Update deploy

tonynv · tonynv · commit 16171193a0a9 · 2021-08-20T18:49:34.000-07:00
diff --git a/deploy/buildspecs/terraform_env.yml b/deploy/buildspecs/terraform_env.yml
@@ -1,134 +1,23 @@
 version: 0.2
 env:
   exported-variables:
-    - VALIDATION_OVERVIEW
-    - TF_VALIDATE_OUTPUT
-    - TF_FORMAT_OUTPUT
-    - TF_CHECKOV_OUTPUT
-    - TF_TFSEC_OUTPUT
-    - PLAN_STATUS
+      - ALL_PHASES_STATUS
+      - TERRAFORM_CLOUD
 
 phases:
   install:
-    runtime-versions:
-      python: "3.7"
-      golang: "1.14"
     commands:
-      - "curl -s -qL -o terraform.zip https://releases.hashicorp.com/terraform/$${TF_VERSION}/terraform_$${TF_VERSION}_linux_amd64.zip"
-      - "unzip -o terraform.zip"
-      - mv terraform /bin
-      - rm terraform.zip
-      - pip3 install checkov
-      - go get -u github.com/tfsec/tfsec/cmd/tfsec
-      - set echo off
-
-        echo "INFO : Pre-Validation Successful"
-      - # -------------- END of PRE VALIDATION Steps  ----------------
-      - set echo on
+        echo "[Install] : $EXPORT_PROJECT_NAME"
   pre_build:
     commands:
-      - "echo ## VALIDATION : Starting ..."
-      - "echo ## TERRAFORM INIT : Initialize the Terraform Enviornment"
-      - "terraform init"
-      - |
-        # ----------   Terraform Validate ----------
-        if [ "$${ENABLE_TFVALIDATE}" = "Y" ]
-        then
-            echo "## VALIDATION : Validating Terraform code ..."
-            terraform validate
-        fi
-        tfValidateOutput=$?
-        if [ "$$tfValidateOutput" -eq 1 ]
-        then
-            tfValidateOutput="FAILED"
-        else
-            tfValidateOutput="PASSED"
-        fi
-        export TF_VALIDATE_OUTPUT=$tfValidateOutput
-        # ----------   Terraform Format ----------
-        if [ "$${ENABLE_TFFORMAT}" = "Y" ]
-        then
-            echo "## VALIDATION : Formatting Terraform code ..."
-            terraform fmt -recursive
-        fi
-        tfFormatOutput=$?
-        if [ "$$tfFormatOutput" -eq 1 ]
-        then
-            tfFormatOutput="FAILED"
-        else
-            tfFormatOutput="PASSED"
-        fi
-        export TF_FORMAT_OUTPUT=$tfFormatOutput
-        # ----------   Terraform Checkov ----------
-        if [ "$${ENABLE_TFCHECKOV}" = "Y" ]
-        then
-            echo "## VALIDATION: Running checkov ..."
-            checkov -s -d .
-        fi
-        tfCheckovOutput=$?
-        if [ "$$tfCheckovOutput" -eq 1 ]
-        then
-            tfCheckovOutput="FAILED"
-        else
-          tfCheckovOutput="PASSED"
-        fi
-        export TF_CHECKOV_OUTPUT=$tfCheckovOutput
-        # ----------   Terraform TFSEC ----------
-        if [ "$${ENABLE_TFSEC}" = "Y" ]
-        then
-          echo "## VALIDATION: Running tfsec ...";
-          tfsec .
-        fi
-        tfTfsecOutput=$?
-        if [ "$$tfTfsecOutput" -eq 1 ]
-        then
-          tfTfsecOutput="FAILED"
-        else
-          tfTfsecOutput="PASSED"
-        fi
-        export TF_TFSEC_OUTPUT=$tfTfsecOutput
-        echo "## VALIDATION Summary ##"
-        echo "------------------------"
-        echo "Terraform Validate: $${tfValidateOutput}"
-        echo "Terraform Format: $${tfFormatOutput}"
-        echo "Terraform checkov: $${tfCheckovOutput}"
-        echo "Terraform tfsec: $${tfTfsecOutput}"
-        echo "------------------------"
-        # if SKIPVALIDATIONFAILURE is set as Y, then validation failures are skipped during execution
-        if [ "$${SKIPVALIDATIONFAILURE}" = "Y" ]
-        then
-          echo "## VALIDATION: Skipping validation failure checks..."
-          validation_failure=0
-          VALIDATION_OVERVIEW=SKIPPED
-        elif [ "$${tfValidateOutput}" = "PASSED" -a "$${tfFormatOutput}" = "PASSED" -a "$${tfCheckovOutput}" = "PASSED"  -a "$${tfTfsecOutput}" = "PASSED" ]
-        then
-            echo "## VALIDATION: Checks Passed!!!"
-            validation_failure=0
-            export VALIDATION_OVERVIEW=PASSED
-        else
-          echo "## ERROR: Validation Failed"
-          export VALIDATION_OVERVIEW=FAILED
-          validation_failure=1
-        fi
-        if [ "$${validation_failure}" -eq 1 -a "$${SKIPVALIDATIONFAILURE}" != "Y" ]
-        then
-            exit 1
-        fi
+      - echo "[Pre Build] : $EXPORT_PROJECT_NAME"
   build:
     commands:
-      - "echo ## TERRAFORM PLAN : Create the plan for the Infrastructure"
-      - "terraform plan -out tfapply"
-      - "plan_status=$$?"
-      - |
-        if [ "$${plan_status}" -eq 0 ]
-        then
-              export PLAN_STATUS=PASSED
-        else
-          export PLAN_STATUS=FAILED
-        fi
+      - echo "[Pre Build] : $EXPORT_PROJECT_NAME"
+      - export ALL_PHASES_STATUS=PASSED
   post_build:
     commands:
-      - echo "Cleaning up the infrastructure created in next step"
+        - echo "[Post Build] : $${ALL_PHASES_STATUS}"
 artifacts:
   files:
     - '**/*'
diff --git a/deploy/main.tf b/deploy/main.tf
@@ -12,16 +12,17 @@ terraform {
 }
 
 module "codebuild" {
-  source             = "../"
-  build_image        = "aws/codebuild/amazonlinux2-x86_64-standard:3.0"
-  build_spec_file    = var.build_spec_file
-  compute_type       = "BUILD_GENERAL1_MEDIUM"
-  environment        = var.environment
-  git_clone_depth    = "1"
-  git_repo           = var.git_repo
-  project_name       = var.project_name
-  codebuild_env_vars = var.codebuild_env_vars
-  tags               = merge(var.tags, module.repo_label.tags)
+  source                 = "../"
+  build_image            = "aws/codebuild/amazonlinux2-x86_64-standard:3.0"
+  build_spec_file        = var.build_spec_file
+  compute_type           = "BUILD_GENERAL1_MEDIUM"
+  environment            = var.environment
+  git_clone_depth        = "1"
+  http_git_clone_url     = "https://github.com/aws-ia/terraform-modules-examples"
+  project_name           = var.project_name
+  codebuild_env_vars     = var.codebuild_env_vars
+  create_role_and_policy = true
+  tags                   = merge(var.tags, module.repo_label.tags)
 }
 
 ##########
@@ -33,9 +34,9 @@ module "repo_label" {
   version   = "0.0.2"
   region    = var.region
   namespace = "aws-ia"
-  account   = "test"
-  env       = "demo"
-  name      = "aws-ia-codebuild_module"
+  account   = "t"
+  env       = "d"
+  name      = "cb"
   delimiter = "-"
   tags      = tomap({ propogate_at_launch = "true", "terraform" = "true" })
 }
diff --git a/deploy/outputs.tf b/deploy/outputs.tf
@@ -18,11 +18,6 @@ output "codebuild_tags_all" {
   value       = module.codebuild.codebuild_tags_all
 }
 
-output "codebuild_role_arn" {
-  description = "CodeBuild Role Arn"
-  value       = module.codebuild.codebuild_role_arn
-}
-
 output "codebuild_project_name" {
   description = "CodeBuild Project Name"
   value       = module.codebuild.codebuild_project_name
diff --git a/deploy/variable.tf b/deploy/variable.tf
@@ -13,8 +13,9 @@ variable "project_name" {
   default     = ""
 }
 
-variable "git_repo" {
-  description = "Github repo "
+variable "http_git_clone_url" {
+  description = "Enter: Git Clone URL"
+  type        = string
   default     = "https://github.com/aws-ia/terraform-modules-examples"
 }
 
@@ -35,7 +36,7 @@ variable "compute_type" {
 
 variable "build_spec_file" {
   description = " build spec file name "
-  default     = "deploy/buildspecs/terraform_env.yml"
+  default     = "/buildspecs/terraform_env.yml"
 }
 
 variable "tags" {

Original file line number	Diff line number	Diff line change
`@@ -13,8 +13,9 @@ variable "project_name" {`
`13`	`13`	`default = ""`
`14`	`14`	`}`
`15`	`15`
`16`		`-variable "git_repo" {`
`17`		`- description = "Github repo "`
	`16`	`+variable "http_git_clone_url" {`
	`17`	`+ description = "Enter: Git Clone URL"`
	`18`	`+ type = string`
`18`	`19`	`default = "https://github.com/aws-ia/terraform-modules-examples"`
`19`	`20`	`}`
`20`	`21`
`@@ -35,7 +36,7 @@ variable "compute_type" {`
`35`	`36`
`36`	`37`	`variable "build_spec_file" {`
`37`	`38`	`description = " build spec file name "`
`38`		`- default = "deploy/buildspecs/terraform_env.yml"`
	`39`	`+ default = "/buildspecs/terraform_env.yml"`
`39`	`40`	`}`
`40`	`41`
`41`	`42`	`variable "tags" {`