Fix: CodeBuild syncing to config bucket instead of content bucket (#7)

Copilot · cvangerpen · web-flow · commit 2d1ccb9ece88 · 2026-01-14T21:02:02.000-05:00
* Initial plan

* Restore filmdrop_ui_bucket_name variable and fix CONTENT_BUCKET reference

Co-authored-by: cvangerpen &lt;179522148+cvangerpen@users.noreply.github.com&gt;

* Update CHANGELOG with fix details

Co-authored-by: cvangerpen &lt;179522148+cvangerpen@users.noreply.github.com&gt;

* Simplify bucket_prefix by removing random_id resource

Co-authored-by: cvangerpen &lt;179522148+cvangerpen@users.noreply.github.com&gt;

---------

Co-authored-by: copilot-swe-agent[bot] &lt;198982749+Copilot@users.noreply.github.com&gt;
Co-authored-by: cvangerpen &lt;179522148+cvangerpen@users.noreply.github.com&gt;
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -24,8 +24,12 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ### Added
 
+- Restored `filmdrop_ui_bucket_name` input variable to specify the S3 bucket for deploying the built UI application
+
 ### Changed
 
 ### Fixed
 
+- Fixed `CONTENT_BUCKET` environment variable to use `filmdrop_ui_bucket_name` instead of the config bucket, preventing the built UI from being synced to the same bucket as the CodeBuild configuration
+
 ### Removed
diff --git a/README.md b/README.md
@@ -59,9 +59,9 @@ Before using this module, ensure you have:
    - Security groups allowing outbound traffic
    - VPC ID and subnet IDs
 
-3. **S3 Bucket**:
-    - Creates an S3 bucket to hold the build configuration
-    - *Requires* an already existing bucket for the application to be deployed to
+3. **S3 Buckets**:
+    - The module automatically creates an S3 bucket to hold the CodeBuild configuration (buildspec.yml)
+    - *Requires* an already existing S3 bucket for the built application to be deployed to (specified via `filmdrop_ui_bucket_name` variable)
 
 4. **Configuration Files**:
    - **Filmdrop UI Config JSON** (`./utils/config.dev.json`): Configuration file for the Filmdrop-UI application (see [Filmdrop UI documentation](https://github.com/Element84/filmdrop-ui) for structure)
@@ -170,6 +170,7 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| <a name="input_filmdrop_ui_bucket_name"></a> [filmdrop\_ui\_bucket\_name](#input\_filmdrop\_ui\_bucket\_name) | Name of the S3 bucket where the built FilmDrop UI application will be deployed | `string` | n/a | yes |
 | <a name="input_filmdrop_ui_config"></a> [filmdrop\_ui\_config](#input\_filmdrop\_ui\_config) | The base64 encoded file contents of the Filmdrop UI Deployment Config File | `string` | n/a | yes |
 | <a name="input_filmdrop_ui_logo"></a> [filmdrop\_ui\_logo](#input\_filmdrop\_ui\_logo) | The base64 encoded file contents of the supplied custom logo | `string` | n/a | yes |
 | <a name="input_filmdrop_ui_logo_file"></a> [filmdrop\_ui\_logo\_file](#input\_filmdrop\_ui\_logo\_file) | File of the supplied custom logo | `string` | n/a | yes |
diff --git a/filmdrop_ui.tf b/filmdrop_ui.tf
@@ -48,7 +48,7 @@ resource "aws_codebuild_project" "filmdrop_ui_codebuild" {
 
     environment_variable {
       name  = "CONTENT_BUCKET"
-      value = aws_s3_bucket.filmdrop_ui_source_config.bucket
+      value = var.filmdrop_ui_bucket_name
     }
   }
 
diff --git a/inputs.tf b/inputs.tf
@@ -38,3 +38,8 @@ variable "filmdrop_ui_logo" {
   description = "The base64 encoded file contents of the supplied custom logo"
   type        = string
 }
+
+variable "filmdrop_ui_bucket_name" {
+  description = "Name of the S3 bucket where the built FilmDrop UI application will be deployed"
+  type        = string
+}
diff --git a/utils/cicd/main.tf b/utils/cicd/main.tf
@@ -8,12 +8,42 @@ module "vpc-data" {
   source = "./vpc-data"
 }
 
+# Create the content bucket where the built UI will be deployed
+resource "aws_s3_bucket" "filmdrop_ui_content" {
+  bucket_prefix = "filmdrop-ui-content-"
+  force_destroy = true
+}
+
+resource "aws_s3_bucket_ownership_controls" "filmdrop_ui_content_ownership_controls" {
+  bucket = aws_s3_bucket.filmdrop_ui_content.id
+  rule {
+    object_ownership = "BucketOwnerPreferred"
+  }
+}
+
+resource "aws_s3_bucket_public_access_block" "filmdrop_ui_content_public_access_block" {
+  bucket = aws_s3_bucket.filmdrop_ui_content.id
+
+  block_public_acls       = true
+  block_public_policy     = true
+  ignore_public_acls      = true
+  restrict_public_buckets = true
+}
+
+resource "aws_s3_bucket_versioning" "filmdrop_ui_content_versioning" {
+  bucket = aws_s3_bucket.filmdrop_ui_content.id
+  versioning_configuration {
+    status = "Enabled"
+  }
+}
+
 module "main" {
   source                  = "../.."
   filmdrop_ui_logo_file   = "./logo.png"
   filmdrop_ui_config      = filebase64("./config.dev.json")
   filmdrop_ui_logo        = filebase64("./logo.png")
   filmdrop_ui_release_tag = "v6.1.1-0"
+  filmdrop_ui_bucket_name = aws_s3_bucket.filmdrop_ui_content.id
   vpc_id                  = module.vpc-data.vpc_id
   vpc_private_subnet_ids  = module.vpc-data.private_subnet_ids
   vpc_security_group_ids  = [module.vpc-data.security_group_id]

Original file line number	Diff line number	Diff line change
`@@ -48,7 +48,7 @@ resource "aws_codebuild_project" "filmdrop_ui_codebuild" {`
`48`	`48`
`49`	`49`	`environment_variable {`
`50`	`50`	`name = "CONTENT_BUCKET"`
`51`		`- value = aws_s3_bucket.filmdrop_ui_source_config.bucket`
	`51`	`+ value = var.filmdrop_ui_bucket_name`
`52`	`52`	`}`
`53`	`53`	`}`
`54`	`54`
Original file line number	Diff line number	Diff line change
`@@ -38,3 +38,8 @@ variable "filmdrop_ui_logo" {`
`38`	`38`	`description = "The base64 encoded file contents of the supplied custom logo"`
`39`	`39`	`type = string`
`40`	`40`	`}`
	`41`	`+`
	`42`	`+variable "filmdrop_ui_bucket_name" {`
	`43`	`+ description = "Name of the S3 bucket where the built FilmDrop UI application will be deployed"`
	`44`	`+ type = string`
	`45`	`+}`