From 2069de3f0226b92158108d1b404e29d5da857fcc Mon Sep 17 00:00:00 2001 From: Stephen Astels Date: Wed, 17 Apr 2024 11:53:20 -0400 Subject: [PATCH] move ecr stuff mack to ecr module --- aws/ecr/ecr.tf | 21 ++++++++++++ aws/ecr/images.tf | 22 ++++++++++++ aws/pinpoint_to_sqs_sms_callbacks/ecr.tf | 20 ----------- aws/pinpoint_to_sqs_sms_callbacks/images.tf | 38 --------------------- aws/pinpoint_to_sqs_sms_callbacks/lambda.tf | 6 ++++ 5 files changed, 49 insertions(+), 58 deletions(-) delete mode 100644 aws/pinpoint_to_sqs_sms_callbacks/ecr.tf delete mode 100644 aws/pinpoint_to_sqs_sms_callbacks/images.tf diff --git a/aws/ecr/ecr.tf b/aws/ecr/ecr.tf index 1d54d63a0..d95616d34 100644 --- a/aws/ecr/ecr.tf +++ b/aws/ecr/ecr.tf @@ -119,3 +119,24 @@ resource "aws_ecr_repository" "github_arc" { scan_on_push = true } } + +resource "aws_ecr_repository" "pinpoint_to_sqs_sms_callbacks" { + # The :latest tag is used in Staging + + name = "notify/pinpoint_to_sqs_sms_callbacks" + image_tag_mutability = "MUTABLE" #tfsec:ignore:AWS078 + force_delete = var.force_delete_ecr + + image_scanning_configuration { + scan_on_push = true + } +} + +resource "aws_secretsmanager_secret" "pinpoint_to_sqs_sms_callbacks_repository_url" { + name = "PINPOINT_TO_SQS_SMS_CALLBACKS_REPOSITORY_URL" +} + +resource "aws_secretsmanager_secret_version" "pinpoint_to_sqs_sms_callbacks_repository_url" { + secret_id = aws_secretsmanager_secret.pinpoint_to_sqs_sms_callbacks_repository_url.id + secret_string = aws_ecr_repository.pinpoint_to_sqs_sms_callbacks.repository_url +} diff --git a/aws/ecr/images.tf b/aws/ecr/images.tf index 927d804e3..70f4823f6 100644 --- a/aws/ecr/images.tf +++ b/aws/ecr/images.tf @@ -259,3 +259,25 @@ resource "null_resource" "push_github_arc_runner_docker_image" { } } + +# Pinpoint to SQS Queue Build and Push + +resource "null_resource" "build_pinpoint_to_sqs_sms_callbacks_docker_image" { + count = var.bootstrap ? 1 : 0 + depends_on = [ + null_resource.lambda_repo_clone + ] + + provisioner "local-exec" { + command = "docker build -t ${aws_ecr_repository.pinpoint_to_sqs_sms_callbacks.repository_url}:bootstrap -f /var/tmp/notification-lambdas/pinpointsmscallbacks/Dockerfile /var/tmp/notification-lambdas" + } +} + +resource "null_resource" "push_pinpoint_to_sqs_sms_callbacks_docker_image" { + count = var.bootstrap ? 1 : 0 + depends_on = [null_resource.build_pinpoint_to_sqs_sms_callbacks_docker_image] + + provisioner "local-exec" { + command = "docker push ${aws_ecr_repository.pinpoint_to_sqs_sms_callbacks.repository_url}:bootstrap" + } +} diff --git a/aws/pinpoint_to_sqs_sms_callbacks/ecr.tf b/aws/pinpoint_to_sqs_sms_callbacks/ecr.tf deleted file mode 100644 index 68ad740ac..000000000 --- a/aws/pinpoint_to_sqs_sms_callbacks/ecr.tf +++ /dev/null @@ -1,20 +0,0 @@ -resource "aws_ecr_repository" "pinpoint_to_sqs_sms_callbacks" { - # The :latest tag is used in Staging - - name = "notify/pinpoint_to_sqs_sms_callbacks" - image_tag_mutability = "MUTABLE" #tfsec:ignore:AWS078 - force_delete = var.force_delete_ecr - - image_scanning_configuration { - scan_on_push = true - } -} - -resource "aws_secretsmanager_secret" "pinpoint_to_sqs_sms_callbacks_repository_url" { - name = "PINPOINT_TO_SQS_SMS_CALLBACKS_REPOSITORY_URL" -} - -resource "aws_secretsmanager_secret_version" "pinpoint_to_sqs_sms_callbacks_repository_url" { - secret_id = aws_secretsmanager_secret.pinpoint_to_sqs_sms_callbacks_repository_url.id - secret_string = aws_ecr_repository.pinpoint_to_sqs_sms_callbacks.repository_url -} diff --git a/aws/pinpoint_to_sqs_sms_callbacks/images.tf b/aws/pinpoint_to_sqs_sms_callbacks/images.tf deleted file mode 100644 index 6ff61d102..000000000 --- a/aws/pinpoint_to_sqs_sms_callbacks/images.tf +++ /dev/null @@ -1,38 +0,0 @@ -/* -This is a dirty hack and exists only to bootstrap new environments. -Lambda Functions will not build unless the docker image is specified before hand. -In a new environment, these images would not exist in the ECR yet and thus the build fails. -This code pulls the source code of the other repositories, builds the images, and pushes to ECR if the bootstrap variable is set to true. -*/ - -# Clone Lambda Repository -resource "null_resource" "lambda_repo_clone" { - count = var.bootstrap ? 1 : 0 - triggers = { - always_run = "${timestamp()}" - } - - provisioner "local-exec" { - command = "git clone 'https://github.com/cds-snc/notification-lambdas.git' /var/tmp/notification-lambdas" - } -} - -resource "null_resource" "build_pinpoint_to_sqs_sms_callbacks_docker_image" { - count = var.bootstrap ? 1 : 0 - depends_on = [ - null_resource.lambda_repo_clone - ] - - provisioner "local-exec" { - command = "docker build -t ${aws_ecr_repository.pinpoint_to_sqs_sms_callbacks.repository_url}:bootstrap -f /var/tmp/notification-lambdas/pinpointsmscallbacks/Dockerfile /var/tmp/notification-lambdas" - } -} - -resource "null_resource" "push_pinpoint_to_sqs_sms_callbacks_docker_image" { - count = var.bootstrap ? 1 : 0 - depends_on = [null_resource.build_pinpoint_to_sqs_sms_callbacks_docker_image] - - provisioner "local-exec" { - command = "docker push ${aws_ecr_repository.pinpoint_to_sqs_sms_callbacks.repository_url}:bootstrap" - } -} diff --git a/aws/pinpoint_to_sqs_sms_callbacks/lambda.tf b/aws/pinpoint_to_sqs_sms_callbacks/lambda.tf index b957539a6..25d9fa0c8 100644 --- a/aws/pinpoint_to_sqs_sms_callbacks/lambda.tf +++ b/aws/pinpoint_to_sqs_sms_callbacks/lambda.tf @@ -1,4 +1,10 @@ +variable "lambda_depends_on" { + type = any + default = var.bootstrap ? [null_resource.push_pinpoint_to_sqs_sms_callbacks_docker_image] : [] +} + module "pinpoint_to_sqs_sms_callbacks" { + depends_on = [var.lambda_depends_on] source = "github.com/cds-snc/terraform-modules//lambda?ref=v7.3.3" name = "pinpoint_to_sqs_sms_callbacks" billing_tag_value = var.billing_tag_value