-
Ryan Kowalewski authoredRyan Kowalewski authored
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
examples.md 8.06 KiB
Example Usage
This page contains some examples of the different ways this module can be configured.
Basic
A basic Cloud Run service with a single container definition.
module "webapp" {
source = "gitlab.developers.cam.ac.uk/uis/gcp-cloud-run-app/devops"
version = "~> 9.0"
region = "europe-west2"
project = "example-project-id-1234"
containers = {
webapp = {
image = "us-docker.pkg.dev/cloudrun/container/hello"
}
}
}Load balancer
A basic Cloud Run service configured to use a load balancer for ingress.
module "webapp" {
source = "gitlab.developers.cam.ac.uk/uis/gcp-cloud-run-app/devops"
version = "~> 9.0"
region = "europe-west2"
project = "example-project-id-1234"
containers = {
webapp = {
image = "us-docker.pkg.dev/cloudrun/container/hello"
}
}
enable_load_balancer = true
dns_names = {
webapp = "webapp.test.example.com"
}
}
resource "google_dns_record_set" "load_balancer_webapp" {
name = "webapp.test.example.com."
type = "A"
ttl = 300
managed_zone = "example-zone"
project = "example-project-id-1234"
rrdatas = [
module.webapp.load_balancer.external_ip
]
}Secret environment variables and volumes
A Cloud Run service configured to load environment variables and mount volumes via Google Secret Manager secret objects.
Note that you need to grant the created service account identity the ability to access the secret objects outside of this module call.
resource "google_secret_manager_secret" "main" {
secret_id = "my-secret"
project = "example-project-id-1234"
replication {
auto {}
}
}
resource "google_secret_manager_secret_version" "main" {
secret = google_secret_manager_secret.main.id
secret_data = "my-secret-data"
}
resource "google_secret_manager_secret_iam_member" "main" {
project = "example-project-id-1234"
secret_id = google_secret_manager_secret.main.id
role = "roles/secretmanager.secretAccessor"
member = "serviceAccount:${module.webapp.service_account.email}"
}
module "webapp" {
source = "gitlab.developers.cam.ac.uk/uis/gcp-cloud-run-app/devops"
version = "~> 9.0"
region = "europe-west2"
project = "example-project-id-1234"
containers = {
webapp = {
image = "us-docker.pkg.dev/cloudrun/container/hello"
env = [
{
name = "SECRET",
value_source = {
secret_key_ref = {
secret = google_secret_manager_secret.main.id
version = "latest"
}
}
}
]
volume_mounts = [
{
name = "secret-volume",
mount_path = "/secrets"
}
]
}
}
volumes = [
{
name = "secret-volume",
secret = {
secret = google_secret_manager_secret.main.id
items = [
{
version = "latest",
path = "my-secret"
}
]
}
}
]
}Mounting CloudSQL instances
A Cloud Run service which mounts an existing CloudSQL instance using the
mount_cloudsql_instance helper variable.
module "webapp" {
source = "gitlab.developers.cam.ac.uk/uis/gcp-cloud-run-app/devops"
version = "~> 9.0"
region = "europe-west2"
project = "example-project-id-1234"
containers = {
webapp = {
image = "us-docker.pkg.dev/cloudrun/container/hello"
}
}
mount_cloudsql_instance = module.sql.instance_connection_name
}
module "sql" {
source = "GoogleCloudPlatform/sql-db/google//modules/postgresql"
version = "~> 17.0"
database_version = "POSTGRES_15"
name = "test-sql-1234"
project_id = "example-project-id-1234"
tier = "db-f1-micro"
availability_type = "ZONAL"
region = "europe-west2"
zone = "europe-west2-a"
deletion_protection = false
deletion_protection_enabled = false
}Pre-deploy job
A Cloud Run service with a corresponding "pre-deploy" Cloud Run job. See the Pre-deploy Cloud Run Job section in the README.md for more information.
module "webapp" {
source = "gitlab.developers.cam.ac.uk/uis/gcp-cloud-run-app/devops"
version = "~> 9.0"
region = "europe-west2"
project = "example-project-id-1234"
containers = {
webapp = {
image = "registry.gitlab.developers.cam.ac.uk/uis/devops/infra/dockerimages/django:5.0-py3.12"
}
}
mount_cloudsql_instance = module.sql.instance_connection_name
enable_pre_deploy_job = true
pre_deploy_job_container = {
image = "registry.gitlab.developers.cam.ac.uk/uis/devops/infra/dockerimages/django:5.0-py3.12"
command = ["python3"]
args = ["/usr/src/app/manage.py", "migrate"]
}
pre_deploy_job_mount_cloudsql_instance = module.sql.instance_connection_name
}
module "sql" {
source = "GoogleCloudPlatform/sql-db/google//modules/postgresql"
version = "~> 17.0"
database_version = "POSTGRES_15"
name = "test-sql-1234"
project_id = "example-project-id-1234"
tier = "db-f1-micro"
availability_type = "ZONAL"
region = "europe-west2"
zone = "europe-west2-a"
deletion_protection = false
deletion_protection_enabled = false
}Multi-container deployment
A Cloud Run service which defines multiple containers (sidecars). For more information see the Cloud Run documentation.