This is an automated email from the ASF dual-hosted git repository.
shunping pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/beam.git
The following commit(s) were added to refs/heads/master by this push:
new 1b4e0c2a560 Modernize terraform config for self-hosted runners (#37127)
1b4e0c2a560 is described below
commit 1b4e0c2a5603bc171a85f67ac5fc0e9a08009eef
Author: Shunping Huang <[email protected]>
AuthorDate: Wed Dec 17 09:38:03 2025 -0500
Modernize terraform config for self-hosted runners (#37127)
* Change terraform config to use new syntax.
* Add a section in README about updating terraform config for self-hosted
runners.
---
.../gh-actions-self-hosted-runners/arc/README.md | 21 +++++++++++++++++++-
.github/gh-actions-self-hosted-runners/arc/helm.tf | 23 +++++++++++-----------
.../gh-actions-self-hosted-runners/arc/provider.tf | 6 +++---
3 files changed, 35 insertions(+), 15 deletions(-)
diff --git a/.github/gh-actions-self-hosted-runners/arc/README.md
b/.github/gh-actions-self-hosted-runners/arc/README.md
index e5055826d00..2880f5dc987 100644
--- a/.github/gh-actions-self-hosted-runners/arc/README.md
+++ b/.github/gh-actions-self-hosted-runners/arc/README.md
@@ -96,7 +96,26 @@ terraform init -backend-config="bucket=bucket_name"
terraform apply -var-file=environments/environment_name.env
```
+# Updating
+If you need to update the configuration (e.g. upgrading the github runner
image, changing resource settings, etc), follow the steps below:
+
+1. From this directory, login to your gcloud account that you created the
bucket with and init terraform. Replace bucket_name with the bucket for storing
terraform state, e.g. `beam-arc-state`.
+```
+gcloud auth login
+gcloud auth application-default login
+terraform init -backend-config="bucket=bucket_name"
+```
+
+2. Terraform plan. Replace environment_name.env with the file under
environments, e.g. `beam.env`. Fix config problems if any.
+```
+terraform plan -var-file=environments/environment_name.env
+```
+
+3. Terraform apply. Replace environment_name.env with the file under
environments, e.g. `beam.env`.
+```
+terraform apply -var-file=environments/environment_name.env
+```
+
# Maintanance
- To access the ARC k8s cluster call the `get_kubeconfig_command` terraform
output and run the command
-
diff --git a/.github/gh-actions-self-hosted-runners/arc/helm.tf
b/.github/gh-actions-self-hosted-runners/arc/helm.tf
index 4c2badaf323..aa5bd25cef7 100644
--- a/.github/gh-actions-self-hosted-runners/arc/helm.tf
+++ b/.github/gh-actions-self-hosted-runners/arc/helm.tf
@@ -22,14 +22,16 @@ resource "helm_release" "cert-manager" {
create_namespace = true
repository = "https://charts.jetstack.io";
chart = "cert-manager"
-
+
atomic = "true"
timeout = 100
- set {
- name = "installCRDs"
- value = "true"
- }
+ set = [
+ {
+ name = "installCRDs"
+ value = "true"
+ }
+ ]
depends_on = [ google_container_node_pool.main-actions-runner-pool ]
}
@@ -43,12 +45,11 @@ resource "helm_release" "arc" {
atomic = "true"
timeout = 120
- dynamic "set" {
- for_each = local.arc_values
- content {
- name = set.key
- value = set.value
+ set = [
+ for k, v in local.arc_values : {
+ name = k
+ value = v
}
- }
+ ]
depends_on = [ helm_release.cert-manager ]
}
diff --git a/.github/gh-actions-self-hosted-runners/arc/provider.tf
b/.github/gh-actions-self-hosted-runners/arc/provider.tf
index dc557b62a55..81e8625afc0 100644
--- a/.github/gh-actions-self-hosted-runners/arc/provider.tf
+++ b/.github/gh-actions-self-hosted-runners/arc/provider.tf
@@ -25,7 +25,7 @@ terraform {
required_providers {
google = {
source = "hashicorp/google"
- version = "~> 4.62.0"
+ version = "~> 6.7.0"
}
kubectl = {
source = "alekc/kubectl"
@@ -40,7 +40,7 @@ provider "google" {
}
provider "helm" {
- kubernetes {
+ kubernetes = {
host =
"https://${google_container_cluster.actions-runner-gke.endpoint}";
token = data.google_client_config.provider.access_token
cluster_ca_certificate =
base64decode(google_container_cluster.actions-runner-gke.master_auth.0.cluster_ca_certificate)
@@ -66,4 +66,4 @@ provider "github" {
}
owner = var.organization
-}
\ No newline at end of file
+}
