From 078b6cd161e4385504f764504586543c127c4742 Mon Sep 17 00:00:00 2001
From: badra001 <donald.e.badrak.ii@census.gov>
Date: Wed, 3 Jul 2024 10:41:50 -0400
Subject: [PATCH] ignore X,Y

---
 ecr-lifecycle.tf | 122 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 122 insertions(+)
 create mode 100644 ecr-lifecycle.tf

diff --git a/ecr-lifecycle.tf b/ecr-lifecycle.tf
new file mode 100644
index 0000000..888a136
--- /dev/null
+++ b/ecr-lifecycle.tf
@@ -0,0 +1,122 @@
+locals {
+  default_count = 5
+
+  lifecycle_policy_specific_repos = compact(distinct(concat(
+    try(var.lifecycle_policies_default.values, []),
+    try(var.lifecycle_policies_prefixes.values, []),
+    try(var.lifecycle_policies_patterns.values, []),
+    try(var.lifecycle_policies_explicit.values, []),
+  )))
+}
+
+data "aws_ecr_lifecycle_policy_document" "any" {
+  rule {
+    priority    = 1
+    description = format("keep %v images", local.default_count)
+    selection {
+      tag_status   = "any"
+      count_type   = "imageCountMoreThan"
+      count_number = local.default_count
+    }
+  }
+}
+
+
+data "aws_ecr_lifecycle_policy_document" "default" {
+  count = length(var.lifecycle_policy_default.values) > 0 ? 1 : 0
+  rule {
+    priority    = 1
+    description = format("keep %v images", try(var.lifecycle_policies_default.count, local.default_count))
+    selection {
+      tag_status   = "any"
+      count_type   = "imageCountMoreThan"
+      count_number = try(var.lifecycle_policies_default.count, local.default_count)
+    }
+  }
+}
+
+data "aws_ecr_lifecycle_policy_document" "prefixes" {
+  count = length(var.lifecycle_policy_prefixes.values) > 0 ? 1 : 0
+  rule {
+    priority    = 1
+    description = format("keep %v images %v", try(var.lifecycle_policies_prefixes.count, local.default_count), "untagged")
+    selection {
+      tag_status   = "untagged"
+      count_type   = "imageCountMoreThan"
+      count_number = try(var.lifecycle_policies_prefixes.count, local.default_count)
+    }
+  }
+  dynamic "rule" {
+    for_each = toset(local.lifecycle_policies["prefixes"].values)
+    iterator = i
+    content {
+      priority    = 2 + index(try(var.lifecycle_policies_prefixes.values, []), i.key)
+      description = format("keep %v images %v", try(var.lifecycle_policies_prefixes.count, local.default_count), i.key)
+      selection {
+        tag_status      = "tagged"
+        tag_prefix_list = [i.key]
+        count_type      = "imageCountMoreThan"
+        count_number    = try(var.lifecycle_policies_prefixes.count, local.default_count)
+      }
+    }
+  }
+}
+
+data "aws_ecr_lifecycle_policy_document" "patterns" {
+  count = length(var.lifecycle_policy_patterns.values) > 0 ? 1 : 0
+  rule {
+    priority    = 1
+    description = format("keep %v images %v", try(var.lifecycle_policies_patterns.count, local.default_count), "untagged")
+    selection {
+      tag_status   = "untagged"
+      count_type   = "imageCountMoreThan"
+      count_number = try(var.lifecycle_policies_patterns.count, local.default_count)
+    }
+  }
+  dynamic "rule" {
+    for_each = toset(local.lifecycle_policies["patterns"].values)
+    iterator = i
+    content {
+      priority    = 2 + index(try(var.lifecycle_policies_patterns.values, []), i.key)
+      description = format("keep %v images %v", try(var.lifecycle_policies_patterns.count, local.default_count), i.key)
+      selection {
+        tag_status      = "tagged"
+        tag_prefix_list = [i.key]
+        count_type      = "imageCountMoreThan"
+        count_number    = try(var.lifecycle_policies_patterns.count, local.default_count)
+      }
+    }
+  }
+}
+
+
+# set policies
+resource "aws_ecr_lifecycle_policy" "all" {
+  for_each   = var.lifecycle_policy_all ? { for k, v in aws_ecr_repository.apps_repos : k => v if ! contains(local.lifecycle_policy_specific_repos, k) } : {}
+  repository = each.value.name
+  policy     = data.aws_ecr_lifecycle_policy_document.any.json
+}
+
+resource "aws_ecr_lifecycle_policy" "default" {
+  for_each   = toset(try(var.lifecycle_policies_default.repos, []))
+  repository = aws_ecr_repository.apps_repos[each.key].name
+  policy     = try(data.aws_ecr_lifecycle_policy_document.default[0].json, null)
+}
+
+resource "aws_ecr_lifecycle_policy" "prefixes" {
+  for_each   = toset(try(var.lifecycle_policies_prefixes.repos, []))
+  repository = aws_ecr_repository.apps_repos[each.key].name
+  policy     = try(data.aws_ecr_lifecycle_policy_document.prefixes[0].json, null)
+}
+
+resource "aws_ecr_lifecycle_policy" "patterns" {
+  for_each   = toset(try(var.lifecycle_policies_patterns.repos, []))
+  repository = aws_ecr_repository.apps_repos[each.key].name
+  policy     = try(data.aws_ecr_lifecycle_policy_document.patterns[0].json, null)
+}
+
+resource "aws_ecr_lifecycle_policy" "explicit" {
+  for_each   = toset(try(var.lifecycle_policies_explicit.repos, []))
+  repository = aws_ecr_repository.apps_repos[each.key].name
+  policy     = var.lifecycle_policies_explicit.policy != null ? var.lifecycle_policies_explicit.policy : data.aws_ecr_lifecycle_policy_document.any.json
+}