merging source

.gitignore

@@ -23,6 +23,9 @@ override.tf.json
 *_override.tf
 *_override.tf.json
 
+# Ignore transient lock info files created by terraform apply
+.terraform.tfstate.lock.info
+
 # Include override files you do wish to add to version control using negated pattern
 # !example_override.tf
 

CODEOWNERS

@@ -0,0 +1,2 @@
+# These owners will be the default owners for everything in the repo. Unless a later match takes precedence
+*     @HappyPathway/terraform-reviewers

README.md

@@ -1,2 +1,2 @@
 # docker-image-pipeline
-Template repo for windows image pipelines
+repo for docker image pipelines

build.pkr.hcl

@@ -0,0 +1,87 @@
+packer {
+  required_plugins {
+    # Amazon plugin for Packer
+    docker = {
+      source  = "github.com/hashicorp/docker"
+      version = "~> 1"
+    }
+    # Ansible plugin for Packer
+    ansible = {
+      version = "v1.1.1"
+      source  = "github.com/hashicorp/ansible"
+    }
+  }
+}
+
+variable ansible_dir {
+  type    = string
+  default = "./"
+}
+
+variable project_name {
+  type    = string
+  default = "my-project"
+}
+
+# ecr_repository_name
+data amazon-parameterstore ecr_repository_name {
+  name = "/image-pipeline/${var.project_name}/ecr_repository_name"
+}
+
+data amazon-parameterstore aws_region {
+  name = "/image-pipeline/${var.project_name}/region"
+}
+
+data amazon-parameterstore aws_account_id {
+  name = "/image-pipeline/${var.project_name}/aws_account_id"
+}
+
+data amazon-parameterstore playbook {
+  name = "/image-pipeline/${var.project_name}/playbook"
+}
+
+data amazon-parameterstore source_image {
+  name = "/image-pipeline/${var.project_name}/source_ami"
+}
+
+data amazon-parameterstore image_tag {
+  name = "/image-pipeline/${var.project_name}/image_tag"
+}
+
+locals {
+  aws_account_id = data.amazon-parameterstore.aws_account_id.value
+  aws_region     = data.amazon-parameterstore.aws_region.value
+  tag            = data.amazon-parameterstore.image_tag.value
+  ecr_repo       = data.amazon-parameterstore.ecr_repository_name.value
+}
+
+source "docker" "docker" {
+  image  = data.amazon-parameterstore.source_image.value
+  commit = true
+}
+
+build {
+  sources = ["source.docker.docker"]
+
+  # Provisioner to run the Ansible playbook
+  provisioner "ansible" {
+    command          = "/root/.local/bin/ansible-playbook"
+    playbook_file    = "${var.ansible_dir}/${data.amazon-parameterstore.playbook.value}"
+    roles_path       = "${var.ansible_dir}/roles"
+    ansible_env_vars = ["ANSIBLE_STDOUT_CALLBACK=yaml", "ANSIBLE_NOCOLOR=True"]
+  }
+
+  post-processor "docker-tag" {
+    repository = local.ecr_repo
+    tag        = local.tag
+  }
+
+  post-processor "docker-push" {
+    ecr_login = true
+    // login_username = "AWS"
+    // login_password = data.amazon-secretsmanager.aws_secret_key.secret_string
+    login_server = "${local.aws_account_id}.dkr.ecr.${local.aws_region}.amazonaws.com"
+    repository   = var.project_name
+    tag          = local.tag
+  }
+}