search

omsf-eco-infra / gha-runner

A simple GitHub Action for creating cloud-based self-hosted runners.
MIT License
0 stars 3 forks source link

Utilize AWS_REGION and AWS_DEFAULT_REGION environment variables when provisioning #26

Open ethanholz opened 1 month ago

ethanholz commented 1 month ago

When using configure-aws-credientials, AWS_REGION and AWS_DEFAULT_REGION get set in the environment and passed down to our container. The AWS_REGION gets populated by the region that is set during setup. Utilizing the variables reduces redundancy in our configs and will get automatically picked up by boto3 (similar to how we currently get the keys from the environment). Adopting these as practice allows for us to stay in line with AWS best practices when utilizing the SDK.

Furthermore, this would reduce the start and stop to look like the following.

Start

      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          role-to-assume: <your-IAM-Role-ARN>
          aws-region: <your-region-here, for example us-east-1>
      - name: Create cloud runner
        id: aws-start
        uses: omsf-eco-infra/gha-runner@v0.2.0
        with:
          provider: "aws"
          action: "start"
          aws_image_id: <your-ami-here, for example ami-0d5079d9be06933e5>
          aws_instance_type: <your instance type here, for example g4dn.xlarge>
          aws_home_dir: /home/ubuntu
        env:
          GH_PAT: ${{ secrets.GH_PAT }}

Stop

      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          role-to-assume: <your-IAM-Role-ARN>
          aws-region: <your-region-here, for example us-east-1>
      - name: Stop instances
        uses: omsf-eco-infra/gha-runner@v0.2.0
        with:
          provider: "aws"
          action: "stop"
          instance_mapping: ${{ needs.start-aws-runner.outputs.mapping }}
ethanholz commented 3 weeks ago

Per the following issue https://github.com/boto/boto3/issues/3620#issuecomment-1462661383, boto3 does not support the use of AWS_REGION at this time. We will instead rely on the use of AWS_DEFAULT_REGION and override the region if it is provided.

ethanholz commented 3 weeks ago

This was not solved in the PR above and the changes have since been reverted. Further research into doing this correctly may require better integration testing before we build this out in a way I am happy with.

ethanholz commented 2 weeks ago

When doing testing on this, it appears that even though AWS_DEFAULT_REGION is set, it does not set the region when making API calls. However, we can still utilize the AWS_REGION parameter to be more in-line with other AWS tools. The precedence for this would be something like

  1. YAML
  2. AWS_REGION
  3. AWS_DEFAULT_REGION

This allows for the YAML to always override these variables.