data "github_repository" "this" {
  name = var.name
}

resource "aws_codebuild_project" "this" {
  count = var.artifact_s3_bucket == "" ? 0 : 1

  name           = var.name
  description    = "Project for ${var.name}"
  service_role   = var.service_role
  encryption_key = var.kms_key
  badge_enabled  = var.badge_enabled

  source {
    type                = "GITHUB_ENTERPRISE"
    location            = data.github_repository.this.http_clone_url
    report_build_status = true
  }

  environment {
    compute_type = "BUILD_GENERAL1_SMALL"
    image        = var.codebuild_image
    type         = "LINUX_CONTAINER"
  }

  artifacts {
    type                   = "S3"
    location               = var.artifact_s3_bucket
    name                   = "/"
    path                   = var.name
    namespace_type         = var.artifact_namespace_type
    override_artifact_name = var.override_artifact_name
    packaging              = "NONE"
  }

  tags = merge(local.standard_tags, var.tags)

  # Govcloud incompatible with "project visibility"
  # See https://github.com/hashicorp/terraform-provider-aws/issues/22473#issuecomment-1081187035
  lifecycle { ignore_changes = [project_visibility] }
}

resource "aws_codebuild_webhook" "this" {
  project_name  = var.name
  branch_filter = var.webhook_branch_filter

  depends_on = [aws_codebuild_project.this]
}

resource "github_repository_webhook" "this" {
  active     = true
  events     = ["push"]
  repository = data.github_repository.this.name

  configuration {
    url          = aws_codebuild_webhook.this.payload_url
    secret       = aws_codebuild_webhook.this.secret
    content_type = "json"
    insecure_ssl = false
  }
}