Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Initial version #1

Merged
merged 9 commits into from
Mar 8, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
44 changes: 32 additions & 12 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,21 +6,21 @@

Meet **OPSd**. The unique and effortless way of managing cloud infrastructure.

# terraform-module-template
# terraform-module-aws-ecr-repository

## Introduction

What does the module provide?
This module provides an Elastic Container Registry Repository.

## Usage

```hcl
module "module_name" {
source = "github.com/opsd-io/module_name?ref=v0.0.1"
module "example" {
source = "github.com/opsd-io/terraform-module-aws-ecr-repository"
name = "foobar-service"

# Variables
variable_1 = "foo"
variable_2 = "bar"
image_tag_mutable = true
scan_on_push = true
}
```

Expand All @@ -31,27 +31,47 @@ module "module_name" {

| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3.1 |
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.5 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.0 |

## Providers

No providers.
| Name | Version |
|------|---------|
| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 5.0 |

## Modules

No modules.

## Resources

No resources.
| Name | Type |
|------|------|
| [aws_ecr_lifecycle_policy.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_lifecycle_policy) | resource |
| [aws_ecr_repository.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository) | resource |
| [aws_ecr_repository_policy.main](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository_policy) | resource |
| [aws_iam_policy_document.repository_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |

## Inputs

No inputs.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_common_tags"></a> [common\_tags](#input\_common\_tags) | A map of tags to assign to every resource in this module. | `map(string)` | `{}` | no |
| <a name="input_encryption_kms_key"></a> [encryption\_kms\_key](#input\_encryption\_kms\_key) | The ARN of the KMS key to use for the repository encryption. | `string` | `null` | no |
| <a name="input_image_tag_mutable"></a> [image\_tag\_mutable](#input\_image\_tag\_mutable) | The tag mutability setting for the repository. | `bool` | `true` | no |
| <a name="input_lifecycle_rules"></a> [lifecycle\_rules](#input\_lifecycle\_rules) | List of lifecycle policy rules. | <pre>list(object({<br> priority = number<br> description = optional(string)<br> tag_status = string # "tagged"|"untagged"|"any"<br> tag_patterns = optional(list(string))<br> tag_prefixes = optional(list(string))<br> count_type = string # "imageCountMoreThan"|"sinceImagePushed"<br> count_number = number<br> }))</pre> | `[]` | no |
| <a name="input_name"></a> [name](#input\_name) | Name of the repository. | `string` | n/a | yes |
| <a name="input_policy_documents"></a> [policy\_documents](#input\_policy\_documents) | List of IAM policy documents that are merged together for the repository policy. | `list(string)` | `[]` | no |
| <a name="input_scan_on_push"></a> [scan\_on\_push](#input\_scan\_on\_push) | Indicates whether images are scanned after being pushed to the repository. | `bool` | `true` | no |

## Outputs

No outputs.
| Name | Description |
|------|-------------|
| <a name="output_arn"></a> [arn](#output\_arn) | Full ARN of the repository. |
| <a name="output_registry_id"></a> [registry\_id](#output\_registry\_id) | The registry ID where the repository was created. |
| <a name="output_repository_url"></a> [repository\_url](#output\_repository\_url) | The URL of the repository. |
<!-- END_TF_DOCS -->

## Examples of usage
Expand Down
11 changes: 11 additions & 0 deletions examples/basic/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
resource "random_pet" "repository_name" {
length = 3
}

module "example" {
source = "github.com/opsd-io/terraform-module-aws-ecr-repository"

name = random_pet.repository_name.id
image_tag_mutable = true
scan_on_push = true
}
3 changes: 3 additions & 0 deletions examples/basic/outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
output "ecr" {
value = module.example
}
5 changes: 5 additions & 0 deletions examples/basic/override.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
# Make sure we're using working version (from local directory, not git).

module "example" {
source = "./../.."
}
16 changes: 16 additions & 0 deletions examples/basic/terraform.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
random = {
source = "hashicorp/random"
version = "~> 3.5"
}
}
}

provider "aws" {
region = "eu-central-1"
}
1 change: 0 additions & 1 deletion examples/example_of_use/.tool-versions

This file was deleted.

63 changes: 0 additions & 63 deletions examples/example_of_use/README.mkdn

This file was deleted.

4 changes: 0 additions & 4 deletions examples/example_of_use/main.tf

This file was deleted.

13 changes: 0 additions & 13 deletions examples/example_of_use/versions.tf

This file was deleted.

70 changes: 69 additions & 1 deletion main.tf
Original file line number Diff line number Diff line change
@@ -1 +1,69 @@
# Terraform code goes here
terraform {
required_version = ">= 1.5.5"
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
}
}

resource "aws_ecr_repository" "main" {
name = var.name
force_delete = false
image_tag_mutability = var.image_tag_mutable ? "MUTABLE" : "IMMUTABLE"

encryption_configuration {
encryption_type = var.encryption_kms_key != null ? "KMS" : "AES256"
kms_key = var.encryption_kms_key
}

image_scanning_configuration {
scan_on_push = var.scan_on_push
}

tags = merge(var.common_tags, {
Name = var.name
})

}

data "aws_iam_policy_document" "repository_policy" {
override_policy_documents = var.policy_documents
}

resource "aws_ecr_repository_policy" "main" {
count = length(var.policy_documents) > 0 ? 1 : 0
repository = aws_ecr_repository.main.name
policy = data.aws_iam_policy_document.repository_policy.json
}

# https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html

resource "aws_ecr_lifecycle_policy" "main" {
count = length(var.lifecycle_rules) > 0 ? 1 : 0
repository = aws_ecr_repository.main.name
policy = jsonencode({
rules = [
for rule in var.lifecycle_rules : {
for key, val in {
rulePriority = rule.priority
description = rule.description
selection = {
for key, val in {
tagStatus = rule.tag_status
tagPatternList = rule.tag_status == "tagged" ? rule.tag_patterns : null
tagPrefixList = rule.tag_status == "tagged" ? rule.tag_prefixes : null
countType = rule.count_type
countUnit = rule.count_type == "sinceImagePushed" ? "days" : null
countNumber = rule.count_number
} : key => val if val != null
}
action = {
type = "expire"
}
} : key => val if val != null
}
]
})
}
18 changes: 14 additions & 4 deletions outputs.tf
Original file line number Diff line number Diff line change
@@ -1,4 +1,14 @@
# output "variable" {
# description = "output variable description"
# value = variable.main.name
# }
output "arn" {
description = "Full ARN of the repository."
value = aws_ecr_repository.main.arn
}

output "registry_id" {
description = "The registry ID where the repository was created."
value = aws_ecr_repository.main.registry_id
}

output "repository_url" {
description = "The URL of the repository."
value = aws_ecr_repository.main.repository_url
}
62 changes: 50 additions & 12 deletions variables.tf
Original file line number Diff line number Diff line change
@@ -1,12 +1,50 @@
# variable "variable_name" {
# description = "variable description"
# type = number
# default = 1
# }

# variable "variable_password" {
# description = "variable description"
# type = string
# sensitive = true
# default = "abc"
# }
variable "common_tags" {
description = "A map of tags to assign to every resource in this module."
type = map(string)
default = {}
}

variable "name" {
description = "Name of the repository."
type = string
}

variable "image_tag_mutable" {
description = "The tag mutability setting for the repository."
type = bool
default = true
}

variable "scan_on_push" {
description = "Indicates whether images are scanned after being pushed to the repository."
type = bool
default = true
}

variable "encryption_kms_key" {
description = "The ARN of the KMS key to use for the repository encryption."
type = string
default = null
}


variable "policy_documents" {
description = "List of IAM policy documents that are merged together for the repository policy."
type = list(string)
default = []
}


variable "lifecycle_rules" {
description = "List of lifecycle policy rules."
type = list(object({
priority = number
description = optional(string)
tag_status = string # "tagged"|"untagged"|"any"
tag_patterns = optional(list(string))
tag_prefixes = optional(list(string))
count_type = string # "imageCountMoreThan"|"sinceImagePushed"
count_number = number
}))
default = []
}
13 changes: 0 additions & 13 deletions versions.tf

This file was deleted.

Loading