feat: adds metadata generation for the solution #81
Conversation
grayside
left a comment
grayside
left a comment
There was a problem hiding this comment.
Did some initial review but I'm still working to understand enough of the context.
| - level: Project | ||
| roles: | ||
| - roles/cloudsql.admin | ||
| - roles/compute.admin | ||
| - roles/compute.networkAdmin | ||
| - roles/firebase.managementServiceAgent | ||
| - roles/firebasehosting.admin | ||
| - roles/iam.serviceAccountAdmin | ||
| - roles/iam.serviceAccountUser | ||
| - roles/resourcemanager.projectIamAdmin | ||
| - roles/run.admin | ||
| - roles/secretmanager.admin | ||
| - roles/storage.admin |
There was a problem hiding this comment.
note: I compared these to https://github.com/GoogleCloudPlatform/terraform-dynamic-python-webapp/blob/main/infra/test/setup/iam.tf#L17 and they appear to be the same. Seems like we will need to keep them manually in sync, unless we can parse the values from this config into the iam.tf.
There was a problem hiding this comment.
infra/test/setup/iam.tf is the source for this as you rightly point out and will be updated automatically. I don't follow your comment "we will need to keep them manually in sync". Is there's another config you're keeping these roles in?
| description: A set of key/value label pairs to assign to the resources deployed by this blueprint. | ||
| varType: map(string) | ||
| defaultValue: {} | ||
| - name: project_id |
There was a problem hiding this comment.
question: Do these variables need to be manually synchronized with the terraform variables, or is something automatic going to happen?
There was a problem hiding this comment.
These are updated automatically with the TF variables defined for the blueprint.
| - cloudresourcemanager.googleapis.com | ||
| - storage-api.googleapis.com | ||
| - serviceusage.googleapis.com |
There was a problem hiding this comment.
question: I see only three services listed here, shouldn't this include all the services needed?
There was a problem hiding this comment.
I believe these are the services required to invoke terraform, which will then itself enable the other services. They're similar to the services avocano gets you to manually enable before running the script
There was a problem hiding this comment.
The source for this is the activate_apis variable to the project factory module under test/.
| - name: image_version | ||
| description: Version of the Container Registry image to use | ||
| varType: string | ||
| defaultValue: v1.7.0 |
There was a problem hiding this comment.
note for maintainers: we'll want to follow-up this change with a release-please config to update this value.
There was a problem hiding this comment.
This is the avocano version, not the self-version. Updating this is usually manual, are you saying release-please can help with this overhead?
There was a problem hiding this comment.
release-please won't help with this. This should updated in the TF variable when a newer version of the blueprint is released and the metadata will be updated accordingly.
@grayside - I somehow missed your comments from a week ago. Please let me know if anything is still unclear. |
4 participants
No description provided.