diff --git a/README.md b/README.md
index 403189b..86ba749 100644
--- a/README.md
+++ b/README.md
@@ -92,7 +92,7 @@ module "static-site" {
| Name | Version |
|------|---------|
-| [aws](#provider\_aws) | ~> 5.27 |
+| [aws](#provider\_aws) | 5.61.0 |
## Modules
@@ -100,7 +100,7 @@ module "static-site" {
|------|--------|---------|
| [certificate](#module\_certificate) | terraform-aws-modules/acm/aws | 5.1.1 |
| [gitlab](#module\_gitlab) | ./modules/gitlab | n/a |
-| [s3\_bucket](#module\_s3\_bucket) | terraform-aws-modules/s3-bucket/aws | 4.1.2 |
+| [s3\_bucket](#module\_s3\_bucket) | terraform-aws-modules/s3-bucket/aws | 4.2.2 |
## Resources
@@ -138,9 +138,10 @@ module "static-site" {
| [enable\_deploy\_user](#input\_enable\_deploy\_user) | Toggle s3 deploy user creation | `bool` | `true` | no |
| [encrypt\_with\_kms](#input\_encrypt\_with\_kms) | Enable server side s3 bucket encryption with KMS key | `bool` | `false` | no |
| [extra\_domains](#input\_extra\_domains) | Map of extra\_domains with domain name and zone\_id | `map(string)` | `{}` | no |
-| [functions](#input\_functions) | n/a | object({
viewer_request = optional(string)
viewer_response = optional(string)
}) | `{}` | no |
+| [functions](#input\_functions) | n/a | object({
viewer_request = optional(string)
viewer_response = optional(string)
}) | `{}` | no |
| [gitlab\_environment](#input\_gitlab\_environment) | GitLab environment name | `string` | `"*"` | no |
-| [gitlab\_project\_id](#input\_gitlab\_project\_id) | Integrates with GitLab CI/CD to deploy site and invalidate CloudFront cache | `string` | `null` | no |
+| [gitlab\_project\_id](#input\_gitlab\_project\_id) | Deprecated: Use gitlab\_project\_ids instead | `string` | `""` | no |
+| [gitlab\_project\_ids](#input\_gitlab\_project\_ids) | Integrates with GitLab CI/CD to deploy site and invalidate CloudFront cache | `list(string)` | `[]` | no |
| [kms\_deletion\_window\_in\_days](#input\_kms\_deletion\_window\_in\_days) | The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key | `number` | `30` | no |
| [kms\_key\_policy](#input\_kms\_key\_policy) | Additional KSM key policy | `string` | `"{}"` | no |
| [logs\_bucket](#input\_logs\_bucket) | Bucket to store CloudFront logs | `string` | `null` | no |
@@ -150,12 +151,12 @@ module "static-site" {
| [origin\_path](#input\_origin\_path) | Cloudfront origin path | `string` | `""` | no |
| [override\_status\_code\_403](#input\_override\_status\_code\_403) | Override status code for 403 error | `number` | `403` | no |
| [override\_status\_code\_404](#input\_override\_status\_code\_404) | Override status code for 404 error | `number` | `200` | no |
-| [proxy\_paths](#input\_proxy\_paths) | n/a | list(object({
origin_domain = string
path_prefix = string
})) | `[]` | no |
+| [proxy\_paths](#input\_proxy\_paths) | n/a | list(object({
origin_domain = string
path_prefix = string
})) | `[]` | no |
| [response\_header\_access\_control\_allow\_credentials](#input\_response\_header\_access\_control\_allow\_credentials) | n/a | `bool` | `false` | no |
| [response\_header\_origin\_override](#input\_response\_header\_origin\_override) | n/a | `bool` | `false` | no |
| [s3\_bucket\_name](#input\_s3\_bucket\_name) | n/a | `string` | n/a | yes |
| [s3\_bucket\_policy](#input\_s3\_bucket\_policy) | Additional S3 bucket policy | `string` | `"{}"` | no |
-| [s3\_cors\_rule](#input\_s3\_cors\_rule) | List of maps containing rules for Cross-Origin Resource Sharing. | list(object({
allowed_headers = optional(list(string))
allowed_methods = optional(list(string))
allowed_origins = optional(list(string))
expose_headers = optional(list(string))
max_age_seconds = optional(number)
})) | `[]` | no |
+| [s3\_cors\_rule](#input\_s3\_cors\_rule) | List of maps containing rules for Cross-Origin Resource Sharing. | list(object({
allowed_headers = optional(list(string))
allowed_methods = optional(list(string))
allowed_origins = optional(list(string))
expose_headers = optional(list(string))
max_age_seconds = optional(number)
})) | `[]` | no |
| [tags](#input\_tags) | n/a | `map(string)` | `{}` | no |
## Outputs
diff --git a/deploy.tf b/deploy.tf
index 49d0476..d520ec7 100644
--- a/deploy.tf
+++ b/deploy.tf
@@ -1,3 +1,7 @@
+locals {
+ gitlab_project_ids = toset(concat(var.gitlab_project_ids, var.gitlab_project_id != "" ? [var.gitlab_project_id] : []))
+}
+
resource "aws_iam_user" "deploy" {
count = var.enable_deploy_user == true ? 1 : 0
name = "zvirt-${local.main_domain_sanitized}-deploy"
@@ -42,11 +46,11 @@ resource "aws_iam_user_policy" "deploy" {
}
module "gitlab" {
- count = var.gitlab_project_id == null ? 0 : 1
+ count = length(local.gitlab_project_ids) == 0 ? 0 : 1
source = "./modules/gitlab"
- gitlab_project_id = var.gitlab_project_id
+ gitlab_project_ids = local.gitlab_project_ids
gitlab_environment = var.gitlab_environment
aws_s3_bucket_name = module.s3_bucket.s3_bucket_id
diff --git a/modules/gitlab/README.md b/modules/gitlab/README.md
index cbbf543..94c7f90 100644
--- a/modules/gitlab/README.md
+++ b/modules/gitlab/README.md
@@ -84,7 +84,7 @@ No modules.
| [aws\_s3\_bucket\_name](#input\_aws\_s3\_bucket\_name) | n/a | `string` | n/a | yes |
| [aws\_secret\_access\_key](#input\_aws\_secret\_access\_key) | n/a | `string` | n/a | yes |
| [gitlab\_environment](#input\_gitlab\_environment) | n/a | `string` | `"*"` | no |
-| [gitlab\_project\_id](#input\_gitlab\_project\_id) | n/a | `string` | n/a | yes |
+| [gitlab\_project\_ids](#input\_gitlab\_project\_ids) | n/a | `list(string)` | n/a | yes |
## Outputs
diff --git a/modules/gitlab/main.tf b/modules/gitlab/main.tf
index 107696d..933a07d 100644
--- a/modules/gitlab/main.tf
+++ b/modules/gitlab/main.tf
@@ -1,9 +1,12 @@
data "gitlab_project" "this" {
- id = var.gitlab_project_id
+ for_each = toset(var.gitlab_project_ids)
+ id = each.value
}
resource "gitlab_project_variable" "s3_bucket" {
- project = data.gitlab_project.this.id
+ for_each = data.gitlab_project.this
+
+ project = each.value.id
protected = false
masked = false
@@ -16,7 +19,9 @@ resource "gitlab_project_variable" "s3_bucket" {
}
resource "gitlab_project_variable" "aws_default_region" {
- project = data.gitlab_project.this.id
+ for_each = data.gitlab_project.this
+
+ project = each.value.id
protected = false
masked = false
@@ -29,7 +34,9 @@ resource "gitlab_project_variable" "aws_default_region" {
}
resource "gitlab_project_variable" "cloudfront_distribution_id" {
- project = data.gitlab_project.this.id
+ for_each = data.gitlab_project.this
+
+ project = each.value.id
protected = false
masked = false
@@ -42,7 +49,9 @@ resource "gitlab_project_variable" "cloudfront_distribution_id" {
}
resource "gitlab_project_variable" "site_aws_access_key_id" {
- project = data.gitlab_project.this.id
+ for_each = data.gitlab_project.this
+
+ project = each.value.id
protected = false
masked = false
@@ -55,7 +64,9 @@ resource "gitlab_project_variable" "site_aws_access_key_id" {
}
resource "gitlab_project_variable" "site_aws_secret_access_key" {
- project = data.gitlab_project.this.id
+ for_each = data.gitlab_project.this
+
+ project = each.value.id
protected = false
masked = true
diff --git a/modules/gitlab/variables.tf b/modules/gitlab/variables.tf
index 4c7ce73..2d77abb 100644
--- a/modules/gitlab/variables.tf
+++ b/modules/gitlab/variables.tf
@@ -1,5 +1,5 @@
-variable "gitlab_project_id" {
- type = string
+variable "gitlab_project_ids" {
+ type = list(string)
}
variable "gitlab_environment" {
diff --git a/variables.tf b/variables.tf
index 8d75227..ed73aee 100644
--- a/variables.tf
+++ b/variables.tf
@@ -22,10 +22,16 @@ variable "s3_bucket_policy" {
description = "Additional S3 bucket policy"
}
-variable "gitlab_project_id" {
+variable "gitlab_project_ids" {
description = "Integrates with GitLab CI/CD to deploy site and invalidate CloudFront cache"
+ type = list(string)
+ default = []
+}
+
+variable "gitlab_project_id" {
type = string
- default = null
+ description = "Deprecated: Use gitlab_project_ids instead"
+ default = ""
}
variable "gitlab_environment" {