Remove default region for Cloud Function and Cloud Run (#2004)
Remove default region for Cloud Function and Cloud Run
This commit is contained in:
Wiktor Niesiobędzki
GitHub
parent
277777d1c7
commit
526185fd1f
|
|
@ -78,6 +78,7 @@ module "service-account" {
|
|||
module "cf" {
|
||||
source = "../../../modules/cloud-function-v1"
|
||||
project_id = module.project.project_id
|
||||
region = var.region
|
||||
name = var.name
|
||||
bucket_name = "${var.name}-${random_pet.random.id}"
|
||||
bucket_config = {
|
||||
|
|
|
|||
|
|
@ -179,6 +179,7 @@ module "test-vm" {
|
|||
module "function-hello" {
|
||||
source = "../../../modules/cloud-function-v1"
|
||||
project_id = module.project.project_id
|
||||
region = var.region
|
||||
name = var.name
|
||||
bucket_name = "${var.name}-tf-cf-deploy"
|
||||
ingress_settings = "ALLOW_INTERNAL_ONLY"
|
||||
|
|
|
|||
|
|
@ -34,6 +34,7 @@ This deploys a Cloud Function with an HTTP endpoint, using a pre-existing GCS bu
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v1"
|
||||
project_id = var.project_id
|
||||
region = "europe-west1"
|
||||
name = "test-cf-http"
|
||||
bucket_name = var.bucket
|
||||
bundle_config = {
|
||||
|
|
@ -52,6 +53,7 @@ Other trigger types other than HTTP are configured via the `trigger_config` vari
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v1"
|
||||
project_id = "my-project"
|
||||
region = "europe-west1"
|
||||
name = "test-cf-http"
|
||||
bucket_name = "test-cf-bundles"
|
||||
bundle_config = {
|
||||
|
|
@ -74,6 +76,7 @@ To allow anonymous access to the function, grant the `roles/cloudfunctions.invok
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v1"
|
||||
project_id = "my-project"
|
||||
region = "europe-west1"
|
||||
name = "test-cf-http"
|
||||
bucket_name = "test-cf-bundles"
|
||||
bundle_config = {
|
||||
|
|
@ -95,6 +98,7 @@ You can have the module auto-create the GCS bucket used for deployment via the `
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v1"
|
||||
project_id = "my-project"
|
||||
region = "europe-west1"
|
||||
prefix = "my-prefix"
|
||||
name = "test-cf-http"
|
||||
bucket_name = "test-cf-bundles"
|
||||
|
|
@ -116,6 +120,7 @@ To use a custom service account managed by the module, set `service_account_crea
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v1"
|
||||
project_id = "my-project"
|
||||
region = "europe-west1"
|
||||
name = "test-cf-http"
|
||||
bucket_name = "test-cf-bundles"
|
||||
bundle_config = {
|
||||
|
|
@ -133,6 +138,7 @@ To use an externally managed service account, pass its email in `service_account
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v1"
|
||||
project_id = "my-project"
|
||||
region = "europe-west1"
|
||||
name = "test-cf-http"
|
||||
bucket_name = "test-cf-bundles"
|
||||
bundle_config = {
|
||||
|
|
@ -152,6 +158,7 @@ In order to help prevent `archive_zip.output_md5` from changing cross platform (
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v1"
|
||||
project_id = "my-project"
|
||||
region = "europe-west1"
|
||||
name = "test-cf-http"
|
||||
bucket_name = "test-cf-bundles"
|
||||
bundle_config = {
|
||||
|
|
@ -171,6 +178,7 @@ This deploys a Cloud Function with an HTTP endpoint, using a pre-existing GCS bu
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v1"
|
||||
project_id = "my-project"
|
||||
region = "europe-west1"
|
||||
name = "test-cf-http"
|
||||
bucket_name = "test-cf-bundles"
|
||||
build_worker_pool = "projects/my-project/locations/europe-west1/workerPools/my_build_worker_pool"
|
||||
|
|
@ -190,6 +198,7 @@ When deploying multiple functions do not reuse `bundle_config.output_path` betwe
|
|||
module "cf-http-one" {
|
||||
source = "./fabric/modules/cloud-function-v1"
|
||||
project_id = "my-project"
|
||||
region = "europe-west1"
|
||||
name = "test-cf-http-one"
|
||||
bucket_name = "test-cf-bundles"
|
||||
bundle_config = {
|
||||
|
|
@ -200,6 +209,7 @@ module "cf-http-one" {
|
|||
module "cf-http-two" {
|
||||
source = "./fabric/modules/cloud-function-v1"
|
||||
project_id = "my-project"
|
||||
region = "europe-west1"
|
||||
name = "test-cf-http-two"
|
||||
bucket_name = "test-cf-bundles"
|
||||
bundle_config = {
|
||||
|
|
@ -218,6 +228,7 @@ This provides the latest value of the secret `var_secret` as `VARIABLE_SECRET` e
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v1"
|
||||
project_id = "my-project"
|
||||
region = "europe-west1"
|
||||
name = "test-cf-http"
|
||||
bucket_name = "test-cf-bundles"
|
||||
bundle_config = {
|
||||
|
|
@ -256,6 +267,7 @@ module "cf-http" {
|
|||
| [bundle_config](variables.tf#L38) | Cloud function source folder and generated zip bundle paths. Output path defaults to '/tmp/bundle.zip' if null. | <code title="object({ source_dir = string output_path = optional(string) excludes = optional(list(string)) })">object({…})</code> | ✓ | |
|
||||
| [name](variables.tf#L97) | Name used for cloud function and associated resources. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L112) | Project id used for all resources. | <code>string</code> | ✓ | |
|
||||
| [region](variables.tf#L117) | Region used for all resources. | <code>string</code> | ✓ | |
|
||||
| [bucket_config](variables.tf#L17) | Enable and configure auto-created bucket. Set fields to null to use defaults. | <code title="object({ location = optional(string) lifecycle_delete_age_days = optional(number) })">object({…})</code> | | <code>null</code> |
|
||||
| [build_worker_pool](variables.tf#L32) | Build worker pool, in projects/<PROJECT-ID>/locations/<REGION>/workerPools/<POOL_NAME> format. | <code>string</code> | | <code>null</code> |
|
||||
| [description](variables.tf#L47) | Optional description. | <code>string</code> | | <code>"Terraform managed."</code> |
|
||||
|
|
@ -265,13 +277,12 @@ module "cf-http" {
|
|||
| [ingress_settings](variables.tf#L85) | Control traffic that reaches the cloud function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY . | <code>string</code> | | <code>null</code> |
|
||||
| [labels](variables.tf#L91) | Resource labels. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [prefix](variables.tf#L102) | Optional prefix used for resource names. | <code>string</code> | | <code>null</code> |
|
||||
| [region](variables.tf#L117) | Region used for all resources. | <code>string</code> | | <code>"europe-west1"</code> |
|
||||
| [secrets](variables.tf#L123) | Secret Manager secrets. Key is the variable name or mountpoint, volume versions are in version:path format. | <code title="map(object({ is_volume = bool project_id = number secret = string versions = list(string) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [service_account](variables.tf#L135) | Service account email. Unused if service account is auto-created. | <code>string</code> | | <code>null</code> |
|
||||
| [service_account_create](variables.tf#L141) | Auto-create service account. | <code>bool</code> | | <code>false</code> |
|
||||
| [trigger_config](variables.tf#L147) | Function trigger configuration. Leave null for HTTP trigger. | <code title="object({ event = string resource = string retry = optional(bool) })">object({…})</code> | | <code>null</code> |
|
||||
| [vpc_connector](variables.tf#L157) | VPC connector configuration. Set create to 'true' if a new connector needs to be created. | <code title="object({ create = bool name = string egress_settings = string })">object({…})</code> | | <code>null</code> |
|
||||
| [vpc_connector_config](variables.tf#L167) | VPC connector network configuration. Must be provided if new VPC connector is being created. | <code title="object({ ip_cidr_range = string network = string })">object({…})</code> | | <code>null</code> |
|
||||
| [secrets](variables.tf#L122) | Secret Manager secrets. Key is the variable name or mountpoint, volume versions are in version:path format. | <code title="map(object({ is_volume = bool project_id = number secret = string versions = list(string) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [service_account](variables.tf#L134) | Service account email. Unused if service account is auto-created. | <code>string</code> | | <code>null</code> |
|
||||
| [service_account_create](variables.tf#L140) | Auto-create service account. | <code>bool</code> | | <code>false</code> |
|
||||
| [trigger_config](variables.tf#L146) | Function trigger configuration. Leave null for HTTP trigger. | <code title="object({ event = string resource = string retry = optional(bool) })">object({…})</code> | | <code>null</code> |
|
||||
| [vpc_connector](variables.tf#L156) | VPC connector configuration. Set create to 'true' if a new connector needs to be created. | <code title="object({ create = bool name = string egress_settings = string })">object({…})</code> | | <code>null</code> |
|
||||
| [vpc_connector_config](variables.tf#L166) | VPC connector network configuration. Must be provided if new VPC connector is being created. | <code title="object({ ip_cidr_range = string network = string })">object({…})</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
|
@ -286,4 +297,4 @@ module "cf-http" {
|
|||
| [service_account_email](outputs.tf#L49) | Service account email. | |
|
||||
| [service_account_iam_email](outputs.tf#L54) | Service account email. | |
|
||||
| [vpc_connector](outputs.tf#L62) | VPC connector resource if created. | |
|
||||
<!-- END TFDOC -->
|
||||
<!-- END TFDOC -->
|
||||
|
|
|
|||
|
|
@ -117,7 +117,6 @@ variable "project_id" {
|
|||
variable "region" {
|
||||
description = "Region used for all resources."
|
||||
type = string
|
||||
default = "europe-west1"
|
||||
}
|
||||
|
||||
variable "secrets" {
|
||||
|
|
@ -171,4 +170,4 @@ variable "vpc_connector_config" {
|
|||
network = string
|
||||
})
|
||||
default = null
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -34,6 +34,7 @@ This deploys a Cloud Function with an HTTP endpoint, using a pre-existing GCS bu
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v2"
|
||||
project_id = "my-project"
|
||||
region = var.region
|
||||
name = "test-cf-http"
|
||||
bucket_name = "test-cf-bundles"
|
||||
bundle_config = {
|
||||
|
|
@ -63,6 +64,7 @@ module "trigger-service-account" {
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v2"
|
||||
project_id = "my-project"
|
||||
region = var.region
|
||||
name = "test-cf-http"
|
||||
bucket_name = "test-cf-bundles"
|
||||
bundle_config = {
|
||||
|
|
@ -89,6 +91,7 @@ To allow anonymous access to the function, grant the `roles/run.invoker` role to
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v2"
|
||||
project_id = "my-project"
|
||||
region = var.region
|
||||
name = "test-cf-http"
|
||||
bucket_name = "test-cf-bundles"
|
||||
bundle_config = {
|
||||
|
|
@ -110,6 +113,7 @@ You can have the module auto-create the GCS bucket used for deployment via the `
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v2"
|
||||
project_id = "my-project"
|
||||
region = var.region
|
||||
prefix = "my-prefix"
|
||||
name = "test-cf-http"
|
||||
bucket_name = "test-cf-bundles"
|
||||
|
|
@ -131,6 +135,7 @@ To use a custom service account managed by the module, set `service_account_crea
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v2"
|
||||
project_id = "my-project"
|
||||
region = var.region
|
||||
name = "test-cf-http"
|
||||
bucket_name = "test-cf-bundles"
|
||||
bundle_config = {
|
||||
|
|
@ -148,6 +153,7 @@ To use an externally managed service account, pass its email in `service_account
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v2"
|
||||
project_id = "my-project"
|
||||
region = var.region
|
||||
name = "test-cf-http"
|
||||
bucket_name = "test-cf-bundles"
|
||||
bundle_config = {
|
||||
|
|
@ -167,6 +173,7 @@ In order to help prevent `archive_zip.output_md5` from changing cross platform (
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v2"
|
||||
project_id = "my-project"
|
||||
region = var.region
|
||||
name = "test-cf-http"
|
||||
bucket_name = "test-cf-bundles"
|
||||
bundle_config = {
|
||||
|
|
@ -186,6 +193,7 @@ This deploys a Cloud Function with an HTTP endpoint, using a pre-existing GCS bu
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v2"
|
||||
project_id = "my-project"
|
||||
region = var.region
|
||||
name = "test-cf-http"
|
||||
bucket_name = "test-cf-bundles"
|
||||
build_worker_pool = "projects/my-project/locations/europe-west1/workerPools/my_build_worker_pool"
|
||||
|
|
@ -205,6 +213,7 @@ When deploying multiple functions do not reuse `bundle_config.output_path` betwe
|
|||
module "cf-http-one" {
|
||||
source = "./fabric/modules/cloud-function-v2"
|
||||
project_id = "my-project"
|
||||
region = var.region
|
||||
name = "test-cf-http-one"
|
||||
bucket_name = "test-cf-bundles"
|
||||
bundle_config = {
|
||||
|
|
@ -215,6 +224,7 @@ module "cf-http-one" {
|
|||
module "cf-http-two" {
|
||||
source = "./fabric/modules/cloud-function-v2"
|
||||
project_id = "my-project"
|
||||
region = var.region
|
||||
name = "test-cf-http-two"
|
||||
bucket_name = "test-cf-bundles"
|
||||
bundle_config = {
|
||||
|
|
@ -233,6 +243,7 @@ This provides the latest value of the secret `var_secret` as `VARIABLE_SECRET` e
|
|||
module "cf-http" {
|
||||
source = "./fabric/modules/cloud-function-v2"
|
||||
project_id = "my-project"
|
||||
region = var.region
|
||||
name = "test-cf-http"
|
||||
bucket_name = "test-cf-bundles"
|
||||
bundle_config = {
|
||||
|
|
@ -272,6 +283,7 @@ module "cf-http" {
|
|||
| [bundle_config](variables.tf#L38) | Cloud function source folder and generated zip bundle paths. Output path defaults to '/tmp/bundle.zip' if null. | <code title="object({ source_dir = string output_path = optional(string) excludes = optional(list(string)) })">object({…})</code> | ✓ | |
|
||||
| [name](variables.tf#L103) | Name used for cloud function and associated resources. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L118) | Project id used for all resources. | <code>string</code> | ✓ | |
|
||||
| [region](variables.tf#L123) | Region used for all resources. | <code>string</code> | ✓ | |
|
||||
| [bucket_config](variables.tf#L17) | Enable and configure auto-created bucket. Set fields to null to use defaults. | <code title="object({ location = optional(string) lifecycle_delete_age_days = optional(number) })">object({…})</code> | | <code>null</code> |
|
||||
| [build_worker_pool](variables.tf#L32) | Build worker pool, in projects/<PROJECT-ID>/locations/<REGION>/workerPools/<POOL_NAME> format. | <code>string</code> | | <code>null</code> |
|
||||
| [description](variables.tf#L47) | Optional description. | <code>string</code> | | <code>"Terraform managed."</code> |
|
||||
|
|
@ -282,13 +294,12 @@ module "cf-http" {
|
|||
| [ingress_settings](variables.tf#L91) | Control traffic that reaches the cloud function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY . | <code>string</code> | | <code>null</code> |
|
||||
| [labels](variables.tf#L97) | Resource labels. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [prefix](variables.tf#L108) | Optional prefix used for resource names. | <code>string</code> | | <code>null</code> |
|
||||
| [region](variables.tf#L123) | Region used for all resources. | <code>string</code> | | <code>"europe-west1"</code> |
|
||||
| [secrets](variables.tf#L129) | Secret Manager secrets. Key is the variable name or mountpoint, volume versions are in version:path format. | <code title="map(object({ is_volume = bool project_id = number secret = string versions = list(string) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [service_account](variables.tf#L141) | Service account email. Unused if service account is auto-created. | <code>string</code> | | <code>null</code> |
|
||||
| [service_account_create](variables.tf#L147) | Auto-create service account. | <code>bool</code> | | <code>false</code> |
|
||||
| [trigger_config](variables.tf#L153) | Function trigger configuration. Leave null for HTTP trigger. | <code title="object({ event_type = string pubsub_topic = optional(string) region = optional(string) event_filters = optional(list(object({ attribute = string value = string operator = optional(string) })), []) service_account_email = optional(string) service_account_create = optional(bool, false) retry_policy = optional(string) })">object({…})</code> | | <code>null</code> |
|
||||
| [vpc_connector](variables.tf#L171) | VPC connector configuration. Set create to 'true' if a new connector needs to be created. | <code title="object({ create = bool name = string egress_settings = string })">object({…})</code> | | <code>null</code> |
|
||||
| [vpc_connector_config](variables.tf#L181) | VPC connector network configuration. Must be provided if new VPC connector is being created. | <code title="object({ ip_cidr_range = string network = string })">object({…})</code> | | <code>null</code> |
|
||||
| [secrets](variables.tf#L128) | Secret Manager secrets. Key is the variable name or mountpoint, volume versions are in version:path format. | <code title="map(object({ is_volume = bool project_id = number secret = string versions = list(string) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [service_account](variables.tf#L140) | Service account email. Unused if service account is auto-created. | <code>string</code> | | <code>null</code> |
|
||||
| [service_account_create](variables.tf#L146) | Auto-create service account. | <code>bool</code> | | <code>false</code> |
|
||||
| [trigger_config](variables.tf#L152) | Function trigger configuration. Leave null for HTTP trigger. | <code title="object({ event_type = string pubsub_topic = optional(string) region = optional(string) event_filters = optional(list(object({ attribute = string value = string operator = optional(string) })), []) service_account_email = optional(string) service_account_create = optional(bool, false) retry_policy = optional(string) })">object({…})</code> | | <code>null</code> |
|
||||
| [vpc_connector](variables.tf#L170) | VPC connector configuration. Set create to 'true' if a new connector needs to be created. | <code title="object({ create = bool name = string egress_settings = string })">object({…})</code> | | <code>null</code> |
|
||||
| [vpc_connector_config](variables.tf#L180) | VPC connector network configuration. Must be provided if new VPC connector is being created. | <code title="object({ ip_cidr_range = string network = string })">object({…})</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
|
|
|||
|
|
@ -123,7 +123,6 @@ variable "project_id" {
|
|||
variable "region" {
|
||||
description = "Region used for all resources."
|
||||
type = string
|
||||
default = "europe-west1"
|
||||
}
|
||||
|
||||
variable "secrets" {
|
||||
|
|
|
|||
|
|
@ -116,6 +116,7 @@ You can use an existing [VPC Access Connector](https://cloud.google.com/vpc/docs
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run-v2"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -138,6 +139,7 @@ If creation of the VPC Access Connector is required, use the `vpc_connector_crea
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run-v2"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -162,6 +164,7 @@ Note that if you are using a Shared VPC for the connector, you need to specify a
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run-v2"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -189,6 +192,7 @@ This deploys a Cloud Run service that will be triggered when messages are publis
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run-v2"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -213,6 +217,7 @@ This deploys a Cloud Run service that will be triggered when specific log events
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run-v2"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -241,6 +246,7 @@ Example using provided service account:
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run-v2"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -266,6 +272,7 @@ Example using automatically created service account:
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run-v2"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -291,6 +298,7 @@ To use a custom service account managed by the module, set `service_account_crea
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run-v2"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -308,6 +316,7 @@ To use an externally managed service account, use its email in `service_account`
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run-v2"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -325,6 +334,7 @@ module "cloud_run" {
|
|||
|---|---|:---:|:---:|:---:|
|
||||
| [name](variables.tf#L137) | Name used for Cloud Run service. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L152) | Project id used for all resources. | <code>string</code> | ✓ | |
|
||||
| [region](variables.tf#L157) | Region used for all resources. | <code>string</code> | ✓ | |
|
||||
| [containers](variables.tf#L17) | Containers in name => attributes format. | <code title="map(object({ image = string command = optional(list(string)) args = optional(list(string)) env = optional(map(string)) env_from_key = optional(map(object({ secret = string version = string }))) liveness_probe = optional(object({ grpc = optional(object({ port = optional(number) service = optional(string) })) http_get = optional(object({ http_headers = optional(map(string)) path = optional(string) })) failure_threshold = optional(number) initial_delay_seconds = optional(number) period_seconds = optional(number) timeout_seconds = optional(number) })) ports = optional(map(object({ container_port = optional(number) name = optional(string) }))) resources = optional(object({ limits = optional(object({ cpu = string memory = string })) cpu_idle = optional(bool) startup_cpu_boost = optional(bool) })) startup_probe = optional(object({ grpc = optional(object({ port = optional(number) service = optional(string) })) http_get = optional(object({ http_headers = optional(map(string)) path = optional(string) })) tcp_socket = optional(object({ port = optional(number) })) failure_threshold = optional(number) initial_delay_seconds = optional(number) period_seconds = optional(number) timeout_seconds = optional(number) })) volume_mounts = optional(map(string)) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [eventarc_triggers](variables.tf#L77) | Event arc triggers for different sources. | <code title="object({ audit_log = optional(map(object({ method = string service = string }))) pubsub = optional(map(string)) service_account_email = optional(string) service_account_create = optional(bool, false) })">object({…})</code> | | <code>{}</code> |
|
||||
| [iam](variables.tf#L91) | IAM bindings for Cloud Run service in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>{}</code> |
|
||||
|
|
@ -332,11 +342,10 @@ module "cloud_run" {
|
|||
| [labels](variables.tf#L114) | Resource labels. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [launch_stage](variables.tf#L120) | The launch stage as defined by Google Cloud Platform Launch Stages. | <code>string</code> | | <code>null</code> |
|
||||
| [prefix](variables.tf#L142) | Optional prefix used for resource names. | <code>string</code> | | <code>null</code> |
|
||||
| [region](variables.tf#L157) | Region used for all resources. | <code>string</code> | | <code>"europe-west1"</code> |
|
||||
| [revision](variables.tf#L163) | Revision template configurations. | <code title="object({ name = optional(string) gen2_execution_environment = optional(bool) max_concurrency = optional(number) max_instance_count = optional(number) min_instance_count = optional(number) vpc_access = optional(object({ connector = optional(string) egress = optional(string) subnet = optional(string) tags = optional(list(string)) })) timeout = optional(string) })">object({…})</code> | | <code>{}</code> |
|
||||
| [service_account](variables.tf#L190) | Service account email. Unused if service account is auto-created. | <code>string</code> | | <code>null</code> |
|
||||
| [service_account_create](variables.tf#L196) | Auto-create service account. | <code>bool</code> | | <code>false</code> |
|
||||
| [volumes](variables.tf#L202) | Named volumes in containers in name => attributes format. | <code title="map(object({ secret = optional(object({ name = string default_mode = optional(string) path = optional(string) version = optional(string) mode = optional(string) })) cloud_sql_instances = optional(list(string)) empty_dir_size = optional(string) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [revision](variables.tf#L162) | Revision template configurations. | <code title="object({ name = optional(string) gen2_execution_environment = optional(bool) max_concurrency = optional(number) max_instance_count = optional(number) min_instance_count = optional(number) vpc_access = optional(object({ connector = optional(string) egress = optional(string) subnet = optional(string) tags = optional(list(string)) })) timeout = optional(string) })">object({…})</code> | | <code>{}</code> |
|
||||
| [service_account](variables.tf#L189) | Service account email. Unused if service account is auto-created. | <code>string</code> | | <code>null</code> |
|
||||
| [service_account_create](variables.tf#L195) | Auto-create service account. | <code>bool</code> | | <code>false</code> |
|
||||
| [volumes](variables.tf#L201) | Named volumes in containers in name => attributes format. | <code title="map(object({ secret = optional(object({ name = string default_mode = optional(string) path = optional(string) version = optional(string) mode = optional(string) })) cloud_sql_instances = optional(list(string)) empty_dir_size = optional(string) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [vpc_connector_create](variables-vpcconnector.tf#L17) | Populate this to create a Serverless VPC Access connector. | <code title="object({ ip_cidr_range = optional(string) vpc_self_link = optional(string) machine_type = optional(string) name = optional(string) instances = optional(object({ max = optional(number) min = optional(number) }), {}) throughput = optional(object({ max = optional(number) min = optional(number) }), {}) subnet = optional(object({ name = optional(string) project_id = optional(string) }), {}) })">object({…})</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
|
|
|||
|
|
@ -157,7 +157,6 @@ variable "project_id" {
|
|||
variable "region" {
|
||||
description = "Region used for all resources."
|
||||
type = string
|
||||
default = "europe-west1"
|
||||
}
|
||||
|
||||
variable "revision" {
|
||||
|
|
|
|||
|
|
@ -43,6 +43,7 @@ module "secret-manager" {
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -124,6 +125,7 @@ Annotations can be specified via the `revision_annotations` variable:
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -151,6 +153,7 @@ Second generation execution environment (gen2) can be enabled by setting the `ge
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -170,6 +173,7 @@ If creation of a [VPC Access Connector](https://cloud.google.com/vpc/docs/server
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -190,6 +194,7 @@ Note that if you are using Shared VPC you need to specify a subnet:
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -214,6 +219,7 @@ This deploys a Cloud Run service with traffic split between two revisions.
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
revision_name = "green"
|
||||
containers = {
|
||||
|
|
@ -245,6 +251,7 @@ module "pubsub" {
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -277,6 +284,7 @@ module "sa" {
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -317,6 +325,7 @@ module "pubsub" {
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -341,6 +350,7 @@ To use a custom service account managed by the module, set `service_account_crea
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -358,6 +368,7 @@ To use an externally managed service account, pass its email in `service_account
|
|||
module "cloud_run" {
|
||||
source = "./fabric/modules/cloud-run"
|
||||
project_id = var.project_id
|
||||
region = var.region
|
||||
name = "hello"
|
||||
containers = {
|
||||
hello = {
|
||||
|
|
@ -375,6 +386,7 @@ module "cloud_run" {
|
|||
|---|---|:---:|:---:|:---:|
|
||||
| [name](variables.tf#L144) | Name used for cloud run service. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L159) | Project id used for all resources. | <code>string</code> | ✓ | |
|
||||
| [region](variables.tf#L164) | Region used for all resources. | <code>string</code> | ✓ | |
|
||||
| [container_concurrency](variables.tf#L18) | Maximum allowed in-flight (concurrent) requests per container of the revision. | <code>string</code> | | <code>null</code> |
|
||||
| [containers](variables.tf#L24) | Containers in arbitrary key => attributes format. | <code title="map(object({ image = string args = optional(list(string)) command = optional(list(string)) env = optional(map(string), {}) env_from_key = optional(map(object({ key = string name = string })), {}) liveness_probe = optional(object({ action = object({ grpc = optional(object({ port = optional(number) service = optional(string) })) http_get = optional(object({ http_headers = optional(map(string), {}) path = optional(string) })) }) failure_threshold = optional(number) initial_delay_seconds = optional(number) period_seconds = optional(number) timeout_seconds = optional(number) })) ports = optional(map(object({ container_port = optional(number) name = optional(string) protocol = optional(string) })), {}) resources = optional(object({ limits = optional(object({ cpu = string memory = string })) requests = optional(object({ cpu = string memory = string })) })) startup_probe = optional(object({ action = object({ grpc = optional(object({ port = optional(number) service = optional(string) })) http_get = optional(object({ http_headers = optional(map(string), {}) path = optional(string) })) tcp_socket = optional(object({ port = optional(number) })) }) failure_threshold = optional(number) initial_delay_seconds = optional(number) period_seconds = optional(number) timeout_seconds = optional(number) })) volume_mounts = optional(map(string), {}) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [eventarc_triggers](variables.tf#L91) | Event arc triggers for different sources. | <code title="object({ audit_log = optional(map(object({ method = string service = string })), {}) pubsub = optional(map(string), {}) service_account_email = optional(string) service_account_create = optional(bool, false) })">object({…})</code> | | <code>{}</code> |
|
||||
|
|
@ -383,16 +395,15 @@ module "cloud_run" {
|
|||
| [ingress_settings](variables.tf#L125) | Ingress settings. | <code>string</code> | | <code>null</code> |
|
||||
| [labels](variables.tf#L138) | Resource labels. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [prefix](variables.tf#L149) | Optional prefix used for resource names. | <code>string</code> | | <code>null</code> |
|
||||
| [region](variables.tf#L164) | Region used for all resources. | <code>string</code> | | <code>"europe-west1"</code> |
|
||||
| [revision_annotations](variables.tf#L170) | Configure revision template annotations. | <code title="object({ autoscaling = optional(object({ max_scale = number min_scale = number })) cloudsql_instances = optional(list(string), []) vpcaccess_connector = optional(string) vpcaccess_egress = optional(string) })">object({…})</code> | | <code>{}</code> |
|
||||
| [revision_name](variables.tf#L185) | Revision name. | <code>string</code> | | <code>null</code> |
|
||||
| [service_account](variables.tf#L191) | Service account email. Unused if service account is auto-created. | <code>string</code> | | <code>null</code> |
|
||||
| [service_account_create](variables.tf#L197) | Auto-create service account. | <code>bool</code> | | <code>false</code> |
|
||||
| [startup_cpu_boost](variables.tf#L203) | Enable startup cpu boost. | <code>bool</code> | | <code>false</code> |
|
||||
| [timeout_seconds](variables.tf#L209) | Maximum duration the instance is allowed for responding to a request. | <code>number</code> | | <code>null</code> |
|
||||
| [traffic](variables.tf#L215) | Traffic steering configuration. If revision name is null the latest revision will be used. | <code title="map(object({ percent = number latest = optional(bool) tag = optional(string) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [volumes](variables.tf#L226) | Named volumes in containers in name => attributes format. | <code title="map(object({ secret_name = string default_mode = optional(string) items = optional(map(object({ path = string mode = optional(string) }))) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [vpc_connector_create](variables.tf#L240) | Populate this to create a VPC connector. You can then refer to it in the template annotations. | <code title="object({ ip_cidr_range = optional(string) vpc_self_link = optional(string) machine_type = optional(string) name = optional(string) instances = optional(object({ max = optional(number) min = optional(number) }), {}) throughput = optional(object({ max = optional(number) min = optional(number) }), {}) subnet = optional(object({ name = optional(string) project_id = optional(string) }), {}) })">object({…})</code> | | <code>null</code> |
|
||||
| [revision_annotations](variables.tf#L169) | Configure revision template annotations. | <code title="object({ autoscaling = optional(object({ max_scale = number min_scale = number })) cloudsql_instances = optional(list(string), []) vpcaccess_connector = optional(string) vpcaccess_egress = optional(string) })">object({…})</code> | | <code>{}</code> |
|
||||
| [revision_name](variables.tf#L184) | Revision name. | <code>string</code> | | <code>null</code> |
|
||||
| [service_account](variables.tf#L190) | Service account email. Unused if service account is auto-created. | <code>string</code> | | <code>null</code> |
|
||||
| [service_account_create](variables.tf#L196) | Auto-create service account. | <code>bool</code> | | <code>false</code> |
|
||||
| [startup_cpu_boost](variables.tf#L202) | Enable startup cpu boost. | <code>bool</code> | | <code>false</code> |
|
||||
| [timeout_seconds](variables.tf#L208) | Maximum duration the instance is allowed for responding to a request. | <code>number</code> | | <code>null</code> |
|
||||
| [traffic](variables.tf#L214) | Traffic steering configuration. If revision name is null the latest revision will be used. | <code title="map(object({ percent = number latest = optional(bool) tag = optional(string) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [volumes](variables.tf#L225) | Named volumes in containers in name => attributes format. | <code title="map(object({ secret_name = string default_mode = optional(string) items = optional(map(object({ path = string mode = optional(string) }))) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [vpc_connector_create](variables.tf#L239) | Populate this to create a VPC connector. You can then refer to it in the template annotations. | <code title="object({ ip_cidr_range = optional(string) vpc_self_link = optional(string) machine_type = optional(string) name = optional(string) instances = optional(object({ max = optional(number) min = optional(number) }), {}) throughput = optional(object({ max = optional(number) min = optional(number) }), {}) subnet = optional(object({ name = optional(string) project_id = optional(string) }), {}) })">object({…})</code> | | <code>null</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
|
|
|||
|
|
@ -164,7 +164,6 @@ variable "project_id" {
|
|||
variable "region" {
|
||||
description = "Region used for all resources."
|
||||
type = string
|
||||
default = "europe-west1"
|
||||
}
|
||||
|
||||
variable "revision_annotations" {
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
values:
|
||||
module.cf-http.google_cloud_run_service_iam_binding.invoker[0]:
|
||||
condition: []
|
||||
location: europe-west1
|
||||
location: europe-west8
|
||||
members:
|
||||
- allUsers
|
||||
project: my-project
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ values:
|
|||
|
||||
module.cloud_run.google_cloud_run_service_iam_binding.binding["roles/run.invoker"]:
|
||||
condition: []
|
||||
location: europe-west1
|
||||
location: europe-west8
|
||||
members:
|
||||
- serviceAccount:eventarc-trigger@project-id.iam.gserviceaccount.com
|
||||
project: project-id
|
||||
|
|
@ -35,11 +35,11 @@ values:
|
|||
- cloud_function: null
|
||||
cloud_run_service:
|
||||
- path: null
|
||||
region: europe-west1
|
||||
region: europe-west8
|
||||
service: hello
|
||||
gke: []
|
||||
workflow: null
|
||||
location: europe-west1
|
||||
location: europe-west8
|
||||
matching_criteria:
|
||||
- attribute: methodName
|
||||
operator: ''
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
values:
|
||||
module.cloud_run.google_cloud_run_service.service:
|
||||
autogenerate_revision_name: false
|
||||
location: europe-west1
|
||||
location: europe-west8
|
||||
metadata:
|
||||
- {}
|
||||
name: hello
|
||||
|
|
@ -41,7 +41,7 @@ values:
|
|||
min_throughput: 200
|
||||
name: hello
|
||||
project: project-id
|
||||
region: europe-west1
|
||||
region: europe-west8
|
||||
subnet:
|
||||
- name: subnet-vpc-access
|
||||
project_id: host-project
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
values:
|
||||
module.cloud_run.google_cloud_run_service.service:
|
||||
autogenerate_revision_name: false
|
||||
location: europe-west1
|
||||
location: europe-west8
|
||||
metadata:
|
||||
- {}
|
||||
name: hello
|
||||
|
|
@ -42,7 +42,7 @@ values:
|
|||
name: hello
|
||||
network: projects/xxx/global/networks/aaa
|
||||
project: project-id
|
||||
region: europe-west1
|
||||
region: europe-west8
|
||||
subnet: []
|
||||
|
||||
counts:
|
||||
|
|
|
|||
|
|
@ -25,11 +25,11 @@ values:
|
|||
- cloud_function: null
|
||||
cloud_run_service:
|
||||
- path: null
|
||||
region: europe-west1
|
||||
region: europe-west8
|
||||
service: hello
|
||||
gke: []
|
||||
workflow: null
|
||||
location: europe-west1
|
||||
location: europe-west8
|
||||
matching_criteria:
|
||||
- attribute: type
|
||||
operator: ''
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
values:
|
||||
module.cloud_run.google_cloud_run_service.service:
|
||||
autogenerate_revision_name: false
|
||||
location: europe-west1
|
||||
location: europe-west8
|
||||
metadata:
|
||||
- {}
|
||||
name: hello
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
values:
|
||||
module.cloud_run.google_cloud_run_service.service:
|
||||
autogenerate_revision_name: false
|
||||
location: europe-west1
|
||||
location: europe-west8
|
||||
metadata:
|
||||
- {}
|
||||
name: hello
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
values:
|
||||
module.cloud_run.google_cloud_run_service.service:
|
||||
autogenerate_revision_name: false
|
||||
location: europe-west1
|
||||
location: europe-west8
|
||||
metadata:
|
||||
- {}
|
||||
name: hello
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
values:
|
||||
module.cloud_run.google_cloud_run_service.service:
|
||||
autogenerate_revision_name: false
|
||||
location: europe-west1
|
||||
location: europe-west8
|
||||
metadata:
|
||||
- {}
|
||||
name: hello
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
values:
|
||||
module.cloud_run.google_cloud_run_service.service:
|
||||
autogenerate_revision_name: false
|
||||
location: europe-west1
|
||||
location: europe-west8
|
||||
metadata:
|
||||
- {}
|
||||
name: hello
|
||||
|
|
@ -42,7 +42,7 @@ values:
|
|||
volumes: []
|
||||
module.cloud_run.google_cloud_run_service_iam_binding.binding["roles/run.invoker"]:
|
||||
condition: []
|
||||
location: europe-west1
|
||||
location: europe-west8
|
||||
members:
|
||||
- allUsers
|
||||
project: project-id
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@
|
|||
values:
|
||||
module.cloud_run.google_cloud_run_service.service:
|
||||
autogenerate_revision_name: false
|
||||
location: europe-west1
|
||||
location: europe-west8
|
||||
metadata:
|
||||
- {}
|
||||
name: hello
|
||||
|
|
@ -38,7 +38,7 @@ values:
|
|||
|
||||
module.cloud_run.google_cloud_run_service_iam_member.default[0]:
|
||||
condition: []
|
||||
location: europe-west1
|
||||
location: europe-west8
|
||||
project: project-id
|
||||
role: roles/run.invoker
|
||||
service: hello
|
||||
|
|
@ -49,12 +49,12 @@ values:
|
|||
- cloud_function: null
|
||||
cloud_run_service:
|
||||
- path: null
|
||||
region: europe-west1
|
||||
region: europe-west8
|
||||
service: hello
|
||||
gke: []
|
||||
workflow: null
|
||||
labels: null
|
||||
location: europe-west1
|
||||
location: europe-west8
|
||||
matching_criteria:
|
||||
- attribute: type
|
||||
operator: ''
|
||||
|
|
|
|||
Loading…
Reference in New Issue