From 2f1ed12ddb3cd7e077f458db65df0d80bc9f6693 Mon Sep 17 00:00:00 2001 From: David Smith Date: Wed, 2 Feb 2022 16:49:28 +0000 Subject: [PATCH] Manage ECR repo in terraform --- infrastructure/lambda-app/ecr.tf | 8 ++++++++ infrastructure/lambda-app/lambda.tf | 2 +- infrastructure/lambda-app/main.tf | 0 infrastructure/lambda-app/variables.tf | 7 ++----- infrastructure/main.tf | 2 +- infrastructure/variables.tf | 6 +++--- 6 files changed, 15 insertions(+), 10 deletions(-) create mode 100644 infrastructure/lambda-app/ecr.tf delete mode 100644 infrastructure/lambda-app/main.tf diff --git a/infrastructure/lambda-app/ecr.tf b/infrastructure/lambda-app/ecr.tf new file mode 100644 index 0000000..4acf95a --- /dev/null +++ b/infrastructure/lambda-app/ecr.tf @@ -0,0 +1,8 @@ +resource "aws_ecr_repository" "app_repo" { + name = var.app_name + image_tag_mutability = "IMMUTABLE" + + image_scanning_configuration { + scan_on_push = true + } +} \ No newline at end of file diff --git a/infrastructure/lambda-app/lambda.tf b/infrastructure/lambda-app/lambda.tf index 1186f32..6a27c18 100644 --- a/infrastructure/lambda-app/lambda.tf +++ b/infrastructure/lambda-app/lambda.tf @@ -3,7 +3,7 @@ resource "aws_lambda_function" "app" { function_name = var.app_name role = aws_iam_role.iam_for_lambda.arn - image_uri = "${var.docker_image_repo_url}:${var.app_version}" + image_uri = "${data.aws_caller_identity.current.account_id}.dkr.ecr.eu-west-1.amazonaws.com/${var.ecr_repo_name}:${var.app_version}" package_type = "Image" publish = true diff --git a/infrastructure/lambda-app/main.tf b/infrastructure/lambda-app/main.tf deleted file mode 100644 index e69de29..0000000 diff --git a/infrastructure/lambda-app/variables.tf b/infrastructure/lambda-app/variables.tf index 6908298..3ffa6fe 100644 --- a/infrastructure/lambda-app/variables.tf +++ b/infrastructure/lambda-app/variables.tf @@ -8,16 +8,14 @@ variable "app_name" { description = "System name that can be used to identify this app" } -variable "docker_image_repo_url" { +variable "ecr_repo_name" { type = string - description = "URL of the docker image repository for this app. DO NOT INCLUDE the image tag here. (use app_version)" - default = "246316657840.dkr.ecr.eu-west-1.amazonaws.com/checkout-test-website" + description = "Name of the ECR repository for this app. Must be a private ECR repository." } variable "app_domain" { type = string description = "Domain on which the app will be publicly available" - default = "checkout.davidsmith.dev" } variable "app_path" { @@ -29,7 +27,6 @@ variable "app_path" { variable "cdn_domain" { type = string description = "Domain on which static assets will be published to" - default = "checkout-cdn.davidsmith.dev" } variable "cdn_path" { diff --git a/infrastructure/main.tf b/infrastructure/main.tf index dd4a304..e0687a4 100644 --- a/infrastructure/main.tf +++ b/infrastructure/main.tf @@ -74,7 +74,7 @@ module "lambda_app" { cdn_domain = var.cdn_domain app_cert = module.app_cert cdn_cert = module.cdn_cert - docker_image_repo_url = var.docker_image_repo_url + ecr_repo_name = var.ecr_repo_name vpc = { private_subnets = local.vpc.private_subnets diff --git a/infrastructure/variables.tf b/infrastructure/variables.tf index 692cf8c..76f2ae8 100644 --- a/infrastructure/variables.tf +++ b/infrastructure/variables.tf @@ -9,10 +9,10 @@ variable "aws_profile" { default = "default" } -variable "docker_image_repo_url" { +variable "ecr_repo_name" { type = string - description = "URL of the docker image repository for this app. Must be a private ECR repository. DO NOT INCLUDE the image tag here. (use app_version)" - default = "246316657840.dkr.ecr.eu-west-1.amazonaws.com/checkout-test-website" + description = "Name of the ECR repository for this app. Must be a private ECR repository." + default = "checkout-test-website" } variable "app_domain" {