-
Notifications
You must be signed in to change notification settings - Fork 5
/
template.yml
204 lines (179 loc) · 6.46 KB
/
template.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
---
AWSTemplateFormatVersion: "2010-09-09"
Description: "Buildkite Elastic Mac %v"
Parameters:
HostFamily:
Type: String
Description: Host type to provision, e.g. mac1 for mac1.metal.
Default: "mac2"
InstanceType:
Type: String
Description: Instance type to provision, e.g. mac1.metal.
Default: "mac2.metal"
ImageId:
Type: AWS::EC2::Image::Id
Description: EC2 AMI to boot on the dedicated hosts. Expects auto-login for the ec2-user to be configured.
RootVolumeSize:
Type: Number
Description: Root volume size in GiB.
Subnets:
Type: List<AWS::EC2::Subnet::Id>
Description: Subnets to launch dedicated instances in.
SecurityGroupIds:
Type: List<AWS::EC2::SecurityGroup::Id>
Description: The VPC security groups to associate with the network interface of launched instances.
IamInstanceProfile:
Type: String
Description: Optional. The IAM Instance Profile ARN to associate with instances.
Default: ""
MinSize:
Type: Number
Description: Minimum number of instances to boot.
Default: 0
MaxSize:
Type: Number
Description: Maximum number of instances to boot.
Default: 3
BuildkiteAgentToken:
Type: String
NoEcho: true
Description: "Buildkite Agent token from https://buildkite.com/organizations/-/agents"
Default: ""
BuildkiteAgentQueue:
Description: Queue name that agents will use, targeted in pipeline steps using "queue={value}"
Type: String
Default: default
MinLength: 1
KeyName:
Description: Optional - SSH keypair used to access the buildkite instances via ec2_user, setting this will enable SSH ingress
Type: String
Default: ""
EnableCostAllocationTags:
Type: String
Description: Enables AWS Cost Allocation tags for all resources in the stack. See https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html
AllowedValues:
- "true"
- "false"
Default: "false"
CostAllocationTagName:
Type: String
Description: The name of the Cost Allocation Tag used for billing purposes
Default: "CreatedBy"
CostAllocationTagValue:
Type: String
Description: The value of the Cost Allocation Tag used for billing purposes
Default: "buildkite-elastic-ci-stack-for-aws"
InstanceName:
Type: String
Description: Optional - Customise the EC2 instance Name tag
Default: "buildkite-agent"
EnableInstanceUserData:
Type: String
Description: Optional - Enables the bootstrap commands for EC2 instances in the UserData field of the launch template
AllowedValues:
- "true"
- "false"
Default: "true"
Conditions:
IamInstanceProfileProvided:
!Not [ !Equals [ "", !Ref IamInstanceProfile ] ]
HasKeyName:
!Not [ !Equals [ !Ref KeyName, "" ] ]
UseCostAllocationTags:
!Equals [ !Ref EnableCostAllocationTags, "true" ]
UseInstanceUserData:
!Equals [ !Ref EnableInstanceUserData, "true" ]
Outputs:
ResourceGroupId:
Description: Dedicated resource group ID.
Value: !GetAtt DedicatedHostGroup.Arn
Resources:
DedicatedHostGroup:
Type: AWS::ResourceGroups::Group
Properties:
Name: !Ref AWS::StackName
Configuration:
- Type: AWS::EC2::HostManagement
Parameters:
- Name: any-host-based-license-configuration
Values:
- true
- Name: allowed-host-families
Values: [ !Ref HostFamily ]
- Name: auto-allocate-host
Values:
- true
- Name: auto-release-host
Values:
- true
- Type: AWS::ResourceGroups::Generic
Parameters:
- Name: allowed-resource-types
Values:
- AWS::EC2::Host
- Name: deletion-protection
Values:
- UNLESS_EMPTY
LaunchTemplate:
Type: AWS::EC2::LaunchTemplate
Properties:
LaunchTemplateData:
ImageId: !Ref ImageId
InstanceType: !Ref InstanceType
KeyName: !If [ "HasKeyName", !Ref KeyName, !Ref 'AWS::NoValue' ]
Placement:
HostResourceGroupArn: !GetAtt DedicatedHostGroup.Arn
BlockDeviceMappings:
- DeviceName: /dev/sda1
Ebs:
VolumeSize: !Ref RootVolumeSize
VolumeType: gp3
SecurityGroupIds: !Ref SecurityGroupIds
IamInstanceProfile:
Arn: !If [ IamInstanceProfileProvided, !Ref IamInstanceProfile, !Ref AWS::NoValue ]
TagSpecifications:
- ResourceType: instance
Tags:
- Key: Role
Value: buildkite-agent
- Key: Name
Value: !Ref InstanceName
- Key: BuildkiteAgentQueue
Value: !Ref BuildkiteAgentQueue
- !If
- UseCostAllocationTags
- Key: !Ref CostAllocationTagName
Value: !Ref CostAllocationTagValue
- !Ref "AWS::NoValue"
UserData:
Fn::Base64:
!If
- UseInstanceUserData
- !Sub |
#!/bin/bash
PDISK=$(diskutil list physical external | head -n1 | cut -d" " -f1)
APFSCONT=$(diskutil list physical external | grep "Apple_APFS" | tr -s " " | cut -d" " -f8)
yes | diskutil repairDisk $PDISK
diskutil apfs resizeContainer $APFSCONT 0
systemsetup -setcomputersleep never
sudo -u ec2-user -i <<'EOF'
[ -x /opt/homebrew/bin/brew ] && eval "$(/opt/homebrew/bin/brew shellenv)"
brew install buildkite/buildkite/buildkite-agent
config="$(brew --prefix)"/etc/buildkite-agent/buildkite-agent.cfg
sed -i '' "s/xxx/${BuildkiteAgentToken}/g" "${!config}"
echo "tags=\"queue=${BuildkiteAgentQueue},buildkite-mac-stack=%v\"" >> "${!config}"
echo "tags-from-ec2-meta-data=true" >> "${!config}"
brew services start buildkite/buildkite/buildkite-agent
EOF
- |
#!/bin/bash
echo "UserData was disabled"
AutoScaleGroup:
Type: AWS::AutoScaling::AutoScalingGroup
Properties:
VPCZoneIdentifier: !Ref Subnets
MinSize: !Ref MinSize
MaxSize: !Ref MaxSize
LaunchTemplate:
LaunchTemplateId: !Ref LaunchTemplate
Version: !GetAtt LaunchTemplate.LatestVersionNumber