feat: support CodePipeline V2 (#135)

README.md

@@ -152,13 +152,13 @@ for example.
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.3 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.32 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.32 |
 
 ## Modules
 
@@ -230,6 +230,8 @@ for example.
 | <a name="input_code_pipeline_artifact_bucket"></a> [code\_pipeline\_artifact\_bucket](#input\_code\_pipeline\_artifact\_bucket) | Use an existing bucket for codepipeline artifacts that can be reused for multiple services. Otherwise a separate bucket for each service will be created. | `string` | `""` | no |
 | <a name="input_code_pipeline_artifact_bucket_sse"></a> [code\_pipeline\_artifact\_bucket\_sse](#input\_code\_pipeline\_artifact\_bucket\_sse) | AWS KMS master key id for server-side encryption. | `any` | `{}` | no |
 | <a name="input_code_pipeline_role_name"></a> [code\_pipeline\_role\_name](#input\_code\_pipeline\_role\_name) | Use an existing role for codepipeline permissions that can be reused for multiple services. Otherwise a separate role for this service will be created. | `string` | `""` | no |
+| <a name="input_code_pipeline_type"></a> [code\_pipeline\_type](#input\_code\_pipeline\_type) | Type of the CodePipeline. Possible values are: `V1` and `V2`. | `string` | `"V1"` | no |
+| <a name="input_code_pipeline_variables"></a> [code\_pipeline\_variables](#input\_code\_pipeline\_variables) | CodePipeline variables. Valid only when `codepipeline_type` is `V2`. | <pre>list(object({<br>    name          = string<br>    default_value = optional(string)<br>    description   = optional(string)<br>  }))</pre> | `[]` | no |
 | <a name="input_codestar_notifications_detail_type"></a> [codestar\_notifications\_detail\_type](#input\_codestar\_notifications\_detail\_type) | The level of detail to include in the notifications for this resource. Possible values are BASIC and FULL. | `string` | `"BASIC"` | no |
 | <a name="input_codestar_notifications_event_type_ids"></a> [codestar\_notifications\_event\_type\_ids](#input\_codestar\_notifications\_event\_type\_ids) | A list of event types associated with this notification rule. For list of allowed events see https://docs.aws.amazon.com/dtconsole/latest/userguide/concepts.html#concepts-api. | `list(string)` | <pre>[<br>  "codepipeline-pipeline-pipeline-execution-succeeded",<br>  "codepipeline-pipeline-pipeline-execution-failed"<br>]</pre> | no |
 | <a name="input_codestar_notifications_kms_master_key_id"></a> [codestar\_notifications\_kms\_master\_key\_id](#input\_codestar\_notifications\_kms\_master\_key\_id) | AWS KMS master key id for server-side encryption. | `string` | `null` | no |

main.tf

@@ -242,6 +242,8 @@ module "code_deploy" {
   code_build_role                         = var.code_build_role_name
   code_build_log_retention_in_days        = var.code_build_log_retention_in_days
   code_pipeline_role                      = var.code_pipeline_role_name
+  code_pipeline_type                      = var.code_pipeline_type
+  code_pipeline_variables                 = var.code_pipeline_variables
   artifact_bucket                         = var.code_pipeline_artifact_bucket
   artifact_bucket_server_side_encryption  = var.code_pipeline_artifact_bucket_sse
 

modules/deployment/code_pipeline.tf

@@ -1,6 +1,7 @@
 resource "aws_codepipeline" "codepipeline" {
-  name     = var.service_name
-  role_arn = var.code_pipeline_role == "" ? aws_iam_role.code_pipeline_role[0].arn : data.aws_iam_role.code_pipeline[0].arn
+  name          = var.service_name
+  pipeline_type = var.code_pipeline_type
+  role_arn      = var.code_pipeline_role == "" ? aws_iam_role.code_pipeline_role[0].arn : data.aws_iam_role.code_pipeline[0].arn
 
   tags = merge(var.tags, {
     tf_module = basename(path.module)
@@ -64,4 +65,13 @@ resource "aws_codepipeline" "codepipeline" {
       }
     }
   }
+
+  dynamic "variable" {
+    for_each = var.code_pipeline_variables
+    content {
+      name          = variable.value.name
+      default_value = variable.value.default_value
+      description   = variable.value.description
+    }
+  }
 }

modules/deployment/variables.tf

@@ -40,12 +40,28 @@ variable "artifact_bucket_server_side_encryption" {
   type        = any
 }
 
+variable "code_pipeline_type" {
+  description = "Type of the CodePipeline. Possible values are: `V1` and `V2`."
+  default     = "V1"
+  type        = string
+}
+
 variable "code_pipeline_role" {
   default     = ""
   description = "Use an existing role for codepipeline permissions that can be reused for multiple services."
   type        = string
 }
 
+variable "code_pipeline_variables" {
+  description = "CodePipeline variables. Valid only when `codepipeline_type` is `V2`."
+  default     = []
+  type = list(object({
+    name          = string
+    default_value = optional(string)
+    description   = optional(string)
+  }))
+}
+
 variable "code_build_environment_compute_type" {
   description = "Information about the compute resources the CodeBuild stage of the deployment pipeline will use."
   default     = "BUILD_LAMBDA_1GB"

variables.tf

@@ -149,6 +149,22 @@ variable "code_pipeline_role_name" {
   type        = string
 }
 
+variable "code_pipeline_type" {
+  description = "Type of the CodePipeline. Possible values are: `V1` and `V2`."
+  default     = "V1"
+  type        = string
+}
+
+variable "code_pipeline_variables" {
+  description = "CodePipeline variables. Valid only when `codepipeline_type` is `V2`."
+  default     = []
+  type = list(object({
+    name          = string
+    default_value = optional(string)
+    description   = optional(string)
+  }))
+}
+
 variable "code_build_environment_compute_type" {
   description = "Information about the compute resources the CodeBuild stage of the deployment pipeline will use."
   default     = "BUILD_LAMBDA_1GB"

versions.tf

@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 3.0"
+      version = ">= 5.32"
     }
   }
 }