zecfoundation
/
cloud-foundation-fabric
mirror of https://github.com/ZcashFoundation/cloud-foundation-fabric.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cloud-foundation-fabric/modules/source-repository
History
apichick 66bd9d5160 Added workstation-cluster module 2023-11-30 07:02:28 +01:00
..
README.md Change type of `iam_bindings` variable to allow multiple conditional bindings (#1658) 2023-09-08 08:56:31 +02:00
iam.tf Change type of `iam_bindings` variable to allow multiple conditional bindings (#1658) 2023-09-08 08:56:31 +02:00
main.tf CI/CD support for Source Repository and Cloud Build (#669) 2022-06-08 11:34:08 +02:00
outputs.tf Ensure all modules have an `id` output (#1410) 2023-06-02 16:07:22 +02:00
variables.tf Change type of `iam_bindings` variable to allow multiple conditional bindings (#1658) 2023-09-08 08:56:31 +02:00
versions.tf Added workstation-cluster module 2023-11-30 07:02:28 +01:00

README.md

Google Cloud Source Repository Module

This module allows managing a single Cloud Source Repository, including IAM bindings and basic Cloud Build triggers.

Examples

Repository with IAM

module "repo" {
  source     = "./fabric/modules/source-repository"
  project_id = "my-project"
  name       = "my-repo"
  iam = {
    "roles/source.reader" = ["user:foo@example.com"]
  }
  iam_bindings_additive = {
    am1-reader = {
      member = "user:am1@example.com"
      role   = "roles/source.reader"
    }
  }
}
# tftest modules=1 resources=3 inventory=simple.yaml

Repository with Cloud Build trigger

module "repo" {
  source     = "./fabric/modules/source-repository"
  project_id = "my-project"
  name       = "my-repo"
  triggers = {
    foo = {
      filename        = "ci/workflow-foo.yaml"
      included_files  = ["**/*tf"]
      service_account = null
      substitutions = {
        BAR = 1
      }
      template = {
        branch_name = "main"
        project_id  = null
        tag_name    = null
      }
    }
  }
}
# tftest modules=1 resources=2 inventory=trigger.yaml

Files

name description resources
iam.tf IAM resources. google_sourcerepo_repository_iam_binding · google_sourcerepo_repository_iam_member
main.tf Module-level locals and resources. google_cloudbuild_trigger · google_sourcerepo_repository
outputs.tf Module outputs.
variables.tf Module variables.
versions.tf Version pins.

Variables

name description type required default
name Repository name. string
project_id Project used for resources. string
group_iam Authoritative IAM binding for organization groups, in {GROUP_EMAIL => [ROLES]} format. Group emails need to be static. Can be used in combination with the iam variable. map(list(string)) {}
iam IAM bindings in {ROLE => [MEMBERS]} format. map(list(string)) {}
iam_bindings Authoritative IAM bindings in {KEY => {role = ROLE, members = [], condition = {}}}. Keys are arbitrary. map(object({…})) {}
iam_bindings_additive Individual additive IAM bindings. Keys are arbitrary. map(object({…})) {}
triggers Cloud Build triggers. map(object({…})) {}

Outputs

name description sensitive
id Fully qualified repository id.
name Repository name.
url Repository URL.