Automate Terraform for oss-vdb-test #1017
Conversation
|
Well, the Github commenting didn't work |
|
Turns out GitHub Actions coming from public forked repositories can't have more than read permissions, so I can't use an action to make a comment. I'm removing the action, and we'll just have to remember to check the plans. |
There was a problem hiding this comment.
LGTM with some minor comments remaining.
@andrewpollock can you please review and sign off on this too?
| } | ||
|
|
||
| get-active-account | ||
| if [[ (! -z "$active_account") && (! -z "$GCLOUD_SERVICE_KEY") ]]; then |
There was a problem hiding this comment.
Nit: I think you might have more parenthesis in here than strictly necessary...
| be activated, which will override the account already activated in this container. | ||
|
|
||
| This usually happens if you've defined the GCLOUD_SERVICE_KEY environment variable in a cloudbuild.yaml file & this is | ||
| executing in a Google cloud builder environment. |
There was a problem hiding this comment.
Nit: "Google Cloud Build" instead?
| get-active-account | ||
| } | ||
|
|
||
| function service-account-usage() { |
There was a problem hiding this comment.
Given this looks more like an error message, emit it on stderr per https://google.github.io/styleguide/shellguide.html#stdout-vs-stderr
| function activate-service-key() { | ||
| rootdir=/root/.config/gcloud-config | ||
| mkdir -p $rootdir | ||
| tmpdir=$(mktemp -d "$rootdir/servicekey.XXXXXXXX") |
There was a problem hiding this comment.
Looks like you're going with curly braces around variables, which I'm totally cool with, just be consistent: https://google.github.io/styleguide/shellguide.html#variable-expansion
| } | ||
|
|
||
| function activate-service-key() { | ||
| rootdir=/root/.config/gcloud-config |
There was a problem hiding this comment.
Please quote all variables per https://google.github.io/styleguide/shellguide.html#quoting
| @@ -0,0 +1,53 @@ | |||
| #!/bin/bash | |||
There was a problem hiding this comment.
Please add a file header per https://google.github.io/styleguide/shellguide.html#file-header
There was a problem hiding this comment.
I didn't actually write or edit this file - it came from https://github.com/GoogleCloudPlatform/cloud-builders-community/tree/master/terraform
I mentioned it in the README but I might add a comment in the file (and in Dockerfile and cloud build file) to note this as well
There was a problem hiding this comment.
Oh I'd glossed over that in the README. Treat all of these as nits then... I filed GoogleCloudPlatform/cloud-builders-community#611 against the source.
There was a problem hiding this comment.
I'm just going to leave it as-is, so I don't inadvertently break anything.
Adds a number of things needed to start automatically running terraform changes on the staging environment.
(I know Andrew wants to discuss potentially using KCC, but I'm using this to start setting up our staging pipeline)oss-vdbto runterraform planonoss-vdb-testwhen terraform files are changedAlso added a Github workflow to comment on PRs when something changes.oss-vdbto runterraform applyonoss-vdb-teston pushes to the master branch.The Cloud Builds use the existing
deploymentservice account fromoss-vdb. IAM permissions have been granted to it onoss-vdb-testto allow it to modify the project as needed.