Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/garnertb/github-runner-vnet
Terraform for configuring private networking for GitHub-hosted Action Runners.
https://github.com/garnertb/github-runner-vnet
Last synced: 2 months ago
JSON representation
Terraform for configuring private networking for GitHub-hosted Action Runners.
- Host: GitHub
- URL: https://github.com/garnertb/github-runner-vnet
- Owner: garnertb
- License: mit
- Created: 2023-11-08T16:39:10.000Z (about 1 year ago)
- Default Branch: main
- Last Pushed: 2024-08-07T23:05:05.000Z (5 months ago)
- Last Synced: 2024-08-08T01:54:18.295Z (5 months ago)
- Language: HCL
- Size: 123 KB
- Stars: 10
- Watchers: 3
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Codeowners: CODEOWNERS
- Security: SECURITY.md
Awesome Lists containing this project
README
# github-runner-vnet
> [!CAUTION]
> This repository has moved [under the GitHub organization](https://github.com/github/terraform-github-runner-vnet) and is no longer maintained here.
Terraform modules that configure and maintain the infrastructure needed to run GitHub-Hosted Action Runners in a [private network](https://docs.github.com/en/enterprise-cloud@latest/admin/configuration/configuring-private-networking-for-hosted-compute-products/configuring-private-networking-for-github-hosted-runners).
## Quick Start
1. Before running, review [pre-requisites](https://docs.github.com/en/enterprise-cloud@latest/admin/configuration/configuring-private-networking-for-hosted-compute-products/configuring-private-networking-for-github-hosted-runners#prerequisites) from the documentation to ensure your environment is properly configured.
1. The [Azure CLI](https://learn.microsoft.com/en-us/cli/azure/) must be installed and on the system path, logged in with the identity that you want these resources created under, and Azure Subscription configured.
1. The `GitHub.Network` resource provider must be registered in the Azure Subscription. The Terraform modules contain HCL to register this provider, but it is commented out since you may not want this managed by Terraform. See the above GitHub documentation for a sample AZ CLI command to register the provider.
This repo contains two Terraform modules:
* [nsg](./modules/nsg/) module: Uses a [Network Security Group (NSG)](https://learn.microsoft.com/en-us/azure/virtual-network/network-security-groups-overview) to manage the network security of the VNet.
```hcl
module "github_runner_vnet" {
# Use the nsg version
source = "github.com/garnertb/github-runner-vnet/nsg"
# The resources use this base_name as a name prefix, e.g. ${base_name}-rg for the resource group
base_name = "vnet-test"
# Retrieve through the GitHub API (see GitHub docs for instructions)
github_enterprise_id = "12345"
}
```
* [firewall](./modules/firewall/) module: Uses an [Azure Firewall](https://learn.microsoft.com/en-us/azure/firewall/overview) to manage the network security of the VNet.
Terraform config for the firewall
Provision and configure the infrastructure in Terraform by calling this module:
```hcl
module "github_runner_vnet" {
# Use the firewall version
source = "github.com/garnertb/github-runner-vnet/firewall"
# The resources use this base_name as a name prefix, e.g. ${base_name}-rg for the resource group
base_name = "vnet-test"
# Retrieve through the GitHub API (see GitHub docs for instructions)
github_enterprise_id = "12345"
}
```
The output of these modules is the Resource ID for the `GitHub.Network/networkSettings` resource. Paste this ID into the github.com UI for configuring the Azure Virtual Network.
## License
This project is licensed under the terms of the MIT open source license. Please refer to [MIT](./LICENSE) for the full terms.
## Maintainers
Please refer to [CODEOWNERS](./CODEOWNERS) for a list of maintainers.