Update to Terraform module

nikki-t · nikki-t · commit 9e7ec2a42c86 · 2025-04-14T13:49:47.000-04:00
diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml
@@ -0,0 +1,64 @@
+# Main build pipeline that verifies, builds, and deploys the software
+name: Build Docker image (ghcr.io)
+# Events that trigger the workflow
+on:
+  # Run workflow manually from the Actions tab
+  workflow_dispatch:
+    inputs:
+      version:
+        type: string
+        description: Application version to build container image for
+        required: true
+
+# Only allow 1 execution of this workflow to be running at any given time per-branch.
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+# Environment variables
+env:
+  IMAGE_NAME: ${{ github.repository }}
+  POETRY_VERSION: "2.1.1"
+  PYTHON_VERSION: "3.10"
+  REGISTRY: ghcr.io
+
+jobs:
+  container:
+    name: Build container image
+    # The type of runner that the job will run on
+    runs-on: ubuntu-latest
+    env:
+      APP_VERSION: ${{ github.event.inputs.version }}
+    steps:
+      # Check out GitHub repo
+      - uses: actions/checkout@v4
+        with:
+          repository: ${{ github.repository }}
+
+      # ghcr.io container image
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=pep440,pattern={{version}},value=${{ env.APP_VERSION }}
+          flavor: |
+            latest=true
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: Dockerfile
+          push: true
+          pull: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -21,6 +21,10 @@ on:
                 - DEV1
                 - DEV2
                 - OPS
+        version:
+          type: string
+          description: Application version to build container image for
+          required: true
 
 # Environment variables
 env:
@@ -130,6 +134,7 @@ jobs:
       
       - name: Define TF_VAR values
         run: |
+          echo "TF_VAR_app_version=${{ github.event.inputs.version }}" >> $GITHUB_ENV
           echo "TF_VAR_environment=$TARGET_ENV" >> $GITHUB_ENV
           echo "TF_VAR_prefix=$PREFIX_ENV" >> $GITHUB_ENV
           echo "TF_IN_AUTOMATION=true" >> $GITHUB_ENV
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,22 @@
+# Main build pipeline that verifies, builds, and deploys the software
+name: Create a release
+# Events that trigger the workflow
+on:
+  # Run workflow manually from the Actions tab
+  workflow_dispatch:
+    inputs:
+      version:
+        type: string
+        description: Application version to build container image for
+        required: true
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Create GH release
+        uses: ncipollo/release-action@v1
+        with:
+          generateReleaseNotes: true
+          name: ${{ github.event.inputs.version }}
+          tag: ${{ github.event.inputs.version }}
diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl
diff --git a/terraform/main.tf b/terraform/main.tf
@@ -5,48 +5,34 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 4.0"
+      version = "~> 5.0"
     }
   }
 }
 
-# Configure the AWS Provider
 provider "aws" {
   default_tags {
     tags = local.default_tags
   }
-  region  = var.aws_region
+  region = var.aws_region
 }
 
-# Data sources
 data "aws_caller_identity" "current" {}
 
-data "aws_cloudwatch_log_group" "cw_log_group" {
-  name = "/aws/batch/job/${var.prefix}-metroman/"
-}
-
-data "aws_efs_file_system" "aws_efs_input" {
-  creation_token = "${var.prefix}-input"
-}
-
-data "aws_efs_file_system" "aws_efs_flpe" {
-  creation_token = "${var.prefix}-flpe"
-}
-
-data "aws_iam_role" "job_role" {
-  name = "${var.prefix}-batch-job-role"
-}
-
-data "aws_iam_role" "exe_role" {
-  name = "${var.prefix}-ecs-exe-task-role"
-}
-
-# Local variables
 locals {
-  account_id = data.aws_caller_identity.current.account_id
+  account_id = sensitive(data.aws_caller_identity.current.account_id)
   default_tags = length(var.default_tags) == 0 ? {
     application : var.app_name,
     environment : lower(var.environment),
     version : var.app_version
   } : var.default_tags
+}
+
+module "confluence-input" {
+  source      = "./modules/metroman"
+  app_name    = var.app_name
+  app_version = var.app_version
+  aws_region  = var.aws_region
+  environment = var.environment
+  prefix      = var.prefix
 }
diff --git a/terraform/modules/metroman/.terraform.lock.hcl b/terraform/modules/metroman/.terraform.lock.hcl
diff --git a/terraform/modules/metroman/confluence-metroman.tf b/terraform/modules/metroman/confluence-metroman.tf
diff --git a/terraform/modules/metroman/main.tf b/terraform/modules/metroman/main.tf
@@ -0,0 +1,32 @@
+# Data sources
+data "aws_caller_identity" "current" {}
+
+data "aws_cloudwatch_log_group" "cw_log_group" {
+  name = "/aws/batch/job/${var.prefix}-metroman/"
+}
+
+data "aws_efs_file_system" "aws_efs_input" {
+  creation_token = "${var.prefix}-input"
+}
+
+data "aws_efs_file_system" "aws_efs_flpe" {
+  creation_token = "${var.prefix}-flpe"
+}
+
+data "aws_iam_role" "job_role" {
+  name = "${var.prefix}-batch-job-role"
+}
+
+data "aws_iam_role" "exe_role" {
+  name = "${var.prefix}-ecs-exe-task-role"
+}
+
+# Local variables
+locals {
+  account_id = data.aws_caller_identity.current.account_id
+  default_tags = length(var.default_tags) == 0 ? {
+    application : var.app_name,
+    environment : lower(var.environment),
+    version : var.app_version
+  } : var.default_tags
+}
diff --git a/terraform/modules/metroman/variables.tf b/terraform/modules/metroman/variables.tf
@@ -0,0 +1,31 @@
+variable "app_name" {
+  type        = string
+  description = "Application name"
+  default     = "confluence"
+}
+
+variable "app_version" {
+  type        = string
+  description = "The application version number"
+}
+
+variable "aws_region" {
+  type        = string
+  description = "AWS region to deploy to"
+  default     = "us-west-2"
+}
+
+variable "default_tags" {
+  type    = map(string)
+  default = {}
+}
+
+variable "environment" {
+  type        = string
+  description = "The environment in which to deploy to"
+}
+
+variable "prefix" {
+  type        = string
+  description = "Prefix to add to all AWS resources as a unique identifier"
+}
diff --git a/terraform/variables.tf b/terraform/variables.tf
@@ -1,13 +1,12 @@
 variable "app_name" {
   type        = string
   description = "Application name"
-  default     = "generate"
+  default     = "confluence"
 }
 
 variable "app_version" {
-  type        = number
+  type        = string
   description = "The application version number"
-  default     = 0.1
 }
 
 variable "aws_region" {

Original file line number	Diff line number	Diff line change
`@@ -1,13 +1,12 @@`
`1`	`1`	`variable "app_name" {`
`2`	`2`	`type = string`
`3`	`3`	`description = "Application name"`
`4`		`- default = "generate"`
	`4`	`+ default = "confluence"`
`5`	`5`	`}`
`6`	`6`
`7`	`7`	`variable "app_version" {`
`8`		`- type = number`
	`8`	`+ type = string`
`9`	`9`	`description = "The application version number"`
`10`		`- default = 0.1`
`11`	`10`	`}`
`12`	`11`
`13`	`12`	`variable "aws_region" {`