Support conformance env lifecycle in GCP CI Cloud Build

roger2hk · roger2hk · commit da1c0bf0173b · 2024-11-27T16:53:37.000Z
diff --git a/deployment/modules/gcp/cloudrun/iam/main.tf b/deployment/modules/gcp/cloudrun/iam/main.tf
@@ -1,5 +1,5 @@
 resource "google_service_account" "cloudrun_service_account" {
-  account_id   = "cloudrun-${var.env}-sa"
+  account_id   = var.cloudrun_service_account_id
   display_name = "Service Account for Cloud Run (${var.env})"
 }
 
diff --git a/deployment/modules/gcp/cloudrun/iam/outputs.tf b/deployment/modules/gcp/cloudrun/iam/outputs.tf
@@ -0,0 +1,4 @@
+output "cloudrun_service_account" {
+  description = "The Cloud Run service account"
+  value       = google_service_account.cloudrun_service_account
+}
diff --git a/deployment/modules/gcp/cloudrun/iam/variables.tf b/deployment/modules/gcp/cloudrun/iam/variables.tf
@@ -8,6 +8,11 @@ variable "env" {
   type        = string
 }
 
+variable "cloudrun_service_account_id" {
+  description = "The Clour Run service account ID to be created"
+  type        = string
+}
+
 variable "bucket" {
   description = "Log GCS bucket"
   type        = string
diff --git a/deployment/modules/gcp/cloudrun/main.tf b/deployment/modules/gcp/cloudrun/main.tf
@@ -26,6 +26,7 @@ module "cloudrun_iam" {
 }
 
 locals {
+  cloudrun_service_account_id = "cloudrun-${var.env}-sa"
   spanner_log_db_path   = "projects/${var.project_id}/instances/${var.log_spanner_instance}/databases/${var.log_spanner_db}"
   spanner_dedup_db_path = "projects/${var.project_id}/instances/${var.log_spanner_instance}/databases/${var.dedup_spanner_db}"
 }
@@ -36,7 +37,7 @@ resource "google_cloud_run_v2_service" "default" {
   launch_stage = "GA"
 
   template {
-    service_account                  = google_service_account.cloudrun_service_account.account_id
+    service_account                  = module.cloudrun_iam.cloudrun_service_account.account_id
     max_instance_request_concurrency = 700
     timeout                          = "5s"
 

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`resource "google_service_account" "cloudrun_service_account" {`
`2`		`- account_id = "cloudrun-${var.env}-sa"`
	`2`	`+ account_id = var.cloudrun_service_account_id`
`3`	`3`	`display_name = "Service Account for Cloud Run (${var.env})"`
`4`	`4`	`}`
`5`	`5`
Original file line number	Diff line number	Diff line change
`@@ -26,6 +26,7 @@ module "cloudrun_iam" {`
`26`	`26`	`}`
`27`	`27`
`28`	`28`	`locals {`
	`29`	`+ cloudrun_service_account_id = "cloudrun-${var.env}-sa"`
`29`	`30`	`spanner_log_db_path = "projects/${var.project_id}/instances/${var.log_spanner_instance}/databases/${var.log_spanner_db}"`
`30`	`31`	`spanner_dedup_db_path = "projects/${var.project_id}/instances/${var.log_spanner_instance}/databases/${var.dedup_spanner_db}"`
`31`	`32`	`}`
`@@ -36,7 +37,7 @@ resource "google_cloud_run_v2_service" "default" {`
`36`	`37`	`launch_stage = "GA"`
`37`	`38`
`38`	`39`	`template {`
`39`		`- service_account = google_service_account.cloudrun_service_account.account_id`
	`40`	`+ service_account = module.cloudrun_iam.cloudrun_service_account.account_id`
`40`	`41`	`max_instance_request_concurrency = 700`
`41`	`42`	`timeout = "5s"`
`42`	`43`