New options added

README.md

@@ -20,13 +20,16 @@ See [examples](examples).
 
 ## Inputs
 
-| Name        | Description                                        |  Type  |  Default   | Required |
-| ----------- | -------------------------------------------------- | :----: | :--------: | :------: |
-| hash_script | Path to script to generate hash of source contents | string |    `""`    |    no    |
-| image_name  | Name of Docker image                               | string |    n/a     |   yes    |
-| push_script | Path to script to build and push Docker image      | string |    `""`    |    no    |
-| source_path | Path to Docker image source                        | string |    n/a     |   yes    |
-| tag         | Tag to use for deployed Docker image               | string | `"latest"` |    no    |
+| Name             | Description                                        |  Type  |  Default   | Required |
+| ---------------- | -------------------------------------------------- | :----: | :--------: | :------: |
+| hash_script      | Path to script to generate hash of source contents | string |    `""`    |    no    |
+| image_name       | Name of Docker image                               | string |    n/a     |   yes    |
+| image_scan       | Enable images scanning after being pushed          | string |  "false"   |    no    |
+| image_mutability | The tag mutability setting for the repository      | string |  "MUTABLE" |    no    |
+| push_script      | Path to script to build and push Docker image      | string |    `""`    |    no    |
+| source_path      | Path to Docker image source                        | string |    n/a     |   yes    |
+| tag              | Tag to use for deployed Docker image               | string | `"latest"` |    no    |
+| tags             | Tags to attach to created resources                | map    |   `""`     |    no    |
 
 ## Outputs
 

examples/python-hello-world-scan/main.tf

@@ -0,0 +1,30 @@
+terraform {
+  required_version = ">=1"
+
+  required_providers {
+    aws = {
+      source = "hashicorp/aws"
+    }
+  }
+
+  backend "local" {
+    path = "terraform.tfstate"
+  }
+}
+
+provider "aws" {
+  region = "us-west-1"
+}
+
+module "python-hello-world" {
+  source      = "../../"
+  image_name  = "python-hello-world"
+  source_path = "${path.module}/src"
+
+  image_scan = "true"
+
+  tags = {
+    "Environment" = "Test",
+    "Cost Center" = "A"
+  }
+}

examples/python-hello-world-scan/src/Dockerfile

@@ -0,0 +1,8 @@
+FROM python:3.7-alpine
+
+RUN mkdir /src
+ADD main.py /src/main.py
+
+WORKDIR /src
+
+ENTRYPOINT ["python", "main.py"]

examples/python-hello-world-scan/src/main.py

@@ -0,0 +1,10 @@
+import logging
+
+
+# Setup logging in order for CloudWatch Logs to work properly
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger()
+
+
+if __name__ == "__main__":
+    logger.info("Hello world")

main.tf

@@ -4,6 +4,19 @@ terraform {
 
 resource "aws_ecr_repository" "repo" {
   name = var.image_name
+
+  image_tag_mutability = var.image_mutability
+
+  image_scanning_configuration {
+    scan_on_push = var.image_scan
+  }
+
+  tags = merge(
+    var.tags,
+    tomap({
+      "Technology Name" = "Elastic Container Registry"
+    })
+  )
 }
 
 resource "aws_ecr_lifecycle_policy" "repo-policy" {
@@ -42,4 +55,3 @@ resource "aws_ecr_lifecycle_policy" "repo-policy" {
 EOF
 
 }
-

variables.tf

@@ -3,6 +3,18 @@ variable "image_name" {
   type        = string
 }
 
+variable "image_scan" {
+  description = "Enable images scanning after being pushed to the repository"
+  type        = string
+  default     = "false"
+}
+
+variable "image_mutability" {
+  description = "The tag mutability setting for the repository"
+  type        = string
+  default     = "MUTABLE"
+}
+
 variable "source_path" {
   description = "Path to Docker image source"
   type        = string
@@ -14,6 +26,12 @@ variable "tag" {
   default     = "latest"
 }
 
+variable "tags" {
+  description = "Tags to attach to created resources"
+  type        = map(any)
+  default     = {}
+}
+
 variable "hash_script" {
   description = "Path to script to generate hash of source contents"
   type        = string
@@ -25,4 +43,3 @@ variable "push_script" {
   type        = string
   default     = ""
 }
-