xdr-terraform-modules/base/codebuild_portal_lambda/main.tf

data "github_repository" "this" {
    name    = var.name
}

resource "aws_codebuild_project" "this" {
  name                  = var.name
  description           = "Project for ${var.name}"
  service_role          = aws_iam_role.codebuild_service_role.arn
  encryption_key        = aws_kms_key.s3_codebuild.arn
  badge_enabled         = var.badge_enabled
  concurrent_build_limit = 1
  #project_visibility     = "PRIVATE"
  build_timeout          = 60

  source {
    type                = "GITHUB_ENTERPRISE"
    location            = data.github_repository.this.http_clone_url
    report_build_status = true
    git_submodules_config {
      fetch_submodules = true
    }
  }

  source_version = var.source_version



  environment {
    compute_type        = "BUILD_GENERAL1_SMALL"
    image               = "aws/codebuild/standard:5.0"
    type                = "LINUX_CONTAINER"

    environment_variable {
      name = "ARTIFACTS_PATH"
      type = "PLAINTEXT"
      value = "s3://${aws_s3_bucket.bucket.id}/"
    }

  }

  artifacts {
    type                = "S3"
    location            = aws_s3_bucket.bucket.id
    name                = "/"
    path                = var.name
    namespace_type      = "NONE"
    packaging           = "NONE"
  }
  
  tags = merge(var.standard_tags, var.tags)
}

resource "aws_codebuild_webhook" "this" {
  project_name  = var.name
  filter_group {
    filter {
      type    = "EVENT"
      pattern = "PUSH"
    }

    filter {
      type    = "HEAD_REF"
      pattern = var.webhook_filter_pattern
    }
  }

  depends_on = [ aws_codebuild_project.this  ]
}

resource "github_repository_webhook" "this" {
  active     = true
  events     = ["push"]
  repository = data.github_repository.this.name

  configuration {
    url          = aws_codebuild_webhook.this.payload_url
    secret       = aws_codebuild_webhook.this.secret
    content_type = "json"
    insecure_ssl = false
  }
}