diff --git a/README.md b/README.md index 7d5b06e..275ede7 100644 --- a/README.md +++ b/README.md @@ -8,40 +8,52 @@ Include this repository as a module in your existing terraform code: ``` module "build" { - source = "git::https://github.com/cloudposse/tf_codebuild.git" - namespace = "general" - name = "ci" - stage = "staging" - - image = "apline" - instance_size = "BUILD_GENERAL1_SMALL" + source = "git::https://github.com/cloudposse/tf_codebuild.git?ref=tags/0.5.0" + namespace = "general" + name = "ci" + stage = "staging" + + # http://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref.html + build_image = "aws/codebuild/docker:1.12.1" + build_compute_type = "BUILD_GENERAL1_SMALL" + + # These attributes are optional, used as ENV variables when building Docker images and pushing them to ECR + # For more info: + # http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html + # https://www.terraform.io/docs/providers/aws/r/codebuild_project.html + + privileged_mode = true + aws_region = "us-east-1" + aws_account_id = "xxxxxxxxxx" + image_repo_name = "ecr-repo-name" + image_tag = "latest" } ``` -Grant appropriate permsissions to s3 -``` -resource "aws_iam_role_policy_attachment" "codebuild_s3" { - role = "${module.build.role_arn}" - policy_arn = "${aws_iam_policy.s3.arn}" -} -``` ## Input -| Name | Default | Decription | -|:-------------:|:--------------------:|:------------------------------------------------------------------------------------------------------------------------------:| -| namespace | global | Namespace | -| stage | default | Stage | -| name | codebuild | Name | -| image | alpine | Docker image used as environment | -| instance_size | BUILD_GENERAL1_SMALL | Instance size for job. Possible values are: ```BUILD_GENERAL1_SMALL``` ```BUILD_GENERAL1_MEDIUM``` ```BUILD_GENERAL1_LARGE``` | -| buildspec | "" | Optional buildspec declaration to use for building the project | +| Name | Default | Description | +|:-------------------:|:----------------------------:|:----------------------------------------------------------------------------------------------------------------------------------------------------:| +| namespace | global | Namespace | +| stage | default | Stage | +| name | codebuild | Name | +| build_image | aws/codebuild/docker:1.12.1 | Docker image for build environment, _e.g._ `aws/codebuild/docker:1.12.1` or `aws/codebuild/eb-nodejs-6.10.0-amazonlinux-64:4.0.0` | +| build_compute_type | BUILD_GENERAL1_SMALL | `CodeBuild` instance size. Possible values are: ```BUILD_GENERAL1_SMALL``` ```BUILD_GENERAL1_MEDIUM``` ```BUILD_GENERAL1_LARGE``` | +| buildspec | "" | (Optional) `buildspec` declaration to use for building the project | +| privileged_mode | "" | (Optional) If set to true, enables running the Docker daemon inside a Docker container on the `CodeBuild` instance. Used when building Docker images | +| aws_region | "" | (Optional) AWS Region, _e.g._ `us-east-1`. Used as `CodeBuild` ENV variable when building Docker images | +| aws_account_id | "" | (Optional) AWS Account ID. Used as `CodeBuild` ENV variable when building Docker images | +| image_repo_name | "" | (Optional) ECR repository name to store the Docker image built by this module. Used as `CodeBuild` ENV variable when building Docker images | +| image_tag | "" | (Optional) Docker image tag in the ECR repository, _e.g._ `latest`. Used as `CodeBuild` ENV variable when building Docker images | + + ## Output | Name | Decription | |:------------:|:----------------------:| | project_name | CodeBuild project name | -| project_id | CodeBuild project arn | -| role_arn | IAM Role arn | +| project_id | CodeBuild project ARN | +| role_arn | IAM Role ARN | diff --git a/main.tf b/main.tf index 94a776d..8e48e4f 100644 --- a/main.tf +++ b/main.tf @@ -1,3 +1,9 @@ +data "aws_caller_identity" "default" {} + +data "aws_region" "default" { + current = true +} + # Define composite variables for resources module "label" { source = "git::https://github.com/cloudposse/tf_label.git?ref=tags/0.2.0" @@ -75,10 +81,30 @@ resource "aws_codebuild_project" "default" { } environment { - compute_type = "${var.instance_size}" - image = "${var.image}" + compute_type = "${var.build_compute_type}" + image = "${var.build_image}" type = "LINUX_CONTAINER" - privileged_mode = true + privileged_mode = "${var.privileged_mode}" + + environment_variable { + "name" = "AWS_REGION" + "value" = "${signum(length(var.aws_region)) == 1 ? var.aws_region : data.aws_region.default.name}" + } + + environment_variable { + "name" = "AWS_ACCOUNT_ID" + "value" = "${signum(length(var.aws_account_id)) == 1 ? var.aws_account_id : data.aws_caller_identity.default.account_id}" + } + + environment_variable { + "name" = "IMAGE_REPO_NAME" + "value" = "${var.image_repo_name}" + } + + environment_variable { + "name" = "IMAGE_TAG" + "value" = "${var.image_tag}" + } } source { diff --git a/variables.tf b/variables.tf index 72d0854..3acf6ca 100644 --- a/variables.tf +++ b/variables.tf @@ -10,11 +10,12 @@ variable "name" { default = "codebuild" } -variable "image" { - default = "alpine" +variable "build_image" { + default = "aws/codebuild/docker:1.12.1" + description = "Docker image for build environment, e.g. 'aws/codebuild/docker:1.12.1' or 'aws/codebuild/eb-nodejs-6.10.0-amazonlinux-64:4.0.0'. For more info: http://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref.html" } -variable "instance_size" { +variable "build_compute_type" { default = "BUILD_GENERAL1_SMALL" } @@ -37,3 +38,32 @@ variable "tags" { type = "map" default = {} } + +variable "privileged_mode" { + default = false + description = "(Optional) If set to true, enables running the Docker daemon inside a Docker container on the CodeBuild instance. Used when building Docker images" +} + +variable "aws_region" { + type = "string" + default = "" + description = "(Optional) AWS Region, e.g. us-east-1. Used as CodeBuild ENV variable when building Docker images. For more info: http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html" +} + +variable "aws_account_id" { + type = "string" + default = "" + description = "(Optional) AWS Account ID. Used as CodeBuild ENV variable when building Docker images. For more info: http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html" +} + +variable "image_repo_name" { + type = "string" + default = "" + description = "(Optional) ECR repository name to store the Docker image built by this module. Used as CodeBuild ENV variable when building Docker images. For more info: http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html" +} + +variable "image_tag" { + type = "string" + default = "" + description = "(Optional) Docker image tag in the ECR repository, e.g. 'latest'. Used as CodeBuild ENV variable when building Docker images. For more info: http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html" +}