-
Notifications
You must be signed in to change notification settings - Fork 9
/
main.tf
151 lines (124 loc) · 4.79 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
locals {
# Validate that the tagstatus is either [ tagged , untagged , any ]
validate_tag_status = "${lookup(var.allowed_tag_status,var.tag_status)}"
# Validate that the count_type is either [ imageCountMoreThan , sinceImagePushed ]
validate_count_type = "${lookup(var.allowed_count_types,var.count_type)}"
# We cannot on/and off tagPrefixList and countUnit hence we need to create 4 different data structures with
# 4 different template files.
# policy rule template for
# countType imageCountMoreThan
# tag_status tagged
policy_based_on_imageCountMoreThan_for_tag_status_tagged = {
rulePriority = "$${rule_priority}"
description = "Rotate images after amount of: $${count_number} is reached for prefix $${prefix_flat}"
selection = {
tagStatus = "tagged"
tagPrefixList = ["$${prefix}"]
countType = "imageCountMoreThan"
countNumber = "$${count_number}"
}
action = {
type = "expire"
}
}
# policy rule template for
# countType imageCountMoreThan
# tag_status untagged or any
policy_based_on_imageCountMoreThan_for_tag_status_untagged_or_any = {
rulePriority = "$${rule_priority}"
description = "Rotate images after amount of: $${count_number} is reached for $${tag_status} images"
selection = {
tagStatus = "$${tag_status}"
countType = "imageCountMoreThan"
countNumber = "$${count_number}"
}
action = {
type = "expire"
}
}
# policy rule template for
# countType sinceImagePushed
# tag_status tagged
policy_based_on_sinceImagePushed_for_tag_status_tagged = {
rulePriority = "$${rule_priority}"
description = "Rotate images after amount of: $${count_number} days since image pushed, is reached for prefix $${prefix_flat}"
selection = {
tagStatus = "tagged"
tagPrefixList = ["$${prefix}"]
countType = "sinceImagePushed"
countUnit = "days"
countNumber = "$${count_number}"
}
action = {
type = "expire"
}
}
# policy rule template for
# countType sinceImagePushed
# tag_status untagged or any
policy_based_on_sinceImagePushed_for_tag_status_untagged_or_any = {
rulePriority = "$${rule_priority}"
description = "Rotate images after amount of: $${count_number} days since image pushed, is reached for $${tag_status} images"
selection = {
tagStatus = "$${tag_status}"
countNumber = "$${count_number}"
countType = "sinceImagePushed"
countUnit = "days"
}
action = {
type = "expire"
}
}
}
# template_file for
# countType imageCountMoreThan
# tag_status tagged
data "template_file" "lifecycle_policy_imageCountMoreThan_tagged" {
count = "${var.create && var.count_type == "imageCountMoreThan" && var.tag_status == "tagged" ? 1 : 0 }"
template = "${jsonencode(local.policy_based_on_imageCountMoreThan_for_tag_status_tagged)}"
vars = {
rule_priority = "${var.rule_priority}"
prefix = "${join("\",\"",var.prefixes)}"
prefix_flat = "${join(",",var.prefixes)}"
count_number = "${var.count_number}"
}
}
# template_file for
# countType imageCountMoreThan
# tag_status untagged or any
data "template_file" "lifecycle_policy_imageCountMoreThan_untagged_or_any" {
count = "${var.create && var.count_type == "imageCountMoreThan" && var.tag_status != "tagged" ? 1 : 0 }"
template = "${jsonencode(local.policy_based_on_imageCountMoreThan_for_tag_status_untagged_or_any)}"
vars = {
rule_priority = "${var.rule_priority}"
tag_status = "${var.tag_status}"
count_number = "${var.count_number}"
}
}
# template_file for
# countType sinceImagePushed
# tag_status tagged
data "template_file" "lifecycle_policy_sinceImagePushed_tagged" {
count = "${var.create && var.count_type == "sinceImagePushed" && var.tag_status == "tagged" ? 1 : 0}"
template = "${jsonencode(local.policy_based_on_sinceImagePushed_for_tag_status_tagged)}"
vars = {
rule_priority = "${var.rule_priority}"
prefix = "${join("\",\"",var.prefixes)}"
prefix_flat = "${join(",",var.prefixes)}"
# If there is no count defined in the map var.prefixes_pecific_max_count, we take the var.count_number
count_number = "${var.count_number}"
}
}
# template_file for
# countType sinceImagePushed
# tag_status untagged or any
data "template_file" "lifecycle_policy_sinceImagePushed_untagged_or_any" {
count = "${var.create && var.count_type == "sinceImagePushed" && var.tag_status != "tagged" ? 1 : 0 }"
template = "${jsonencode(local.policy_based_on_sinceImagePushed_for_tag_status_untagged_or_any)}"
vars = {
rule_priority = "${var.rule_priority}"
tag_status = "${var.tag_status}"
# If there is no count defined in the map var.prefixes_pecific_max_count, we take the var.count_number
count_number = "${var.count_number}"
}
}