feat: uses autoscaler module instead of repeating code

spacelift-io · Jan 6, 2025 · ccf916b · ccf916b
1 parent f9b468b
commit ccf916b
Show file tree

Hide file tree

Showing 4 changed files with 48 additions and 169 deletions.
diff --git a/autoscaler.tf b/autoscaler.tf
@@ -1,93 +1,64 @@
-locals {
-  function_name  = "${local.base_name}-ec2-autoscaler"
-  use_s3_package = var.autoscaler_s3_package != null
-}
+module "autoscaler" {
+  source = "github.com/spacelift-io/ec2-workerpool-autoscaler//iac"
 
-resource "aws_ssm_parameter" "spacelift_api_key_secret" {
-  count = var.enable_autoscaling ? 1 : 0
-  name  = "/${local.function_name}/spacelift-api-secret-${var.worker_pool_id}"
-  type  = "SecureString"
-  value = var.spacelift_api_key_secret
-}
+  for_each = var.enable_autoscaling ? toset(["ENABLED"]) : toset([])
 
-resource "null_resource" "download" {
-  count = var.enable_autoscaling && !local.use_s3_package ? 1 : 0
-  triggers = {
-    # Always re-download the archive file
-    now = timestamp()
-  }
-  provisioner "local-exec" {
-    command = "${path.module}/download.sh ${var.autoscaler_version} ${var.autoscaler_architecture}"
-  }
-}
+  autoscaling_group_arn      = var.autoscaling_group_arn
+  autoscaler_version         = var.autoscaler_version
+  spacelift_api_key_id       = var.spacelift_api_key_id
+  spacelift_api_key_secret   = var.spacelift_api_key_secret
+  spacelift_api_key_endpoint = var.spacelift_api_key_endpoint
+  worker_pool_id             = var.worker_pool_id
+  autoscaler_architecture    = var.autoscaler_architecture
+  autoscaling_timeout        = var.autoscaling_timeout
+  autoscaling_max_create     = var.autoscaling_max_create
+  autoscaling_max_terminate  = var.autoscaling_max_terminate
+  schedule_expression        = var.schedule_expression
+  base_name                  = var.base_name
+  region                     = var.region
+  autoscaler_s3_package      = var.autoscaler_s3_package
+  subnet_ids                 = var.subnet_ids
+  security_group_ids         = var.security_group_ids
 
-data "archive_file" "binary" {
-  count       = var.enable_autoscaling && !local.use_s3_package ? 1 : 0
-  type        = "zip"
-  source_file = "lambda/bootstrap"
-  output_path = "ec2-workerpool-autoscaler_${var.autoscaler_version}.zip"
-  depends_on  = [null_resource.download]
+  depends_on = [module.asg]
 }
 
-resource "aws_lambda_function" "autoscaler" {
-  count = var.enable_autoscaling ? 1 : 0
-
-  filename         = !local.use_s3_package ? data.archive_file.binary[count.index].output_path : null
-  source_code_hash = !local.use_s3_package ? data.archive_file.binary[count.index].output_base64sha256 : null
-
-  s3_bucket         = local.use_s3_package ? var.autoscaler_s3_package.bucket : null
-  s3_key            = local.use_s3_package ? var.autoscaler_s3_package.key : null
-  s3_object_version = local.use_s3_package ? var.autoscaler_s3_package.object_version : null
+moved {
+  from = aws_ssm_parameter.spacelift_api_key_secret[0]
+  to   = module.autoscaler["ENABLED"].aws_ssm_parameter.spacelift_api_key_secret
+}
 
-  function_name = local.function_name
-  role          = aws_iam_role.autoscaler[count.index].arn
-  handler       = "bootstrap"
-  runtime       = "provided.al2"
-  architectures = [var.autoscaler_architecture == "amd64" ? "x86_64" : var.autoscaler_architecture]
-  timeout       = var.autoscaling_timeout
+moved {
+  from = null_resource.download[0]
+  to   = module.autoscaler["ENABLED"].null_resource.download
+}
 
-  environment {
-    variables = {
-      AUTOSCALING_GROUP_ARN         = module.asg.autoscaling_group_arn
-      AUTOSCALING_REGION            = data.aws_region.this.name
-      SPACELIFT_API_KEY_ID          = var.spacelift_api_key_id
-      SPACELIFT_API_KEY_SECRET_NAME = aws_ssm_parameter.spacelift_api_key_secret[count.index].name
-      SPACELIFT_API_KEY_ENDPOINT    = var.spacelift_api_key_endpoint
-      SPACELIFT_WORKER_POOL_ID      = var.worker_pool_id
-      AUTOSCALING_MAX_CREATE        = var.autoscaling_max_create
-      AUTOSCALING_MAX_KILL          = var.autoscaling_max_terminate
-    }
-  }
+moved {
+  from = aws_lambda_function.autoscaler[0]
+  to   = module.autoscaler["ENABLED"].aws_lambda_function.autoscaler
+}
 
-  tracing_config {
-    mode = "Active"
-  }
+moved {
+  from = aws_cloudwatch_event_rule.scheduling[0]
+  to   = module.autoscaler["ENABLED"].aws_cloudwatch_event_rule.scheduling
 }
 
-resource "aws_cloudwatch_event_rule" "scheduling" {
-  count               = var.enable_autoscaling ? 1 : 0
-  name                = local.function_name
-  description         = "Spacelift autoscaler scheduling for worker pool ${var.worker_pool_id}"
-  schedule_expression = var.schedule_expression
+moved {
+  from = aws_cloudwatch_event_target.scheduling[0]
+  to   = module.autoscaler["ENABLED"].aws_cloudwatch_event_target.scheduling
 }
 
-resource "aws_cloudwatch_event_target" "scheduling" {
-  count = var.enable_autoscaling ? 1 : 0
-  rule  = aws_cloudwatch_event_rule.scheduling[count.index].name
-  arn   = aws_lambda_function.autoscaler[count.index].arn
+moved {
+  from = aws_lambda_permission.allow_cloudwatch_to_call_lambda[0]
+  to   = module.autoscaler["ENABLED"].aws_lambda_permission.allow_cloudwatch_to_call_lambda
 }
 
-resource "aws_lambda_permission" "allow_cloudwatch_to_call_lambda" {
-  count         = var.enable_autoscaling ? 1 : 0
-  statement_id  = "AllowExecutionFromCloudWatch"
-  action        = "lambda:InvokeFunction"
-  function_name = aws_lambda_function.autoscaler[count.index].function_name
-  principal     = "events.amazonaws.com"
-  source_arn    = aws_cloudwatch_event_rule.scheduling[count.index].arn
+moved {
+  from = aws_cloudwatch_log_group.log_group[0]
+  to   = module.autoscaler["ENABLED"].aws_cloudwatch_log_group.log_group
 }
 
-resource "aws_cloudwatch_log_group" "log_group" {
-  count             = var.enable_autoscaling ? 1 : 0
-  name              = "/aws/lambda/${local.function_name}"
-  retention_in_days = 7
+moved {
+  from = aws_iam_role.autoscaler[0]
+  to   = module.autoscaler["ENABLED"].aws_iam_role.autoscaler
 }
diff --git a/download.sh b/download.sh
diff --git a/iam.tf b/iam.tf
@@ -48,82 +48,3 @@ resource "aws_iam_instance_profile" "this" {
   role = var.create_iam_role ? aws_iam_role.this[0].name : var.custom_iam_role_name
 }
 
-data "aws_iam_policy_document" "autoscaler" {
-  count = var.enable_autoscaling ? 1 : 0
-  # Allow the Lambda to write CloudWatch Logs.
-  statement {
-    effect = "Allow"
-    actions = [
-      "logs:CreateLogStream",
-      "logs:PutLogEvents",
-    ]
-
-    resources = ["${aws_cloudwatch_log_group.log_group[count.index].arn}:*"]
-  }
-
-  # Allow the Lambda to put X-Ray traces.
-  statement {
-    effect = "Allow"
-    actions = [
-      "xray:PutTraceSegments",
-      "xray:PutTelemetryRecords",
-    ]
-
-    resources = ["*"]
-  }
-
-  # Allow the Lambda to DescribeAutoScalingGroups, DetachInstances and SetDesiredCapacity
-  # on the AutoScalingGroup.
-  statement {
-    effect = "Allow"
-    actions = [
-      "autoscaling:DetachInstances",
-      "autoscaling:SetDesiredCapacity",
-      "autoscaling:DescribeAutoScalingGroups",
-    ]
-
-    resources = ["*"]
-  }
-
-  # Allow the Lambda to DescribeInstances and TerminateInstances on the EC2 instances.
-  statement {
-    effect = "Allow"
-    actions = [
-      "ec2:DescribeInstances",
-      "ec2:TerminateInstances",
-    ]
-
-    resources = ["*"]
-  }
-
-  # Allow the Lambda to read the secret from SSM Parameter Store.
-  statement {
-    effect    = "Allow"
-    actions   = ["ssm:GetParameter"]
-    resources = [aws_ssm_parameter.spacelift_api_key_secret[count.index].arn]
-  }
-}
-
-resource "aws_iam_role" "autoscaler" {
-  count = var.enable_autoscaling ? 1 : 0
-  name  = local.function_name
-  assume_role_policy = jsonencode({
-    Version = "2012-10-17"
-    Statement = [
-      {
-        "Effect" : "Allow",
-        "Principal" : {
-          "Service" : "lambda.amazonaws.com"
-        },
-        "Action" : "sts:AssumeRole"
-      },
-    ]
-  })
-
-  inline_policy {
-    name   = "ec2-autoscaler-${var.worker_pool_id}"
-    policy = data.aws_iam_policy_document.autoscaler[count.index].json
-  }
-
-  depends_on = [module.asg]
-}
diff --git a/variables.tf b/variables.tf
@@ -157,7 +157,7 @@ variable "enable_autoscaling" {
 variable "autoscaler_version" {
   description = "Version of the autoscaler to deploy"
   type        = string
-  default     = "v0.3.0"
+  default     = "latest"
   nullable    = false
 }