Skip to content

Updated module to support multiple source type including NO_SOURCE #7

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Updated module to support multiple source type including NO_SOURCE #7

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
bb14c50
Updated module to support multiple source type including NO_SOURCE
DebashboraSF Oct 13, 2025
2bdf7ee
Updated module to support multiple source type including NO_SOURCE
DebashboraSF Oct 13, 2025
f51c6bc
Updated codebuild to have env and vpc config
DebashboraSF Oct 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 0 additions & 35 deletions .github/workflows/snyk.yaml
View file
Open in desktop

This file was deleted.

16 changes: 8 additions & 8 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -345,13 +345,13 @@ terraform destroy -var-file dev.tfvars
| Name | Version |
|------|---------|
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.0 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 5.0 |
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | > 5.0, < 7.0 |

## Providers

| Name | Version |
|------|---------|
| <a name="provider_aws"></a> [aws](#provider\_aws) | 5.53.0 |
| <a name="provider_aws"></a> [aws](#provider\_aws) | 6.16.0 |

## Modules

Expand All @@ -372,12 +372,12 @@ terraform destroy -var-file dev.tfvars

| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| <a name="input_artifacts_bucket"></a> [artifacts\_bucket](#input\_artifacts\_bucket) | s3 bucket used for codepipeline artifacts | `string` | n/a | yes |
| <a name="input_chatbot_data"></a> [chatbot\_data](#input\_chatbot\_data) | (optional) Chatbot details to create integration | <pre>object({<br> name = string<br> slack_channel_id = string<br> slack_workspace_id = string<br> guardrail_policies = optional(list(string), ["arn:aws:iam::aws:policy/AWSAccountManagementReadOnlyAccess"])<br> enable_slack_integration = bool<br> role_polices = optional(list(object({<br> policy_document = any<br> policy_name = string<br><br> })), [])<br> managed_policy_arns = optional(list(string), ["arn:aws:iam::aws:policy/AWSResourceExplorerReadOnlyAccess"])<br> })</pre> | `null` | no |
| <a name="input_codebuild_projects"></a> [codebuild\_projects](#input\_codebuild\_projects) | Values to create Codebuild project | <pre>map(object({<br> description = optional(string, "")<br> build_timeout = optional(number, 15)<br> queued_timeout = optional(number, 15)<br> compute_type = optional(string, "BUILD_GENERAL1_SMALL")<br> compute_image = optional(string, "aws/codebuild/amazonlinux2-x86_64-standard:5.0")<br> compute_type_container = optional(string, "LINUX_CONTAINER")<br> image_pull_credentials_type = optional(string, "CODEBUILD")<br> privileged_mode = optional(bool, false)<br> build_type = string<br> buildspec_file_name = optional(string, null)<br> buildspec_file = optional(string, null)<br> terraform_version = optional(string, "terraform-1.5.0-1.x86_64")<br> create_role = optional(bool, false)<br> role_data = optional(object({<br> name = string<br> pipeline_service = optional(string, null)<br> assume_role_arns = optional(list(string), null)<br> github_secret_arn = optional(string, null)<br> terraform_state_s3_bucket = optional(string, null)<br> dynamodb_lock_table = optional(string, null)<br> additional_iam_policy_doc_json_list = optional(list(any), [])<br> }), null)<br> }))</pre> | `null` | no |
| <a name="input_codepipelines"></a> [codepipelines](#input\_codepipelines) | Codepipeline data to create pipeline and stages | <pre>map(object({<br> artifact_store_s3_kms_arn = string<br><br> source_repositories = list(object({<br> name = string<br> output_artifacts = optional(list(string), ["source_output"])<br> github_repository = string<br> github_branch = string<br> auto_trigger = optional(bool, true)<br> }))<br><br> pipeline_stages = list(object({<br> stage_name = string<br> name = string<br> category = optional(string, "Build")<br> provider = optional(string, "CodeBuild")<br> input_artifacts = optional(list(string), [])<br> output_artifacts = optional(list(string), [])<br> version = string<br> project_name = optional(string, null)<br> environment_variables = optional(list(object({<br> name = string<br> value = string<br> type = optional(string, "PLAINTEXT")<br> })),<br> []<br> )<br> }))<br> create_role = optional(bool, false)<br> role_data = optional(object({<br> name = string<br> github_secret_arn = optional(string, null)<br> additional_iam_policy_doc_json_list = optional(list(any), [])<br> }),<br> null)<br><br> trigger = optional(list(object({<br> source_action_name = string<br><br> push = list(object({<br> branches = object({<br> includes = list(string)<br> excludes = list(string)<br> })<br> file_paths = object({<br> includes = list(string)<br> excludes = list(string)<br> })<br> })<br> )<br><br> pull_request = list(object({<br> events = list(string)<br> filter = list(object({<br> branches = object({<br> includes = list(string)<br> excludes = list(string)<br> })<br> file_paths = object({<br> includes = list(string)<br> excludes = list(string)<br> })<br> })<br> ) }))<br><br> })), [])<br><br> notification_data = optional(map(object({<br> detail_type = optional(string, "FULL")<br> event_type_ids = optional(list(string), [<br> "codepipeline-pipeline-pipeline-execution-failed",<br> "codepipeline-pipeline-pipeline-execution-canceled",<br> "codepipeline-pipeline-pipeline-execution-started",<br> "codepipeline-pipeline-pipeline-execution-resumed",<br> "codepipeline-pipeline-pipeline-execution-succeeded",<br> "codepipeline-pipeline-pipeline-execution-superseded",<br> "codepipeline-pipeline-manual-approval-failed",<br> "codepipeline-pipeline-manual-approval-needed"<br> ])<br> targets = list(object({<br> address = string // eg SNS arn<br> type = optional(string, "SNS") // Type can be "SNS" , AWSChatbotSlack etc<br> }))<br> })), null)<br><br> }))</pre> | `{}` | no |
| <a name="input_codestar_connection"></a> [codestar\_connection](#input\_codestar\_connection) | codestar connection arn for github repository | `string` | n/a | yes |
| <a name="input_role_data"></a> [role\_data](#input\_role\_data) | Roles to be created | <pre>map(object({<br> pipeline_service = string<br> assume_role_arns = optional(list(string), null)<br> github_secret_arn = optional(string, null)<br> terraform_state_s3_bucket = optional(string, null)<br> dynamodb_lock_table = optional(string, null)<br> additional_iam_policy_doc_json_list = optional(list(any), [])<br> }))</pre> | `{}` | no |
| <a name="input_artifacts_bucket"></a> [artifacts\_bucket](#input\_artifacts\_bucket) | s3 bucket used for codepipeline artifacts. Optional - not required when using NO\_SOURCE builds. | `string` | `null` | no |
| <a name="input_chatbot_data"></a> [chatbot\_data](#input\_chatbot\_data) | (optional) Chatbot details to create integration. Set chatbot\_data to null to disable chatbot completely. | <pre>object({<br/> name = string<br/> slack_channel_id = optional(string, null) # Required only when enable_slack_integration is true<br/> slack_workspace_id = optional(string, null) # Required only when enable_slack_integration is true. Must contain only uppercase letters and numbers.<br/> guardrail_policies = optional(list(string), ["arn:aws:iam::aws:policy/AWSAccountManagementReadOnlyAccess"])<br/> enable_slack_integration = optional(bool, false)<br/> role_polices = optional(list(object({<br/> policy_document = any<br/> policy_name = string<br/><br/> })), [])<br/> managed_policy_arns = optional(list(string), ["arn:aws:iam::aws:policy/AWSResourceExplorerReadOnlyAccess"])<br/> })</pre> | `null` | no |
| <a name="input_codebuild_projects"></a> [codebuild\_projects](#input\_codebuild\_projects) | Values to create Codebuild project | <pre>map(object({<br/> description = optional(string, "")<br/> build_timeout = optional(number, 15)<br/> queued_timeout = optional(number, 15)<br/> compute_type = optional(string, "BUILD_GENERAL1_SMALL")<br/> compute_image = optional(string, "aws/codebuild/amazonlinux2-x86_64-standard:5.0")<br/> compute_type_container = optional(string, "LINUX_CONTAINER")<br/> image_pull_credentials_type = optional(string, "CODEBUILD")<br/> privileged_mode = optional(bool, false)<br/> build_type = string<br/> buildspec_file_name = optional(string, null)<br/> buildspec_file = optional(string, null)<br/> terraform_version = optional(string, "terraform-1.5.0-1.x86_64")<br/> source_type = optional(string, "CODEPIPELINE") # Valid values: CODEPIPELINE, CODECOMMIT, GITHUB, GITHUB_ENTERPRISE, BITBUCKET, S3, NO_SOURCE<br/> source_location = optional(string, null) # Required when source_type is not CODEPIPELINE or NO_SOURCE<br/> artifacts_type = optional(string, "CODEPIPELINE") # Valid values: CODEPIPELINE, NO_ARTIFACTS, S3<br/> artifacts_location = optional(string, null) # Required when artifacts_type is S3<br/> create_role = optional(bool, false)<br/> role_data = optional(object({<br/> name = string<br/> pipeline_service = optional(string, null)<br/> assume_role_arns = optional(list(string), null)<br/> github_secret_arn = optional(string, null)<br/> terraform_state_s3_bucket = optional(string, null)<br/> dynamodb_lock_table = optional(string, null)<br/> additional_iam_policy_doc_json_list = optional(list(any), [])<br/> }), null)<br/> vpc_config = optional(object({<br/> vpc_id = string<br/> subnets = list(string)<br/> security_group_ids = list(string)<br/> }), null)<br/> environment_variables = optional(list(object({<br/> name = string<br/> value = string<br/> type = optional(string, "PLAINTEXT")<br/> })), [])<br/> }))</pre> | `null` | no |
| <a name="input_codepipelines"></a> [codepipelines](#input\_codepipelines) | Codepipeline data to create pipeline and stages | <pre>map(object({<br/> artifact_store_s3_kms_arn = string<br/><br/> source_repositories = list(object({<br/> name = string<br/> output_artifacts = optional(list(string), ["source_output"])<br/> github_repository = string<br/> github_branch = string<br/> auto_trigger = optional(bool, true)<br/> }))<br/><br/> pipeline_stages = list(object({<br/> stage_name = string<br/> name = string<br/> category = optional(string, "Build")<br/> provider = optional(string, "CodeBuild")<br/> input_artifacts = optional(list(string), [])<br/> output_artifacts = optional(list(string), [])<br/> version = string<br/> project_name = optional(string, null)<br/> environment_variables = optional(list(object({<br/> name = string<br/> value = string<br/> type = optional(string, "PLAINTEXT")<br/> })),<br/> []<br/> )<br/> }))<br/> create_role = optional(bool, false)<br/> role_data = optional(object({<br/> name = string<br/> github_secret_arn = optional(string, null)<br/> additional_iam_policy_doc_json_list = optional(list(any), [])<br/> }),<br/> null)<br/><br/> trigger = optional(list(object({<br/> source_action_name = string<br/><br/> push = list(object({<br/> branches = object({<br/> includes = list(string)<br/> excludes = list(string)<br/> })<br/> file_paths = object({<br/> includes = list(string)<br/> excludes = list(string)<br/> })<br/> })<br/> )<br/><br/> pull_request = list(object({<br/> events = list(string)<br/> filter = list(object({<br/> branches = object({<br/> includes = list(string)<br/> excludes = list(string)<br/> })<br/> file_paths = object({<br/> includes = list(string)<br/> excludes = list(string)<br/> })<br/> })<br/> ) }))<br/><br/> })), [])<br/><br/> notification_data = optional(map(object({<br/> detail_type = optional(string, "FULL")<br/> event_type_ids = optional(list(string), [<br/> "codepipeline-pipeline-pipeline-execution-failed",<br/> "codepipeline-pipeline-pipeline-execution-canceled",<br/> "codepipeline-pipeline-pipeline-execution-started",<br/> "codepipeline-pipeline-pipeline-execution-resumed",<br/> "codepipeline-pipeline-pipeline-execution-succeeded",<br/> "codepipeline-pipeline-pipeline-execution-superseded",<br/> "codepipeline-pipeline-manual-approval-failed",<br/> "codepipeline-pipeline-manual-approval-needed"<br/> ])<br/> targets = list(object({<br/> address = string // eg SNS arn<br/> type = optional(string, "SNS") // Type can be "SNS" , AWSChatbotSlack etc<br/> }))<br/> })), null)<br/><br/> }))</pre> | `{}` | no |
| <a name="input_codestar_connection"></a> [codestar\_connection](#input\_codestar\_connection) | codestar connection arn for github repository | `string` | `null` | no |
| <a name="input_role_data"></a> [role\_data](#input\_role\_data) | Roles to be created | <pre>map(object({<br/> pipeline_service = string<br/> assume_role_arns = optional(list(string), null)<br/> github_secret_arn = optional(string, null)<br/> terraform_state_s3_bucket = optional(string, null)<br/> dynamodb_lock_table = optional(string, null)<br/> additional_iam_policy_doc_json_list = optional(list(any), [])<br/> enable_vpc = optional(bool, false)<br/> }))</pre> | `{}` | no |
| <a name="input_tags"></a> [tags](#input\_tags) | Tags for AWS resources | `map(string)` | n/a | yes |

## Outputs
Expand Down
2 changes: 2 additions & 0 deletions data.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
# Conditionally fetch S3 bucket data only if artifacts_bucket is provided
data "aws_s3_bucket" "artifact" {
count = var.artifacts_bucket != null && var.artifacts_bucket != "" ? 1 : 0
bucket = var.artifacts_bucket
}
Loading
Loading