From c15f456d5bfae7161d1bb4e1a81ff5a736903b7c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20B=C3=B6nning?=
 <christian.boenning@metro-markets.de>
Date: Tue, 17 Feb 2026 07:02:22 +0100
Subject: [PATCH] Allow specification of Subnet CIDR for Runners

---
 gcp/net-vpc.tf   | 2 +-
 gcp/variables.tf | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/gcp/net-vpc.tf b/gcp/net-vpc.tf
index 8f76c00..68b4c52 100644
--- a/gcp/net-vpc.tf
+++ b/gcp/net-vpc.tf
@@ -7,7 +7,7 @@ module "vpc-github-runners" {
   description = "VPC for GitHub Actions Runners (Terraform-managed)"
   subnets = [
     {
-      ip_cidr_range = "100.64.0.0/16" # https://en.wikipedia.org/wiki/Carrier-grade_NAT
+      ip_cidr_range = coalesce(var.github_runners_internal_cidr, "100.64.0.0/16") # https://en.wikipedia.org/wiki/Carrier-grade_NAT
       name          = "subnet-github-runners-${local.region_shortnames[var.region]}"
       region        = var.region
       description   = "Subnet for GitHub Actions Runners in ${var.region} (Terraform-managed)"
diff --git a/gcp/variables.tf b/gcp/variables.tf
index cb60a62..bfcb01a 100644
--- a/gcp/variables.tf
+++ b/gcp/variables.tf
@@ -60,6 +60,13 @@ variable "zone" {
   }
 }
 
+variable "github_runners_internal_cidr" {
+  description = "The Internal IP Range used for the GitHub Actions Runners"
+  type        = string
+  default     = null
+  nullable    = true
+}
+
 # Minimum number of Cloud Run instances for the GitHub Actions Runners manager application
 # Unfortunately, the Cloud Run cold start time is slow and often exceeds 30 seconds.
 # GitHub expects a response to webhook requests in under 10 seconds!