fleet/infrastructure/loadtesting/terraform/infra/docker.tf

data "aws_ecr_authorization_token" "token" {}

resource "random_pet" "db_secret_postfix" {
  length = 1
}

resource "aws_kms_key" "main" {
  description             = "${local.customer}-${random_pet.db_secret_postfix.id}"
  deletion_window_in_days = 10
  enable_key_rotation     = true
}

resource "aws_ecr_repository" "fleet" {
  name                 = local.customer
  image_tag_mutability = "IMMUTABLE"

  image_scanning_configuration {
    scan_on_push = true
  }

  encryption_configuration {
    encryption_type = "KMS"
    kms_key         = aws_kms_key.main.arn
  }

  force_delete = true
}

resource "docker_image" "dockerhub" {
  name = "fleetdm/fleet:${var.tag}"
}

data "docker_registry_image" "dockerhub" {
  name = "fleetdm/fleet:${var.tag}"
}

resource "docker_tag" "fleet" {
  source_image = docker_image.dockerhub.name
  target_image = "${aws_ecr_repository.fleet.repository_url}:${var.tag}-${split(":", data.docker_registry_image.dockerhub.sha256_digest)[1]}"
}

resource "docker_registry_image" "fleet" {
  name          = docker_tag.fleet.target_image
  keep_remotely = true
}
Loadtesting IAC updates (#32629) # Github Actions (New) - New workflow to deploy/destroy loadtest infrastructure with one-click (Needs to be tested) - Common inputs drive configuration and deployment of loadtest infrastructure - tag - fleet_task_count - fleet_task_memory - fleet_task_cpu - fleet_database_instance_size - fleet_database_instance_count - fleet_redis_instance_size - fleet_redis_instance_count - terraform_workspace - terraform_action - New workflow to deploy/destroy osquery-perf to loadtest infrastructure with one-click (Needs to be tested) - Common inputs drive configuration and deployment of osquery-perf resources - tag - git_branch - loadtest_containers - extra_flags - terraform_workspace - terraform_action - New workflow to deploy shared loadtest resources with one-click (Needs to be tested) # Loadtest Infrastructure (New) - New directory (`infrastructure/loadtesting/terraform/infra`) for one-click deployment - Loadtest environment updated to use [fleet-terraform modules](https://github.com/fleetdm/fleet-terraform) - [Deployment documentation updated](https://github.com/fleetdm/fleet/blob/0c254bca4018bcf2421ae37f652f9191fb028adf/infrastructure/loadtesting/terraform/infra/README.md) to reflect new steps # Osquery-perf deployment (New) - New directory (`infrastructure/loadtesting/terraform/osquery-perf`) for the deployment of osquery-perf - osquery-perf updated to use [fleet-terraform modules](https://github.com/fleetdm/fleet-terraform) - [Deployment documentation updated](https://github.com/fleetdm/fleet/tree/0c254bca4018bcf2421ae37f652f9191fb028adf/infrastructure/loadtesting/terraform/osquery_perf) to reflect new steps 2025-10-08 19:31:37 +00:00			`data "aws_ecr_authorization_token" "token" {}`

			`resource "random_pet" "db_secret_postfix" {`
			`length = 1`
			`}`

			`resource "aws_kms_key" "main" {`
			`description = "${local.customer}-${random_pet.db_secret_postfix.id}"`
			`deletion_window_in_days = 10`
			`enable_key_rotation = true`
			`}`

			`resource "aws_ecr_repository" "fleet" {`
			`name = local.customer`
			`image_tag_mutability = "IMMUTABLE"`

			`image_scanning_configuration {`
			`scan_on_push = true`
			`}`

			`encryption_configuration {`
			`encryption_type = "KMS"`
			`kms_key = aws_kms_key.main.arn`
			`}`

			`force_delete = true`
			`}`

Dogfood and loadtest module updates (#35990) Updates `module.main` to `1.18.3` (dogfood) - Adds `memory_tracking_target_value = 70` (dogfood and loadtesting) - Adds `cpu_tracking_target_value = 70` (dogfood and loadtesting) Updates `module.migrations` to `2.2.1` (dogfood) - Adds `max_capacity` Updates `module.logging_alb` to `1.6.2` (dogfood) Updates `module.monitoring` to `1.8.0` (dogfood) - Adds `log_monitoring` configuration 2025-11-20 03:04:17 +00:00			`resource "docker_image" "dockerhub" {`
			`name = "fleetdm/fleet:${var.tag}"`
			`}`
Loadtesting IAC updates (#32629) # Github Actions (New) - New workflow to deploy/destroy loadtest infrastructure with one-click (Needs to be tested) - Common inputs drive configuration and deployment of loadtest infrastructure - tag - fleet_task_count - fleet_task_memory - fleet_task_cpu - fleet_database_instance_size - fleet_database_instance_count - fleet_redis_instance_size - fleet_redis_instance_count - terraform_workspace - terraform_action - New workflow to deploy/destroy osquery-perf to loadtest infrastructure with one-click (Needs to be tested) - Common inputs drive configuration and deployment of osquery-perf resources - tag - git_branch - loadtest_containers - extra_flags - terraform_workspace - terraform_action - New workflow to deploy shared loadtest resources with one-click (Needs to be tested) # Loadtest Infrastructure (New) - New directory (`infrastructure/loadtesting/terraform/infra`) for one-click deployment - Loadtest environment updated to use [fleet-terraform modules](https://github.com/fleetdm/fleet-terraform) - [Deployment documentation updated](https://github.com/fleetdm/fleet/blob/0c254bca4018bcf2421ae37f652f9191fb028adf/infrastructure/loadtesting/terraform/infra/README.md) to reflect new steps # Osquery-perf deployment (New) - New directory (`infrastructure/loadtesting/terraform/osquery-perf`) for the deployment of osquery-perf - osquery-perf updated to use [fleet-terraform modules](https://github.com/fleetdm/fleet-terraform) - [Deployment documentation updated](https://github.com/fleetdm/fleet/tree/0c254bca4018bcf2421ae37f652f9191fb028adf/infrastructure/loadtesting/terraform/osquery_perf) to reflect new steps 2025-10-08 19:31:37 +00:00
Dogfood and loadtest module updates (#35990) Updates `module.main` to `1.18.3` (dogfood) - Adds `memory_tracking_target_value = 70` (dogfood and loadtesting) - Adds `cpu_tracking_target_value = 70` (dogfood and loadtesting) Updates `module.migrations` to `2.2.1` (dogfood) - Adds `max_capacity` Updates `module.logging_alb` to `1.6.2` (dogfood) Updates `module.monitoring` to `1.8.0` (dogfood) - Adds `log_monitoring` configuration 2025-11-20 03:04:17 +00:00			`data "docker_registry_image" "dockerhub" {`
			`name = "fleetdm/fleet:${var.tag}"`
Loadtesting IAC updates (#32629) # Github Actions (New) - New workflow to deploy/destroy loadtest infrastructure with one-click (Needs to be tested) - Common inputs drive configuration and deployment of loadtest infrastructure - tag - fleet_task_count - fleet_task_memory - fleet_task_cpu - fleet_database_instance_size - fleet_database_instance_count - fleet_redis_instance_size - fleet_redis_instance_count - terraform_workspace - terraform_action - New workflow to deploy/destroy osquery-perf to loadtest infrastructure with one-click (Needs to be tested) - Common inputs drive configuration and deployment of osquery-perf resources - tag - git_branch - loadtest_containers - extra_flags - terraform_workspace - terraform_action - New workflow to deploy shared loadtest resources with one-click (Needs to be tested) # Loadtest Infrastructure (New) - New directory (`infrastructure/loadtesting/terraform/infra`) for one-click deployment - Loadtest environment updated to use [fleet-terraform modules](https://github.com/fleetdm/fleet-terraform) - [Deployment documentation updated](https://github.com/fleetdm/fleet/blob/0c254bca4018bcf2421ae37f652f9191fb028adf/infrastructure/loadtesting/terraform/infra/README.md) to reflect new steps # Osquery-perf deployment (New) - New directory (`infrastructure/loadtesting/terraform/osquery-perf`) for the deployment of osquery-perf - osquery-perf updated to use [fleet-terraform modules](https://github.com/fleetdm/fleet-terraform) - [Deployment documentation updated](https://github.com/fleetdm/fleet/tree/0c254bca4018bcf2421ae37f652f9191fb028adf/infrastructure/loadtesting/terraform/osquery_perf) to reflect new steps 2025-10-08 19:31:37 +00:00			`}`
Dogfood and loadtest module updates (#35990) Updates `module.main` to `1.18.3` (dogfood) - Adds `memory_tracking_target_value = 70` (dogfood and loadtesting) - Adds `cpu_tracking_target_value = 70` (dogfood and loadtesting) Updates `module.migrations` to `2.2.1` (dogfood) - Adds `max_capacity` Updates `module.logging_alb` to `1.6.2` (dogfood) Updates `module.monitoring` to `1.8.0` (dogfood) - Adds `log_monitoring` configuration 2025-11-20 03:04:17 +00:00
			`resource "docker_tag" "fleet" {`
			`source_image = docker_image.dockerhub.name`
			`target_image = "${aws_ecr_repository.fleet.repository_url}:${var.tag}-${split(":", data.docker_registry_image.dockerhub.sha256_digest)[1]}"`
			`}`

			`resource "docker_registry_image" "fleet" {`
			`name = docker_tag.fleet.target_image`
			`keep_remotely = true`
			`}`