review fixes

hashicorp · Aug 31, 2023 · c0b1e34 · c0b1e34
1 parent 1074f07
commit c0b1e34
Show file tree

Hide file tree

Showing 4 changed files with 45 additions and 19 deletions.
diff --git a/examples/lambda/README.md b/examples/lambda/README.md
@@ -69,7 +69,7 @@ This example Terraform workspace will use the zip package to deploy the `consul-
 add it to the `lambda-app-2` function so that it can call services within the Consul service mesh.
 
 ```shell
-curl -o consul-lambda-extension.zip "https://releases.hashicorp.com/consul-lambda-extension/${VERSION}-beta4/consul-lambda-extension_${VERSION}-beta4_linux_amd64.zip"
+curl -o consul-lambda-extension.zip "https://releases.hashicorp.com/consul-lambda-extension/${VERSION}/consul-lambda-extension_${VERSION}-beta4_linux_amd64.zip"
 ```
 
 ## Build the example Lambda function

diff --git a/examples/lambda/lambda/variables.tf b/examples/lambda/lambda/variables.tf
@@ -94,7 +94,7 @@ variable "invocation_mode" {
   default     = "SYNCHRONOUS"
   validation {
     condition     = contains(["SYNCHRONOUS", "ASYNCHRONOUS"], var.invocation_mode)
-    error_message = "Invocation_mode must be one of SYNCHRONOUS or ASYNCHRONOUS."
+    error_message = "Variable invocation_mode must be one of SYNCHRONOUS or ASYNCHRONOUS."
   }
 }
 

diff --git a/modules/lambda-registrator/main.tf b/modules/lambda-registrator/main.tf
@@ -17,16 +17,20 @@ locals {
   }] : []
   cron_key                   = "${var.name}-cron"
   lambda_events_key          = "${var.name}-lambda_events"
-  image_tag                  = split(":", var.consul_lambda_registrator_image)[1]
+  image_parts                = split(":", var.consul_lambda_registrator_image)
+  image_tag                  = local.image_parts[1]
+  image_path_parts           = split("/",local.image_parts[0])
+  image_username             = local.image_path_parts[1]
+  image_name                 = local.image_path_parts[2]
   ecr_image_uri              = "${data.aws_caller_identity.current.account_id}.dkr.ecr.${var.region}.amazonaws.com/${var.private_repo_name}:${local.image_tag}"
-  ecr_image_uri_pull-through = "${data.aws_caller_identity.current.account_id}.dkr.ecr.${var.region}.amazonaws.com/ecr-public/hashicorp/${var.private_repo_name}:${local.image_tag}"
+  ecr_image_uri_pull_through = "${data.aws_caller_identity.current.account_id}.dkr.ecr.${var.region}.amazonaws.com/${var.ecr_repository_prefix}/${local.image_username}/${local.image_name}:${local.image_tag}"
 }
 
 # Equivalent of aws ecr get-login
 data "aws_ecr_authorization_token" "ecr_auth" {}
 
 provider "docker" {
-  host = "unix:///var/run/docker.sock" # Use the appropriate Docker socket for your system
+  host = var.docker_host
   registry_auth {
     username = data.aws_ecr_authorization_token.ecr_auth.user_name
     password = data.aws_ecr_authorization_token.ecr_auth.password
@@ -153,33 +157,33 @@ resource "aws_iam_role_policy_attachment" "lambda_logs" {
 }
 
 resource "aws_ecr_repository" "lambda-registrator" {
-  count        = var.pull_through ? 0 : 1
+  count        = var.enable_pull_through_cache ? 0 : 1
   name         = var.private_repo_name
   force_delete = true
 }
 
 
 resource "aws_ecr_pull_through_cache_rule" "pull_through_cache_rule" {
-  count                 = var.pull_through ? 1 : 0
-  ecr_repository_prefix = "ecr-public"
-  upstream_registry_url = "public.ecr.aws"
+  count                 = var.enable_pull_through_cache ? 1 : 0
+  ecr_repository_prefix = var.ecr_repository_prefix
+  upstream_registry_url = var.upstream_registry_url
 }
 
 resource "docker_image" "lambda_registrator" {
-  name = var.pull_through ? local.ecr_image_uri_pull-through : var.consul_lambda_registrator_image
+  name = var.enable_pull_through_cache ? local.ecr_image_uri_pull_through : var.consul_lambda_registrator_image
   depends_on = [
     aws_ecr_pull_through_cache_rule.pull_through_cache_rule
   ]
 }
 
 resource "docker_tag" "lambda_registrator_tag" {
-  count        = var.pull_through ? 0 : 1
+  count        = var.enable_pull_through_cache ? 0 : 1
   source_image = docker_image.lambda_registrator.name
   target_image = local.ecr_image_uri
 }
 
 resource "null_resource" "push_image" {
-  count = var.pull_through ? 0 : 1
+  count = var.enable_pull_through_cache ? 0 : 1
 
   provisioner "local-exec" {
     command = "docker push ${local.ecr_image_uri}"
@@ -190,13 +194,13 @@ resource "null_resource" "push_image" {
   ]
 }
 resource "time_sleep" "wait_30_seconds" {
-  count      = var.pull_through ? 1 : 0
+  count      = var.enable_pull_through_cache ? 1 : 0
   depends_on = [docker_image.lambda_registrator]
 
   create_duration = "30s"
 }
 resource "aws_lambda_function" "registration" {
-  image_uri                      = var.pull_through ? local.ecr_image_uri_pull-through : local.ecr_image_uri
+  image_uri                      = var.enable_pull_through_cache ? local.ecr_image_uri_pull_through : local.ecr_image_uri
   package_type                   = "Image"
   function_name                  = var.name
   role                           = aws_iam_role.registration.arn

diff --git a/modules/lambda-registrator/variables.tf b/modules/lambda-registrator/variables.tf
@@ -101,25 +101,47 @@ variable "tags" {
 }
 variable "region" {
   type        = string
-  description = "AWS region for private repository"
-  default     = "us-east-2"
+  description = "AWS region to deploy Lambda registrator."
 }
 
 variable "private_repo_name" {
-  description = "The name of the repository to republish the ECR image if one exists. If no name is passed, it is assumed that no repository exists and one needs to be created."
+  description = "The name of the repository to republish the ECR image if one exists. If no name is passed, it is assumed that no repository exists and one needs to be created. Note :- If 'pull_through' is true this variable is ignored."
   type        = string
   default     = "consul-lambda-registrator"
 }
 
-variable "pull_through" {
+variable "enable_pull_through_cache" {
   description = "Flag to determine if a pull-through cache method will be used to obtain the appropriate ECR image"
   type        = bool
   default     = false
 }
 
 
 variable "consul_lambda_registrator_image" {
-  description = "The Lambda registrator image to be used, either the latest L.R. image or a user specified prior version"
+  description = "The Lambda registrator image to use. Must be provided as <registry/repository:tag>"
   type        = string
   default     = "public.ecr.aws/hashicorp/consul-lambda-registrator:0.1.0-beta4"
+
+   validation {
+    condition     = can(regex("^[a-zA-Z0-9_.-]+/[a-z0-9_.-]+/[a-z0-9_.-]+:[a-zA-Z0-9_.-]+$", var.consul_lambda_registrator_image))
+    error_message = "Image format of 'consul_lambda_registrator_image' is invalid. It should be in the format 'registry/repository:tag'."
+  }
 }
+
+variable "docker_host" {
+  description = "The docker socket for your system"
+  type        = string
+  default     =  "unix:///var/run/docker.sock"
+}
+
+variable ecr_repository_prefix {
+  description = "The repository namespace to use when caching images from the source registry"
+  type        = string
+  default     =  "ecr-public"
+}
+
+variable upstream_registry_url {
+  description = "The public registry url"
+  type        = string
+  default     =  "public.ecr.aws"
+}