKE *****************************************/ module "runner-cluster" { source = "terraform-google-modules/kubernetes-engine/google//modules/beta-public-cluster/" - version = "~> 33.0" + version = "~> 32.0" project_id = var.project_id name = "gh-runner-${var.cluster_suffix}" regional = false diff --git a/modules/gh-runner-gke/versions.tf b/modules/gh-runner-gke/versions.tf index 0778952..858de1d 100644 --- a/modules/gh-runner-gke/versions.tf +++ b/modules/gh-runner-gke/versions.tf @@ -20,7 +20,7 @@ terraform { google = { source = "hashicorp/google" - version = ">= 4.3.0, < 7" + version = ">= 4.3.0, < 6.2" } kubernetes = { From 8d64b9dc4e88d8cc3a0f2cdb933de1016b658f0b Mon Sep 17 00:00:00 2001 From: Grant Sorbo Date: Fri, 20 Sep 2024 17:23:58 +0000 Subject: [PATCH 4/8] fix: OIDC fix --- examples/oidc-simple/main.tf | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/examples/oidc-simple/main.tf b/examples/oidc-simple/main.tf index a8fae5b..4065df5 100644 --- a/examples/oidc-simple/main.tf +++ b/examples/oidc-simple/main.tf @@ -30,9 +30,10 @@ module "oidc" { source = "terraform-google-modules/github-actions-runners/google//modules/gh-oidc" version = "~> 3.0" - project_id = var.project_id - pool_id = "example-pool" - provider_id = "example-gh-provider" + project_id = var.project_id + pool_id = "example-pool" + provider_id = "example-gh-provider" + attribute_condition = "assertion.repository_owner_id=='1342004'" sa_mapping = { (google_service_account.sa.account_id) = { sa_name = google_service_account.sa.name From a769d6fc5463ee2938c7c74aa424d4624f57c0e7 Mon Sep 17 00:00:00 2001 From: Grant Sorbo Date: Fri, 20 Sep 2024 17:53:37 +0000 Subject: [PATCH 5/8] fix: provider constraint --- modules/gh-runner-gke/versions.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/gh-runner-gke/versions.tf b/modules/gh-runner-gke/versions.tf index 858de1d..b228041 100644 --- a/modules/gh-runner-gke/versions.tf +++ b/modules/gh-runner-gke/versions.tf @@ -20,7 +20,7 @@ terraform { google = { source = "hashicorp/google" - version = ">= 4.3.0, < 6.2" + version = ">= 4.3.0, < 5.44" } kubernetes = { From b23eeb084f67edb7d4d906dd3486f683abb06062 Mon Sep 17 00:00:00 2001 From: Grant Sorbo Date: Fri, 20 Sep 2024 20:02:39 +0000 Subject: [PATCH 6/8] fix: beta provider --- modules/gh-runner-gke/versions.tf | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/modules/gh-runner-gke/versions.tf b/modules/gh-runner-gke/versions.tf index b228041..27f5cc6 100644 --- a/modules/gh-runner-gke/versions.tf +++ b/modules/gh-runner-gke/versions.tf @@ -23,6 +23,11 @@ terraform { version = ">= 4.3.0, < 5.44" } + google-beta = { + source = "hashicorp/google-beta" + version = ">= 4.3.0, < 5.44" + } + kubernetes = { source = "hashicorp/kubernetes" version = "~> 2.0" From 2c1e98e7e329909b6e5fae842a7bfd0b62e7a9d2 Mon Sep 17 00:00:00 2001 From: Grant Sorbo Date: Fri, 20 Sep 2024 21:07:16 +0000 Subject: [PATCH 7/8] fix: adjust provider version constraint --- examples/gh-runner-gke-dind-rootless/versions.tf | 8 ++++++-- examples/gh-runner-gke-dind/versions.tf | 8 ++++++-- examples/gh-runner-gke-simple/versions.tf | 8 ++++++-- modules/gh-runner-gke/versions.tf | 4 ++-- 4 files changed, 20 insertions(+), 8 deletions(-) diff --git a/examples/gh-runner-gke-dind-rootless/versions.tf b/examples/gh-runner-gke-dind-rootless/versions.tf index 52f9cc4..d23f650 100644 --- a/examples/gh-runner-gke-dind-rootless/versions.tf +++ b/examples/gh-runner-gke-dind-rootless/versions.tf @@ -16,11 +16,15 @@ terraform { required_providers { + # TODO: undo version constraint pending provider bug + # https://github.com/GoogleCloudPlatform/magic-modules/pull/11688 google = { - source = "hashicorp/google" + source = "hashicorp/google" + version = ">= 4.3.0, < 6.2" } google-beta = { - source = "hashicorp/google-beta" + source = "hashicorp/google-beta" + version = ">= 4.3.0, < 6.2" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/examples/gh-runner-gke-dind/versions.tf b/examples/gh-runner-gke-dind/versions.tf index 52f9cc4..d23f650 100644 --- a/examples/gh-runner-gke-dind/versions.tf +++ b/examples/gh-runner-gke-dind/versions.tf @@ -16,11 +16,15 @@ terraform { required_providers { + # TODO: undo version constraint pending provider bug + # https://github.com/GoogleCloudPlatform/magic-modules/pull/11688 google = { - source = "hashicorp/google" + source = "hashicorp/google" + version = ">= 4.3.0, < 6.2" } google-beta = { - source = "hashicorp/google-beta" + source = "hashicorp/google-beta" + version = ">= 4.3.0, < 6.2" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/examples/gh-runner-gke-simple/versions.tf b/examples/gh-runner-gke-simple/versions.tf index 52f9cc4..d23f650 100644 --- a/examples/gh-runner-gke-simple/versions.tf +++ b/examples/gh-runner-gke-simple/versions.tf @@ -16,11 +16,15 @@ terraform { required_providers { + # TODO: undo version constraint pending provider bug + # https://github.com/GoogleCloudPlatform/magic-modules/pull/11688 google = { - source = "hashicorp/google" + source = "hashicorp/google" + version = ">= 4.3.0, < 6.2" } google-beta = { - source = "hashicorp/google-beta" + source = "hashicorp/google-beta" + version = ">= 4.3.0, < 6.2" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/modules/gh-runner-gke/versions.tf b/modules/gh-runner-gke/versions.tf index 27f5cc6..20c3e8c 100644 --- a/modules/gh-runner-gke/versions.tf +++ b/modules/gh-runner-gke/versions.tf @@ -20,12 +20,12 @@ terraform { google = { source = "hashicorp/google" - version = ">= 4.3.0, < 5.44" + version = ">= 4.3.0, < 7" } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.3.0, < 5.44" + version = ">= 4.3.0, < 7" } kubernetes = { From c5a9bf821d59dfb207c35845d5e8d9807bbeb673 Mon Sep 17 00:00:00 2001 From: Grant Sorbo Date: Fri, 20 Sep 2024 21:41:15 +0000 Subject: [PATCH 8/8] fix: adjust version --- examples/gh-runner-gke-dind-rootless/versions.tf | 4 ++-- examples/gh-runner-gke-dind/versions.tf | 4 ++-- examples/gh-runner-gke-simple/versions.tf | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/examples/gh-runner-gke-dind-rootless/versions.tf b/examples/gh-runner-gke-dind-rootless/versions.tf index d23f650..12e52e1 100644 --- a/examples/gh-runner-gke-dind-rootless/versions.tf +++ b/examples/gh-runner-gke-dind-rootless/versions.tf @@ -20,11 +20,11 @@ terraform { # https://github.com/GoogleCloudPlatform/magic-modules/pull/11688 google = { source = "hashicorp/google" - version = ">= 4.3.0, < 6.2" + version = ">= 4.3.0, < 5.44" } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.3.0, < 6.2" + version = ">= 4.3.0, < 5.44" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/examples/gh-runner-gke-dind/versions.tf b/examples/gh-runner-gke-dind/versions.tf index d23f650..12e52e1 100644 --- a/examples/gh-runner-gke-dind/versions.tf +++ b/examples/gh-runner-gke-dind/versions.tf @@ -20,11 +20,11 @@ terraform { # https://github.com/GoogleCloudPlatform/magic-modules/pull/11688 google = { source = "hashicorp/google" - version = ">= 4.3.0, < 6.2" + version = ">= 4.3.0, < 5.44" } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.3.0, < 6.2" + version = ">= 4.3.0, < 5.44" } kubernetes = { source = "hashicorp/kubernetes" diff --git a/examples/gh-runner-gke-simple/versions.tf b/examples/gh-runner-gke-simple/versions.tf index d23f650..12e52e1 100644 --- a/examples/gh-runner-gke-simple/versions.tf +++ b/examples/gh-runner-gke-simple/versions.tf @@ -20,11 +20,11 @@ terraform { # https://github.com/GoogleCloudPlatform/magic-modules/pull/11688 google = { source = "hashicorp/google" - version = ">= 4.3.0, < 6.2" + version = ">= 4.3.0, < 5.44" } google-beta = { source = "hashicorp/google-beta" - version = ">= 4.3.0, < 6.2" + version = ">= 4.3.0, < 5.44" } kubernetes = { source = "hashicorp/kubernetes"