From 63e462641bb60ef01dc2f0aca8c84b2c652d6f23 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ji=C5=99=C3=AD=20Ol=C3=A1h?= <80096323+joli-sys@users.noreply.github.com> Date: Thu, 19 Dec 2024 12:44:10 +0100 Subject: [PATCH] feat: Define multiple gitlab projects (#26) * feat: Define multiple gitlab projects --------- Co-authored-by: Jakub Jindra --- README.md | 13 +++++++------ deploy.tf | 8 ++++++-- modules/gitlab/README.md | 2 +- modules/gitlab/main.tf | 23 +++++++++++++++++------ modules/gitlab/variables.tf | 4 ++-- variables.tf | 10 ++++++++-- 6 files changed, 41 insertions(+), 19 deletions(-) diff --git a/README.md b/README.md index 403189b..86ba749 100644 --- a/README.md +++ b/README.md @@ -92,7 +92,7 @@ module "static-site" { | Name | Version | |------|---------| -| [aws](#provider\_aws) | ~> 5.27 | +| [aws](#provider\_aws) | 5.61.0 | ## Modules @@ -100,7 +100,7 @@ module "static-site" { |------|--------|---------| | [certificate](#module\_certificate) | terraform-aws-modules/acm/aws | 5.1.1 | | [gitlab](#module\_gitlab) | ./modules/gitlab | n/a | -| [s3\_bucket](#module\_s3\_bucket) | terraform-aws-modules/s3-bucket/aws | 4.1.2 | +| [s3\_bucket](#module\_s3\_bucket) | terraform-aws-modules/s3-bucket/aws | 4.2.2 | ## Resources @@ -138,9 +138,10 @@ module "static-site" { | [enable\_deploy\_user](#input\_enable\_deploy\_user) | Toggle s3 deploy user creation | `bool` | `true` | no | | [encrypt\_with\_kms](#input\_encrypt\_with\_kms) | Enable server side s3 bucket encryption with KMS key | `bool` | `false` | no | | [extra\_domains](#input\_extra\_domains) | Map of extra\_domains with domain name and zone\_id | `map(string)` | `{}` | no | -| [functions](#input\_functions) | n/a | 
object({
    viewer_request  = optional(string)
    viewer_response = optional(string)
  })
| `{}` | no | +| [functions](#input\_functions) | n/a | 
object({
    viewer_request  = optional(string)
    viewer_response = optional(string)
  })
| `{}` | no | | [gitlab\_environment](#input\_gitlab\_environment) | GitLab environment name | `string` | `"*"` | no | -| [gitlab\_project\_id](#input\_gitlab\_project\_id) | Integrates with GitLab CI/CD to deploy site and invalidate CloudFront cache | `string` | `null` | no | +| [gitlab\_project\_id](#input\_gitlab\_project\_id) | Deprecated: Use gitlab\_project\_ids instead | `string` | `""` | no | +| [gitlab\_project\_ids](#input\_gitlab\_project\_ids) | Integrates with GitLab CI/CD to deploy site and invalidate CloudFront cache | `list(string)` | `[]` | no | | [kms\_deletion\_window\_in\_days](#input\_kms\_deletion\_window\_in\_days) | The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key | `number` | `30` | no | | [kms\_key\_policy](#input\_kms\_key\_policy) | Additional KSM key policy | `string` | `"{}"` | no | | [logs\_bucket](#input\_logs\_bucket) | Bucket to store CloudFront logs | `string` | `null` | no | @@ -150,12 +151,12 @@ module "static-site" { | [origin\_path](#input\_origin\_path) | Cloudfront origin path | `string` | `""` | no | | [override\_status\_code\_403](#input\_override\_status\_code\_403) | Override status code for 403 error | `number` | `403` | no | | [override\_status\_code\_404](#input\_override\_status\_code\_404) | Override status code for 404 error | `number` | `200` | no | -| [proxy\_paths](#input\_proxy\_paths) | n/a | 
list(object({
    origin_domain = string
    path_prefix   = string
  }))
| `[]` | no | +| [proxy\_paths](#input\_proxy\_paths) | n/a | 
list(object({
    origin_domain = string
    path_prefix   = string
  }))
| `[]` | no | | [response\_header\_access\_control\_allow\_credentials](#input\_response\_header\_access\_control\_allow\_credentials) | n/a | `bool` | `false` | no | | [response\_header\_origin\_override](#input\_response\_header\_origin\_override) | n/a | `bool` | `false` | no | | [s3\_bucket\_name](#input\_s3\_bucket\_name) | n/a | `string` | n/a | yes | | [s3\_bucket\_policy](#input\_s3\_bucket\_policy) | Additional S3 bucket policy | `string` | `"{}"` | no | -| [s3\_cors\_rule](#input\_s3\_cors\_rule) | List of maps containing rules for Cross-Origin Resource Sharing. | 
list(object({
    allowed_headers = optional(list(string))
    allowed_methods = optional(list(string))
    allowed_origins = optional(list(string))
    expose_headers  = optional(list(string))
    max_age_seconds = optional(number)
  }))
| `[]` | no | +| [s3\_cors\_rule](#input\_s3\_cors\_rule) | List of maps containing rules for Cross-Origin Resource Sharing. | 
list(object({
    allowed_headers = optional(list(string))
    allowed_methods = optional(list(string))
    allowed_origins = optional(list(string))
    expose_headers  = optional(list(string))
    max_age_seconds = optional(number)
  }))
| `[]` | no | | [tags](#input\_tags) | n/a | `map(string)` | `{}` | no | ## Outputs diff --git a/deploy.tf b/deploy.tf index 49d0476..d520ec7 100644 --- a/deploy.tf +++ b/deploy.tf @@ -1,3 +1,7 @@ +locals { + gitlab_project_ids = toset(concat(var.gitlab_project_ids, var.gitlab_project_id != "" ? [var.gitlab_project_id] : [])) +} + resource "aws_iam_user" "deploy" { count = var.enable_deploy_user == true ? 1 : 0 name = "zvirt-${local.main_domain_sanitized}-deploy" @@ -42,11 +46,11 @@ resource "aws_iam_user_policy" "deploy" { } module "gitlab" { - count = var.gitlab_project_id == null ? 0 : 1 + count = length(local.gitlab_project_ids) == 0 ? 0 : 1 source = "./modules/gitlab" - gitlab_project_id = var.gitlab_project_id + gitlab_project_ids = local.gitlab_project_ids gitlab_environment = var.gitlab_environment aws_s3_bucket_name = module.s3_bucket.s3_bucket_id diff --git a/modules/gitlab/README.md b/modules/gitlab/README.md index cbbf543..94c7f90 100644 --- a/modules/gitlab/README.md +++ b/modules/gitlab/README.md @@ -84,7 +84,7 @@ No modules. | [aws\_s3\_bucket\_name](#input\_aws\_s3\_bucket\_name) | n/a | `string` | n/a | yes | | [aws\_secret\_access\_key](#input\_aws\_secret\_access\_key) | n/a | `string` | n/a | yes | | [gitlab\_environment](#input\_gitlab\_environment) | n/a | `string` | `"*"` | no | -| [gitlab\_project\_id](#input\_gitlab\_project\_id) | n/a | `string` | n/a | yes | +| [gitlab\_project\_ids](#input\_gitlab\_project\_ids) | n/a | `list(string)` | n/a | yes | ## Outputs diff --git a/modules/gitlab/main.tf b/modules/gitlab/main.tf index 107696d..933a07d 100644 --- a/modules/gitlab/main.tf +++ b/modules/gitlab/main.tf @@ -1,9 +1,12 @@ data "gitlab_project" "this" { - id = var.gitlab_project_id + for_each = toset(var.gitlab_project_ids) + id = each.value } resource "gitlab_project_variable" "s3_bucket" { - project = data.gitlab_project.this.id + for_each = data.gitlab_project.this + + project = each.value.id protected = false masked = false @@ -16,7 +19,9 @@ resource "gitlab_project_variable" "s3_bucket" { } resource "gitlab_project_variable" "aws_default_region" { - project = data.gitlab_project.this.id + for_each = data.gitlab_project.this + + project = each.value.id protected = false masked = false @@ -29,7 +34,9 @@ resource "gitlab_project_variable" "aws_default_region" { } resource "gitlab_project_variable" "cloudfront_distribution_id" { - project = data.gitlab_project.this.id + for_each = data.gitlab_project.this + + project = each.value.id protected = false masked = false @@ -42,7 +49,9 @@ resource "gitlab_project_variable" "cloudfront_distribution_id" { } resource "gitlab_project_variable" "site_aws_access_key_id" { - project = data.gitlab_project.this.id + for_each = data.gitlab_project.this + + project = each.value.id protected = false masked = false @@ -55,7 +64,9 @@ resource "gitlab_project_variable" "site_aws_access_key_id" { } resource "gitlab_project_variable" "site_aws_secret_access_key" { - project = data.gitlab_project.this.id + for_each = data.gitlab_project.this + + project = each.value.id protected = false masked = true diff --git a/modules/gitlab/variables.tf b/modules/gitlab/variables.tf index 4c7ce73..2d77abb 100644 --- a/modules/gitlab/variables.tf +++ b/modules/gitlab/variables.tf @@ -1,5 +1,5 @@ -variable "gitlab_project_id" { - type = string +variable "gitlab_project_ids" { + type = list(string) } variable "gitlab_environment" { diff --git a/variables.tf b/variables.tf index 8d75227..ed73aee 100644 --- a/variables.tf +++ b/variables.tf @@ -22,10 +22,16 @@ variable "s3_bucket_policy" { description = "Additional S3 bucket policy" } -variable "gitlab_project_id" { +variable "gitlab_project_ids" { description = "Integrates with GitLab CI/CD to deploy site and invalidate CloudFront cache" + type = list(string) + default = [] +} + +variable "gitlab_project_id" { type = string - default = null + description = "Deprecated: Use gitlab_project_ids instead" + default = "" } variable "gitlab_environment" {