feat: Add submodule to handle creation of docker images (#162)

Author: Barteus

examples/container-image/README.md

@@ -21,33 +21,26 @@ Note that this example may create resources which cost money. Run `terraform des
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13 |
 | <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.19 |
-| <a name="requirement_docker"></a> [docker](#requirement\_docker) | >= 2.8.0 |
 | <a name="requirement_random"></a> [random](#requirement\_random) | >= 2 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.19 |
-| <a name="provider_docker"></a> [docker](#provider\_docker) | >= 2.8.0 |
 | <a name="provider_random"></a> [random](#provider\_random) | >= 2 |
 
 ## Modules
 
 | Name | Source | Version |
 |------|--------|---------|
+| <a name="module_docker_image"></a> [docker\_image](#module\_docker\_image) | ../../modules/docker-build |  |
 | <a name="module_lambda_function_from_container_image"></a> [lambda\_function\_from\_container\_image](#module\_lambda\_function\_from\_container\_image) | ../../ |  |
 
 ## Resources
 
 | Name | Type |
 |------|------|
-| [aws_ecr_repository.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository) | resource |
-| [docker_registry_image.app](https://registry.terraform.io/providers/kreuzwerker/docker/latest/docs/resources/registry_image) | resource |
 | [random_pet.this](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/pet) | resource |
-| [aws_caller_identity.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
-| [aws_ecr_authorization_token.token](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ecr_authorization_token) | data source |
-| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
 
 ## Inputs
 
@@ -57,6 +50,7 @@ No inputs.
 
 | Name | Description |
 |------|-------------|
+| <a name="output_docker_image_uri"></a> [docker\_image\_uri](#output\_docker\_image\_uri) | The ECR Docker image URI used to deploy Lambda Function |
 | <a name="output_lambda_cloudwatch_log_group_arn"></a> [lambda\_cloudwatch\_log\_group\_arn](#output\_lambda\_cloudwatch\_log\_group\_arn) | The ARN of the Cloudwatch Log Group |
 | <a name="output_lambda_function_arn"></a> [lambda\_function\_arn](#output\_lambda\_function\_arn) | The ARN of the Lambda Function |
 | <a name="output_lambda_function_invoke_arn"></a> [lambda\_function\_invoke\_arn](#output\_lambda\_function\_invoke\_arn) | The Invoke ARN of the Lambda Function |

examples/container-image/main.tf

@@ -24,42 +24,15 @@ module "lambda_function_from_container_image" {
   ##################
   # Container Image
   ##################
-  image_uri    = docker_registry_image.app.name
+  image_uri    = module.docker_image.image_uri
   package_type = "Image"
 }
 
-#################
-# ECR Repository
-#################
-resource "aws_ecr_repository" "this" {
-  name = random_pet.this.id
-}
-
-###############################################
-# Create Docker Image and push to ECR registry
-###############################################
-
-data "aws_caller_identity" "this" {}
-data "aws_region" "current" {}
-data "aws_ecr_authorization_token" "token" {}
-
-locals {
-  ecr_address = format("%v.dkr.ecr.%v.amazonaws.com", data.aws_caller_identity.this.account_id, data.aws_region.current.name)
-  ecr_image   = format("%v/%v:%v", local.ecr_address, aws_ecr_repository.this.id, "1.0")
-}
-
-provider "docker" {
-  registry_auth {
-    address  = local.ecr_address
-    username = data.aws_ecr_authorization_token.token.user_name
-    password = data.aws_ecr_authorization_token.token.password
-  }
-}
-
-resource "docker_registry_image" "app" {
-  name = local.ecr_image
+module "docker_image" {
+  source = "../../modules/docker-build"
 
-  build {
-    context = "context"
-  }
+  create_ecr_repo = true
+  ecr_repo        = random_pet.this.id
+  image_tag       = "1.0"
+  source_path     = "context"
 }

examples/container-image/outputs.tf

@@ -86,3 +86,9 @@ output "lambda_cloudwatch_log_group_arn" {
   description = "The ARN of the Cloudwatch Log Group"
   value       = module.lambda_function_from_container_image.lambda_cloudwatch_log_group_arn
 }
+
+# Docker Image
+output "docker_image_uri" {
+  description = "The ECR Docker image URI used to deploy Lambda Function"
+  value       = module.docker_image.image_uri
+}

examples/container-image/versions.tf

@@ -4,10 +4,5 @@ terraform {
   required_providers {
     aws    = ">= 3.19"
     random = ">= 2"
-
-    docker = {
-      source  = "kreuzwerker/docker"
-      version = ">= 2.8.0"
-    }
   }
 }

modules/docker-build/README.md

@@ -0,0 +1,93 @@
+# Build Docker Image module
+
+Terraform module that builds Docker image from `Dockerfile` and pushes it to ECR repository. Lambda can deploy container images from private ECR.
+
+This Terraform module is the part of [serverless.tf framework](https://github.com/antonbabenko/serverless.tf), which aims to simplify all operations when working with the serverless in Terraform.
+
+## Usage
+
+### Complete example of Lambda Function deployment via AWS CodeDeploy
+
+```hcl
+module "lambda_function" {
+  source = "terraform-aws-modules/lambda/aws"
+
+  function_name  = "my-lambda1"
+  create_package = false
+
+  image_uri    = module.docker_image.image_uri
+  package_type = "Image"
+}
+
+module "docker_image" {
+  source = "terraform-aws-modules/lambda/aws//modules/docker-build"
+
+  create_ecr_repo = true
+  ecr_repo        = "my-cool-ecr-repo"
+  image_tag       = "1.0"
+  source_path     = "context"
+}
+```
+
+## Examples
+
+* [Container Image](https://github.com/terraform-aws-modules/terraform-aws-lambda/tree/master/examples/container-image) - Creates Docker Image and deploy Lambda Function using it.
+
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.35 |
+| <a name="requirement_docker"></a> [docker](#requirement\_docker) | >= 2.8.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.35 |
+| <a name="provider_docker"></a> [docker](#provider\_docker) | >= 2.8.0 |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_ecr_repository.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ecr_repository) | resource |
+| [docker_registry_image.this](https://registry.terraform.io/providers/kreuzwerker/docker/latest/docs/resources/registry_image) | resource |
+| [aws_caller_identity.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_ecr_authorization_token.token](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ecr_authorization_token) | data source |
+| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_create_ecr_repo"></a> [create\_ecr\_repo](#input\_create\_ecr\_repo) | Controls whether ECR repository for Lambda image should be created | `bool` | `false` | no |
+| <a name="input_docker_file_path"></a> [docker\_file\_path](#input\_docker\_file\_path) | Path to Dockerfile in source package | `string` | `"Dockerfile"` | no |
+| <a name="input_ecr_repo"></a> [ecr\_repo](#input\_ecr\_repo) | Name of ECR repository to use or to create | `string` | `null` | no |
+| <a name="input_image_tag"></a> [image\_tag](#input\_image\_tag) | Image tag to use. If not specified current timestamp in format 'YYYYMMDDhhmmss' will be used. This can lead to unnecessary rebuilds. | `string` | `null` | no |
+| <a name="input_source_path"></a> [source\_path](#input\_source\_path) | Path to folder containing application code | `string` | `null` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_image_uri"></a> [image\_uri](#output\_image\_uri) | The ECR image URI for deploying lambda |
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+
+## Authors
+
+Module managed by [Anton Babenko](https://github.com/antonbabenko). Check out [serverless.tf](https://serverless.tf) to learn more about doing serverless with Terraform.
+
+Please reach out to [Betajob](https://www.betajob.com/) if you are looking for commercial support for your Terraform, AWS, or serverless project.
+
+
+## License
+
+Apache 2 Licensed. See LICENSE for full details.

modules/docker-build/main.tf

@@ -0,0 +1,35 @@
+data "aws_region" "current" {}
+
+data "aws_caller_identity" "this" {}
+
+data "aws_ecr_authorization_token" "token" {}
+
+locals {
+  ecr_address    = format("%v.dkr.ecr.%v.amazonaws.com", data.aws_caller_identity.this.account_id, data.aws_region.current.name)
+  ecr_repo       = var.create_ecr_repo ? aws_ecr_repository.this[0].id : var.ecr_repo
+  image_tag      = coalesce(var.image_tag, formatdate("YYYYMMDDhhmmss", timestamp()))
+  ecr_image_name = format("%v/%v:%v", local.ecr_address, local.ecr_repo, local.image_tag)
+}
+
+provider "docker" {
+  registry_auth {
+    address  = local.ecr_address
+    username = data.aws_ecr_authorization_token.token.user_name
+    password = data.aws_ecr_authorization_token.token.password
+  }
+}
+
+resource "docker_registry_image" "this" {
+  name = local.ecr_image_name
+
+  build {
+    context    = var.source_path
+    dockerfile = var.docker_file_path
+  }
+}
+
+resource "aws_ecr_repository" "this" {
+  count = var.create_ecr_repo ? 1 : 0
+
+  name = var.ecr_repo
+}

modules/docker-build/outputs.tf

@@ -0,0 +1,4 @@
+output "image_uri" {
+  description = "The ECR image URI for deploying lambda"
+  value       = docker_registry_image.this.name
+}

modules/docker-build/variables.tf

@@ -0,0 +1,29 @@
+variable "create_ecr_repo" {
+  description = "Controls whether ECR repository for Lambda image should be created"
+  type        = bool
+  default     = false
+}
+
+variable "ecr_repo" {
+  description = "Name of ECR repository to use or to create"
+  type        = string
+  default     = null
+}
+
+variable "image_tag" {
+  description = "Image tag to use. If not specified current timestamp in format 'YYYYMMDDhhmmss' will be used. This can lead to unnecessary rebuilds."
+  type        = string
+  default     = null
+}
+
+variable "source_path" {
+  description = "Path to folder containing application code"
+  type        = string
+  default     = null
+}
+
+variable "docker_file_path" {
+  description = "Path to Dockerfile in source package"
+  type        = string
+  default     = "Dockerfile"
+}

modules/docker-build/versions.tf

@@ -0,0 +1,11 @@
+terraform {
+  required_version = ">= 0.13"
+
+  required_providers {
+    aws = ">= 3.35"
+    docker = {
+      source  = "kreuzwerker/docker"
+      version = ">= 2.8.0"
+    }
+  }
+}