Merge pull request #114 from spacelift-io/revert-autoscaler-tf

fix: revert autoscaler changes

Author: Apollorion

.spacelift/config.yml

@@ -1,5 +1,5 @@
 version: 1
-module_version: 2.8.0
+module_version: 2.9.0
 tests:
   - name: AMD64-based workerpool
     project_root: examples/amd64

README.md

@@ -74,23 +74,35 @@ $ make docs
 
 | Name | Version |
 |------|---------|
+| <a name="provider_archive"></a> [archive](#provider\_archive) | n/a |
 | <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.55.0 |
+| <a name="provider_null"></a> [null](#provider\_null) | n/a |
 
 ## Modules
 
 | Name | Source | Version |
 |------|--------|---------|
 | <a name="module_asg"></a> [asg](#module\_asg) | terraform-aws-modules/autoscaling/aws | ~> 8.0 |
-| <a name="module_autoscaler"></a> [autoscaler](#module\_autoscaler) | github.com/spacelift-io/ec2-workerpool-autoscaler//iac | n/a |
 
 ## Resources
 
 | Name | Type |
 |------|------|
+| [aws_cloudwatch_event_rule.scheduling](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_rule) | resource |
+| [aws_cloudwatch_event_target.scheduling](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_event_target) | resource |
+| [aws_cloudwatch_log_group.log_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
 | [aws_iam_instance_profile.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_instance_profile) | resource |
+| [aws_iam_role.autoscaler](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
 | [aws_iam_role.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role_policy.autoscaler](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy) | resource |
 | [aws_iam_role_policy_attachment.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_lambda_function.autoscaler](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |
+| [aws_lambda_permission.allow_cloudwatch_to_call_lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
+| [aws_ssm_parameter.spacelift_api_key_secret](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
+| [null_resource.download](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
+| [archive_file.binary](https://registry.terraform.io/providers/hashicorp/archive/latest/docs/data-sources/file) | data source |
 | [aws_ami.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source |
+| [aws_iam_policy_document.autoscaler](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_region.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
 
 ## Inputs
@@ -101,8 +113,7 @@ $ make docs
 | <a name="input_ami_id"></a> [ami\_id](#input\_ami\_id) | ID of the Spacelift AMI. If left empty, the latest Spacelift AMI will be used. | `string` | `""` | no |
 | <a name="input_autoscaler_architecture"></a> [autoscaler\_architecture](#input\_autoscaler\_architecture) | Instruction set architecture of the autoscaler to use | `string` | `"amd64"` | no |
 | <a name="input_autoscaler_s3_package"></a> [autoscaler\_s3\_package](#input\_autoscaler\_s3\_package) | Configuration to retrieve autoscaler lambda package from s3 bucket | <pre>object({<br>    bucket         = string<br>    key            = string<br>    object_version = optional(string)<br>  })</pre> | `null` | no |
-| <a name="input_autoscaler_version"></a> [autoscaler\_version](#input\_autoscaler\_version) | Version of the autoscaler to deploy | `string` | `"latest"` | no |
-| <a name="input_autoscaling_group_arn"></a> [autoscaling\_group\_arn](#input\_autoscaling\_group\_arn) | autoscaling group ARN. Required for autoscaler | `string` | n/a | yes |
+| <a name="input_autoscaler_version"></a> [autoscaler\_version](#input\_autoscaler\_version) | Version of the autoscaler to deploy | `string` | `"v0.3.0"` | no |
 | <a name="input_autoscaling_max_create"></a> [autoscaling\_max\_create](#input\_autoscaling\_max\_create) | The maximum number of instances the utility is allowed to create in a single run | `number` | `1` | no |
 | <a name="input_autoscaling_max_terminate"></a> [autoscaling\_max\_terminate](#input\_autoscaling\_max\_terminate) | The maximum number of instances the utility is allowed to terminate in a single run | `number` | `1` | no |
 | <a name="input_autoscaling_timeout"></a> [autoscaling\_timeout](#input\_autoscaling\_timeout) | Timeout (in seconds) for a single autoscaling run. The more instances you have, the higher this should be. | `number` | `30` | no |
@@ -120,7 +131,6 @@ $ make docs
 | <a name="input_max_size"></a> [max\_size](#input\_max\_size) | Maximum number of workers to spin up | `number` | `10` | no |
 | <a name="input_min_size"></a> [min\_size](#input\_min\_size) | Minimum numbers of workers to spin up | `number` | `0` | no |
 | <a name="input_poweroff_delay"></a> [poweroff\_delay](#input\_poweroff\_delay) | Number of seconds to wait before powering the EC2 instance off after the Spacelift launcher stopped | `number` | `15` | no |
-| <a name="input_region"></a> [region](#input\_region) | AWS region to deploy to | `string` | n/a | yes |
 | <a name="input_schedule_expression"></a> [schedule\_expression](#input\_schedule\_expression) | Autoscaler scheduling expression | `string` | `"rate(1 minute)"` | no |
 | <a name="input_security_groups"></a> [security\_groups](#input\_security\_groups) | List of security groups to use | `list(string)` | n/a | yes |
 | <a name="input_spacelift_api_key_endpoint"></a> [spacelift\_api\_key\_endpoint](#input\_spacelift\_api\_key\_endpoint) | Full URL of the Spacelift API endpoint to use, eg. https://demo.app.spacelift.io | `string` | `null` | no |

autoscaler.tf

@@ -1,64 +1,97 @@
-module "autoscaler" {
-  source = "github.com/spacelift-io/ec2-workerpool-autoscaler//iac"
-
-  for_each = var.enable_autoscaling ? toset(["ENABLED"]) : toset([])
-
-  autoscaling_group_arn      = var.autoscaling_group_arn
-  autoscaler_version         = var.autoscaler_version
-  spacelift_api_key_id       = var.spacelift_api_key_id
-  spacelift_api_key_secret   = var.spacelift_api_key_secret
-  spacelift_api_key_endpoint = var.spacelift_api_key_endpoint
-  worker_pool_id             = var.worker_pool_id
-  autoscaler_architecture    = var.autoscaler_architecture
-  autoscaling_timeout        = var.autoscaling_timeout
-  autoscaling_max_create     = var.autoscaling_max_create
-  autoscaling_max_terminate  = var.autoscaling_max_terminate
-  schedule_expression        = var.schedule_expression
-  base_name                  = var.base_name
-  region                     = var.region
-  autoscaler_s3_package      = var.autoscaler_s3_package
-  subnet_ids                 = var.vpc_subnets
-  security_group_ids         = var.security_groups
-
-  depends_on = [module.asg]
+locals {
+  function_name  = "${local.base_name}-ec2-autoscaler"
+  use_s3_package = var.autoscaler_s3_package != null
 }
 
-moved {
-  from = aws_ssm_parameter.spacelift_api_key_secret[0]
-  to   = module.autoscaler["ENABLED"].aws_ssm_parameter.spacelift_api_key_secret
+resource "aws_ssm_parameter" "spacelift_api_key_secret" {
+  count = var.enable_autoscaling ? 1 : 0
+  name  = "/${local.function_name}/spacelift-api-secret-${var.worker_pool_id}"
+  type  = "SecureString"
+  value = var.spacelift_api_key_secret
+  tags  = var.additional_tags
 }
 
-moved {
-  from = null_resource.download[0]
-  to   = module.autoscaler["ENABLED"].null_resource.download
+resource "null_resource" "download" {
+  count = var.enable_autoscaling && !local.use_s3_package ? 1 : 0
+  triggers = {
+    # Always re-download the archive file
+    now = timestamp()
+  }
+  provisioner "local-exec" {
+    command = "${path.module}/download.sh ${var.autoscaler_version} ${var.autoscaler_architecture}"
+  }
 }
 
-moved {
-  from = aws_lambda_function.autoscaler[0]
-  to   = module.autoscaler["ENABLED"].aws_lambda_function.autoscaler
+data "archive_file" "binary" {
+  count       = var.enable_autoscaling && !local.use_s3_package ? 1 : 0
+  type        = "zip"
+  source_file = "lambda/bootstrap"
+  output_path = "ec2-workerpool-autoscaler_${var.autoscaler_version}.zip"
+  depends_on  = [null_resource.download]
 }
 
-moved {
-  from = aws_cloudwatch_event_rule.scheduling[0]
-  to   = module.autoscaler["ENABLED"].aws_cloudwatch_event_rule.scheduling
+resource "aws_lambda_function" "autoscaler" {
+  count = var.enable_autoscaling ? 1 : 0
+
+  filename         = !local.use_s3_package ? data.archive_file.binary[count.index].output_path : null
+  source_code_hash = !local.use_s3_package ? data.archive_file.binary[count.index].output_base64sha256 : null
+
+  s3_bucket         = local.use_s3_package ? var.autoscaler_s3_package.bucket : null
+  s3_key            = local.use_s3_package ? var.autoscaler_s3_package.key : null
+  s3_object_version = local.use_s3_package ? var.autoscaler_s3_package.object_version : null
+
+  function_name = local.function_name
+  role          = aws_iam_role.autoscaler[count.index].arn
+  handler       = "bootstrap"
+  runtime       = "provided.al2"
+  architectures = [var.autoscaler_architecture == "amd64" ? "x86_64" : var.autoscaler_architecture]
+  timeout       = var.autoscaling_timeout
+
+  environment {
+    variables = {
+      AUTOSCALING_GROUP_ARN         = module.asg.autoscaling_group_arn
+      AUTOSCALING_REGION            = data.aws_region.this.name
+      SPACELIFT_API_KEY_ID          = var.spacelift_api_key_id
+      SPACELIFT_API_KEY_SECRET_NAME = aws_ssm_parameter.spacelift_api_key_secret[count.index].name
+      SPACELIFT_API_KEY_ENDPOINT    = var.spacelift_api_key_endpoint
+      SPACELIFT_WORKER_POOL_ID      = var.worker_pool_id
+      AUTOSCALING_MAX_CREATE        = var.autoscaling_max_create
+      AUTOSCALING_MAX_KILL          = var.autoscaling_max_terminate
+    }
+  }
+
+  tracing_config {
+    mode = "Active"
+  }
+  tags = var.additional_tags
 }
 
-moved {
-  from = aws_cloudwatch_event_target.scheduling[0]
-  to   = module.autoscaler["ENABLED"].aws_cloudwatch_event_target.scheduling
+resource "aws_cloudwatch_event_rule" "scheduling" {
+  count               = var.enable_autoscaling ? 1 : 0
+  name                = local.function_name
+  description         = "Spacelift autoscaler scheduling for worker pool ${var.worker_pool_id}"
+  schedule_expression = var.schedule_expression
+  tags                = var.additional_tags
 }
 
-moved {
-  from = aws_lambda_permission.allow_cloudwatch_to_call_lambda[0]
-  to   = module.autoscaler["ENABLED"].aws_lambda_permission.allow_cloudwatch_to_call_lambda
+resource "aws_cloudwatch_event_target" "scheduling" {
+  count = var.enable_autoscaling ? 1 : 0
+  rule  = aws_cloudwatch_event_rule.scheduling[count.index].name
+  arn   = aws_lambda_function.autoscaler[count.index].arn
 }
 
-moved {
-  from = aws_cloudwatch_log_group.log_group[0]
-  to   = module.autoscaler["ENABLED"].aws_cloudwatch_log_group.log_group
+resource "aws_lambda_permission" "allow_cloudwatch_to_call_lambda" {
+  count         = var.enable_autoscaling ? 1 : 0
+  statement_id  = "AllowExecutionFromCloudWatch"
+  action        = "lambda:InvokeFunction"
+  function_name = aws_lambda_function.autoscaler[count.index].function_name
+  principal     = "events.amazonaws.com"
+  source_arn    = aws_cloudwatch_event_rule.scheduling[count.index].arn
 }
 
-moved {
-  from = aws_iam_role.autoscaler[0]
-  to   = module.autoscaler["ENABLED"].aws_iam_role.autoscaler
+resource "aws_cloudwatch_log_group" "log_group" {
+  count             = var.enable_autoscaling ? 1 : 0
+  name              = "/aws/lambda/${local.function_name}"
+  retention_in_days = 7
+  tags              = var.additional_tags
 }

download.sh

@@ -0,0 +1,13 @@
+#!/usr/bin/env sh
+set -ex
+
+# Download the data.
+code_version=$1
+code_architecture=$2
+
+curl -L -o lambda.zip "https://github.com/spacelift-io/ec2-workerpool-autoscaler/releases/download/${code_version}/ec2-workerpool-autoscaler_linux_${code_architecture}.zip"
+
+mkdir -p lambda
+cd lambda
+unzip -o ../lambda.zip
+rm ../lambda.zip

examples/amd64/main.tf

@@ -38,8 +38,6 @@ module "this" {
     export SPACELIFT_TOKEN="<token-here>"
     export SPACELIFT_POOL_PRIVATE_KEY="<private-key-here>"
   EOT
-  autoscaling_group_arn      = var.autoscaling_group_arn
-  region                     = var.region
   security_groups            = [data.aws_security_group.this.id]
   spacelift_api_key_endpoint = var.spacelift_api_key_endpoint
   spacelift_api_key_id       = var.spacelift_api_key_id

examples/amd64/variables.tf

@@ -17,14 +17,4 @@ variable "spacelift_api_key_endpoint" {
 variable "worker_pool_id" {
   type        = string
   description = "ID (ULID) of the the worker pool."
-}
-
-variable "autoscaling_group_arn" {
-  type        = string
-  description = "autoscaling group ARN. Required for autoscaler"
-}
-
-variable "region" {
-  type        = string
-  description = "AWS region to deploy to"
-}
+}

examples/arm64/main.tf

@@ -59,8 +59,6 @@ module "this" {
     export SPACELIFT_TOKEN="<token-here>"
     export SPACELIFT_POOL_PRIVATE_KEY="<private-key-here>"
   EOT
-  autoscaling_group_arn      = var.autoscaling_group_arn
-  region                     = var.region
   ami_id                     = data.aws_ami.this.id
   ec2_instance_type          = "t4g.micro"
   security_groups            = [data.aws_security_group.this.id]

examples/arm64/variables.tf

@@ -17,14 +17,4 @@ variable "spacelift_api_key_endpoint" {
 variable "worker_pool_id" {
   type        = string
   description = "ID (ULID) of the the worker pool."
-}
-
-variable "autoscaling_group_arn" {
-  type        = string
-  description = "autoscaling group ARN. Required for autoscaler"
-}
-
-variable "region" {
-  type        = string
-  description = "AWS region to deploy to"
-}
+}

examples/autoscaler-s3-package/main.tf

@@ -23,8 +23,6 @@ module "this" {
     export SPACELIFT_TOKEN="<token-here>"
     export SPACELIFT_POOL_PRIVATE_KEY="<private-key-here>"
   EOT
-  autoscaling_group_arn      = var.autoscaling_group_arn
-  region                     = var.region
   security_groups            = [data.aws_security_group.this.id]
   spacelift_api_key_endpoint = var.spacelift_api_key_endpoint
   spacelift_api_key_id       = var.spacelift_api_key_id

examples/autoscaler-s3-package/variables.tf

@@ -31,13 +31,3 @@ variable "autoscaler_architecture" {
   description = "Instruction set architecture of the autoscaler to use"
   default     = "amd64"
 }
-
-variable "autoscaling_group_arn" {
-  type        = string
-  description = "autoscaling group ARN. Required for autoscaler"
-}
-
-variable "region" {
-  type        = string
-  description = "AWS region to deploy to"
-}

examples/custom-iam-role/main.tf

@@ -61,8 +61,6 @@ module "this" {
     export SPACELIFT_TOKEN="<token-here>"
     export SPACELIFT_POOL_PRIVATE_KEY="<private-key-here>"
   EOT
-  autoscaling_group_arn      = var.autoscaling_group_arn
-  region                     = var.region
   create_iam_role            = false
   custom_iam_role_name       = aws_iam_role.this.name
   security_groups            = [data.aws_security_group.this.id]

examples/custom-iam-role/variables.tf

@@ -17,14 +17,4 @@ variable "spacelift_api_key_endpoint" {
 variable "worker_pool_id" {
   type        = string
   description = "ID (ULID) of the the worker pool."
-}
-
-variable "autoscaling_group_arn" {
-  type        = string
-  description = "autoscaling group ARN. Required for autoscaler"
-}
-
-variable "region" {
-  type        = string
-  description = "AWS region to deploy to"
-}
+}