Update Submodule and support custom_lifcycle_rules (#44)

* update submodule and vars

* update module

* add additional pass through variable

* update module again

* Adding an input description.

Author: Benbentwo

src/main.tf

@@ -26,17 +26,21 @@ module "ecr" {
   source  = "cloudposse/ecr/aws"
   version = "0.44.0"
 
-  protected_tags             = var.protected_tags
-  enable_lifecycle_policy    = var.enable_lifecycle_policy
-  image_names                = var.images
-  image_tag_mutability       = var.image_tag_mutability
-  max_image_count            = var.max_image_count
-  principals_full_access     = compact(concat(module.full_access.principals, [local.ecr_user_arn]))
-  principals_readonly_access = module.readonly_access.principals
-  principals_lambda          = var.principals_lambda
-  scan_images_on_push        = var.scan_images_on_push
-  use_fullname               = false
-  replication_configurations = var.replication_configurations
+  protected_tags                   = var.protected_tags
+  protected_tags_keep_count        = var.protected_tags_keep_count
+  enable_lifecycle_policy          = var.enable_lifecycle_policy
+  default_lifecycle_rules_settings = var.default_lifecycle_rules_settings
+  image_names                      = var.images
+  image_tag_mutability             = var.image_tag_mutability
+  max_image_count                  = var.max_image_count
+  principals_full_access           = compact(concat(module.full_access.principals, [local.ecr_user_arn]))
+  principals_readonly_access       = module.readonly_access.principals
+  principals_lambda                = var.principals_lambda
+  scan_images_on_push              = var.scan_images_on_push
+  use_fullname                     = false
+  replication_configurations       = var.replication_configurations
+
+  custom_lifecycle_rules = var.custom_lifecycle_rules
 
   context = module.this.context
 }

src/variables.tf

@@ -48,6 +48,12 @@ variable "protected_tags" {
   default     = []
 }
 
+variable "protected_tags_keep_count" {
+  type        = number
+  description = "Number of Image versions to keep for protected tags"
+  default     = 999999
+}
+
 variable "enable_lifecycle_policy" {
   type        = bool
   description = "Enable/disable image lifecycle policy"
@@ -83,4 +89,85 @@ variable "replication_configurations" {
   }))
   description = "Replication configuration for a registry. See [Replication Configuration](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_replication_configuration#replication-configuration)."
   default     = []
-}
+}
+
+variable "custom_lifecycle_rules" {
+  description = "Custom lifecycle rules to override or complement the default ones"
+  type = list(object({
+    description = optional(string)
+    selection = object({
+      tagStatus      = string
+      countType      = string
+      countNumber    = number
+      countUnit      = optional(string)
+      tagPrefixList  = optional(list(string))
+      tagPatternList = optional(list(string))
+    })
+    action = object({
+      type = string
+    })
+  }))
+  default = []
+
+  validation {
+    condition = alltrue([
+      for rule in var.custom_lifecycle_rules :
+      rule.selection.tagStatus != "tagged" || (length(coalesce(rule.selection.tagPrefixList, [])) > 0 || length(coalesce(rule.selection.tagPatternList, [])) > 0)
+    ])
+    error_message = "if tagStatus is tagged - specify tagPrefixList or tagPatternList"
+  }
+  validation {
+    condition = alltrue([
+      for rule in var.custom_lifecycle_rules :
+      rule.selection.countNumber > 0
+    ])
+    error_message = "Count number should be > 0"
+  }
+
+  validation {
+    condition = alltrue([
+      for rule in var.custom_lifecycle_rules :
+      contains(["tagged", "untagged", "any"], rule.selection.tagStatus)
+    ])
+    error_message = "Valid values for tagStatus are: tagged, untagged, or any."
+  }
+  validation {
+    condition = alltrue([
+      for rule in var.custom_lifecycle_rules :
+      contains(["imageCountMoreThan", "sinceImagePushed"], rule.selection.countType)
+    ])
+    error_message = "Valid values for countType are: imageCountMoreThan or sinceImagePushed."
+  }
+
+  validation {
+    condition = alltrue([
+      for rule in var.custom_lifecycle_rules :
+      rule.selection.countType != "sinceImagePushed" || rule.selection.countUnit != null
+    ])
+    error_message = "For countType = 'sinceImagePushed', countUnit must be specified."
+  }
+}
+
+variable "default_lifecycle_rules_settings" {
+  description = "Default lifecycle rules settings"
+  type = object({
+    untagged_image_rule = optional(object({
+      enabled = optional(bool, true)
+      }), {
+      enabled = true
+    })
+    remove_old_image_rule = optional(object({
+      enabled = optional(bool, true)
+      }), {
+      enabled = true
+    })
+  })
+  default = {
+    untagged_image_rule = {
+      enabled = true
+    }
+    remove_old_image_rule = {
+      enabled = true
+    }
+  }
+}