Worker: allow configuring executor CloudWatch group

We need the ability to use different CloudWatch group for the osbuild-executor on Fedora workers in staging and production environment. Extend the worker confguration to allow configuring the CloudWatch group name used by the osbuild-executor. Extend the secure instance code to instruct cloud-init via user data to create /tmp/cloud_init_vars file with the CloudWatch group name in the osbuild-executor instance, to make it possible for the executor to configure its logging differently based on the value. Cover new changes by unit tests. Signed-off-by: Tomáš Hozza <thozza@redhat.com>
2024-03-07 15:23:31 +01:00 · 2024-03-07 15:23:31 +01:00 · e7743f17ec
commit e7743f17ec
parent ceddabc395
7 changed files with 90 additions and 21 deletions
--- a/cmd/osbuild-worker/config.go
+++ b/cmd/osbuild-worker/config.go
@ -72,9 +72,10 @@ type pulpConfig struct {
 }

 type executorConfig struct {
-	Type       string `toml:"type"`
-	IAMProfile string `toml:"iam_profile"`
-	KeyName    string `toml:"key_name"`
+	Type            string `toml:"type"`
+	IAMProfile      string `toml:"iam_profile"`
+	KeyName         string `toml:"key_name"`
+	CloudWatchGroup string `toml:"cloudwatch_group"`
 }

 type workerConfig struct {
--- a/cmd/osbuild-worker/config_test.go
+++ b/cmd/osbuild-worker/config_test.go
@ -69,12 +69,21 @@ offline_token = "/etc/osbuild-worker/offline_token"
 [pulp]
 credentials = "/etc/osbuild-worker/pulp-creds"
 server_address = "https://example.com/pulp"
+
+[osbuild_executor]
+type = "aws.ec2"
+iam_profile = "osbuild-worker"
+key_name = "osbuild-worker"
+cloudwatch_group = "osbuild-worker"
 `,
 			want: &workerConfig{
 				BasePath: "/api/image-builder-worker/v1",
 				DNFJson:  "/usr/libexec/osbuild-depsolve-dnf",
 				OSBuildExecutor: &executorConfig{
-					Type: "host",
+					Type:            "aws.ec2",
+					IAMProfile:      "osbuild-worker",
+					KeyName:         "osbuild-worker",
+					CloudWatchGroup: "osbuild-worker",
 				},
 				Composer: &composerConfig{
 					Proxy: "http://proxy.example.com",
--- a/cmd/osbuild-worker/jobimpl-osbuild.go
+++ b/cmd/osbuild-worker/jobimpl-osbuild.go
@ -77,9 +77,10 @@ type PulpConfiguration struct {
 }

 type ExecutorConfiguration struct {
-	Type       string
-	IAMProfile string
-	KeyName    string
+	Type            string
+	IAMProfile      string
+	KeyName         string
+	CloudWatchGroup string
 }

 type OSBuildJobImpl struct {
@ -489,7 +490,7 @@ func (impl *OSBuildJobImpl) Run(job worker.Job) error {
 	case "host":
 		executor = osbuildexecutor.NewHostExecutor()
 	case "aws.ec2":
-		executor = osbuildexecutor.NewAWSEC2Executor(impl.OSBuildExecutor.IAMProfile, impl.OSBuildExecutor.KeyName)
+		executor = osbuildexecutor.NewAWSEC2Executor(impl.OSBuildExecutor.IAMProfile, impl.OSBuildExecutor.KeyName, impl.OSBuildExecutor.CloudWatchGroup)
 	default:
 		osbuildJobResult.JobError = clienterrors.WorkerClientError(clienterrors.ErrorInvalidConfig, "No osbuild executor defined", nil)
 		return err
--- a/cmd/osbuild-worker/main.go
+++ b/cmd/osbuild-worker/main.go
@ -474,9 +474,10 @@ func main() {
 			Store:  store,
 			Output: output,
 			OSBuildExecutor: ExecutorConfiguration{
-				Type:       config.OSBuildExecutor.Type,
-				IAMProfile: config.OSBuildExecutor.IAMProfile,
-				KeyName:    config.OSBuildExecutor.KeyName,
+				Type:            config.OSBuildExecutor.Type,
+				IAMProfile:      config.OSBuildExecutor.IAMProfile,
+				KeyName:         config.OSBuildExecutor.KeyName,
+				CloudWatchGroup: config.OSBuildExecutor.CloudWatchGroup,
 			},
 			KojiServers: kojiServers,
 			GCPConfig:   gcpConfig,