From d24122b33f033665742d176959765d8741f00a70 Mon Sep 17 00:00:00 2001
From: David Arnold <10138997+djaboxx@users.noreply.github.com>
Date: Fri, 16 Aug 2024 10:42:20 -0700
Subject: [PATCH 1/3] Initial commit

---
 .gitignore | 37 +++++++++++++++++++++++++++++++++++++
 README.md  |  1 +
 2 files changed, 38 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 README.md

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..2faf43d
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,37 @@
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version 
+# control as they are data points which are potentially sensitive and subject 
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Ignore transient lock info files created by terraform apply
+.terraform.tfstate.lock.info
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..6f91402
--- /dev/null
+++ b/README.md
@@ -0,0 +1 @@
+# docker-image-pipeline
\ No newline at end of file

From f13095eb090fee05a20081b0fbd134a5c7757a73 Mon Sep 17 00:00:00 2001
From: David Arnold <10138997+djaboxx@users.noreply.github.com>
Date: Fri, 16 Aug 2024 10:42:31 -0700
Subject: [PATCH 2/3] Add CODEOWNERS

---
 CODEOWNERS | 2 ++
 1 file changed, 2 insertions(+)
 create mode 100644 CODEOWNERS

diff --git a/CODEOWNERS b/CODEOWNERS
new file mode 100644
index 0000000..e6a9372
--- /dev/null
+++ b/CODEOWNERS
@@ -0,0 +1,2 @@
+# These owners will be the default owners for everything in the repo. Unless a later match takes precedence
+*     @HappyPathway/terraform-reviewers

From 1a6bbd57ff07f2f204b72d2e2b23e13b3eda068e Mon Sep 17 00:00:00 2001
From: Dave Arnold <dave@roknsound.com>
Date: Fri, 16 Aug 2024 11:02:54 -0700
Subject: [PATCH 3/3] chore: Add Packer configuration for building Docker
 images with Ansible provisioning

---
 build.pkr.hcl | 87 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 87 insertions(+)
 create mode 100644 build.pkr.hcl

diff --git a/build.pkr.hcl b/build.pkr.hcl
new file mode 100644
index 0000000..5d5f9c0
--- /dev/null
+++ b/build.pkr.hcl
@@ -0,0 +1,87 @@
+packer {
+  required_plugins {
+    # Amazon plugin for Packer
+    docker = {
+      source  = "github.com/hashicorp/docker"
+      version = "~> 1"
+    }
+    # Ansible plugin for Packer
+    ansible = {
+      version = "v1.1.1"
+      source  = "github.com/hashicorp/ansible"
+    }
+  }
+}
+
+variable ansible_dir {
+  type    = string
+  default = "./"
+}
+
+variable project_name {
+  type    = string
+  default = "my-project"
+}
+
+# ecr_repository_name
+data amazon-parameterstore ecr_repository_name {
+  name = "/image-pipeline/${var.project_name}/ecr_repository_name"
+}
+
+data amazon-parameterstore aws_region {
+  name = "/image-pipeline/${var.project_name}/region"
+}
+
+data amazon-parameterstore aws_account_id {
+  name = "/image-pipeline/${var.project_name}/aws_account_id"
+}
+
+data amazon-parameterstore playbook {
+  name = "/image-pipeline/${var.project_name}/playbook"
+}
+
+data amazon-parameterstore source_image {
+  name = "/image-pipeline/${var.project_name}/source_ami"
+}
+
+data amazon-parameterstore image_tag {
+  name = "/image-pipeline/${var.project_name}/image_tag"
+}
+
+locals {
+  aws_account_id = data.amazon-parameterstore.aws_account_id.value
+  aws_region     = data.amazon-parameterstore.aws_region.value
+  tag            = data.amazon-parameterstore.image_tag.value
+  ecr_repo       = data.amazon-parameterstore.ecr_repository_name.value
+}
+
+source "docker" "docker" {
+  image  = data.amazon-parameterstore.source_image.value
+  commit = true
+}
+
+build {
+  sources = ["source.docker.docker"]
+
+  # Provisioner to run the Ansible playbook
+  provisioner "ansible" {
+    command          = "/root/.local/bin/ansible-playbook"
+    playbook_file    = "${var.ansible_dir}/${data.amazon-parameterstore.playbook.value}"
+    roles_path       = "${var.ansible_dir}/roles"
+    ansible_env_vars = ["ANSIBLE_STDOUT_CALLBACK=yaml", "ANSIBLE_NOCOLOR=True"]
+  }
+
+  post-processor "docker-tag" {
+    repository = local.ecr_repo
+    tag        = local.tag
+  }
+
+  post-processor "docker-push" {
+    ecr_login = true
+    // login_username = "AWS"
+    // login_password = data.amazon-secretsmanager.aws_secret_key.secret_string
+    login_server = "${local.aws_account_id}.dkr.ecr.${local.aws_region}.amazonaws.com"
+    repository   = var.project_name
+    tag          = local.tag
+  }
+}
\ No newline at end of file