feat: separate terraform for project setup and permissions #179
Conversation
| "servicemanagement.googleapis.com", | ||
| "sql-component.googleapis.com", | ||
| "sqladmin.googleapis.com", | ||
| "storage-api.googleapis.com"]) |
There was a problem hiding this comment.
nit: let's run all this TF code through tf fmt. https://developer.hashicorp.com/terraform/cli/commands/fmt
There was a problem hiding this comment.
This is actually the recommended formatting generated by terraform fmt. Weird, huh.
| description = "The gcloud project id" | ||
| } | ||
|
|
||
| variable "landscape_name" { |
There was a problem hiding this comment.
Is "landscape" the convention? I would expect to call this environment otherwise.
There was a problem hiding this comment.
I'm used to using "landscape" because it was standard term used by my former colleagues in Europe. Do Google people usually call this "environment"?
There was a problem hiding this comment.
Yes. I think environment is the standard in the US (testing environment, staging environment, production environment).
| version = "4.48.0" | ||
| } | ||
| } | ||
| } |
There was a problem hiding this comment.
Where is this the tf state going be stored? Typically it's best to put it in a bucket, e.g.,
terraform {
backend "gcs" {
bucket = "gcping-tf-state"
}
}
There was a problem hiding this comment.
Since this is only for local development, the state is only stored locally.
There was a problem hiding this comment.
I was under the impression this would be used both for local dev workflows and for CI, is that correct?
hessjcg
force-pushed
the
gh-65-e2e-job-permissions
branch
2 times, most recently
from
519b180 to
49e832f
Compare
| locals { | ||
| tf_output = { | ||
| project_id = var.project_id | ||
| environment_name = var.environment_name |
hessjcg
force-pushed
the
gh-65-e2e-job-permissions
branch
from
49e832f to
405fb24
Compare
Features - Add new field RolloutStrategy control automatic rollout (#202) (090b88d) - Add new terraform project for e2e test resources (#181) (0140592) - Add script to run terraform with input validation. (#182) (857444a) - Add support for Unix sockets. (#205) (8177a35), closes #47 - Add telemetry settings to configure health check port (#210) (3ede42d) - Add the e2e test job for Cloud Build (#184) (dc2990c) - Automatic changes to workloads when an AuthProxyWorload is deleted (#200) (e11caed) - Automatically trigger pod rollout for appsv1 resources when AuthProxyWorkload changes. (#197) (3b0359b) - Separate terraform for project setup and permissions (#179) (8f43657) - Validate AuthProxyWorkload spec.selector field (#209) (98c460b) - Validate AuthProxyWorkload updates to prevent changes to the workload selector. (#211) (4304283) Co-authored-by: release-please[bot] <55107282+release-please[bot]@users.noreply.github.com> Co-authored-by: Release PR Generate Bot action release-please[bot] <release-please[bot]@users.noreply.github.com>
2 participants
This moves the terraform code that sets up the GCP project APIs and permissions into a separate
terraform project. This will simplify the automated e2e testing jobs.
Related to #65