AFS
/
xdr-terraform-modules


			
				
					
						
						
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576
							data "github_repository" "this" {
    name    = "content_source"
}

resource "aws_codebuild_project" "this" {
  for_each               = local.splunk_server_types

  name                  = "splunk_apps_${var.splunk_prefix}_${each.value}"
  description           = "Splunk Application build for ${each.value}"
  service_role          = aws_iam_role.codebuild_splunk_apps_role.arn
  encryption_key        = aws_kms_key.s3_codebuild_splunk_apps_artifacts.arn
  badge_enabled         = var.badge_enabled
  concurrent_build_limit = 1
  build_timeout          = 60

  source {
    type                = "GITHUB_ENTERPRISE"
    location            = data.github_repository.this.http_clone_url
    report_build_status = true
    git_clone_depth     = 1
  }

  source_version = var.source_version

  environment {
    compute_type        = "BUILD_GENERAL1_SMALL"
    image               = "${var.common_services_account}.dkr.ecr.us-gov-east-1.amazonaws.com/content_generator:latest"
    image_pull_credentials_type = "SERVICE_ROLE"
    type                = "LINUX_CONTAINER"
    environment_variable {
      name = "TAG"
      type = "PLAINTEXT"
      value = "${var.splunk_prefix}:${each.value}"
    }
  }

  artifacts {
    type                = "S3"
    location            = "xdr-${var.splunk_prefix}-${var.environment}-splunk-apps"
    name                = each.value
    #path                = each.value
    namespace_type      = "NONE"
    packaging           = "NONE"
  }

  tags = merge(var.standard_tags, var.tags)
}

locals {
  webhooks = var.enable_webhooks ? local.splunk_server_types : []
}

resource "aws_codebuild_webhook" "this" {
  #for_each = local.splunk_server_types
  for_each = local.webhooks

  project_name  = aws_codebuild_project.this[each.value].name
  branch_filter = var.webhook_branch_filter

}

resource "github_repository_webhook" "this" {
  #for_each = local.splunk_server_types
  for_each = local.webhooks

  active     = true
  events     = ["push"]
  repository = data.github_repository.this.name

  configuration {
    url          = aws_codebuild_webhook.this[each.value].payload_url
    secret       = aws_codebuild_webhook.this[each.value].secret
    content_type = "json"
    insecure_ssl = false
  }
}