From 9e966ab15a85b141cac4a935662ec90821a8fe39 Mon Sep 17 00:00:00 2001 From: Dmitrij Nikitenko Date: Thu, 3 Dec 2020 13:14:20 +0200 Subject: [PATCH 1/6] update to latest null-label for terraform 14.x support --- .github/workflows/chatops.yml | 6 ++---- README.md | 4 ++++ examples/complete/main.tf | 22 +++++++++++----------- main.tf | 4 ++-- 4 files changed, 19 insertions(+), 17 deletions(-) diff --git a/.github/workflows/chatops.yml b/.github/workflows/chatops.yml index 0d94310..44b35b8 100644 --- a/.github/workflows/chatops.yml +++ b/.github/workflows/chatops.yml @@ -9,7 +9,7 @@ jobs: steps: - uses: actions/checkout@v2 - name: "Handle common commands" - uses: cloudposse/actions/github/slash-command-dispatch@0.16.0 + uses: cloudposse/actions/github/slash-command-dispatch@0.22.0 with: token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} reaction-token: ${{ secrets.GITHUB_TOKEN }} @@ -24,7 +24,7 @@ jobs: - name: "Checkout commit" uses: actions/checkout@v2 - name: "Run tests" - uses: cloudposse/actions/github/slash-command-dispatch@0.16.0 + uses: cloudposse/actions/github/slash-command-dispatch@0.22.0 with: token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} reaction-token: ${{ secrets.GITHUB_TOKEN }} @@ -33,5 +33,3 @@ jobs: permission: triage issue-type: pull-request reactions: false - - diff --git a/README.md b/README.md index b1720da..3a8c160 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,6 @@ + # terraform-aws-ecs-codepipeline [![GitHub Action Tests](https://github.com/cloudposse/terraform-aws-ecs-codepipeline/workflows/test/badge.svg?branch=master)](https://github.com/cloudposse/terraform-aws-ecs-codepipeline/actions) [![Latest Release](https://img.shields.io/github/release/cloudposse/terraform-aws-ecs-codepipeline.svg)](https://github.com/cloudposse/terraform-aws-ecs-codepipeline/releases/latest) [![Slack Community](https://slack.cloudposse.com/badge.svg)](https://slack.cloudposse.com) + [![README Header][readme_header_img]][readme_header_link] @@ -416,8 +418,10 @@ Check out [our other projects][github], [follow us on twitter][twitter], [apply ### Contributors + | [![Erik Osterman][osterman_avatar]][osterman_homepage]
[Erik Osterman][osterman_homepage] | [![Igor Rodionov][goruha_avatar]][goruha_homepage]
[Igor Rodionov][goruha_homepage] | [![Andriy Knysh][aknysh_avatar]][aknysh_homepage]
[Andriy Knysh][aknysh_homepage] | [![Sarkis Varozian][sarkis_avatar]][sarkis_homepage]
[Sarkis Varozian][sarkis_homepage] | [![Joe Niland][joe-niland_avatar]][joe-niland_homepage]
[Joe Niland][joe-niland_homepage] | |---|---|---|---|---| + [osterman_homepage]: https://github.com/osterman [osterman_avatar]: https://img.cloudposse.com/150x150/https://github.com/osterman.png diff --git a/examples/complete/main.tf b/examples/complete/main.tf index e89f833..95327d7 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -5,18 +5,20 @@ provider "aws" { module "vpc" { source = "git::https://github.com/cloudposse/terraform-aws-vpc.git?ref=tags/0.18.0" cidr_block = var.vpc_cidr_block - context = module.this.context + + context = module.this.context } module "subnets" { - source = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets.git?ref=tags/0.31.0" + source = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets.git?ref=tags/0.32.0" availability_zones = var.availability_zones vpc_id = module.vpc.vpc_id igw_id = module.vpc.igw_id cidr_block = module.vpc.vpc_cidr_block nat_gateway_enabled = true nat_instance_enabled = false - context = module.this.context + + context = module.this.context } resource "aws_ecs_cluster" "default" { @@ -25,7 +27,7 @@ resource "aws_ecs_cluster" "default" { } module "container_definition" { - source = "git::https://github.com/cloudposse/terraform-aws-ecs-container-definition.git?ref=tags/0.41.0" + source = "git::https://github.com/cloudposse/terraform-aws-ecs-container-definition.git?ref=tags/0.45.2" container_name = var.container_name container_image = var.container_image container_memory = var.container_memory @@ -38,12 +40,7 @@ module "container_definition" { } module "ecs_alb_service_task" { - source = "git::https://github.com/cloudposse/terraform-aws-ecs-alb-service-task.git?ref=tags/0.40.2" - namespace = module.this.namespace - stage = module.this.stage - name = module.this.name - attributes = module.this.attributes - delimiter = module.this.delimiter + source = "git::https://github.com/cloudposse/terraform-aws-ecs-alb-service-task.git?ref=tags/0.42.0" alb_security_group = module.vpc.vpc_default_security_group_id container_definition_json = module.container_definition.json_map_encoded_list ecs_cluster_arn = aws_ecs_cluster.default.arn @@ -62,6 +59,8 @@ module "ecs_alb_service_task" { desired_count = var.desired_count task_memory = var.task_memory task_cpu = var.task_cpu + + context = module.this.context } module "ecs_codepipeline" { @@ -83,5 +82,6 @@ module "ecs_codepipeline" { environment_variables = var.environment_variables ecs_cluster_name = aws_ecs_cluster.default.name service_name = module.ecs_alb_service_task.service_name - context = module.this.context + + context = module.this.context } diff --git a/main.tf b/main.tf index 69e1b9f..b804ef1 100644 --- a/main.tf +++ b/main.tf @@ -155,7 +155,7 @@ resource "aws_iam_role_policy_attachment" "codestar" { } module "codestar_label" { - source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.17.0" + source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.21.0" enabled = module.this.enabled && var.codestar_connection_arn != "" attributes = compact(concat(var.attributes, ["codestar"])) context = module.this.context @@ -303,7 +303,7 @@ resource "aws_codepipeline" "default" { } lifecycle { - # prevent github OAuthToken from causing updates, since it's removed from state file + # prevent github OAuthToken from causing updates, since it's removed from state file ignore_changes = [stage[0].action[0].configuration] } } From 29b0562f1758bd2c56dceacea9d439e8bf828c4b Mon Sep 17 00:00:00 2001 From: Dmitrij Nikitenko Date: Thu, 3 Dec 2020 23:03:24 +0200 Subject: [PATCH 2/6] add github_anonymous variable to pass tests --- examples/complete/fixtures.us-east-2.tfvars | 2 ++ examples/complete/main.tf | 1 + examples/complete/variables.tf | 5 +++++ variables.tf | 1 - 4 files changed, 8 insertions(+), 1 deletion(-) diff --git a/examples/complete/fixtures.us-east-2.tfvars b/examples/complete/fixtures.us-east-2.tfvars index 608533e..b0a1a7d 100644 --- a/examples/complete/fixtures.us-east-2.tfvars +++ b/examples/complete/fixtures.us-east-2.tfvars @@ -80,6 +80,8 @@ container_port_mappings = [ github_oauth_token = "test" +github_anonymous = true + repo_owner = "cloudposse" repo_name = "terraform-aws-ecs-codepipeline" diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 95327d7..431e793 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -67,6 +67,7 @@ module "ecs_codepipeline" { source = "../../" region = var.region github_oauth_token = var.github_oauth_token + github_anonymous = var.github_anonymous repo_owner = var.repo_owner repo_name = var.repo_name branch = var.branch diff --git a/examples/complete/variables.tf b/examples/complete/variables.tf index 1354fb8..8e39a47 100644 --- a/examples/complete/variables.tf +++ b/examples/complete/variables.tf @@ -126,6 +126,11 @@ variable "github_oauth_token" { description = "GitHub OAuth Token with permissions to access private repositories" } +variable "github_anonymous" { + type = bool + description = "Github Anonymous API (if `true`, token must not be set as GITHUB_TOKEN or `github_token`)" +} + variable "repo_owner" { type = string description = "GitHub Organization or Username" diff --git a/variables.tf b/variables.tf index 32b1e79..397b08b 100644 --- a/variables.tf +++ b/variables.tf @@ -177,4 +177,3 @@ variable "local_cache_modes" { default = [] description = "Specifies settings that AWS CodeBuild uses to store and reuse build dependencies. Valid values: LOCAL_SOURCE_CACHE, LOCAL_DOCKER_LAYER_CACHE, and LOCAL_CUSTOM_CACHE" } - From e7037221056b1642829e755ff70d50e08d8a86f4 Mon Sep 17 00:00:00 2001 From: Maxim Mironenko Date: Wed, 30 Dec 2020 19:20:29 +0700 Subject: [PATCH 3/6] upgrading modules and workflows --- .github/CODEOWNERS | 13 +++- .github/auto-release.yml | 47 ++++++++----- .github/mergify.yml | 58 +++++++++++++++ .github/renovate.json | 12 ++++ .github/workflows/auto-context.yml | 55 +++++++++++++++ .github/workflows/auto-format.yml | 86 +++++++++++++++++++++++ .github/workflows/auto-release.yml | 2 +- .github/workflows/chatops.yml | 2 + .github/workflows/validate-codeowners.yml | 25 +++++++ README.md | 21 ++++-- README.yaml | 8 ++- context.tf | 5 +- docs/terraform.md | 85 +--------------------- examples/complete/context.tf | 5 +- examples/complete/main.tf | 14 ++-- examples/complete/versions.tf | 27 +++++-- main.tf | 60 ++++++++++------ versions.tf | 27 +++++-- 18 files changed, 397 insertions(+), 155 deletions(-) create mode 100644 .github/mergify.yml create mode 100644 .github/renovate.json create mode 100644 .github/workflows/auto-context.yml create mode 100644 .github/workflows/auto-format.yml create mode 100644 .github/workflows/validate-codeowners.yml diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 07b38d2..ceb4644 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,7 +1,7 @@ # Use this file to define individuals or teams that are responsible for code in a repository. # Read more: # -# Order is important: the last matching pattern takes the most precedence +# Order is important: the last matching pattern has the highest precedence # These owners will be the default owners for everything * @cloudposse/engineering @cloudposse/contributors @@ -13,5 +13,12 @@ # Cloud Posse must review any changes to GitHub actions .github/* @cloudposse/engineering -# Cloud Posse must review any changes to standard context definition -**/context.tf @cloudposse/engineering +# Cloud Posse must review any changes to standard context definition, +# but some changes can be rubber-stamped. +**/context.tf @cloudposse/engineering @cloudposse/approvers +README.md @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers +docs/*.md @cloudposse/engineering @cloudposse/contributors @cloudposse/approvers + +# Cloud Posse Admins must review all changes to CODEOWNERS or the mergify configuration +.github/mergify.yml @cloudposse/admins +.github/CODEOWNERS @cloudposse/admins diff --git a/.github/auto-release.yml b/.github/auto-release.yml index 2836185..c78a4d8 100644 --- a/.github/auto-release.yml +++ b/.github/auto-release.yml @@ -4,30 +4,35 @@ version-template: '$MAJOR.$MINOR.$PATCH' version-resolver: major: labels: - - 'major' + - 'major' minor: labels: - - 'minor' - - 'enhancement' + - 'minor' + - 'enhancement' patch: labels: - - 'patch' - - 'fix' - - 'bugfix' - - 'bug' - - 'hotfix' + - 'auto-update' + - 'patch' + - 'fix' + - 'bugfix' + - 'bug' + - 'hotfix' default: 'minor' categories: - - title: '🚀 Enhancements' - labels: - - 'enhancement' - - title: '🐛 Bug Fixes' - labels: - - 'fix' - - 'bugfix' - - 'bug' - - 'hotfix' +- title: '🚀 Enhancements' + labels: + - 'enhancement' + - 'patch' +- title: '🐛 Bug Fixes' + labels: + - 'fix' + - 'bugfix' + - 'bug' + - 'hotfix' +- title: '🤖 Automatic Updates' + labels: + - 'auto-update' change-template: |
@@ -38,3 +43,11 @@ change-template: | template: | $CHANGES + +replacers: +# Remove irrelevant information from Renovate bot +- search: '/---\s+^#.*Renovate configuration(?:.|\n)*?This PR has been generated .*/gm' + replace: '' +# Remove Renovate bot banner image +- search: '/\[!\[[^\]]*Renovate\][^\]]*\](\([^)]*\))?\s*\n+/gm' + replace: '' diff --git a/.github/mergify.yml b/.github/mergify.yml new file mode 100644 index 0000000..b010656 --- /dev/null +++ b/.github/mergify.yml @@ -0,0 +1,58 @@ +# https://docs.mergify.io/conditions.html +# https://docs.mergify.io/actions.html +pull_request_rules: +- name: "approve automated PRs that have passed checks" + conditions: + - "author~=^(cloudpossebot|renovate\\[bot\\])$" + - "base=master" + - "-closed" + - "head~=^(auto-update|renovate)/.*" + - "check-success=test/bats" + - "check-success=test/readme" + - "check-success=test/terratest" + - "check-success=validate-codeowners" + actions: + review: + type: "APPROVE" + bot_account: "cloudposse-mergebot" + message: "We've automatically approved this PR because the checks from the automated Pull Request have passed." + +- name: "merge automated PRs when approved and tests pass" + conditions: + - "author~=^(cloudpossebot|renovate\\[bot\\])$" + - "base=master" + - "-closed" + - "head~=^(auto-update|renovate)/.*" + - "check-success=test/bats" + - "check-success=test/readme" + - "check-success=test/terratest" + - "check-success=validate-codeowners" + - "#approved-reviews-by>=1" + - "#changes-requested-reviews-by=0" + - "#commented-reviews-by=0" + actions: + merge: + method: "squash" + +- name: "delete the head branch after merge" + conditions: + - "merged" + actions: + delete_head_branch: {} + +- name: "ask to resolve conflict" + conditions: + - "conflict" + - "-closed" + actions: + comment: + message: "This pull request is now in conflict. Could you fix it @{{author}}? 🙏" + +- name: "remove outdated reviews" + conditions: + - "base=master" + actions: + dismiss_reviews: + changes_requested: true + approved: true + message: "This Pull Request has been updated, so we're dismissing all reviews." diff --git a/.github/renovate.json b/.github/renovate.json new file mode 100644 index 0000000..ae4f0aa --- /dev/null +++ b/.github/renovate.json @@ -0,0 +1,12 @@ +{ + "extends": [ + "config:base", + ":preserveSemverRanges" + ], + "labels": ["auto-update"], + "enabledManagers": ["terraform"], + "terraform": { + "ignorePaths": ["**/context.tf", "examples/**"] + } +} + diff --git a/.github/workflows/auto-context.yml b/.github/workflows/auto-context.yml new file mode 100644 index 0000000..df1a857 --- /dev/null +++ b/.github/workflows/auto-context.yml @@ -0,0 +1,55 @@ +name: "auto-context" +on: + schedule: + # Update context.tf nightly + - cron: '0 3 * * *' + +jobs: + update: + if: github.event_name == 'schedule' + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + + - name: Update context.tf + shell: bash + id: update + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + run: | + if [[ -f context.tf ]]; then + echo "Discovered existing context.tf! Fetching most recent version to see if there is an update." + curl -o context.tf -fsSL https://raw.githubusercontent.com/cloudposse/terraform-null-label/master/exports/context.tf + if git diff --no-patch --exit-code context.tf; then + echo "No changes detected! Exiting the job..." + else + echo "context.tf file has changed. Update examples and rebuild README.md." + make init + make github/init/context.tf + make readme/build + echo "::set-output name=create_pull_request=true" + fi + else + echo "This module has not yet been updated to support the context.tf pattern! Please update in order to support automatic updates." + fi + + - name: Create Pull Request + if: steps.update.outputs.create_pull_request == 'true' + uses: cloudposse/actions/github/create-pull-request@0.22.0 + with: + token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + commit-message: Update context.tf from origin source + title: Update context.tf + body: |- + ## what + This is an auto-generated PR that updates the `context.tf` file to the latest version from `cloudposse/terraform-null-label` + + ## why + To support all the features of the `context` interface. + + branch: auto-update/context.tf + base: master + delete-branch: true + labels: | + auto-update + context diff --git a/.github/workflows/auto-format.yml b/.github/workflows/auto-format.yml new file mode 100644 index 0000000..990abed --- /dev/null +++ b/.github/workflows/auto-format.yml @@ -0,0 +1,86 @@ +name: Auto Format +on: + pull_request_target: + types: [opened, synchronize] + +jobs: + auto-format: + runs-on: ubuntu-latest + container: cloudposse/build-harness:slim-latest + steps: + # Checkout the pull request branch + # "An action in a workflow run can’t trigger a new workflow run. For example, if an action pushes code using + # the repository’s GITHUB_TOKEN, a new workflow will not run even when the repository contains + # a workflow configured to run when push events occur." + # However, using a personal access token will cause events to be triggered. + # We need that to ensure a status gets posted after the auto-format commit. + # We also want to trigger tests if the auto-format made no changes. + - uses: actions/checkout@v2 + if: github.event.pull_request.state == 'open' + name: Privileged Checkout + with: + token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + repository: ${{ github.event.pull_request.head.repo.full_name }} + # Check out the PR commit, not the merge commit + # Use `ref` instead of `sha` to enable pushing back to `ref` + ref: ${{ github.event.pull_request.head.ref }} + + # Do all the formatting stuff + - name: Auto Format + if: github.event.pull_request.state == 'open' + shell: bash + run: make BUILD_HARNESS_PATH=/build-harness PACKAGES_PREFER_HOST=true -f /build-harness/templates/Makefile.build-harness pr/auto-format/host + + # Commit changes (if any) to the PR branch + - name: Commit changes to the PR branch + if: github.event.pull_request.state == 'open' + shell: bash + id: commit + env: + SENDER: ${{ github.event.sender.login }} + run: | + set -x + output=$(git diff --name-only) + + if [ -n "$output" ]; then + echo "Changes detected. Pushing to the PR branch" + git config --global user.name 'cloudpossebot' + git config --global user.email '11232728+cloudpossebot@users.noreply.github.com' + git add -A + git commit -m "Auto Format" + # Prevent looping by not pushing changes in response to changes from cloudpossebot + [[ $SENDER == "cloudpossebot" ]] || git push + # Set status to fail, because the push should trigger another status check, + # and we use success to indicate the checks are finished. + printf "::set-output name=%s::%s\n" "changed" "true" + exit 1 + else + printf "::set-output name=%s::%s\n" "changed" "false" + echo "No changes detected" + fi + + - name: Auto Test + uses: cloudposse/actions/github/repository-dispatch@0.22.0 + # match users by ID because logins (user names) are inconsistent, + # for example in the REST API Renovate Bot is `renovate[bot]` but + # in GraphQL it is just `renovate`, plus there is a non-bot + # user `renovate` with ID 1832810. + # Mergify bot: 37929162 + # Renovate bot: 29139614 + # Cloudpossebot: 11232728 + # Need to use space separators to prevent "21" from matching "112144" + if: > + contains(' 37929162 29139614 11232728 ', format(' {0} ', github.event.pull_request.user.id)) + && steps.commit.outputs.changed == 'false' && github.event.pull_request.state == 'open' + with: + token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + repository: cloudposse/actions + event-type: test-command + client-payload: |- + { "slash_command":{"args": {"unnamed": {"all": "all", "arg1": "all"}}}, + "pull_request": ${{ toJSON(github.event.pull_request) }}, + "github":{"payload":{"repository": ${{ toJSON(github.event.repository) }}, + "comment": {"id": ""} + } + } + } diff --git a/.github/workflows/auto-release.yml b/.github/workflows/auto-release.yml index ccc27be..3f48017 100644 --- a/.github/workflows/auto-release.yml +++ b/.github/workflows/auto-release.yml @@ -6,7 +6,7 @@ on: - master jobs: - semver: + publish: runs-on: ubuntu-latest steps: # Drafts your next Release notes as Pull Requests are merged into "master" diff --git a/.github/workflows/chatops.yml b/.github/workflows/chatops.yml index 44b35b8..4ddc067 100644 --- a/.github/workflows/chatops.yml +++ b/.github/workflows/chatops.yml @@ -33,3 +33,5 @@ jobs: permission: triage issue-type: pull-request reactions: false + + diff --git a/.github/workflows/validate-codeowners.yml b/.github/workflows/validate-codeowners.yml new file mode 100644 index 0000000..386eb28 --- /dev/null +++ b/.github/workflows/validate-codeowners.yml @@ -0,0 +1,25 @@ +name: Validate Codeowners +on: + pull_request: + +jobs: + validate-codeowners: + runs-on: ubuntu-latest + steps: + - name: "Checkout source code at current commit" + uses: actions/checkout@v2 + - uses: mszostok/codeowners-validator@v0.5.0 + if: github.event.pull_request.head.repo.full_name == github.repository + name: "Full check of CODEOWNERS" + with: + # For now, remove "files" check to allow CODEOWNERS to specify non-existent + # files so we can use the same CODEOWNERS file for Terraform and non-Terraform repos + # checks: "files,syntax,owners,duppatterns" + checks: "syntax,owners,duppatterns" + # GitHub access token is required only if the `owners` check is enabled + github_access_token: "${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }}" + - uses: mszostok/codeowners-validator@v0.5.0 + if: github.event.pull_request.head.repo.full_name != github.repository + name: "Syntax check of CODEOWNERS" + with: + checks: "syntax,duppatterns" diff --git a/README.md b/README.md index 3a8c160..8eb7421 100644 --- a/README.md +++ b/README.md @@ -64,8 +64,15 @@ We literally have [*hundreds of terraform modules*][terraform_modules] that are ## Usage -**IMPORTANT:** The `master` branch is used in `source` just as an example. In your code, do not pin to `master` because there may be breaking changes between releases. -Instead pin to the release tag (e.g. `?ref=tags/x.y.z`) of one of our [latest releases](https://github.com/cloudposse/terraform-aws-ecs-codepipeline/releases). +**IMPORTANT:** We do not pin modules to versions in our examples because of the +difficulty of keeping the versions in the documentation in sync with the latest released versions. +We highly recommend that in your code you pin the version to the exact version you are +using so that your infrastructure remains stable, and update versions in a +systematic way so that they do not catch you by surprise. + +Also, because of a bug in the Terraform registry ([hashicorp/terraform#21417](https://github.com/hashicorp/terraform/issues/21417)), +the registry shows many of our inputs as required when in fact they are optional. +The table below correctly indicates which inputs are required. @@ -78,7 +85,9 @@ For automated tests of the complete example using `bats` and `Terratest`, see [t In this example, we'll trigger the pipeline anytime the `master` branch is updated. ```hcl module "ecs_push_pipeline" { - source = "git::https://github.com/cloudposse/terraform-aws-ecs-codepipeline.git?ref=master" + source = "cloudposse/ecs-codepipeline/aws" + # Cloud Posse recommends pinning every module to a specific version + # version = "x.x.x" name = "app" namespace = "eg" stage = "staging" @@ -99,7 +108,9 @@ In this example, we'll trigger anytime a new GitHub release is cut by setting th ```hcl module "ecs_release_pipeline" { - source = "git::https://github.com/cloudposse/terraform-aws-ecs-codepipeline.git?ref=master" + source = "cloudposse/ecs-codepipeline/aws" + # Cloud Posse recommends pinning every module to a specific version + # version = "x.x.x" name = "app" namespace = "eg" stage = "staging" @@ -178,7 +189,7 @@ Available targets: | Name | Version | |------|---------| -| terraform | >= 0.12.0 | +| terraform | >= 0.12.26 | | aws | >= 2.0 | | local | >= 1.2 | | null | >= 2.0 | diff --git a/README.yaml b/README.yaml index 8cff681..8d7513a 100644 --- a/README.yaml +++ b/README.yaml @@ -67,7 +67,9 @@ usage: |- In this example, we'll trigger the pipeline anytime the `master` branch is updated. ```hcl module "ecs_push_pipeline" { - source = "git::https://github.com/cloudposse/terraform-aws-ecs-codepipeline.git?ref=master" + source = "cloudposse/ecs-codepipeline/aws" + # Cloud Posse recommends pinning every module to a specific version + # version = "x.x.x" name = "app" namespace = "eg" stage = "staging" @@ -88,7 +90,9 @@ usage: |- ```hcl module "ecs_release_pipeline" { - source = "git::https://github.com/cloudposse/terraform-aws-ecs-codepipeline.git?ref=master" + source = "cloudposse/ecs-codepipeline/aws" + # Cloud Posse recommends pinning every module to a specific version + # version = "x.x.x" name = "app" namespace = "eg" stage = "staging" diff --git a/context.tf b/context.tf index 64630e4..f5f2797 100644 --- a/context.tf +++ b/context.tf @@ -19,7 +19,8 @@ # module "this" { - source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.21.0" + source = "cloudposse/label/null" + version = "0.22.1" // requires Terraform >= 0.12.26 enabled = var.enabled namespace = var.namespace @@ -164,4 +165,4 @@ variable "id_length_limit" { EOT } -#### End of copy of cloudposse/terraform-null-label/variables.tf \ No newline at end of file +#### End of copy of cloudposse/terraform-null-label/variables.tf diff --git a/docs/terraform.md b/docs/terraform.md index b1e1167..4abf61b 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -1,85 +1,2 @@ -## Requirements - -| Name | Version | -|------|---------| -| terraform | >= 0.12.0 | -| aws | >= 2.0 | -| local | >= 1.2 | -| null | >= 2.0 | -| random | >= 2.1 | -| template | >= 2.0 | - -## Providers - -| Name | Version | -|------|---------| -| aws | >= 2.0 | -| random | >= 2.1 | - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| additional\_tag\_map | Additional tags for appending to tags\_as\_list\_of\_maps. Not added to `tags`. | `map(string)` | `{}` | no | -| attributes | Additional attributes (e.g. `1`) | `list(string)` | `[]` | no | -| aws\_account\_id | AWS Account ID. Used as CodeBuild ENV variable when building Docker images. [For more info](http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html) | `string` | `""` | no | -| badge\_enabled | Generates a publicly-accessible URL for the projects build badge. Available as badge\_url attribute when enabled | `bool` | `false` | no | -| branch | Branch of the GitHub repository, _e.g._ `master` | `string` | n/a | yes | -| build\_compute\_type | `CodeBuild` instance size. Possible values are: `BUILD_GENERAL1_SMALL` `BUILD_GENERAL1_MEDIUM` `BUILD_GENERAL1_LARGE` | `string` | `"BUILD_GENERAL1_SMALL"` | no | -| build\_image | Docker image for build environment, _e.g._ `aws/codebuild/docker:docker:17.09.0` | `string` | `"aws/codebuild/docker:17.09.0"` | no | -| build\_timeout | How long in minutes, from 5 to 480 (8 hours), for AWS CodeBuild to wait until timing out any related build that does not get marked as completed | `number` | `60` | no | -| buildspec | Declaration to use for building the project. [For more info](http://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html) | `string` | `""` | no | -| cache\_type | The type of storage that will be used for the AWS CodeBuild project cache. Valid values: NO\_CACHE, LOCAL, and S3. Defaults to S3. If cache\_type is S3, it will create an S3 bucket for storing codebuild cache inside | `string` | `"S3"` | no | -| codestar\_connection\_arn | CodeStar connection ARN required for Bitbucket integration with CodePipeline | `string` | `""` | no | -| context | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | 
object({
    enabled             = bool
    namespace           = string
    environment         = string
    stage               = string
    name                = string
    delimiter           = string
    attributes          = list(string)
    tags                = map(string)
    additional_tag_map  = map(string)
    regex_replace_chars = string
    label_order         = list(string)
    id_length_limit     = number
  })
| 
{
  "additional_tag_map": {},
  "attributes": [],
  "delimiter": null,
  "enabled": true,
  "environment": null,
  "id_length_limit": null,
  "label_order": [],
  "name": null,
  "namespace": null,
  "regex_replace_chars": null,
  "stage": null,
  "tags": {}
}
| no | -| delimiter | Delimiter to be used between `namespace`, `environment`, `stage`, `name` and `attributes`.
Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no | -| ecs\_cluster\_name | ECS Cluster Name | `string` | n/a | yes | -| enabled | Set to false to prevent the module from creating any resources | `bool` | `null` | no | -| environment | Environment, e.g. 'uw2', 'us-west-2', OR 'prod', 'staging', 'dev', 'UAT' | `string` | `null` | no | -| environment\_variables | A list of maps, that contain both the key 'name' and the key 'value' to be used as additional environment variables for the build | 
list(object(
    {
      name  = string
      value = string
  }))
| `[]` | no | -| github\_anonymous | Github Anonymous API (if `true`, token must not be set as GITHUB\_TOKEN or `github_token`) | `bool` | `false` | no | -| github\_oauth\_token | GitHub OAuth Token with permissions to access private repositories | `string` | `""` | no | -| github\_webhook\_events | A list of events which should trigger the webhook. See a list of [available events](https://developer.github.com/v3/activity/events/types/) | `list(string)` | 
[
  "push"
]
| no | -| github\_webhooks\_token | GitHub OAuth Token with permissions to create webhooks. If not provided, can be sourced from the `GITHUB_TOKEN` environment variable | `string` | `""` | no | -| id\_length\_limit | Limit `id` to this many characters.
Set to `0` for unlimited length.
Set to `null` for default, which is `0`.
Does not affect `id_full`. | `number` | `null` | no | -| image\_repo\_name | ECR repository name to store the Docker image built by this module. Used as CodeBuild ENV variable when building Docker images. [For more info](http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html) | `string` | n/a | yes | -| image\_tag | Docker image tag in the ECR repository, e.g. 'latest'. Used as CodeBuild ENV variable when building Docker images. [For more info](http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html) | `string` | `"latest"` | no | -| label\_order | The naming order of the id output and Name tag.
Defaults to ["namespace", "environment", "stage", "name", "attributes"].
You can omit any of the 5 elements, but at least one must be present. | `list(string)` | `null` | no | -| local\_cache\_modes | Specifies settings that AWS CodeBuild uses to store and reuse build dependencies. Valid values: LOCAL\_SOURCE\_CACHE, LOCAL\_DOCKER\_LAYER\_CACHE, and LOCAL\_CUSTOM\_CACHE | `list(string)` | `[]` | no | -| name | Solution name, e.g. 'app' or 'jenkins' | `string` | `null` | no | -| namespace | Namespace, which could be your organization name or abbreviation, e.g. 'eg' or 'cp' | `string` | `null` | no | -| poll\_source\_changes | Periodically check the location of your source content and run the pipeline if changes are detected | `bool` | `false` | no | -| privileged\_mode | If set to true, enables running the Docker daemon inside a Docker container on the CodeBuild instance. Used when building Docker images | `bool` | `false` | no | -| regex\_replace\_chars | Regex to replace chars with empty string in `namespace`, `environment`, `stage` and `name`.
If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no | -| region | AWS Region, e.g. us-east-1. Used as CodeBuild ENV variable when building Docker images. [For more info](http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html) | `string` | n/a | yes | -| repo\_name | GitHub repository name of the application to be built and deployed to ECS | `string` | n/a | yes | -| repo\_owner | GitHub Organization or Username | `string` | n/a | yes | -| s3\_bucket\_force\_destroy | A boolean that indicates all objects should be deleted from the CodePipeline artifact store S3 bucket so that the bucket can be destroyed without error | `bool` | `false` | no | -| service\_name | ECS Service Name | `string` | n/a | yes | -| stage | Stage, e.g. 'prod', 'staging', 'dev', OR 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no | -| tags | Additional tags (e.g. `map('BusinessUnit','XYZ')` | `map(string)` | `{}` | no | -| webhook\_authentication | The type of authentication to use. One of IP, GITHUB\_HMAC, or UNAUTHENTICATED | `string` | `"GITHUB_HMAC"` | no | -| webhook\_enabled | Set to false to prevent the module from creating any webhook resources | `bool` | `true` | no | -| webhook\_filter\_json\_path | The JSON path to filter on | `string` | `"$.ref"` | no | -| webhook\_filter\_match\_equals | The value to match on (e.g. refs/heads/{Branch}) | `string` | `"refs/heads/{Branch}"` | no | -| webhook\_target\_action | The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline | `string` | `"Source"` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| badge\_url | The URL of the build badge when badge\_enabled is enabled | -| codebuild\_badge\_url | The URL of the build badge when badge\_enabled is enabled | -| codebuild\_cache\_bucket\_arn | CodeBuild cache S3 bucket ARN | -| codebuild\_cache\_bucket\_name | CodeBuild cache S3 bucket name | -| codebuild\_project\_id | CodeBuild project ID | -| codebuild\_project\_name | CodeBuild project name | -| codebuild\_role\_arn | CodeBuild IAM Role ARN | -| codebuild\_role\_id | CodeBuild IAM Role ID | -| codepipeline\_arn | CodePipeline ARN | -| codepipeline\_id | CodePipeline ID | -| webhook\_id | The CodePipeline webhook's ID | -| webhook\_url | The CodePipeline webhook's URL. POST events to this endpoint to trigger the target | - - +Error: Attribute redefined: The argument "context" was already set at main.tf:20,3-10. Each argument may be set only once. diff --git a/examples/complete/context.tf b/examples/complete/context.tf index 64630e4..f5f2797 100644 --- a/examples/complete/context.tf +++ b/examples/complete/context.tf @@ -19,7 +19,8 @@ # module "this" { - source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.21.0" + source = "cloudposse/label/null" + version = "0.22.1" // requires Terraform >= 0.12.26 enabled = var.enabled namespace = var.namespace @@ -164,4 +165,4 @@ variable "id_length_limit" { EOT } -#### End of copy of cloudposse/terraform-null-label/variables.tf \ No newline at end of file +#### End of copy of cloudposse/terraform-null-label/variables.tf diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 431e793..5f2afad 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -3,14 +3,16 @@ provider "aws" { } module "vpc" { - source = "git::https://github.com/cloudposse/terraform-aws-vpc.git?ref=tags/0.18.0" + source = "cloudposse/vpc/aws" + version = "0.18.1" cidr_block = var.vpc_cidr_block context = module.this.context } module "subnets" { - source = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets.git?ref=tags/0.32.0" + source = "cloudposse/dynamic-subnets/aws" + version = "0.33.0" availability_zones = var.availability_zones vpc_id = module.vpc.vpc_id igw_id = module.vpc.igw_id @@ -27,7 +29,8 @@ resource "aws_ecs_cluster" "default" { } module "container_definition" { - source = "git::https://github.com/cloudposse/terraform-aws-ecs-container-definition.git?ref=tags/0.45.2" + source = "cloudposse/ecs-container-definition/aws" + version = "0.46.1" container_name = var.container_name container_image = var.container_image container_memory = var.container_memory @@ -37,10 +40,13 @@ module "container_definition" { readonly_root_filesystem = var.container_readonly_root_filesystem environment = var.container_environment port_mappings = var.container_port_mappings + + context = module.this.context } module "ecs_alb_service_task" { - source = "git::https://github.com/cloudposse/terraform-aws-ecs-alb-service-task.git?ref=tags/0.42.0" + source = "cloudposse/ecs-alb-service-task/aws" + version = "0.42.3" alb_security_group = module.vpc.vpc_default_security_group_id container_definition_json = module.container_definition.json_map_encoded_list ecs_cluster_arn = aws_ecs_cluster.default.arn diff --git a/examples/complete/versions.tf b/examples/complete/versions.tf index 231179c..5240dea 100644 --- a/examples/complete/versions.tf +++ b/examples/complete/versions.tf @@ -1,11 +1,26 @@ terraform { - required_version = ">= 0.12.0" + required_version = ">= 0.12.26" required_providers { - aws = ">= 2.0" - template = ">= 2.0" - local = ">= 1.2" - random = ">= 2.1" - null = ">= 2.0" + aws = { + source = "hashicorp/aws" + version = ">= 2.0" + } + template = { + source = "hashicorp/template" + version = ">= 2.0" + } + local = { + source = "hashicorp/local" + version = ">= 1.2" + } + random = { + source = "hashicorp/random" + version = ">= 2.1" + } + null = { + source = "hashicorp/null" + version = ">= 2.0" + } } } diff --git a/main.tf b/main.tf index b804ef1..bb9655b 100644 --- a/main.tf +++ b/main.tf @@ -1,7 +1,9 @@ module "codepipeline_label" { - source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.21.0" - attributes = compact(concat(var.attributes, ["codepipeline"])) - context = module.this.context + source = "cloudposse/label/null" + version = "0.22.1" + attributes = ["codepipeline"] + + context = module.this.context } resource "aws_s3_bucket" "default" { @@ -13,9 +15,11 @@ resource "aws_s3_bucket" "default" { } module "codepipeline_assume_role_label" { - source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.21.0" - context = module.this.context - attributes = compact(concat(var.attributes, ["codepipeline", "assume"])) + source = "cloudposse/label/null" + version = "0.22.1" + attributes = ["codepipeline", "assume"] + + context = module.this.context } resource "aws_iam_role" "default" { @@ -83,9 +87,11 @@ resource "aws_iam_role_policy_attachment" "s3" { } module "codepipeline_s3_policy_label" { - source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.21.0" - attributes = compact(concat(var.attributes, ["codepipeline", "s3"])) - context = module.this.context + source = "cloudposse/label/null" + version = "0.22.1" + attributes = ["codepipeline", "s3"] + + context = module.this.context } resource "aws_iam_policy" "s3" { @@ -123,9 +129,11 @@ resource "aws_iam_role_policy_attachment" "codebuild" { } module "codebuild_label" { - source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.21.0" - attributes = compact(concat(var.attributes, ["codebuild"])) - context = module.this.context + source = "cloudposse/label/null" + version = "0.22.1" + attributes = ["codebuild"] + + context = module.this.context } resource "aws_iam_policy" "codebuild" { @@ -155,10 +163,12 @@ resource "aws_iam_role_policy_attachment" "codestar" { } module "codestar_label" { - source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.21.0" + source = "cloudposse/label/null" + version = "0.22.1" enabled = module.this.enabled && var.codestar_connection_arn != "" - attributes = compact(concat(var.attributes, ["codestar"])) - context = module.this.context + attributes = ["codestar"] + + context = module.this.context } resource "aws_iam_policy" "codestar" { @@ -197,18 +207,14 @@ data "aws_region" "default" { } module "codebuild" { - source = "git::https://github.com/cloudposse/terraform-aws-codebuild.git?ref=tags/0.25.0" - enabled = module.this.enabled - namespace = module.this.namespace - name = module.this.name - stage = module.this.stage + source = "cloudposse/codebuild/aws" + version = "0.27.0" build_image = var.build_image build_compute_type = var.build_compute_type build_timeout = var.build_timeout buildspec = var.buildspec delimiter = module.this.delimiter - attributes = concat(module.this.attributes, ["build"]) - tags = module.this.tags + attributes = ["build"] privileged_mode = var.privileged_mode aws_region = var.region != "" ? var.region : data.aws_region.default.name aws_account_id = var.aws_account_id != "" ? var.aws_account_id : data.aws_caller_identity.default.account_id @@ -219,6 +225,8 @@ module "codebuild" { badge_enabled = var.badge_enabled cache_type = var.cache_type local_cache_modes = var.local_cache_modes + + context = module.this.context } resource "aws_iam_role_policy_attachment" "codebuild_s3" { @@ -416,7 +424,10 @@ resource "aws_codepipeline_webhook" "webhook" { } module "github_webhooks" { - source = "git::https://github.com/cloudposse/terraform-github-repository-webhooks.git?ref=tags/0.10.0" + source = "cloudposse/repository-webhooks/github" + version = "0.10.0" +# TODO: update version after release of TF 0.14 and context.tf support +# version = "0.11.0" enabled = module.this.enabled && var.webhook_enabled ? true : false github_anonymous = var.github_anonymous github_organization = var.repo_owner @@ -426,4 +437,7 @@ module "github_webhooks" { webhook_secret = local.webhook_secret webhook_content_type = "json" events = var.github_webhook_events + +# TODO: uncomment after release +# context = module.this.context } diff --git a/versions.tf b/versions.tf index 231179c..5240dea 100644 --- a/versions.tf +++ b/versions.tf @@ -1,11 +1,26 @@ terraform { - required_version = ">= 0.12.0" + required_version = ">= 0.12.26" required_providers { - aws = ">= 2.0" - template = ">= 2.0" - local = ">= 1.2" - random = ">= 2.1" - null = ">= 2.0" + aws = { + source = "hashicorp/aws" + version = ">= 2.0" + } + template = { + source = "hashicorp/template" + version = ">= 2.0" + } + local = { + source = "hashicorp/local" + version = ">= 1.2" + } + random = { + source = "hashicorp/random" + version = ">= 2.1" + } + null = { + source = "hashicorp/null" + version = ">= 2.0" + } } } From 92b141d77fe1f4b3bfb61d41d6f47af859f357de Mon Sep 17 00:00:00 2001 From: Maxim Mironenko Date: Wed, 30 Dec 2020 19:29:13 +0700 Subject: [PATCH 4/6] terraform formatting --- examples/complete/main.tf | 2 +- main.tf | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 5f2afad..6d17f3d 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -29,7 +29,7 @@ resource "aws_ecs_cluster" "default" { } module "container_definition" { - source = "cloudposse/ecs-container-definition/aws" + source = "cloudposse/ecs-container-definition/aws" version = "0.46.1" container_name = var.container_name container_image = var.container_image diff --git a/main.tf b/main.tf index bb9655b..5f2a391 100644 --- a/main.tf +++ b/main.tf @@ -426,8 +426,8 @@ resource "aws_codepipeline_webhook" "webhook" { module "github_webhooks" { source = "cloudposse/repository-webhooks/github" version = "0.10.0" -# TODO: update version after release of TF 0.14 and context.tf support -# version = "0.11.0" + # TODO: update version after release of TF 0.14 and context.tf support + # version = "0.11.0" enabled = module.this.enabled && var.webhook_enabled ? true : false github_anonymous = var.github_anonymous github_organization = var.repo_owner @@ -438,6 +438,6 @@ module "github_webhooks" { webhook_content_type = "json" events = var.github_webhook_events -# TODO: uncomment after release -# context = module.this.context + # TODO: uncomment after release + # context = module.this.context } From 831d584d706b26a30c623c0246a97f1153dadf29 Mon Sep 17 00:00:00 2001 From: Maxim Mironenko Date: Wed, 30 Dec 2020 19:31:14 +0700 Subject: [PATCH 5/6] terraform-aws-ecs-container-definition doesn't support context --- examples/complete/main.tf | 2 -- 1 file changed, 2 deletions(-) diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 6d17f3d..0a16b96 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -40,8 +40,6 @@ module "container_definition" { readonly_root_filesystem = var.container_readonly_root_filesystem environment = var.container_environment port_mappings = var.container_port_mappings - - context = module.this.context } module "ecs_alb_service_task" { From f297bb890e49a6f62ae40b004833688e45b8df5a Mon Sep 17 00:00:00 2001 From: Maxim Mironenko Date: Fri, 22 Jan 2021 18:23:45 +0700 Subject: [PATCH 6/6] workflow updated, documentation fixed --- .github/workflows/auto-context.yml | 4 +- README.md | 2 +- docs/terraform.md | 85 +++++++++++++++++++++++++++++- 3 files changed, 88 insertions(+), 3 deletions(-) diff --git a/.github/workflows/auto-context.yml b/.github/workflows/auto-context.yml index df1a857..ab979e0 100644 --- a/.github/workflows/auto-context.yml +++ b/.github/workflows/auto-context.yml @@ -27,7 +27,7 @@ jobs: make init make github/init/context.tf make readme/build - echo "::set-output name=create_pull_request=true" + echo "::set-output name=create_pull_request::true" fi else echo "This module has not yet been updated to support the context.tf pattern! Please update in order to support automatic updates." @@ -38,6 +38,8 @@ jobs: uses: cloudposse/actions/github/create-pull-request@0.22.0 with: token: ${{ secrets.PUBLIC_REPO_ACCESS_TOKEN }} + committer: 'cloudpossebot <11232728+cloudpossebot@users.noreply.github.com>' + author: 'cloudpossebot <11232728+cloudpossebot@users.noreply.github.com>' commit-message: Update context.tf from origin source title: Update context.tf body: |- diff --git a/README.md b/README.md index 8eb7421..e02376f 100644 --- a/README.md +++ b/README.md @@ -372,7 +372,7 @@ In general, PRs are welcome. We follow the typical "fork-and-pull" Git workflow. ## Copyright -Copyright © 2017-2020 [Cloud Posse, LLC](https://cpco.io/copyright) +Copyright © 2017-2021 [Cloud Posse, LLC](https://cpco.io/copyright) diff --git a/docs/terraform.md b/docs/terraform.md index 4abf61b..8c09b5a 100644 --- a/docs/terraform.md +++ b/docs/terraform.md @@ -1,2 +1,85 @@ -Error: Attribute redefined: The argument "context" was already set at main.tf:20,3-10. Each argument may be set only once. +## Requirements + +| Name | Version | +|------|---------| +| terraform | >= 0.12.26 | +| aws | >= 2.0 | +| local | >= 1.2 | +| null | >= 2.0 | +| random | >= 2.1 | +| template | >= 2.0 | + +## Providers + +| Name | Version | +|------|---------| +| aws | >= 2.0 | +| random | >= 2.1 | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| additional\_tag\_map | Additional tags for appending to tags\_as\_list\_of\_maps. Not added to `tags`. | `map(string)` | `{}` | no | +| attributes | Additional attributes (e.g. `1`) | `list(string)` | `[]` | no | +| aws\_account\_id | AWS Account ID. Used as CodeBuild ENV variable when building Docker images. [For more info](http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html) | `string` | `""` | no | +| badge\_enabled | Generates a publicly-accessible URL for the projects build badge. Available as badge\_url attribute when enabled | `bool` | `false` | no | +| branch | Branch of the GitHub repository, _e.g._ `master` | `string` | n/a | yes | +| build\_compute\_type | `CodeBuild` instance size. Possible values are: `BUILD_GENERAL1_SMALL` `BUILD_GENERAL1_MEDIUM` `BUILD_GENERAL1_LARGE` | `string` | `"BUILD_GENERAL1_SMALL"` | no | +| build\_image | Docker image for build environment, _e.g._ `aws/codebuild/docker:docker:17.09.0` | `string` | `"aws/codebuild/docker:17.09.0"` | no | +| build\_timeout | How long in minutes, from 5 to 480 (8 hours), for AWS CodeBuild to wait until timing out any related build that does not get marked as completed | `number` | `60` | no | +| buildspec | Declaration to use for building the project. [For more info](http://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html) | `string` | `""` | no | +| cache\_type | The type of storage that will be used for the AWS CodeBuild project cache. Valid values: NO\_CACHE, LOCAL, and S3. Defaults to S3. If cache\_type is S3, it will create an S3 bucket for storing codebuild cache inside | `string` | `"S3"` | no | +| codestar\_connection\_arn | CodeStar connection ARN required for Bitbucket integration with CodePipeline | `string` | `""` | no | +| context | Single object for setting entire context at once.
See description of individual variables for details.
Leave string and numeric variables as `null` to use default value.
Individual variable settings (non-null) override settings in context object,
except for attributes, tags, and additional\_tag\_map, which are merged. | 
object({
    enabled             = bool
    namespace           = string
    environment         = string
    stage               = string
    name                = string
    delimiter           = string
    attributes          = list(string)
    tags                = map(string)
    additional_tag_map  = map(string)
    regex_replace_chars = string
    label_order         = list(string)
    id_length_limit     = number
  })
| 
{
  "additional_tag_map": {},
  "attributes": [],
  "delimiter": null,
  "enabled": true,
  "environment": null,
  "id_length_limit": null,
  "label_order": [],
  "name": null,
  "namespace": null,
  "regex_replace_chars": null,
  "stage": null,
  "tags": {}
}
| no | +| delimiter | Delimiter to be used between `namespace`, `environment`, `stage`, `name` and `attributes`.
Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no | +| ecs\_cluster\_name | ECS Cluster Name | `string` | n/a | yes | +| enabled | Set to false to prevent the module from creating any resources | `bool` | `null` | no | +| environment | Environment, e.g. 'uw2', 'us-west-2', OR 'prod', 'staging', 'dev', 'UAT' | `string` | `null` | no | +| environment\_variables | A list of maps, that contain both the key 'name' and the key 'value' to be used as additional environment variables for the build | 
list(object(
    {
      name  = string
      value = string
  }))
| `[]` | no | +| github\_anonymous | Github Anonymous API (if `true`, token must not be set as GITHUB\_TOKEN or `github_token`) | `bool` | `false` | no | +| github\_oauth\_token | GitHub OAuth Token with permissions to access private repositories | `string` | `""` | no | +| github\_webhook\_events | A list of events which should trigger the webhook. See a list of [available events](https://developer.github.com/v3/activity/events/types/) | `list(string)` | 
[
  "push"
]
| no | +| github\_webhooks\_token | GitHub OAuth Token with permissions to create webhooks. If not provided, can be sourced from the `GITHUB_TOKEN` environment variable | `string` | `""` | no | +| id\_length\_limit | Limit `id` to this many characters.
Set to `0` for unlimited length.
Set to `null` for default, which is `0`.
Does not affect `id_full`. | `number` | `null` | no | +| image\_repo\_name | ECR repository name to store the Docker image built by this module. Used as CodeBuild ENV variable when building Docker images. [For more info](http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html) | `string` | n/a | yes | +| image\_tag | Docker image tag in the ECR repository, e.g. 'latest'. Used as CodeBuild ENV variable when building Docker images. [For more info](http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html) | `string` | `"latest"` | no | +| label\_order | The naming order of the id output and Name tag.
Defaults to ["namespace", "environment", "stage", "name", "attributes"].
You can omit any of the 5 elements, but at least one must be present. | `list(string)` | `null` | no | +| local\_cache\_modes | Specifies settings that AWS CodeBuild uses to store and reuse build dependencies. Valid values: LOCAL\_SOURCE\_CACHE, LOCAL\_DOCKER\_LAYER\_CACHE, and LOCAL\_CUSTOM\_CACHE | `list(string)` | `[]` | no | +| name | Solution name, e.g. 'app' or 'jenkins' | `string` | `null` | no | +| namespace | Namespace, which could be your organization name or abbreviation, e.g. 'eg' or 'cp' | `string` | `null` | no | +| poll\_source\_changes | Periodically check the location of your source content and run the pipeline if changes are detected | `bool` | `false` | no | +| privileged\_mode | If set to true, enables running the Docker daemon inside a Docker container on the CodeBuild instance. Used when building Docker images | `bool` | `false` | no | +| regex\_replace\_chars | Regex to replace chars with empty string in `namespace`, `environment`, `stage` and `name`.
If not set, `"/[^a-zA-Z0-9-]/"` is used to remove all characters other than hyphens, letters and digits. | `string` | `null` | no | +| region | AWS Region, e.g. us-east-1. Used as CodeBuild ENV variable when building Docker images. [For more info](http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html) | `string` | n/a | yes | +| repo\_name | GitHub repository name of the application to be built and deployed to ECS | `string` | n/a | yes | +| repo\_owner | GitHub Organization or Username | `string` | n/a | yes | +| s3\_bucket\_force\_destroy | A boolean that indicates all objects should be deleted from the CodePipeline artifact store S3 bucket so that the bucket can be destroyed without error | `bool` | `false` | no | +| service\_name | ECS Service Name | `string` | n/a | yes | +| stage | Stage, e.g. 'prod', 'staging', 'dev', OR 'source', 'build', 'test', 'deploy', 'release' | `string` | `null` | no | +| tags | Additional tags (e.g. `map('BusinessUnit','XYZ')` | `map(string)` | `{}` | no | +| webhook\_authentication | The type of authentication to use. One of IP, GITHUB\_HMAC, or UNAUTHENTICATED | `string` | `"GITHUB_HMAC"` | no | +| webhook\_enabled | Set to false to prevent the module from creating any webhook resources | `bool` | `true` | no | +| webhook\_filter\_json\_path | The JSON path to filter on | `string` | `"$.ref"` | no | +| webhook\_filter\_match\_equals | The value to match on (e.g. refs/heads/{Branch}) | `string` | `"refs/heads/{Branch}"` | no | +| webhook\_target\_action | The name of the action in a pipeline you want to connect to the webhook. The action must be from the source (first) stage of the pipeline | `string` | `"Source"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| badge\_url | The URL of the build badge when badge\_enabled is enabled | +| codebuild\_badge\_url | The URL of the build badge when badge\_enabled is enabled | +| codebuild\_cache\_bucket\_arn | CodeBuild cache S3 bucket ARN | +| codebuild\_cache\_bucket\_name | CodeBuild cache S3 bucket name | +| codebuild\_project\_id | CodeBuild project ID | +| codebuild\_project\_name | CodeBuild project name | +| codebuild\_role\_arn | CodeBuild IAM Role ARN | +| codebuild\_role\_id | CodeBuild IAM Role ID | +| codepipeline\_arn | CodePipeline ARN | +| codepipeline\_id | CodePipeline ID | +| webhook\_id | The CodePipeline webhook's ID | +| webhook\_url | The CodePipeline webhook's URL. POST events to this endpoint to trigger the target | + +