chore(main): release 9.5.0

.github/.release-please-manifest.json

@@ -1,3 +1,3 @@
 {
-  ".": "9.4.0"
+  ".": "9.5.0"
 }

CHANGELOG.md

@@ -1,5 +1,12 @@
 # Changelog
 
+## [9.5.0](https://github.com/cattle-ops/terraform-aws-gitlab-runner/compare/9.4.0...9.5.0) (2025-10-27)
+
+
+### Features
+
+* add `connection_max_age` config ([#1340](https://github.com/cattle-ops/terraform-aws-gitlab-runner/issues/1340)) ([b65acc4](https://github.com/cattle-ops/terraform-aws-gitlab-runner/commit/b65acc4114d4e421636f8e79ba0b2de8c5b7cc5b))
+
 ## [9.4.0](https://github.com/cattle-ops/terraform-aws-gitlab-runner/compare/9.3.0...9.4.0) (2025-10-20)
 
 

README.md

@@ -203,7 +203,7 @@ This project is licensed under the MIT License - see the [LICENSE](LICENSE) file
 | <a name="input_runner_ingress_rules"></a> [runner\_ingress\_rules](#input\_runner\_ingress\_rules) | Map of Ingress rules for the Runner Manager security group. | <pre>map(object({<br/>    from_port       = optional(number, null)<br/>    to_port         = optional(number, null)<br/>    protocol        = string<br/>    description     = string<br/>    cidr_block      = optional(string, null)<br/>    ipv6_cidr_block = optional(string, null)<br/>    prefix_list_id  = optional(string, null)<br/>    security_group  = optional(string, null)<br/>  }))</pre> | `{}` | no |
 | <a name="input_runner_install"></a> [runner\_install](#input\_runner\_install) | amazon\_ecr\_credential\_helper = Install amazon-ecr-credential-helper inside `userdata_pre_install` script<br/>docker\_machine\_download\_url = URL to download docker machine binary. If not set, the docker machine version will be used to download the binary.<br/>docker\_machine\_version = By default docker\_machine\_download\_url is used to set the docker machine version. This version will be ignored once `docker_machine_download_url` is set. The version number is maintained by the CKI project. Check out at https://gitlab.com/cki-project/docker-machine/-/releases<br/>pre\_install\_script = Script to run before installing the Runner<br/>post\_install\_script = Script to run after installing the Runner<br/>start\_script = Script to run after starting the Runner<br/>yum\_update = Update the yum packages before installing the Runner | <pre>object({<br/>    amazon_ecr_credential_helper = optional(bool, false)<br/>    docker_machine_download_url  = optional(string, "")<br/>    docker_machine_version       = optional(string, "0.16.2-gitlab.19-cki.5")<br/>    pre_install_script           = optional(string, "")<br/>    post_install_script          = optional(string, "")<br/>    start_script                 = optional(string, "")<br/>    yum_update                   = optional(bool, true)<br/>  })</pre> | `{}` | no |
 | <a name="input_runner_instance"></a> [runner\_instance](#input\_runner\_instance) | additional\_tags = Map of tags that will be added to the Runner instance.<br/>collect\_autoscaling\_metrics = A list of metrics to collect. The allowed values are GroupDesiredCapacity, GroupInServiceCapacity, GroupPendingCapacity, GroupMinSize, GroupMaxSize, GroupInServiceInstances, GroupPendingInstances, GroupStandbyInstances, GroupStandbyCapacity, GroupTerminatingCapacity, GroupTerminatingInstances, GroupTotalCapacity, GroupTotalInstances.<br/>ebs\_optimized = Enable EBS optimization for the Runner instance.<br/>max\_lifetime\_seconds = The maximum time a Runner should live before it is killed.<br/>monitoring = Enable the detailed monitoring on the Runner instance.<br/>name = Name of the Runner instance.<br/>name\_prefix = Set the name prefix and override the `Name` tag for the Runner instance.<br/>private\_address\_only = Restrict the Runner to use private IP addresses only. If this is set to `true` the Runner will use a private IP address only in case the Runner Workers use private addresses only.<br/>root\_device\_config = The Runner's root block device configuration. Takes the following keys: `device_name`, `delete_on_termination`, `volume_type`, `volume_size`, `encrypted`, `iops`, `throughput`, `kms_key_id`<br/>spot\_price = By setting a spot price bid price the Runner is created via a spot request. Be aware that spot instances can be stopped by AWS. Choose \"on-demand-price\" to pay up to the current on demand price for the instance type chosen.<br/>ssm\_access = Allows to connect to the Runner via SSM.<br/>type = EC2 instance type used.<br/>use\_eip = Assigns an EIP to the Runner. | <pre>object({<br/>    additional_tags             = optional(map(string))<br/>    collect_autoscaling_metrics = optional(list(string), null)<br/>    ebs_optimized               = optional(bool, true)<br/>    max_lifetime_seconds        = optional(number, null)<br/>    monitoring                  = optional(bool, true)<br/>    name                        = string<br/>    name_prefix                 = optional(string)<br/>    private_address_only        = optional(bool, true)<br/>    root_device_config          = optional(map(string), {})<br/>    spot_price                  = optional(string, null)<br/>    ssm_access                  = optional(bool, false)<br/>    type                        = optional(string, "t3.micro")<br/>    use_eip                     = optional(bool, false)<br/>  })</pre> | <pre>{<br/>  "name": "gitlab-runner"<br/>}</pre> | no |
-| <a name="input_runner_manager"></a> [runner\_manager](#input\_runner\_manager) | For details check https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-global-section<br/><br/>gitlab\_check\_interval = Number of seconds between checking for available jobs (check\_interval)<br/>maximum\_concurrent\_jobs = The maximum number of jobs which can be processed by all Runners at the same time (concurrent).<br/>prometheus\_listen\_address = Defines an address (<host>:<port>) the Prometheus metrics HTTP server should listen on (listen\_address).<br/>sentry\_dsn = Sentry DSN of the project for the Runner Manager to use (uses legacy DSN format) (sentry\_dsn) | <pre>object({<br/>    gitlab_check_interval     = optional(number, 3)<br/>    maximum_concurrent_jobs   = optional(number, 10)<br/>    prometheus_listen_address = optional(string, "")<br/>    sentry_dsn                = optional(string, "__SENTRY_DSN_REPLACED_BY_USER_DATA__")<br/>  })</pre> | `{}` | no |
+| <a name="input_runner_manager"></a> [runner\_manager](#input\_runner\_manager) | For details check https://docs.gitlab.com/runner/configuration/advanced-configuration.html#the-global-section<br/><br/>gitlab\_check\_interval = Number of seconds between checking for available jobs (check\_interval)<br/>maximum\_concurrent\_jobs = The maximum number of jobs which can be processed by all Runners at the same time (concurrent).<br/>prometheus\_listen\_address = Defines an address (<host>:<port>) the Prometheus metrics HTTP server should listen on (listen\_address).<br/>sentry\_dsn = Sentry DSN of the project for the Runner Manager to use (uses legacy DSN format) (sentry\_dsn)<br/>connection\_max\_age = The maximum age of a connection to the Runner Manager (connection\_max\_age). | <pre>object({<br/>    gitlab_check_interval     = optional(number, 3)<br/>    maximum_concurrent_jobs   = optional(number, 10)<br/>    prometheus_listen_address = optional(string, "")<br/>    sentry_dsn                = optional(string, "__SENTRY_DSN_REPLACED_BY_USER_DATA__")<br/>    connection_max_age        = optional(string, "15m")<br/>  })</pre> | `{}` | no |
 | <a name="input_runner_metadata_options"></a> [runner\_metadata\_options](#input\_runner\_metadata\_options) | Enable the Runner instance metadata service. IMDSv2 is enabled by default. | <pre>object({<br/>    http_endpoint               = string<br/>    http_tokens                 = string<br/>    http_put_response_hop_limit = number<br/>    instance_metadata_tags      = string<br/>  })</pre> | <pre>{<br/>  "http_endpoint": "enabled",<br/>  "http_put_response_hop_limit": 2,<br/>  "http_tokens": "required",<br/>  "instance_metadata_tags": "disabled"<br/>}</pre> | no |
 | <a name="input_runner_networking"></a> [runner\_networking](#input\_runner\_networking) | allow\_incoming\_ping = Allow ICMP Ping to the Runner. Specify `allow_incoming_ping_security_group_ids` too!<br/>allow\_incoming\_ping\_security\_group\_ids = A list of security group ids that are allowed to ping the Runner.<br/>security\_group\_description = A description for the Runner's security group<br/>security\_group\_ids = IDs of security groups to add to the Runner. | <pre>object({<br/>    allow_incoming_ping                    = optional(bool, false)<br/>    allow_incoming_ping_security_group_ids = optional(list(string), [])<br/>    security_group_description             = optional(string, "A security group containing gitlab-runner agent instances")<br/>    security_group_ids                     = optional(list(string), [])<br/>  })</pre> | `{}` | no |
 | <a name="input_runner_role"></a> [runner\_role](#input\_runner\_role) | additional\_tags = Map of tags that will be added to the role created. Useful for tag based authorization.<br/>allow\_iam\_service\_linked\_role\_creation = Boolean used to control attaching the policy to the Runner to create service linked roles.<br/>assume\_role\_policy\_json = The assume role policy for the Runner.<br/>create\_role\_profile = Whether to create the IAM role/profile for the Runner. If you provide your own role, make sure that it has the required permissions.<br/>policy\_arns = List of policy ARNs to be added to the instance profile of the Runner.<br/>role\_profile\_name = IAM role/profile name for the Runner. If unspecified then `${var.iam_object_prefix}-instance` is used. | <pre>object({<br/>    additional_tags                        = optional(map(string))<br/>    allow_iam_service_linked_role_creation = optional(bool, true)<br/>    assume_role_policy_json                = optional(string, "")<br/>    create_role_profile                    = optional(bool, true)<br/>    policy_arns                            = optional(list(string), [])<br/>    role_profile_name                      = optional(string)<br/>  })</pre> | `{}` | no |