updating files

CSVD · Dec 16, 2024 · 6f1eb47 · 6f1eb47
1 parent 0f73283
commit 6f1eb47
Show file tree

Hide file tree

Showing 9 changed files with 75 additions and 23 deletions.
diff --git a/docker.tf → docker.tf.tmp b/docker.tf → docker.tf.tmp
@@ -1,3 +1,4 @@
+
 locals {
   # public.ecr.aws/ubuntu/nginx:1.18-20.04_beta
   # public.ecr.aws/ubuntu/ubuntu:22.04_edge
@@ -15,18 +16,26 @@ locals {
       source_tag      = image
       tag             = image
     }
-  ],
-  [
-    {
-      enabled         = true
-      dest_path       = null
-      name            = "python"
-      source_image    = "ubuntu/python"
-      source_registry = "public.ecr.aws"
-      source_tag      = "3.12-24.04_stable"
-      tag             = "3.12-24.04_stable"
-    }
-
+    ],
+    [
+      {
+        enabled         = true
+        dest_path       = null
+        name            = "python"
+        source_image    = "ubuntu/python"
+        source_registry = "public.ecr.aws"
+        source_tag      = "3.12-24.04_stable"
+        tag             = "3.12-24.04_stable"
+      },
+      {
+        enabled         = true
+        dest_path       = null
+        name            = "github-runner"
+        source_image    = "h1g9x7n8/github-runner"
+        source_registry = "public.ecr.aws"
+        source_tag      = "3.12-24.04_stable"
+        tag             = "3.12-24.04_stable"
+      },
   ])
 }
 

diff --git a/github-runner.tf → github-runner.tf.tmp b/github-runner.tf → github-runner.tf.tmp
@@ -37,7 +37,7 @@ module "github-runner" {
   image = {
     # source image metadata 
     source_image       = "ubuntu"
-    source_tag         = "24.04"
+    source_tag         = "24.10"
     source_docker_repo = "docker-image-pipeline"
     # destination image metadata
     dest_image       = "github-runner"

diff --git a/linux.tf → linux.tf.tmp b/linux.tf → linux.tf.tmp
diff --git a/locals.tf b/locals.tf
@@ -1,3 +1,7 @@
+data "aws_security_group" "it_linux_base" {
+  name = "it-linux-base"
+}
+
 locals {
   proxy_env_vars = {
     HTTP_PROXY  = "http://proxy.tco.census.gov:3128"
@@ -10,7 +14,7 @@ locals {
     vpc_id = "vpc-00576a396ec570b94"
     region = "us-gov-west-1"
     security_group_ids = [
-      "sg-0d828d223df9834a6"
+      data.aws_security_group.it_linux_base.id
     ]
     subnets = [
       # "subnet-0b1992a84536c581b"

diff --git a/main.tf b/main.tf
@@ -19,11 +19,12 @@ data "aws_iam_policy_document" "assets_bucket_policy_document" {
     principals {
       type = "AWS"
       identifiers = [
-        module.amazon_linux.iam_arn,
-        module.rhel.iam_arn,
-        module.docker.iam_arn,
-        module.windows.iam_arn,
-        module.github-runner.iam_arn
+        # module.amazon_linux.iam_arn,
+        # module.rhel.iam_arn,
+        # module.docker.iam_arn,
+        # module.windows.iam_arn,
+        # module.github-runner.iam_arn
+        module.morpheus.iam_arn
       ]
     }
 

diff --git a/morpheus.tf b/morpheus.tf
@@ -0,0 +1,41 @@
+
+module "morpheus" {
+  source            = "HappyPathway/image-pipeline/aws"
+  project_name      = "morpheus"
+  builder_image     = "aws/codebuild/standard:7.0"
+  create_new_role   = true
+  ssh_user          = "ec2-user"
+  playbook          = "morpheus-arm-baseline.yaml"
+  terraform_version = "1.8.5"
+  troubleshoot      = false
+  build_environment_variables = [
+    for proxy_var in keys(local.proxy_env_vars) : {
+      name  = proxy_var
+      value = lookup(local.proxy_env_vars, proxy_var)
+      type  = "PLAINTEXT"
+    }
+  ]
+  packer_source_type = "S3"
+  packer_bucket = {
+    name = aws_s3_bucket.assets_bucket.bucket
+    key  = "linux-image-pipeline.zip"
+  }
+  ansible_source_type = "S3"
+  ansible_bucket = {
+    name = aws_s3_bucket.assets_bucket.bucket
+    key  = "image-pipeline-ansible-playbooks.zip"
+  }
+  goss_source_type = "S3"
+  goss_bucket = {
+    name = aws_s3_bucket.assets_bucket.bucket
+    key  = "image-pipeline-goss-testing.zip"
+  }
+  goss_profile = "morpheus-base-test"
+  # goss_profile  = "base-test"
+  state      = local.state_config
+  vpc_config = local.vpc_config
+  ami = {
+    source_ami    = "ami-0e6191a82a929381a" # x86_64 compatible AMI - RHEL9 quick start image
+    instance_type = "t3.micro"              # x86_64 compatible instance type
+  }
+}
diff --git a/rhel.tf → rhel.tf.tmp b/rhel.tf → rhel.tf.tmp
diff --git a/vpc_endpoint.tf b/vpc_endpoint.tf
@@ -14,9 +14,6 @@ resource "aws_vpc_endpoint" "endpoint" {
   service_name      = "com.amazonaws.${local.vpc_config.region}.${each.value}"
   vpc_endpoint_type = "Interface"
 
-  security_group_ids = concat(
-    local.vpc_config.security_group_ids,
-    ["sg-0ba8072164c29e11f"]
-  )
+  security_group_ids = local.vpc_config.security_group_ids
   subnet_ids = local.vpc_config.subnets
 }
diff --git a/windows.tf → windows.tf.tmp b/windows.tf → windows.tf.tmp