- Module tested for Terraform 1.0.1.
- AWS provider version 3.74.
main
branch: Provider versions not pinned to keep up with Terraform releases.tags
releases: Tags are pinned with versions (use).
terrafrom init
terraform plan -var='teamid=tryme' -var='prjid=project1'
terraform apply -var='teamid=tryme' -var='prjid=project1'
terraform destroy -var='teamid=tryme' -var='prjid=project1'
Note: With this option please take care of remote state storage
Recommended method (stores remote state in S3 using prjid
and teamid
to create directory structure):
- Create python 3.6+ virtual environment
python3 -m venv <venv name>
- Install package:
pip install tfremote --upgrade
- Set below environment variables:
export TF_AWS_BUCKET=<remote state bucket name>
export TF_AWS_BUCKET_REGION=us-west-2
export TF_AWS_PROFILE=<profile from ~/.ws/credentials>
or
- Set below environment variables:
export TF_AWS_BUCKET=<remote state bucket name>
export TF_AWS_BUCKET_REGION=us-west-2
export AWS_ACCESS_KEY_ID=<aws_access_key_id>
export AWS_SECRET_ACCESS_KEY=<aws_secret_access_key>
-
Updated
examples
directory with required values. -
Run and verify the output before deploying:
tf -c=aws plan -var='teamid=foo' -var='prjid=bar'
- Run below to deploy:
tf -c=aws apply -var='teamid=foo' -var='prjid=bar'
- Run below to destroy:
tf -c=aws destroy -var='teamid=foo' -var='prjid=bar'
Note: Read more on tfremote
module "codebuild" {
source = "git::git@github.com:tomarv2/terraform-aws-codebuild.git"
build_source_location = "https://github.com/tomarv2/test-cicd"
source_credential_token = var.source_credential_token
codebuild_role = "arn:aws:iam::123456789012:role/codebuild-role"
environment_vars = [
{
name = "AWS_REGION",
value = "us-east-2",
type = "PLAINTEXT"
}]
filter_group = [{
filter = [{
exclude_matched_pattern = false
type = "EVENT"
pattern = "PUSH"
},
{
exclude_matched_pattern = false
type = "HEAD_REF"
pattern = "dev" # branch name
}]
}]
# To configure schedule
schedule = "rate(1 minute)"
deploy_event_rule = true
deploy_event_target = true
#-----------------------------------------------
# Note: Do not change teamid and prjid once set.
teamid = var.teamid
prjid = var.prjid
}
Please refer to example directory link for references.
Name | Version |
---|---|
terraform | >= 1.0.1 |
aws | ~> 3.74 |
Name | Version |
---|---|
aws | ~> 3.74 |
Name | Source | Version |
---|---|---|
cloudwatch | git::git@github.com:tomarv2/terraform-aws-cloudwatch.git | v0.0.7 |
cloudwatch_event | git::git@github.com:tomarv2/terraform-aws-cloudwatch-events.git | v0.0.4 |
Name | Type |
---|---|
aws_codebuild_project.codebuild | resource |
aws_codebuild_source_credential.authorization | resource |
aws_codebuild_source_credential.source_credentials | resource |
aws_codebuild_webhook.codebuild_webook | resource |
Name | Description | Type | Default | Required |
---|---|---|---|---|
badge_enabled | Generates a publicly-accessible URL for the projects build badge. Available as badge_url attribute when enabled | bool |
false |
no |
branch | cloudwatch event branch | string |
"main" |
no |
build_artifact_type | Build output artifact's type. Valid values: CODEPIPELINE, NO_ARTIFACTS, S3. | string |
"NO_ARTIFACTS" |
no |
build_container_image | Docker image to use for this build project. Valid values include Docker images provided by CodeBuild (e.g aws/codebuild/standard:2.0). | string |
"aws/codebuild/amazonlinux2-x86_64-standard:3.0" |
no |
build_source_location | Information about the build output artifact location. If type is set to CODEPIPELINE or NO_ARTIFACTS, this value is ignored. If type is set to S3, this is the name of the output bucket. | string |
null |
no |
build_source_type | Type of repository that contains the source code to be built. Valid values: CODECOMMIT, CODEPIPELINE, GITHUB, GITHUB_ENTERPRISE, BITBUCKET or S3 | string |
"GITHUB" |
no |
build_timeout | Number of minutes, from 5 to 480 (8 hours), for AWS CodeBuild to wait until timing out any related build that does not get marked as completed. The default is 60 minutes. | string |
"60" |
no |
build_type | The type of build this webhook will trigger. Valid values for this parameter are: BUILD, BUILD_BATCH. | string |
"BUILD" |
no |
buildspec_filepath | Build specification to use for this build project's related builds. | string |
"" |
no |
cloudwatch_logs_status | Current status of logs in CloudWatch Logs for a build project. Valid values: ENABLED, DISABLED. Defaults to ENABLED. | string |
"ENABLED" |
no |
cloudwatch_path | Name of the log group | string |
"/codebuild" |
no |
codebuild_role | Service role to be used by cicd | string |
n/a | yes |
compute_type | Information about the compute resources the build project will use. Valid values: BUILD_GENERAL1_SMALL, BUILD_GENERAL1_MEDIUM, BUILD_GENERAL1_LARGE, BUILD_GENERAL1_2XLARGE. BUILD_GENERAL1_SMALL is only valid if type is set to LINUX_CONTAINER. When type is set to LINUX_GPU_CONTAINER, compute_type must be BUILD_GENERAL1_LARGE. | string |
"BUILD_GENERAL1_MEDIUM" |
no |
concurrent_build_limit | Specify a maximum number of concurrent builds for the project. The value specified must be greater than 0 and less than the account concurrent running builds limit. | number |
1 |
no |
container_type | Type of build environment to use for related builds. Valid values: LINUX_CONTAINER, LINUX_GPU_CONTAINER, WINDOWS_CONTAINER (deprecated), WINDOWS_SERVER_2019_CONTAINER, ARM_CONTAINER. For additional information, see the CodeBuild User Guide. | string |
"LINUX_CONTAINER" |
no |
custom_tags | Custom extra tags | any |
null |
no |
deploy_event_rule | Deploy cloudwatch event rule | bool |
false |
no |
deploy_event_target | Deploy cloudwatch event trigger | bool |
false |
no |
description | Short description of the project. | string |
null |
no |
environment_vars | A list of maps, that contain both the key 'name' and the key 'value' to be used as additional environment variables for the build | list(object({ |
[ |
no |
filter_group | nested block: NestingSet, min items: 0, max items: 0 | set(object( |
[] |
no |
git_clone_depth | Truncate git history to this many commits. Use 0 for a Full checkout which you need to run commands like git branch --show-current. See AWS CodePipeline User Guide: Tutorial: Use full clone with a GitHub pipeline source for details. | number |
1 |
no |
override_artifact_name | Whether a name specified in the build specification overrides the artifact name. | bool |
false |
no |
private_repository | Set to true to login into private repository with credentials supplied in source_credential variable. | bool |
true |
no |
privileged_mode | Whether to enable running the Docker daemon inside a Docker container. Defaults to false. | bool |
false |
no |
prjid | Name of the project/stack e.g: mystack, nifieks, demoaci. Should not be changed after running 'tf apply' | string |
n/a | yes |
queued_timeout | Number of minutes, from 5 to 480 (8 hours), a build is allowed to be queued before it times out. The default is 8 hours. | string |
"30" |
no |
schedule | cloudwatch event schedule | string |
null |
no |
source_credential_auth_type | The type of authentication used to connect to a GitHub, GitHub Enterprise, or Bitbucket repository. | string |
"PERSONAL_ACCESS_TOKEN" |
no |
source_credential_server_type | The source provider used for this project. | string |
"GITHUB" |
no |
source_credential_token | For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is the app password. | string |
n/a | yes |
source_credential_user_name | Bitbucket username when the authType is BASIC_AUTH. This parameter is not valid for other types of source providers or connections. | string |
"" |
no |
source_version | A string that identifies the action type. | string |
null |
no |
teamid | Name of the team/group e.g. devops, dataengineering. Should not be changed after running 'tf apply' | string |
n/a | yes |
vpc_config | Configuration for the builds to run inside a VPC. | any |
{} |
no |
Name | Description |
---|---|
codebuild_project_arn | The ARN of the CodeBuild project. |
codebuild_project_name | The name of the AWS codebuild. |