Upload public SSH key for git user

In order to access the codecommit repository via SSH, we must upload
a SSH key.

We add a required variable for the concourse terraform: `git_rsa_id_pub`,
which must have the public SSH key to add, and a new output
`git_ssh_key_id` which is the key id of the ssh key and the user that
must be used when connecting to the codecommit git repo.

We use the resource `aws_iam_user_ssh_key` which has been added in this
issue and PR:

hashicorp/terraform#5744
hashicorp/terraform#5774

terraform/concourse/codecommit.tf

@@ -30,3 +30,9 @@ resource "aws_iam_user" "git" {
 #    ]
 #    append = true
 #}
+
+resource "aws_iam_user_ssh_key" "git" {
+  username = "${aws_iam_user.git.name}"
+  encoding = "PEM"
+  public_key = "${var.git_rsa_id_pub}"
+}

terraform/concourse/git_ssh_key_id

@@ -0,0 +1 @@
+Empty file git_ssh_key_id to avoid terraform fail during the first run.

terraform/concourse/outputs.tf

@@ -29,3 +29,11 @@ output "git_concourse_pool_clone_url_http" {
 output "git_user_name" {
   value = "${aws_iam_user.git.name}"
 }
+
+output "git_user_ssh_public_key_id" {
+  value = "${aws_iam_user_ssh_key.git.ssh_public_key_id}"
+}
+
+output "git_concourse_pool_clone_full_url_ssh" {
+  value = "${aws_iam_user_ssh_key.git.ssh_public_key_id}@${replace(aws_codecommit_repository.concourse-pool.clone_url_ssh, "/^ssh://([^/]+)//", "$1:")}"
+}

terraform/concourse/variables.tf

@@ -10,3 +10,7 @@ variable "concourse_pool_git_rw_groupname" {
   description = "Group with permissions to write in concourse pool git repositories"
   default     = "concourse-pool-git-rw"
 }
+
+variable "git_rsa_id_pub" {
+  description = "Public SSH key for the git user"
+}