chore(main): release 9.3.1

.github/.release-please-manifest.json

@@ -1,3 +1,3 @@
 {
-  ".": "9.3.0"
+  ".": "9.3.1"
 }

CHANGELOG.md

@@ -1,5 +1,13 @@
 # Changelog
 
+## [9.3.1](https://github.com/cattle-ops/terraform-aws-gitlab-runner/compare/9.3.0...9.3.1) (2025-10-16)
+
+
+### Bug Fixes
+
+* ensure that key pair names do not overlap ([#1338](https://github.com/cattle-ops/terraform-aws-gitlab-runner/issues/1338)) ([286de13](https://github.com/cattle-ops/terraform-aws-gitlab-runner/commit/286de13b3fa7a3cb8188ce83b9a2afd9e209f157)), closes [#1291](https://github.com/cattle-ops/terraform-aws-gitlab-runner/issues/1291)
+* use unique output file name for the lambda function ([#1336](https://github.com/cattle-ops/terraform-aws-gitlab-runner/issues/1336)) ([babfd75](https://github.com/cattle-ops/terraform-aws-gitlab-runner/commit/babfd75dccd57e82e3e2936a94cda39e7019f671))
+
 ## [9.3.0](https://github.com/cattle-ops/terraform-aws-gitlab-runner/compare/9.2.4...9.3.0) (2025-10-09)
 
 

README.md

@@ -86,7 +86,7 @@ This project is licensed under the MIT License - see the [LICENSE](LICENSE) file
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | 6.15.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 6.16.0 |
 | <a name="provider_local"></a> [local](#provider\_local) | 2.5.3 |
 | <a name="provider_tls"></a> [tls](#provider\_tls) | 4.1.0 |
 
@@ -196,8 +196,8 @@ This project is licensed under the MIT License - see the [LICENSE](LICENSE) file
 | <a name="input_runner_cloudwatch"></a> [runner\_cloudwatch](#input\_runner\_cloudwatch) | enable = Boolean used to enable or disable the CloudWatch logging.<br/>log\_group\_name = Option to override the default name (`environment`) of the log group. Requires `enable = true`.<br/>retention\_days = Retention for cloudwatch logs. Defaults to unlimited. Requires `enable = true`. | <pre>object({<br/>    enable         = optional(bool, true)<br/>    log_group_name = optional(string, null)<br/>    retention_days = optional(number, 0)<br/>  })</pre> | `{}` | no |
 | <a name="input_runner_egress_rules"></a> [runner\_egress\_rules](#input\_runner\_egress\_rules) | Map of Egress rules for the Runner Manager security group. | <pre>map(object({<br/>    from_port       = optional(number, null)<br/>    to_port         = optional(number, null)<br/>    protocol        = string<br/>    description     = string<br/>    cidr_block      = optional(string, null)<br/>    ipv6_cidr_block = optional(string, null)<br/>    prefix_list_id  = optional(string, null)<br/>    security_group  = optional(string, null)<br/>  }))</pre> | <pre>{<br/>  "allow_https_ipv4": {<br/>    "cidr_block": "0.0.0.0/0",<br/>    "description": "Allow HTTPS egress traffic",<br/>    "from_port": 443,<br/>    "protocol": "tcp",<br/>    "to_port": 443<br/>  },<br/>  "allow_https_ipv6": {<br/>    "description": "Allow HTTPS egress traffic (IPv6)",<br/>    "from_port": 443,<br/>    "ipv6_cidr_block": "::/0",<br/>    "protocol": "tcp",<br/>    "to_port": 443<br/>  }<br/>}</pre> | no |
 | <a name="input_runner_enable_asg_recreation"></a> [runner\_enable\_asg\_recreation](#input\_runner\_enable\_asg\_recreation) | Enable automatic redeployment of the Runner's ASG when the Launch Configs change. | `bool` | `true` | no |
-| <a name="input_runner_gitlab"></a> [runner\_gitlab](#input\_runner\_gitlab) | ca\_certificate = Trusted CA certificate bundle (PEM format).<br/>certificate = Certificate of the GitLab instance to connect to (PEM format).<br/>registration\_token = (deprecated, This is replaced by the `registration_token` in `runner_gitlab_registration_config`.) Registration token to use to register the Runner.<br/>runner\_version = Version of the [GitLab Runner](https://gitlab.com/gitlab-org/gitlab-runner/-/releases). Make sure that it is available for your AMI. See https://packages.gitlab.com/app/runner/gitlab-runner/search?dist=amazon%2F2023&filter=rpms&page=1&q=<br/>url = URL of the GitLab instance to connect to.<br/>url\_clone = URL of the GitLab instance to clone from. Use only if the agent can’t connect to the GitLab URL.<br/>access\_token\_secure\_parameter\_store\_name = (deprecated) The name of the SSM parameter to read the GitLab access token from. It must have the `api` scope and be pre created.<br/>preregistered\_runner\_token\_ssm\_parameter\_name = The name of the SSM parameter to read the preregistered GitLab Runner token from. | <pre>object({<br/>    ca_certificate                                = optional(string, "")<br/>    certificate                                   = optional(string, "")<br/>    registration_token                            = optional(string, "__REPLACED_BY_USER_DATA__") # deprecated, removed in 8.0.0<br/>    runner_version                                = optional(string, "16.0.3")<br/>    url                                           = optional(string, "")<br/>    url_clone                                     = optional(string, "")<br/>    access_token_secure_parameter_store_name      = optional(string, "gitlab-runner-access-token") # deprecated, removed in 8.0.0<br/>    preregistered_runner_token_ssm_parameter_name = optional(string, "")<br/>  })</pre> | n/a | yes |
-| <a name="input_runner_gitlab_registration_config"></a> [runner\_gitlab\_registration\_config](#input\_runner\_gitlab\_registration\_config) | (deprecated, replaced by runner\_gitlab.preregistered\_runner\_token\_ssm\_parameter\_name) Configuration used to register the Runner. See the README for an example, or reference the examples in the examples directory of this repo. There is also a good GitLab documentation available at: https://docs.gitlab.com/ee/ci/runners/configure_runners.html | <pre>object({<br/>    registration_token = optional(string, "__GITLAB_REGISTRATION_TOKEN_FROM_SSM__") # deprecated, removed in 8.0.0<br/>    tag_list           = optional(string, "")                                       # deprecated, removed in 8.0.0<br/>    description        = optional(string, "")                                       # deprecated, removed in 8.0.0<br/>    type               = optional(string, "")                                       # mandatory if gitlab_runner_version >= 16.0.0 # deprecated, removed in 8.0.0<br/>    group_id           = optional(string, "")                                       # mandatory if type is group # deprecated, removed in 8.0.0<br/>    project_id         = optional(string, "")                                       # mandatory if type is project # deprecated, removed in 8.0.0<br/>    locked_to_project  = optional(string, "")                                       # deprecated, removed in 8.0.0<br/>    run_untagged       = optional(string, "")                                       # deprecated, removed in 8.0.0<br/>    maximum_timeout    = optional(string, "")                                       # deprecated, removed in 8.0.0<br/>    access_level       = optional(string, "not_protected")                          # this is the only mandatory field calling the GitLab get token for executor operation # deprecated, removed in 8.0.0<br/>  })</pre> | `{}` | no |
+| <a name="input_runner_gitlab"></a> [runner\_gitlab](#input\_runner\_gitlab) | ca\_certificate = Trusted CA certificate bundle (PEM format).<br/>certificate = Certificate of the GitLab instance to connect to (PEM format).<br/>registration\_token = (deprecated, this is replaced by the `preregistered_runner_token_ssm_parameter_name`) Registration token to use to register the Runner.<br/>runner\_version = Version of the [GitLab Runner](https://gitlab.com/gitlab-org/gitlab-runner/-/releases). Make sure that it is available for your AMI. See https://packages.gitlab.com/app/runner/gitlab-runner/search?dist=amazon%2F2023&filter=rpms&page=1&q=<br/>url = URL of the GitLab instance to connect to.<br/>url\_clone = URL of the GitLab instance to clone from. Use only if the agent can’t connect to the GitLab URL.<br/>access\_token\_secure\_parameter\_store\_name = (deprecated, this is replaced by the `preregistered_runner_token_ssm_parameter_name`) The name of the SSM parameter to read the GitLab access token from. It must have the `api` scope and be pre created.<br/>preregistered\_runner\_token\_ssm\_parameter\_name = The name of the SSM parameter to read the preregistered GitLab Runner token from. | <pre>object({<br/>    ca_certificate                                = optional(string, "")<br/>    certificate                                   = optional(string, "")<br/>    registration_token                            = optional(string, "__REPLACED_BY_USER_DATA__") # deprecated, do not use, will be removed<br/>    runner_version                                = optional(string, "16.0.3")<br/>    url                                           = optional(string, "")<br/>    url_clone                                     = optional(string, "")<br/>    access_token_secure_parameter_store_name      = optional(string, "gitlab-runner-access-token") # deprecated, do not use, will be removed<br/>    preregistered_runner_token_ssm_parameter_name = optional(string, "")<br/>  })</pre> | n/a | yes |
+| <a name="input_runner_gitlab_registration_config"></a> [runner\_gitlab\_registration\_config](#input\_runner\_gitlab\_registration\_config) | (deprecated, replaced by runner\_gitlab.preregistered\_runner\_token\_ssm\_parameter\_name) Register the Runner manually with GitLab first. | <pre>object({<br/>    registration_token = optional(string, "__GITLAB_REGISTRATION_TOKEN_FROM_SSM__") # deprecated, do not use, will be removed<br/>    tag_list           = optional(string, "")                                       # deprecated, do not use, will be removed<br/>    description        = optional(string, "")                                       # deprecated, do not use, will be removed<br/>    type               = optional(string, "")                                       # deprecated, do not use, will be removed<br/>    group_id           = optional(string, "")                                       # deprecated, do not use, will be removed<br/>    project_id         = optional(string, "")                                       # deprecated, do not use, will be removed<br/>    locked_to_project  = optional(string, "")                                       # deprecated, do not use, will be removed<br/>    run_untagged       = optional(string, "")                                       # deprecated, do not use, will be removed<br/>    maximum_timeout    = optional(string, "")                                       # deprecated, do not use, will be removed<br/>    access_level       = optional(string, "not_protected")                          # deprecated, do not use, will be removed<br/>  })</pre> | `{}` | no |
 | <a name="input_runner_gitlab_registration_token_secure_parameter_store_name"></a> [runner\_gitlab\_registration\_token\_secure\_parameter\_store\_name](#input\_runner\_gitlab\_registration\_token\_secure\_parameter\_store\_name) | (deprecated, replaced by runner\_gitlab.preregistered\_runner\_token\_ssm\_parameter\_name) The name of the SSM parameter to read the GitLab Runner registration token from. | `string` | `"gitlab-runner-registration-token"` | no |
 | <a name="input_runner_gitlab_token_secure_parameter_store"></a> [runner\_gitlab\_token\_secure\_parameter\_store](#input\_runner\_gitlab\_token\_secure\_parameter\_store) | Name of the Secure Parameter Store entry to hold the GitLab Runner token. | `string` | `"runner-token"` | no |
 | <a name="input_runner_ingress_rules"></a> [runner\_ingress\_rules](#input\_runner\_ingress\_rules) | Map of Ingress rules for the Runner Manager security group. | <pre>map(object({<br/>    from_port       = optional(number, null)<br/>    to_port         = optional(number, null)<br/>    protocol        = string<br/>    description     = string<br/>    cidr_block      = optional(string, null)<br/>    ipv6_cidr_block = optional(string, null)<br/>    prefix_list_id  = optional(string, null)<br/>    security_group  = optional(string, null)<br/>  }))</pre> | `{}` | no |