6.8 KiB
6.8 KiB
Google Cloud Artifact Registry Module
This module simplifies the creation of repositories using Google Cloud Artifact Registry.
- Standard Repository
- Remote and Virtual Repositories
- Additional Docker and Maven Options
- Cleanup Policies
- Variables
- Outputs
Standard Repository
module "docker_artifact_registry" {
source = "./fabric/modules/artifact-registry"
project_id = "myproject"
location = "europe-west1"
name = "myregistry"
iam = {
"roles/artifactregistry.admin" = ["group:cicd@example.com"]
}
}
# tftest modules=1 resources=2
Remote and Virtual Repositories
module "registry-local" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = "europe-west1"
name = "local"
format = { python = {} }
}
module "registry-remote" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = "europe-west1"
name = "remote"
format = { python = {} }
mode = { remote = true }
}
module "registry-virtual" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = "europe-west1"
name = "virtual"
format = { python = {} }
mode = {
virtual = {
remote = {
repository = module.registry-remote.id
priority = 1
}
local = {
repository = module.registry-local.id
priority = 10
}
}
}
}
# tftest modules=3 resources=3 inventory=remote-virtual.yaml
Additional Docker and Maven Options
module "registry-docker" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = "europe-west1"
name = "docker"
format = {
docker = {
immutable_tags = true
}
}
}
module "registry-maven" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = "europe-west1"
name = "maven"
format = {
maven = {
allow_snapshot_overwrites = true
version_policy = "RELEASE"
}
}
}
# tftest modules=2 resources=2
Cleanup Policies
module "registry-docker" {
source = "./fabric/modules/artifact-registry"
project_id = var.project_id
location = "europe-west1"
name = "docker-cleanup-policies"
format = { docker = {} }
cleanup_policy_dry_run = false
cleanup_policies = {
keep-5-versions = {
action = "KEEP"
most_recent_versions = {
package_name_prefixes = ["test"]
keep_count = 5
}
}
keep-tagged-release = {
action = "KEEP"
condition = {
tag_state = "TAGGED"
tag_prefixes = ["release"]
package_name_prefixes = ["webapp", "mobile"]
}
}
}
}
# tftest modules=1 resources=1 inventory=cleanup-policies.yaml
Variables
name | description | type | required | default |
---|---|---|---|---|
cleanup_policies | Object containing details about the cleanup policies for an Artifact Registry repository. | map(object({…default = null |
✓ | |
location | Registry location. Use `gcloud beta artifacts locations list' to get valid values. | string |
✓ | |
name | Registry name. | string |
✓ | |
project_id | Registry project id. | string |
✓ | |
cleanup_policy_dry_run | If true, the cleanup pipeline is prevented from deleting versions in this repository. | bool |
null |
|
description | An optional description for the repository. | string |
"Terraform-managed registry" |
|
encryption_key | The KMS key name to use for encryption at rest. | string |
null |
|
format | Repository format. | object({…}) |
{ docker = {} } |
|
iam | IAM bindings in {ROLE => [MEMBERS]} format. | map(list(string)) |
{} |
|
labels | Labels to be attached to the registry. | map(string) |
{} |
|
mode | Repository mode. | object({…}) |
{ standard = true } |
Outputs
name | description | sensitive |
---|---|---|
id | Fully qualified repository id. | |
image_path | Repository path for images. | |
name | Repository name. |