tfstack · jajera · May 16, 2025 · May 16, 2025
diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
@@ -0,0 +1,4 @@
+FROM mcr.microsoft.com/devcontainers/base:bookworm
+
+# Install necessary dependencies
+RUN apt-get update -y && rm -rf /var/lib/apt/lists/*
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
@@ -0,0 +1,21 @@
+{
+  "name": "Terraform Development Container",
+  "build": {
+    "dockerfile": "Dockerfile"
+  },
+  "features": {
+    "ghcr.io/devcontainers/features/terraform:1": {
+      "version": "latest"
+    },
+    "ghcr.io/dhoeric/features/terraform-docs:1": {}
+  },
+  "customizations": {
+    "vscode": {
+      "extensions": [
+        "hashicorp.terraform"
+      ]
+    }
+  },
+  "postCreateCommand": "",
+  "remoteUser": "vscode"
+}
diff --git a/.github/workflows/commitmsg-conform.yml b/.github/workflows/commitmsg-conform.yml
@@ -0,0 +1,14 @@
+name: Commit Message Conformance
+
+on:
+  pull_request: {}
+
+permissions:
+  statuses: write
+  checks: write
+  contents: read
+  pull-requests: read
+
+jobs:
+  commitmsg-conform:
+    uses: actionsforge/actions/.github/workflows/commitmsg-conform.yml@main
diff --git a/.github/workflows/markdown-lint.yml b/.github/workflows/markdown-lint.yml
@@ -0,0 +1,14 @@
+name: Markdown Lint
+
+on:
+  pull_request: {}
+
+permissions:
+  statuses: write
+  checks: write
+  contents: read
+  pull-requests: read
+
+jobs:
+  markdown-lint:
+    uses: actionsforge/actions/.github/workflows/markdown-lint.yml@main
diff --git a/.github/workflows/terraform-docs.yml b/.github/workflows/terraform-docs.yml
@@ -0,0 +1,13 @@
+name: Generate terraform docs
+
+on:
+  push:
+    branches:
+      - main
+
+permissions:
+  contents: write
+
+jobs:
+  terraform-docs:
+    uses: actionsforge/actions/.github/workflows/terraform-docs.yml@main
diff --git a/.github/workflows/terraform-lint-validate.yml b/.github/workflows/terraform-lint-validate.yml
@@ -0,0 +1,13 @@
+name: Terraform Lint & Validate
+
+on:
+  pull_request: {}
+permissions:
+  statuses: write
+  checks: write
+  contents: read
+  pull-requests: read
+
+jobs:
+  terraform-lint-validate:
+    uses: actionsforge/actions/.github/workflows/terraform-lint-validate.yml@main
diff --git a/.github/workflows/terraform-tag-and-release.yml b/.github/workflows/terraform-tag-and-release.yml
@@ -0,0 +1,10 @@
+name: Terraform Tag and Release
+on:
+  push:
+    branches:
+      - main
+permissions:
+  contents: write
+jobs:
+  terraform-tag-and-release:
+    uses: actionsforge/actions/.github/workflows/terraform-tag-and-release.yml@main
diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
diff --git a/.vscode/extensions.json b/.vscode/extensions.json
@@ -0,0 +1,14 @@
+{
+  "recommendations": [
+    "davidanson.vscode-markdownlint",
+    "eamodio.gitlens",
+    "esbenp.prettier-vscode",
+    "foxundermoon.shell-format",
+    "Gruntfuggly.todo-tree",
+    "hashicorp.terraform",
+    "mhutchie.git-graph",
+    "streetsidesoftware.code-spell-checker",
+    "usernamehw.errorlens",
+    "vscode-icons-team.vscode-icons"
+  ]
+}
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -0,0 +1,52 @@
+{
+  "files.associations": {
+    "*.dockerfile": "dockerfile",
+    "*.sh.tpl": "shellscript",
+    "docker-compose*.yml": "yaml",
+    "Dockerfile*": "dockerfile"
+  },
+  "files.exclude": {
+    "**/.git": true,
+    "**/.svn": true,
+    "**/.hg": true,
+    "**/CVS": true,
+    "**/.DS_Store": true,
+    "__debug_bin": true,
+    "vendor/": true,
+    "go.sum": true
+  },
+  "files.trimTrailingWhitespace": true,
+  "files.trimFinalNewlines": true,
+  "files.insertFinalNewline": true,
+  "remote.extensionKind": {
+    "ms-azuretools.vscode-docker": "ui",
+    "ms-vscode-remote.remote-containers": "ui"
+  },
+  "editor.formatOnSave": true,
+  "editor.formatOnPaste": true,
+  "prettier.requireConfig": true,
+  "workbench.iconTheme": "vscode-icons",
+  "[css]": {
+    "editor.defaultFormatter": "vscode.css-language-features",
+    "editor.foldingStrategy": "indentation"
+  },
+  "[dockerfile]": {
+      "editor.defaultFormatter": "ms-azuretools.vscode-docker"
+  },
+  "[html]": {
+    "editor.defaultFormatter": "vscode.html-language-features"
+  },
+  "[json]": {
+    "editor.formatOnSave": true,
+    "editor.defaultFormatter": "esbenp.prettier-vscode"
+  },
+  "[shellscript]": {
+    "editor.defaultFormatter": "foxundermoon.shell-format"
+  },
+"[terraform]": {
+    "editor.formatOnSave": true,
+    "editor.defaultFormatter": "hashicorp.terraform",
+    "editor.tabSize": 2,
+    "editor.insertSpaces": true
+}
+}
diff --git a/README.md b/README.md
@@ -1,2 +1,6 @@
 # terraform-aws-lambda-versioned
-Terraform module for versioned AWS Lambda deployments using S3 and aliases
+
+Terraform module for versioned AWS Lambda deployments supporting both zip packages from S3 and container images from ECR.
+
+<!-- BEGIN_TF_DOCS -->
+<!-- END_TF_DOCS -->
diff --git a/examples/image/.terraform.lock.hcl b/examples/image/.terraform.lock.hcl
diff --git a/examples/image/Dockerfile b/examples/image/Dockerfile
@@ -0,0 +1,5 @@
+FROM public.ecr.aws/lambda/python:3.11
+
+COPY app.py ${LAMBDA_TASK_ROOT}
+
+CMD [ "app.handler" ]
diff --git a/examples/image/README.md b/examples/image/README.md
@@ -0,0 +1,61 @@
+# Terraform AWS Lambda Container Image Deployment Example
+
+This example demonstrates how to deploy an AWS Lambda function using a container image from ECR, with versioning support.
+
+## Features
+
+- **Container Deployment**: Deploys Lambda function using container images
+- **ECR Integration**: Uses ECR for container image storage
+- **IAM Roles**: Configures execution role with Lambda and ECR permissions
+- **Environment Variables**: Supports custom environment variables
+- **Resource Limits**: Configurable timeout and memory settings
+- **Tagging**: Supports custom resource tagging
+
+## Usage
+
+### **Initialize and Apply**
+
+```bash
+terraform init
+terraform plan
+terraform apply
+```
+
+### **Destroy Resources**
+
+```bash
+terraform destroy
+```
+
+> **Warning:** Running this example creates AWS resources that incur costs.
+
+## Inputs
+
+| Name | Description | Type | Default |
+|------|-------------|------|---------|
+| `function_name` | Name of the Lambda function | `string` | Required |
+| `package_type` | Lambda package type | `string` | `"Image"` |
+| `image_uri` | URI of the container image | `string` | Required |
+| `policy_arns` | List of IAM policy ARNs to attach | `list(string)` | `[]` |
+| `timeout` | Function timeout in seconds | `number` | `3` |
+| `memory_size` | Function memory in MB | `number` | `128` |
+| `environment_variables` | Environment variables for function | `map(string)` | `{}` |
+| `tags` | Resource tags | `map(string)` | `{}` |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| `function_name` | Name of the Lambda function |
+| `function_arn` | ARN of the Lambda function |
+| `function_invoke_arn` | Invoke ARN of the Lambda function |
+| `role_arn` | ARN of the Lambda execution role |
+
+## Resources Created
+
+- **Lambda Function** with container image deployment
+- **IAM Role** for Lambda execution
+- **IAM Policy Attachments** for Lambda and ECR permissions
+- **CloudWatch Log Group** for function logs
+
+This example provides a **complete Lambda deployment** using container images from ECR.
diff --git a/examples/image/app.py b/examples/image/app.py
@@ -0,0 +1,11 @@
+import os
+import json
+
+def handler(event, context):
+    version = os.environ.get("AWS_LAMBDA_FUNCTION_VERSION", "$LATEST")
+    print(f"Lambda version: {version}")
+
+    return {
+        "statusCode": 200,
+        "body": json.dumps({ "version": version })
+    }
diff --git a/examples/image/external/hello.zip b/examples/image/external/hello.zip
diff --git a/examples/image/external/source/Dockerfile b/examples/image/external/source/Dockerfile
@@ -0,0 +1,2 @@
+FROM busybox
+CMD tail -f /dev/null