feat: added datastream support in shared_vpc_access module #788
Conversation
|
@bharathkkb can you plz review and execute the pipeline? |
|
/gcbrun |
|
|
|
/gcbrun |
2 similar comments
|
/gcbrun |
|
/gcbrun |
| @@ -175,3 +175,4 @@ options: | |||
| - 'TF_VAR_gsuite_admin_email=project-factory-test-admin@test.infra.cft.tips' | |||
| - 'TF_VAR_gsuite_domain=test.infra.cft.tips' | |||
| - 'TF_VAR_domain=test.infra.cft.tips.' | |||
| - 'TF_VAR_policy_id=$_POLICY_ID' | |||
There was a problem hiding this comment.
Instead of adding this new variable and trigger key/value pair we could do something like
export TF_VAR_policy_id=$(gcloud access-context-manager policies list --organization="${TF_VAR_org_id:?}" --format="value(name)") as part of the args to the prepare step where this is need. That would eliminate the need for the new output and variable as well.
There was a problem hiding this comment.
We already have following lines in cloudbuild but for some reason it does not work.
- id: converge vpc-sc-project-local
waitFor:
- create-all
name: 'gcr.io/cloud-foundation-cicd/$_DOCKER_IMAGE_DEVELOPER_TOOLS:$_DOCKER_TAG_VERSION_DEVELOPER_TOOLS'
args: ['/bin/bash', '-c', 'source /usr/local/bin/task_helper_functions.sh && export TF_VAR_policy_id=$(gcloud access-context-manager policies list --organization="${TF_VAR_org_id:?}" --format="value(name)") && kitchen_do converge vpc-sc-project-local']
There was a problem hiding this comment.
Got it. Ok let's leave the issue open so we can investigate what's happening. I'll merge this for now.
| @@ -58,3 +58,7 @@ output "group_name" { | |||
| output "service_account_email" { | |||
| value = google_service_account.int_test.email | |||
| } | |||
|
|
|||
| output "policy_id" { | |||
There was a problem hiding this comment.
If we use the gcloud command to evaluate the policy id during the prepare step, we could probably get rid of this.
Added datastream permission requirements in shared_vpc_access module #787
Fix
missing profile_idin test for vpc-sc-project-local test #780