Skip to content

v1.0.0

Choose a tag to compare

View all tags
@edersonbrilhante edersonbrilhante released this 15 May 19:30
· 267 commits to main since this release
v1.0.0
597bb22
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

ForgeMT v1.0.0 – Scalable, Secure, Multi-Tenant GitHub Actions Platform

🧱 Runner Types

EC2 Runners

Provisioned via the ec2_deployment module:

  • GitHub webhook-based lifecycle (started / completed)
  • Dynamic user data provisioning
  • Secure access via IAM OIDC
  • Full observability via Splunk (logs and execution metrics)

Kubernetes Runners (EKS)

Deployed via the arc module:

  • Docker and non-Docker runner support
  • Helm charts for DinD-based runners (scale_set)
  • Custom controller to reconcile GitHub jobs (scale_set_controller)
  • Pod-level network isolation with Calico CNI
  • Auto scaling with Karpenter
  • GitHub App-based integration and auth

☁️ Infrastructure & Scalability

Modular and fully Terraform-driven:

  • eks: Cluster, node groups, addons, Karpenter, Calico, OpenTelemetry
  • ec2: Auto-scaling EC2 setup, lifecycle hooks, security groups
  • ami, ami_sharing: Managed and cross-account shared AMIs
  • secrets, storage: Secrets management and S3 buckets
  • budget, billing, opt_in_regions: FinOps and region control
  • cloud_custodian, cloudformation: Governance and provisioning
  • service_linked_roles, forge_subscription: Baseline AWS setup for multi-account environments

🔌 Integrations

Splunk

  • splunk_cloud_* modules for CI/CD log and metric ingestion
  • Dashboard and transform templates
  • Automation scripts for integration setup (create_splunk_integration.sh, etc.)

Teleport

  • Multi-tenant access control integration for secure environments

🔧 Core Platform Modules

  • arc: Runner engine for Kubernetes-based runners

    • scale_set: Helm chart and templates (dind.yml, k8s.yml, hooks)
    • scale_set_controller: Helm chart and dynamic values.yml.tftpl

  • forge_runners: Registers repos and runner groups via GitHub App + Lambda

  • global_lock: Global lock mechanism with automatic cleanup

  • scripts and lambdas: Utilities for GitHub API interaction

📈 Observability & Metrics

  • End-to-end job tracking built-in
  • Tenant-specific Splunk dashboards
  • OpenTelemetry support in EKS

✅ Requirements

Assets 2
Loading