DevOpsTestLab
diff --git a/‎.terraform.lock.hcl
+22 b/‎.terraform.lock.hcl
+22
diff --git a/‎README.md
+1 b/‎README.md
+1
diff --git a/‎main.tf
+53 b/‎main.tf
+53
diff --git a/‎modules/codecommit/main.tf
+7 b/‎modules/codecommit/main.tf
+7
diff --git a/‎modules/codecommit/outputs.tf
+7 b/‎modules/codecommit/outputs.tf
+7
diff --git a/‎modules/codecommit/variables.tf
+10 b/‎modules/codecommit/variables.tf
+10
diff --git a/‎modules/codepipeline/main.tf
+134 b/‎modules/codepipeline/main.tf
+134
diff --git a/‎modules/codepipeline/outputs.tf
+8 b/‎modules/codepipeline/outputs.tf
+8
@@ -0,0 +1 @@
+# Infra
@@ -0,0 +1,53 @@
+locals {
+  env_namespace         = join("_", [var.org_name, var.team_name, var.project_id, var.env["dev"]])
+  general_namespace     = join("_", [var.org_name, var.team_name, var.project_id])
+  s3_bucket_namespace   = join("-", [var.org_name, var.team_name, var.project_id, var.env["dev"]])
+}
+data "aws_caller_identity" "current" {}
+module "codepipeline" {
+  source                 = "./modules/codepipeline"
+  general_namespace      = local.general_namespace
+  env_namespace          = local.env_namespace
+  s3_bucket_namespace    = local.s3_bucket_namespace
+  codecommit_repo        = module.codecommit.codecommit_configs.repository_name
+  codecommit_branch      = module.codecommit.codecommit_configs.default_branch
+  codebuild_image        = var.codebuild_image
+  codebuild_type         = var.codebuild_type
+  codebuild_compute_type = var.codebuild_compute_type
+  ecr_repo_arn           = module.ecr.ecr_configs.ecr_repo_arn
+  build_args = [
+    {
+      name  = "REPO_URI"
+      value = module.ecr.ecr_configs.ecr_repo_url
+    },
+    {
+      name  = "REPO_ARN"
+      value = module.ecr.ecr_configs.ecr_repo_arn
+    },
+    {
+      name  = "TERRAFORM_VERSION"
+      value = var.terraform_ver
+    },
+    {
+      name  = "ENV_NAMESPACE"
+      value = local.env_namespace
+    },
+    {
+      name  = "AWS_ACCOUNT_ID"
+      value = data.aws_caller_identity.current.account_id
+    }
+  ]
+}
+
+module "codecommit" {
+  source            = "./modules/codecommit"
+  general_namespace = local.general_namespace
+  env_namespace     = local.env_namespace
+  codecommit_branch = var.codecommit_branch
+}
+
+module "ecr" {
+  source            = "./modules/ecr"
+  general_namespace = local.general_namespace
+  env_namespace     = local.env_namespace
+}
@@ -0,0 +1,7 @@
+
+data "aws_caller_identity" "current" {}
+resource "aws_codecommit_repository" "codecommit_repo" {
+  repository_name = "${var.general_namespace}_code_repo"
+  default_branch  = "${var.codecommit_branch}"
+  description     = "Application repo for lambda ${var.general_namespace}"
+}
@@ -0,0 +1,7 @@
+output "codecommit_configs" {
+    value = {
+        repository_name         = aws_codecommit_repository.codecommit_repo.repository_name
+        default_branch          = aws_codecommit_repository.codecommit_repo.default_branch
+        clone_repository_url    = aws_codecommit_repository.codecommit_repo.clone_url_http
+    }
+}
@@ -0,0 +1,10 @@
+variable "codecommit_branch" {
+    type = string
+    default = "master"
+}
+variable "general_namespace" {
+    type = string
+}
+variable "env_namespace" {
+    type = string
+}
@@ -0,0 +1,134 @@
+locals {
+  projects  = ["build", "scan", "deploy"]
+}
+resource "aws_s3_bucket" "codepipeline_bucket" {
+  bucket = "${var.s3_bucket_namespace}-codepipeline-bucket"
+}
+
+resource "aws_s3_bucket_acl" "codepipeline_bucket_acl" {
+  bucket = aws_s3_bucket.codepipeline_bucket.id
+  acl    = "private"
+}
+
+resource "aws_codebuild_project" "project" {
+    count           = length(local.projects)
+    name            = "${var.env_namespace}_${local.projects[count.index]}"
+    #name           = "${var.org}_${var.name}_${var.attribute}_${var.env["dev"]}_codebuild_docker_build"
+    build_timeout   = "5" #The default is 60 minutes.
+    service_role    = aws_iam_role.lambda_codebuild_role.arn
+    artifacts {
+        type = "CODEPIPELINE"
+    }
+    environment {
+      compute_type                = var.codebuild_compute_type
+      image                       = var.codebuild_image
+      type                        = var.codebuild_type
+      #compute_type               = "BUILD_GENERAL1_MEDIUM"
+      #image                      = "aws/codebuild/amazonlinux2-x86_64-standard:3.0"
+      #type                       = "LINUX_CONTAINER"
+      image_pull_credentials_type = "CODEBUILD"
+      privileged_mode             = true
+
+      dynamic "environment_variable" {
+        for_each = var.build_args
+        content {
+          name  = environment_variable.value.name
+          value = environment_variable.value.value
+        }
+      }
+    }
+    source {
+        type      = "CODEPIPELINE"
+        buildspec = file("${path.module}/templates/buildspec_${local.projects[count.index]}.yml")
+        #buildspec = file("${path.module}/stage1-buildspec.yml")
+    }
+
+    source_version = "master"
+
+    tags = {
+        env = var.env_namespace
+    }
+}
+
+resource "aws_codepipeline" "codepipeline" {
+  name     = "${var.env_namespace}_pipeline"
+  role_arn = aws_iam_role.lambda_codepipeline_role.arn
+
+  artifact_store {
+    location = aws_s3_bucket.codepipeline_bucket.bucket
+    type     = "S3"
+  }
+
+  stage {
+    name = "Source"
+
+    action {
+      name     = "Source"
+      category = "Source"
+      owner    = "AWS"
+      provider = "CodeCommit"
+      version  = "1"
+      output_artifacts = [
+      "source_output"]
+
+      configuration = {
+        #BranchName     = aws_codecommit_repository.lambda_codecommit_repo.default_branch
+        BranchName      = var.codecommit_branch
+        RepositoryName  = var.codecommit_repo
+        #RepositoryName = aws_codecommit_repository.lambda_codecommit_repo.repository_name
+      }
+    }
+  }
+
+  stage {
+    name = "Build"
+
+    action {
+      name     = "Docker_Build"
+      category = "Build"
+      owner    = "AWS"
+      provider = "CodeBuild"
+      input_artifacts = [
+      "source_output"]
+      version = "1"
+
+      configuration = {
+        ProjectName = aws_codebuild_project.project[0].name
+      }
+    }
+  }
+  stage {
+    name = "Scan"
+
+    action {
+      name     = "Sonar_Scan"
+      category = "Build"
+      owner    = "AWS"
+      provider = "CodeBuild"
+      input_artifacts = [
+      "source_output"]
+      version = "1"
+
+      configuration = {
+        ProjectName = aws_codebuild_project.project[1].name
+      }
+    }
+  }
+  stage {
+    name = "Deploy"
+
+    action {
+      name     = "Deploy_Docker"
+      category = "Build"
+      owner    = "AWS"
+      provider = "CodeBuild"
+      input_artifacts = [
+      "source_output"]
+      version = "1"
+
+      configuration = {
+        ProjectName = aws_codebuild_project.project[2].name
+      }
+    }
+  }
+}
@@ -0,0 +1,8 @@
+output "codepipeline_configs" {
+    value = {
+        codepipeline = aws_codepipeline.codepipeline.arn
+    }
+}
+output "deployment_role_arn" {
+    value = aws_iam_role.lambda_codebuild_role.arn
+}