Add environment_variables for building Docker images and pushing to ECR (#7)

* Add `environment_variables` for building `Docker` images and pushing to `AWS ECR`

* Add description to `variables.tf`

* Update `README.md`

* Update `README.md`

* Update `variables.tf`

* Use `data.aws_caller_identity.current.account_id` if `var.aws_account_id` is not provided

* Use `data.aws_region.current.name` if `var.aws_region` is not provided

* Rename `data sources` to `default`

* Remove `default` from `variable "image"`

* Rename `image` to `build_image`

* Update `README.md`

* Rename `instance_size` to `build_compute_type`

* Remove `S3` policy resource from `README.md` since it's not `CodeBuild` specific

* Update description

* Add `default` and `description` for `variable "build_image"`

Author: aknysh

README.md

@@ -8,40 +8,52 @@ Include this repository as a module in your existing terraform code:
 
 ```
 module "build" {
-  source    = "git::https://github.com/cloudposse/tf_codebuild.git"
-  namespace = "general"
-  name      = "ci"
-  stage     = "staging"
-
-  image         = "apline"
-  instance_size = "BUILD_GENERAL1_SMALL"
+    source              = "git::https://github.com/cloudposse/tf_codebuild.git?ref=tags/0.5.0"
+    namespace           = "general"
+    name                = "ci"
+    stage               = "staging"
+    
+    # http://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref.html
+    build_image         = "aws/codebuild/docker:1.12.1"
+    build_compute_type  = "BUILD_GENERAL1_SMALL"
+    
+    # These attributes are optional, used as ENV variables when building Docker images and pushing them to ECR
+    # For more info:
+    # http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html
+    # https://www.terraform.io/docs/providers/aws/r/codebuild_project.html
+    
+    privileged_mode     = true
+    aws_region          = "us-east-1"
+    aws_account_id      = "xxxxxxxxxx"
+    image_repo_name     = "ecr-repo-name"
+    image_tag           = "latest"
 }
 ```
 
-Grant appropriate permsissions to s3
 
-```
-resource "aws_iam_role_policy_attachment" "codebuild_s3" {
-  role   = "${module.build.role_arn}"
-  policy_arn = "${aws_iam_policy.s3.arn}"
-}
-```
 
 ## Input
 
-| Name          | Default              | Decription                                                                                                                     |
-|:-------------:|:--------------------:|:------------------------------------------------------------------------------------------------------------------------------:|
-| namespace     | global               | Namespace                                                                                                                      |
-| stage         | default              | Stage                                                                                                                          |
-| name          | codebuild            | Name                                                                                                                           |
-| image         | alpine               | Docker image used as environment                                                                                               |
-| instance_size | BUILD_GENERAL1_SMALL | Instance size for job.  Possible values are: ```BUILD_GENERAL1_SMALL``` ```BUILD_GENERAL1_MEDIUM``` ```BUILD_GENERAL1_LARGE``` |
-| buildspec     | ""                   | Optional buildspec declaration to use for building the project                                                                 |
+| Name                | Default                      | Description                                                                                                                                          |
+|:-------------------:|:----------------------------:|:----------------------------------------------------------------------------------------------------------------------------------------------------:|
+| namespace           | global                       | Namespace                                                                                                                                            |
+| stage               | default                      | Stage                                                                                                                                                |
+| name                | codebuild                    | Name                                                                                                                                                 |
+| build_image         | aws/codebuild/docker:1.12.1  | Docker image for build environment, _e.g._ `aws/codebuild/docker:1.12.1` or `aws/codebuild/eb-nodejs-6.10.0-amazonlinux-64:4.0.0`                    |
+| build_compute_type  | BUILD_GENERAL1_SMALL         | `CodeBuild` instance size.  Possible values are: ```BUILD_GENERAL1_SMALL``` ```BUILD_GENERAL1_MEDIUM``` ```BUILD_GENERAL1_LARGE```                   |
+| buildspec           | ""                           | (Optional) `buildspec` declaration to use for building the project                                                                                   |
+| privileged_mode     | ""                           | (Optional) If set to true, enables running the Docker daemon inside a Docker container on the `CodeBuild` instance. Used when building Docker images |
+| aws_region          | ""                           | (Optional) AWS Region, _e.g._ `us-east-1`. Used as `CodeBuild` ENV variable when building Docker images                                              |
+| aws_account_id      | ""                           | (Optional) AWS Account ID. Used as `CodeBuild` ENV variable when building Docker images                                                              |
+| image_repo_name     | ""                           | (Optional) ECR repository name to store the Docker image built by this module. Used as `CodeBuild` ENV variable when building Docker images          |
+| image_tag           | ""                           | (Optional) Docker image tag in the ECR repository, _e.g._ `latest`. Used as `CodeBuild` ENV variable when building Docker images                     |
+
+
 
 ## Output
 
 | Name         | Decription             |
 |:------------:|:----------------------:|
 | project_name | CodeBuild project name |
-| project_id   | CodeBuild project arn  |
-| role_arn     | IAM Role arn           |
+| project_id   | CodeBuild project ARN  |
+| role_arn     | IAM Role ARN           |

main.tf

@@ -1,3 +1,9 @@
+data "aws_caller_identity" "default" {}
+
+data "aws_region" "default" {
+  current = true
+}
+
 # Define composite variables for resources
 module "label" {
   source     = "git::https://github.com/cloudposse/tf_label.git?ref=tags/0.2.0"
@@ -75,10 +81,30 @@ resource "aws_codebuild_project" "default" {
   }
 
   environment {
-    compute_type    = "${var.instance_size}"
-    image           = "${var.image}"
+    compute_type    = "${var.build_compute_type}"
+    image           = "${var.build_image}"
     type            = "LINUX_CONTAINER"
-    privileged_mode = true
+    privileged_mode = "${var.privileged_mode}"
+
+    environment_variable {
+      "name"  = "AWS_REGION"
+      "value" = "${signum(length(var.aws_region)) == 1 ? var.aws_region : data.aws_region.default.name}"
+    }
+
+    environment_variable {
+      "name"  = "AWS_ACCOUNT_ID"
+      "value" = "${signum(length(var.aws_account_id)) == 1 ? var.aws_account_id : data.aws_caller_identity.default.account_id}"
+    }
+
+    environment_variable {
+      "name"  = "IMAGE_REPO_NAME"
+      "value" = "${var.image_repo_name}"
+    }
+
+    environment_variable {
+      "name"  = "IMAGE_TAG"
+      "value" = "${var.image_tag}"
+    }
   }
 
   source {

variables.tf

@@ -10,11 +10,12 @@ variable "name" {
   default = "codebuild"
 }
 
-variable "image" {
-  default = "alpine"
+variable "build_image" {
+  default     = "aws/codebuild/docker:1.12.1"
+  description = "Docker image for build environment, e.g. 'aws/codebuild/docker:1.12.1' or 'aws/codebuild/eb-nodejs-6.10.0-amazonlinux-64:4.0.0'. For more info: http://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref.html"
 }
 
-variable "instance_size" {
+variable "build_compute_type" {
   default = "BUILD_GENERAL1_SMALL"
 }
 
@@ -37,3 +38,32 @@ variable "tags" {
   type    = "map"
   default = {}
 }
+
+variable "privileged_mode" {
+  default     = false
+  description = "(Optional) If set to true, enables running the Docker daemon inside a Docker container on the CodeBuild instance. Used when building Docker images"
+}
+
+variable "aws_region" {
+  type        = "string"
+  default     = ""
+  description = "(Optional) AWS Region, e.g. us-east-1. Used as CodeBuild ENV variable when building Docker images. For more info: http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html"
+}
+
+variable "aws_account_id" {
+  type        = "string"
+  default     = ""
+  description = "(Optional) AWS Account ID. Used as CodeBuild ENV variable when building Docker images. For more info: http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html"
+}
+
+variable "image_repo_name" {
+  type        = "string"
+  default     = ""
+  description = "(Optional) ECR repository name to store the Docker image built by this module. Used as CodeBuild ENV variable when building Docker images. For more info: http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html"
+}
+
+variable "image_tag" {
+  type        = "string"
+  default     = ""
+  description = "(Optional) Docker image tag in the ECR repository, e.g. 'latest'. Used as CodeBuild ENV variable when building Docker images. For more info: http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html"
+}