Google Cloud Source Repository Module
This module allows managing a single Cloud Source Repository, including IAM bindings and basic Cloud Build triggers.
Examples
Repository with IAM
module "repo" {
source = "./fabric/modules/source-repository"
project_id = "my-project"
name = "my-repo"
iam = {
"roles/source.reader" = ["user:foo@example.com"]
}
}
# tftest modules=1 resources=2 inventory=simple.yaml
Repository with Cloud Build trigger
module "repo" {
source = "./fabric/modules/source-repository"
project_id = "my-project"
name = "my-repo"
triggers = {
foo = {
filename = "ci/workflow-foo.yaml"
included_files = ["**/*tf"]
service_account = null
substitutions = {
BAR = 1
}
template = {
branch_name = "main"
project_id = null
tag_name = null
}
}
}
}
# tftest modules=1 resources=2 inventory=trigger.yaml
Files
name |
description |
resources |
iam.tf |
IAM resources. |
google_sourcerepo_repository_iam_binding · google_sourcerepo_repository_iam_member |
main.tf |
Module-level locals and resources. |
google_cloudbuild_trigger · google_sourcerepo_repository |
outputs.tf |
Module outputs. |
|
variables.tf |
Module variables. |
|
versions.tf |
Version pins. |
|
Variables
name |
description |
type |
required |
default |
name |
Repository name. |
string |
✓ |
|
project_id |
Project used for resources. |
string |
✓ |
|
group_iam |
Authoritative IAM binding for organization groups, in {GROUP_EMAIL => [ROLES]} format. Group emails need to be static. Can be used in combination with the iam variable. |
map(list(string)) |
|
{} |
iam |
IAM bindings in {ROLE => [MEMBERS]} format. |
map(list(string)) |
|
{} |
iam_additive |
IAM additive bindings in {ROLE => [MEMBERS]} format. |
map(list(string)) |
|
{} |
iam_additive_members |
IAM additive bindings in {MEMBERS => [ROLE]} format. This might break if members are dynamic values. |
map(list(string)) |
|
{} |
triggers |
Cloud Build triggers. |
map(object({…})) |
|
{} |
Outputs
name |
description |
sensitive |
id |
Repository id. |
|
name |
Repository name. |
|
url |
Repository URL. |
|