From 121a8e11a19103fcf968e0457013bcf7859cd1ca Mon Sep 17 00:00:00 2001 From: Tung Bui Date: Wed, 13 Dec 2023 07:32:02 +0700 Subject: [PATCH 1/5] remove hardcode in codedeploy --- .../codepipeline/modules/codedeploy/main.tf | 14 ++++------- .../modules/codedeploy/variables.tf | 24 +++++++++++++++++++ 2 files changed, 28 insertions(+), 10 deletions(-) diff --git a/getting-started/cicd/codepipeline/modules/codedeploy/main.tf b/getting-started/cicd/codepipeline/modules/codedeploy/main.tf index f8d8fcd..3404c20 100644 --- a/getting-started/cicd/codepipeline/modules/codedeploy/main.tf +++ b/getting-started/cicd/codepipeline/modules/codedeploy/main.tf @@ -1,10 +1,10 @@ resource "aws_codedeploy_app" "demo_codepipeline" { compute_platform = "Server" - name = "aws_codedeploy_app_demo" + name = var.codedeploy_app_name } resource "aws_codedeploy_deployment_config" "demo_codepipeline" { - deployment_config_name = "test-deployment-config" + deployment_config_name = var.deployment_config_name minimum_healthy_hosts { type = "HOST_COUNT" @@ -15,7 +15,7 @@ resource "aws_codedeploy_deployment_config" "demo_codepipeline" { resource "aws_codedeploy_deployment_group" "demo_codepipeline" { app_name = aws_codedeploy_app.demo_codepipeline.name - deployment_group_name = "example-group" + deployment_group_name = var.deployment_group_name service_role_arn = var.service_role_arn deployment_config_name = aws_codedeploy_deployment_config.demo_codepipeline.id @@ -29,16 +29,10 @@ resource "aws_codedeploy_deployment_group" "demo_codepipeline" { ec2_tag_filter { type = "KEY_AND_VALUE" key = "Name" - value = "MyCodePipelineDemo" + value = var.ec2_tag_filter_name } } - # trigger_configuration { - # trigger_events = ["DeploymentFailure"] - # trigger_name = "example-trigger" - # trigger_target_arn = aws_sns_topic.example.arn - # } - auto_rollback_configuration { enabled = true events = ["DEPLOYMENT_FAILURE"] diff --git a/getting-started/cicd/codepipeline/modules/codedeploy/variables.tf b/getting-started/cicd/codepipeline/modules/codedeploy/variables.tf index a464892..5564250 100644 --- a/getting-started/cicd/codepipeline/modules/codedeploy/variables.tf +++ b/getting-started/cicd/codepipeline/modules/codedeploy/variables.tf @@ -2,3 +2,27 @@ variable "service_role_arn" { description = "ARN of the IAM profile" type = string } + +variable "deployment_group_name" { + description = "Name of the deployment group" + type = string + default = "demo-deployment-group" +} + +variable "deployment_config_name" { + description = "Name of the deployment configuration" + type = string + default = "demo-deployment-config" +} + +variable "codedeploy_app_name" { + description = "Name of the codedeploy app" + type = string + default = "demo-codedeploy-app" +} + +variable "ec2_tag_filter_name" { + description = "Name of the EC2 tag" + type = string + default = "MyCodePipelineDemo" +} From fce9ed7a87f45f5eae39f086e6ef9ed5b5341725 Mon Sep 17 00:00:00 2001 From: Tung Bui Date: Wed, 13 Dec 2023 07:39:07 +0700 Subject: [PATCH 2/5] clean code - codepipeline --- .../codepipeline/modules/codepipeline/main.tf | 22 ++++++------------- .../modules/codepipeline/variables.tf | 19 ++++++++++++++++ 2 files changed, 26 insertions(+), 15 deletions(-) diff --git a/getting-started/cicd/codepipeline/modules/codepipeline/main.tf b/getting-started/cicd/codepipeline/modules/codepipeline/main.tf index a60dd70..82afefe 100644 --- a/getting-started/cicd/codepipeline/modules/codepipeline/main.tf +++ b/getting-started/cicd/codepipeline/modules/codepipeline/main.tf @@ -1,6 +1,6 @@ resource "aws_codepipeline" "codepipeline" { - name = "tf-test-pipeline" + name = var.codepipeline_name role_arn = aws_iam_role.codepipeline_role.arn artifact_store { @@ -21,8 +21,8 @@ resource "aws_codepipeline" "codepipeline" { output_artifacts = ["source_output"] configuration = { - ConnectionArn = aws_codestarconnections_connection.example.arn - FullRepositoryId = "tungbq/aws-codepipeline-demo" + ConnectionArn = aws_codestarconnections_connection.demo_codepipeline.arn + FullRepositoryId = var.github_repo_name BranchName = "main" } } @@ -32,7 +32,7 @@ resource "aws_codepipeline" "codepipeline" { name = "Deploy" action { - name = "MyDemoApplicationStage" + name = "Application Deployment" category = "Deploy" owner = "AWS" provider = "CodeDeploy" @@ -46,19 +46,11 @@ resource "aws_codepipeline" "codepipeline" { } } -resource "aws_codestarconnections_connection" "example" { - name = "example-connection" +resource "aws_codestarconnections_connection" "demo_codepipeline" { + name = var.aws_codestarconnections_connection_name provider_type = "GitHub" } -data "aws_secretsmanager_secret" "my_secret" { - name = "prod/github/tungb" # Replace with your secret name -} - -data "aws_secretsmanager_secret_version" "my_secret_version" { - secret_id = data.aws_secretsmanager_secret.my_secret.id -} - data "aws_iam_policy_document" "assume_role" { statement { effect = "Allow" @@ -100,7 +92,7 @@ data "aws_iam_policy_document" "codepipeline_policy" { statement { effect = "Allow" actions = ["codestar-connections:UseConnection"] - resources = [aws_codestarconnections_connection.example.arn] + resources = [aws_codestarconnections_connection.demo_codepipeline.arn] } statement { diff --git a/getting-started/cicd/codepipeline/modules/codepipeline/variables.tf b/getting-started/cicd/codepipeline/modules/codepipeline/variables.tf index f3d5b0f..8d35a4d 100644 --- a/getting-started/cicd/codepipeline/modules/codepipeline/variables.tf +++ b/getting-started/cicd/codepipeline/modules/codepipeline/variables.tf @@ -2,7 +2,26 @@ variable "s3_bucket_id" { description = "ID of the S3 bucket" type = string } + variable "s3_bucket_arn" { description = "The ARN for the S3 bucket" type = string } + +variable "codepipeline_name" { + description = "Code pipeline name" + type = string + default = "tf-demo-codepipeline" +} + +variable "github_repo_name" { + description = "Github repository naming" + type = string + default = "tungbq/aws-codepipeline-demo" +} + +variable "aws_codestarconnections_connection_name" { + description = "Codestar connection naming" + type = string + default = "demo-codepipeline-connection" +} From 41d9c92c015a2ce496706c1bfe41ad226a1be19f Mon Sep 17 00:00:00 2001 From: Tung Bui Date: Wed, 13 Dec 2023 07:50:26 +0700 Subject: [PATCH 3/5] fix exception --- .../cicd/codepipeline/modules/codepipeline/main.tf | 7 +++---- .../codepipeline/modules/codepipeline/variables.tf | 14 +++++++++++++- 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/getting-started/cicd/codepipeline/modules/codepipeline/main.tf b/getting-started/cicd/codepipeline/modules/codepipeline/main.tf index 82afefe..2234b5e 100644 --- a/getting-started/cicd/codepipeline/modules/codepipeline/main.tf +++ b/getting-started/cicd/codepipeline/modules/codepipeline/main.tf @@ -6,7 +6,6 @@ resource "aws_codepipeline" "codepipeline" { artifact_store { location = var.s3_bucket_id type = "S3" - } stage { @@ -32,7 +31,7 @@ resource "aws_codepipeline" "codepipeline" { name = "Deploy" action { - name = "Application Deployment" + name = "ApplicationDeployment" category = "Deploy" owner = "AWS" provider = "CodeDeploy" @@ -40,7 +39,7 @@ resource "aws_codepipeline" "codepipeline" { input_artifacts = ["source_output"] configuration = { ApplicationName = "aws_codedeploy_app_demo" - DeploymentGroupName = "example-group" + DeploymentGroupName = var.deployment_group_name } } } @@ -65,7 +64,7 @@ data "aws_iam_policy_document" "assume_role" { } resource "aws_iam_role" "codepipeline_role" { - name = "test-role" + name = var.aws_iam_role_name assume_role_policy = data.aws_iam_policy_document.assume_role.json } diff --git a/getting-started/cicd/codepipeline/modules/codepipeline/variables.tf b/getting-started/cicd/codepipeline/modules/codepipeline/variables.tf index 8d35a4d..5abbddf 100644 --- a/getting-started/cicd/codepipeline/modules/codepipeline/variables.tf +++ b/getting-started/cicd/codepipeline/modules/codepipeline/variables.tf @@ -11,7 +11,7 @@ variable "s3_bucket_arn" { variable "codepipeline_name" { description = "Code pipeline name" type = string - default = "tf-demo-codepipeline" + default = "tf_demo_codepipeline" } variable "github_repo_name" { @@ -25,3 +25,15 @@ variable "aws_codestarconnections_connection_name" { type = string default = "demo-codepipeline-connection" } + +variable "deployment_group_name" { + description = "Name of the deployment group" + type = string + default = "demo-deployment-group" +} + +variable "aws_iam_role_name" { + description = "Name of the deployment group" + type = string + default = "demo-codepipeline-role" +} From aa34a0df4088f7f2e3a80f115bb517cac1afc487 Mon Sep 17 00:00:00 2001 From: Tung Bui Date: Wed, 13 Dec 2023 07:53:34 +0700 Subject: [PATCH 4/5] clean code for ec2 --- .../modules/ec2_codedeploy/main.tf | 24 +++---------------- .../modules/ec2_codedeploy/variables.tf | 12 ++++++++++ 2 files changed, 15 insertions(+), 21 deletions(-) diff --git a/getting-started/cicd/codepipeline/modules/ec2_codedeploy/main.tf b/getting-started/cicd/codepipeline/modules/ec2_codedeploy/main.tf index fabbe68..a2becc3 100644 --- a/getting-started/cicd/codepipeline/modules/ec2_codedeploy/main.tf +++ b/getting-started/cicd/codepipeline/modules/ec2_codedeploy/main.tf @@ -1,4 +1,4 @@ - +# Launch EC2 with codedeploy agent service up and running resource "aws_instance" "basic_ec2_instance" { # To get the AMI ID, visit: https://us-east-1.console.aws.amazon.com/ec2/home?region=us-east-1#AMICatalog ami = "ami-0f34c5ae932e6f0e4" @@ -9,12 +9,12 @@ resource "aws_instance" "basic_ec2_instance" { user_data = file("${path.module}/scripts/install_codedeploy.sh") tags = { - Name = "MyCodePipelineDemo" + Name = var.ec2_tag_name } } resource "aws_security_group" "ec2_codedeploy" { - name = "ec2-codedeploy-security-group" + name = var.ec2_codedeploy_sg_name description = "Focalboard security group allowing ports 22 and 80" ingress { @@ -46,21 +46,3 @@ resource "aws_security_group" "ec2_codedeploy" { ipv6_cidr_blocks = ["::/0"] } } - -# resource "null_resource" "install_codedeploy" { -# provisioner "remote-exec" { -# inline = [ -# "chmod +x /path/to/your/install_codedeploy_agent.sh", -# "/path/to/your/install_codedeploy_agent.sh" -# ] - -# connection { -# type = "ssh" -# user = "ec2-user" # or your SSH user -# private_key = file("/path/to/your/private_key.pem") -# host = aws_instance.example.public_ip # or your instance's public IP -# } -# } - -# depends_on = [aws_instance.basic_ec2_instance] -# } diff --git a/getting-started/cicd/codepipeline/modules/ec2_codedeploy/variables.tf b/getting-started/cicd/codepipeline/modules/ec2_codedeploy/variables.tf index 739520a..aa443c4 100644 --- a/getting-started/cicd/codepipeline/modules/ec2_codedeploy/variables.tf +++ b/getting-started/cicd/codepipeline/modules/ec2_codedeploy/variables.tf @@ -2,3 +2,15 @@ variable "profile_name" { description = "Name of the IAM profile" type = string } + +variable "ec2_tag_name" { + description = "Name of the EC2 tag" + type = string + default = "MyCodePipelineDemo" +} + +variable "ec2_codedeploy_sg_name" { + description = "ec2-codedeploy-security-group" + type = string + default = "ec2-codedeploy-security-group" +} From 09a021dea132651394d3f0a765fd18fee15bed76 Mon Sep 17 00:00:00 2001 From: Tung Bui Date: Wed, 13 Dec 2023 07:56:17 +0700 Subject: [PATCH 5/5] clean code for iam --- getting-started/cicd/codepipeline/modules/iam/main.tf | 3 +-- getting-started/cicd/codepipeline/modules/iam/variables.tf | 6 +++++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/getting-started/cicd/codepipeline/modules/iam/main.tf b/getting-started/cicd/codepipeline/modules/iam/main.tf index 49be3e0..3ef6b73 100644 --- a/getting-started/cicd/codepipeline/modules/iam/main.tf +++ b/getting-started/cicd/codepipeline/modules/iam/main.tf @@ -1,4 +1,3 @@ - resource "aws_iam_role" "instance_role" { name = "EC2InstanceRole" assume_role_policy = <