Deploy create-a-derived-tables self-hosted runner to Cloud Platfo…

…rm (#2766)

Signed-off-by: Jacob Woffenden <[email protected]>

.github/dependabot.yml

@@ -449,7 +449,18 @@ updates:
     reviewers:
       - "ministryofjustice/data-platform-apps-and-tools"
   - package-ecosystem: "terraform"
-    directory: "terraform/cloud-platform/live/data-platform-production/github-actions-self-hosted-runners"
+    directory: "terraform/cloud-platform/live/data-platform-production/actions-runners"
+    schedule:
+      interval: "daily"
+      time: "09:00"
+      timezone: "Europe/London"
+    commit-message:
+      prefix: "terraform"
+      include: "scope"
+    reviewers:
+      - "ministryofjustice/data-platform-apps-and-tools"
+  - package-ecosystem: "terraform"
+    directory: "terraform/dpat-eks/production/actions-runners"
     schedule:
       interval: "daily"
       time: "09:00"

terraform/aws/analytical-platform-data-production/create-a-derived-table/iam-roles.tf

@@ -15,11 +15,7 @@ module "create_a_derived_table_iam_role" {
   oidc_providers = {
     cloud-platform = {
       provider_arn               = "arn:aws:iam::593291632749:oidc-provider/oidc.eks.eu-west-2.amazonaws.com/id/DF366E49809688A3B16EEC29707D8C09"
-      namespace_service_accounts = ["data-platform-production:gha-shr-mojas-create-a-derived-table"]
-    }
-    data-platform-development = {
-      provider_arn               = "arn:aws:iam::593291632749:oidc-provider/oidc.eks.eu-west-2.amazonaws.com/id/BEE86BED6494692D4ED31C2ED2319E13"
-      namespace_service_accounts = ["github-actions:gha-shr-mojas-create-a-derived-table"]
+      namespace_service_accounts = ["data-platform-production:actions-runner-mojas-create-a-derived-table"]
     }
     data-platform-production = {
       provider_arn               = "arn:aws:iam::593291632749:oidc-provider/oidc.eks.eu-west-2.amazonaws.com/id/F147414004D7C4CF820F21F453AF80F1"

terraform/cloud-platform/live/data-platform-production/github-actions-self-hosted-runners/helm-releases.tf → terraform/cloud-platform/live/data-platform-production/actions-runners/create-a-derived-table.tf

@@ -1,7 +1,3 @@
-##################################################
-# moj-analytical-services/create-a-derived-table
-##################################################
-
 data "aws_secretsmanager_secret" "github_actions_self_hosted_runner_create_a_derived_table" {
   provider = aws.analytical-platform-management-production
 
@@ -14,10 +10,12 @@ data "aws_secretsmanager_secret_version" "github_actions_self_hosted_runner_crea
   secret_id = data.aws_secretsmanager_secret.github_actions_self_hosted_runner_create_a_derived_table.id
 }
 
-resource "helm_release" "github_actions_self_hosted_runners_create_a_derived_table" {
-  name      = "gha-shr-create-a-derived-table"
-  chart     = "./src/helm/charts/github-actions-self-hosted-runners"
-  namespace = "data-platform-production"
+resource "helm_release" "create_a_derived_table" {
+  name       = "actions-runner-mojas-create-a-derived-table"
+  repository = "oci://ghcr.io/ministryofjustice/data-platform-charts"
+  version    = "2.0.0"
+  chart      = "actions-runner"
+  namespace  = "data-platform-production"
 
   set {
     name  = "github.organisation"
@@ -35,12 +33,12 @@ resource "helm_release" "github_actions_self_hosted_runners_create_a_derived_tab
   }
 
   set {
-    name  = "irsa.roleArn"
-    value = "arn:aws:iam::593291632749:role/create-a-derived-table"
+    name  = "github.runner.labels"
+    value = "moj-cloud-platform"
   }
 
   set {
-    name  = "runner.labels"
-    value = "moj-cloud-platform"
+    name  = "serviceAccount.annotations.eks\\.amazonaws\\.com/role-arn"
+    value = "arn:aws:iam::593291632749:role/create-a-derived-table"
   }
 }

terraform/cloud-platform/live/data-platform-production/github-actions-self-hosted-runners/terraform.tf → terraform/cloud-platform/live/data-platform-production/actions-runners/terraform.tf

@@ -3,7 +3,7 @@ terraform {
     acl            = "private"
     bucket         = "global-tf-state-aqsvzyd5u9"
     encrypt        = true
-    key            = "cloud-platform/live/data-platform-production/github-actions-self-hosted-runners/terraform.tfstate"
+    key            = "cloud-platform/live/data-platform-production/actions-runners/terraform.tfstate"
     region         = "eu-west-2"
     dynamodb_table = "global-tf-state-aqsvzyd5u9-locks"
   }

terraform/cloud-platform/live/data-platform-production/github-actions-self-hosted-runners/terraform.tfvars → terraform/cloud-platform/live/data-platform-production/actions-runners/terraform.tfvars

@@ -5,10 +5,10 @@ account_ids = {
 tags = {
   business-unit          = "Platforms"
   application            = "Data Platform"
-  component              = "GitHub Actions Self-Hosted Runners"
-  environment            = "cloud-platform-live"
+  component              = "Actions Runners"
+  environment            = "management"
   is-production          = "true"
   owner                  = "data-platform:[email protected]"
   infrastructure-support = "data-platform:[email protected]"
-  source-code            = "github.com/ministryofjustice/data-platform/terraform/cloud-platform/live/data-platform-production/github-actions-self-hosted-runners"
+  source-code            = "github.com/ministryofjustice/data-platform/terraform/cloud-platform/live/data-platform-production/actions-runners"
 }