From 56854b52da7552d1a70f6a43a749b478e52efa93 Mon Sep 17 00:00:00 2001 From: badra001 Date: Fri, 19 Aug 2022 12:45:59 -0400 Subject: [PATCH] update --- CHANGELOG.md | 4 +++- availabilty_zones.tf | 4 ++-- copy_image.sh => bin/copy_image.sh | 2 ++ copy_images.tf | 16 +++++++-------- create-apps-ecr.tf | 4 ++-- data.tf | 2 ++ images.json | 17 ---------------- locals.tf.initial => locals.tf | 11 +++++++--- prefixes.tf | 28 -------------------------- settings.auto.tfvars.sample | 2 +- variables.common.availability_zones.tf | 5 ----- variables.ecr.tf => variables.tf | 14 ++++++------- version.tf | 3 ++- 13 files changed, 36 insertions(+), 76 deletions(-) rename copy_image.sh => bin/copy_image.sh (99%) delete mode 100644 images.json rename locals.tf.initial => locals.tf (51%) delete mode 100644 prefixes.tf delete mode 100644 variables.common.availability_zones.tf rename variables.ecr.tf => variables.tf (85%) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2ce3418..e72c385 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,7 @@ # Versions -* v1.0.0 -- {{ yyyy-mm-dd }} +## v 1.x + +* 1.0.0 -- 2022-08-18 - initial creation diff --git a/availabilty_zones.tf b/availabilty_zones.tf index fdf50d3..26751ad 100644 --- a/availabilty_zones.tf +++ b/availabilty_zones.tf @@ -9,9 +9,9 @@ data "aws_availability_zones" "zones" { } data "aws_availability_zone" "zone" { - count = length(data.aws_availability_zones.zones.names) + count = toset(data.aws_availability_zones.zones.names) state = "available" - name = data.aws_availability_zones.zones.names[count.index] + name = each.key } output "availability_zone_names" { diff --git a/copy_image.sh b/bin/copy_image.sh similarity index 99% rename from copy_image.sh rename to bin/copy_image.sh index 60e8847..e3eea8f 100755 --- a/copy_image.sh +++ b/bin/copy_image.sh @@ -1,5 +1,7 @@ #!/bin/bash +VERSION="1.0.0" + ############################################################################### # This script uses skopeo to copy a docker image from one repository to # another. The primary intent is to copy the image from a public repository diff --git a/copy_images.tf b/copy_images.tf index 5db8ee1..4b707a3 100644 --- a/copy_images.tf +++ b/copy_images.tf @@ -8,8 +8,8 @@ data "aws_ecr_authorization_token" "token" {} # dice-centurion locals { - repo_parent_name = format("%v", var.app_name) - ecr_region = var.ecr_region == null ? local.region : var.ecr_region + repo_parent_name = format("%v", var.application_name) + region = var.region == null ? local.region : var.region account_ecr_registry = format("%v.dkr.ecr.%v.amazonaws.com", local.account_id, local.ecr_region) account_ecr = format("%v/%v", local.account_ecr_registry, local.repo_parent_name) @@ -17,7 +17,7 @@ locals { images = { for i in var.image_config : format("%v#%v", i.name, i.tag) => merge(i, tomap({ key = format("%v#%v", i.name, i.tag), - source_full_path = format("%v/%v:%v", i.source_registry, i.source_image, element(compact(concat([lookup(i,"source_tag",null)],[i.tag])),0)), + source_full_path = format("%v/%v:%v", i.source_registry, i.source_image, element(compact(concat([lookup(i, "source_tag", null)], [i.tag])), 0)), dest_registry = local.account_ecr_registry, dest_full_path = i.repo_path != null ? format("%v/%v/%v/%v:%v", local.account_ecr_registry, local.repo_parent_name, i.repo_path, i.name, i.tag) : format("%v/%v/%v:%v", local.account_ecr_registry, local.repo_parent_name, i.name, i.tag), dest_repository = i.repo_path != null ? format("%v/%v/%v", local.repo_parent_name, i.repo_path, i.name) : format("%v/%v", local.repo_parent_name, i.name), @@ -33,13 +33,11 @@ resource "null_resource" "copy_images" { for_each = { for image in local.images : image.key => image if image.enabled } provisioner "local-exec" { - command = "${path.module}/copy_image.sh" + command = "${path.module}/bin/copy_image.sh" environment = { - AWS_PROFILE = var.profile - AWS_REGION = local.ecr_region - # SOURCE_IMAGE = format("%v:%v", each.value.image, each.value.tag) - SOURCE_IMAGE = each.value.source_full_path - # DESTINATION_IMAGE = format("%v/%v:%v", local.account_ecr, each.value.name, each.value.tag) + AWS_PROFILE = var.profile + AWS_REGION = local.ecr_region + SOURCE_IMAGE = each.value.source_full_path DESTINATION_IMAGE = each.value.dest_full_path SOURCE_USERNAME = var.source_username == null ? "" : var.source_username SOURCE_PASSWORD = var.source_password == null ? "" : var.source_password diff --git a/create-apps-ecr.tf b/create-apps-ecr.tf index e0129c7..098a8c1 100644 --- a/create-apps-ecr.tf +++ b/create-apps-ecr.tf @@ -1,6 +1,6 @@ locals { application_list = var.application_list - ecr_repo_list = { for app in local.application_list : app => format("%v/%v", var.app_name, app) } + ecr_repo_list = { for app in local.application_list : app => format("%v/%v", var.application_name, app) } } resource "aws_ecr_repository" "apps_repos" { @@ -21,7 +21,7 @@ resource "aws_ecr_repository" "apps_repos" { local.base_tags, var.application_tags, tomap({ - "Name" = format("ecr_%v/%v", var.app_name, each.key) + "Name" = format("ecr_%v/%v", var.application_name, each.key) "Environment" = "application" }), ) diff --git a/data.tf b/data.tf index 16506e6..38c7ef4 100644 --- a/data.tf +++ b/data.tf @@ -5,3 +5,5 @@ data "aws_arn" "current" { } data "aws_region" "current" {} + +data "aws_iam_account_alias" "current" {} diff --git a/images.json b/images.json deleted file mode 100644 index 9cafef0..0000000 --- a/images.json +++ /dev/null @@ -1,17 +0,0 @@ -[ - { - "name": "istio/pilot", - "tag": "1.10.1", - "source_image": "istio/pilot", - "source_registry": "docker.io", - "enabled": "true", - }, - { - "name": "amazonlinux", - "tag": "latest"/ - "source_image": "amazonlinux/amazonlinux", - "source_registry": "public.ecr.aws", - "enabled": "true", - }, -] - diff --git a/locals.tf.initial b/locals.tf similarity index 51% rename from locals.tf.initial rename to locals.tf index 2bd4d7f..7120627 100644 --- a/locals.tf.initial +++ b/locals.tf @@ -1,9 +1,14 @@ locals { - account_id = var.account_id != "" ? var.account_id : data.aws_caller_identity.current.account_id - account_environment = data.aws_arn.current.partition == "aws-us-gov" ? "gov" : "ew" - base_tags = { "boc:tf_module_version" = local._module_version + "boc:tf_module_name" = local._module_name "boc:created_by" = "terraform" } + + account_id = var.account_id != "" ? var.account_id : data.aws_caller_identity.current.account_id + _account_alias = var.account_alias == null || var.account_alias == "" ? data.aws_iam_account_alias.current.account_alias : var.account_alias + account_alias = replace(local._account_alias, "do2", "do1") + account_environment = data.aws_arn.current.partition == "aws-us-gov" ? "gov" : "ew" + + region = data.aws_region.current.name } diff --git a/prefixes.tf b/prefixes.tf deleted file mode 100644 index d2ee1fe..0000000 --- a/prefixes.tf +++ /dev/null @@ -1,28 +0,0 @@ -locals { - _prefixes = { - "efs" = "v-efs-" - "s3" = "v-s3-" - "ebs" = "v-ebs-" - "kms" = "k-kms-" - "role" = "r-" - "policy" = "p-" - "group" = "g-" - "security-group" = "" # "sg-" - # VPC - "vpc" = "" - "dhcp-options" = "" - "vpc-peer" = "vpcp-" - "route-table" = "route-" - "subnet" = "" - "vpc-endpoint" = "vpce-" - "elastic-ip" = "eip-" - "nat-gateway" = "nat-" - "internet-gateway" = "igw-" - "network-acl" = "nacl-" - "customer-gateway" = "cgw-" - "vpn-gateway" = "vpcg-" - "vpn-connection" = "vpn_" - "log-group" = "lg-" - "log-stream" = "lgs-" - } -} diff --git a/settings.auto.tfvars.sample b/settings.auto.tfvars.sample index 4d37526..a97ef71 100644 --- a/settings.auto.tfvars.sample +++ b/settings.auto.tfvars.sample @@ -1,4 +1,4 @@ -app_name = "adsd-cumulus" +application_name = "adsd-cumulus" ecr_region = "us-gov-east-1" #destination_password = "" #destination_username = "" diff --git a/variables.common.availability_zones.tf b/variables.common.availability_zones.tf deleted file mode 100644 index 3e17e57..0000000 --- a/variables.common.availability_zones.tf +++ /dev/null @@ -1,5 +0,0 @@ -variable "availability_zones" { - description = "AWS Availability Zones to use (by default will use all available)" - type = list(string) - default = [] -} diff --git a/variables.ecr.tf b/variables.tf similarity index 85% rename from variables.ecr.tf rename to variables.tf index ae9dd86..409226d 100644 --- a/variables.ecr.tf +++ b/variables.tf @@ -1,22 +1,22 @@ -variable "app_name" { +variable "application_name" { description = "Appliication name, usually {org}-{project}, which is likely a prefix to the EKS cluster name" - type = string + type = string } variable "application_list" { - description = "List of application repositories to create for /{app_name}/{image_name} for those not in image_config" + description = "List of application repositories to create for /{application_name}/{image_name} for those not in image_config" type = list(string) default = [] } -variable "ecr_region" { +variable "region" { description = "Region in which to create the ECR repositories (default of current region)" - type = string - default = null + type = string + default = null } variable "image_config" { - description = "List of image configuration objects to copy from NRC to DST" + description = "List of image configuration objects to copy from SOURCE to DESTINATION" type = list(object({ name = string, tag = string, diff --git a/version.tf b/version.tf index a0cd862..a312918 100644 --- a/version.tf +++ b/version.tf @@ -1,3 +1,4 @@ locals { - _module_version = "0.0.0" + _module_name = "aws-ecr-copy-images" + _module_version = "1.0.0" }