GCP Cloud Run app merge requestshttps://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests2021-04-15T14:10:38Zhttps://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/21Add flag to stop egress ip being destroyed2021-04-15T14:10:38ZMonty DawsonAdd flag to stop egress ip being destroyedHardcode static ip to not be destroyable. This is not ideal, but I think better than leaving IPs to be accidentally destroyed.
Unfortunately this cannot be made conditional, as conditionals are not accepted within lifecycle attributes: ...Hardcode static ip to not be destroyable. This is not ideal, but I think better than leaving IPs to be accidentally destroyed.
Unfortunately this cannot be made conditional, as conditionals are not accepted within lifecycle attributes: https://github.com/hashicorp/terraform/issues/3116.
Additionally, the well-known limitations of `prevent_destroy` still apply - i.e. removing the webapp configuration from a deployment project will still cause the ip to be destroyed without warning: https://github.com/hashicorp/terraform/issues/17599.
Closes #16DevOps Sprint 119https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/22Update changelog for 2.0.32021-04-15T14:15:49ZMonty DawsonUpdate changelog for 2.0.3DevOps Sprint 119https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/23use gvisor instead of placeholder2021-04-22T13:42:20ZRobin Goodalluse gvisor instead of placeholderPost merge, requires 2.0.4 tag creating and v2 branch updating
Closes: #17Post merge, requires 2.0.4 tag creating and v2 branch updating
Closes: #17DevOps Sprint 119Robin GoodallRobin Goodallhttps://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/24Resolve "Terraform always wants to add metadata annotation "run.googleapis.c...2021-05-28T08:07:38ZDr Abraham MartinResolve "Terraform always wants to add metadata annotation "run.googleapis.com/launch-stage" = "BETA""Minimum scale above 0 and internal and load balancer ingresses are no longer in BETA, thus remove these conditions.
Do not remove the BETA stage as we are going to still use some BETA options like the mounting of secrets from GCP Secret...Minimum scale above 0 and internal and load balancer ingresses are no longer in BETA, thus remove these conditions.
Do not remove the BETA stage as we are going to still use some BETA options like the mounting of secrets from GCP Secret Manager in an upcoming issue.
Closes #18DevOps Sprint 122Dr Abraham MartinDr Abraham Martinhttps://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/25Resolve "Support loading secrets directly into services"2021-06-11T13:57:50ZArun PatelResolve "Support loading secrets directly into services"Closes #20
The direct exposure of secrets in the Cloud Run container is enabled by passing the list of maps to this module.
Issues:
- ~~I can't find a way to disable the "feature", or to make the `volume` and `volume_mounts` collect...Closes #20
The direct exposure of secrets in the Cloud Run container is enabled by passing the list of maps to this module.
Issues:
- ~~I can't find a way to disable the "feature", or to make the `volume` and `volume_mounts` collections disappear.~~ (Solved with dynamic blocks)
- Tested with provider 3.70, needs further testing with existing deployments.DevOps Sprint 123https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/26Surface the alerting percentage variable.2021-06-16T15:22:28ZMonty DawsonSurface the alerting percentage variable.Pass the uptime success percentage variable from the monitoring module, allowing this to be specified within deployment projects.
Part of https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-site-monitoring/-/issues/3.Pass the uptime success percentage variable from the monitoring module, allowing this to be specified within deployment projects.
Part of https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-site-monitoring/-/issues/3.DevOps Sprint 123https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/27Add secretAccessor IAM permissions to Cloud Run Service account2021-06-16T14:01:46ZDr Abraham MartinAdd secretAccessor IAM permissions to Cloud Run Service accountThe Cloud Run service accounts need access to the Secret Manager secrets to be able to mount them as volumes or envars.
Closes #22The Cloud Run service accounts need access to the Secret Manager secrets to be able to mount them as volumes or envars.
Closes #22DevOps Sprint 123Dr Abraham MartinDr Abraham Martinhttps://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/28Update the changelog for 3.1.12021-06-16T15:29:23ZMonty DawsonUpdate the changelog for 3.1.1Part of https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-site-monitoring/-/issues/3.Part of https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-site-monitoring/-/issues/3.DevOps Sprint 123https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/29Resolve "Support explicitly specifying image name"2021-07-06T08:35:28ZArun PatelResolve "Support explicitly specifying image name"Closes #21
The optional variable `image_name` determines what will be deployed, and TF correctly determines "no changes" if it's the same image as currently deployed.
~~However, if `image_name` is empty, to avoid either TF attempting ...Closes #21
The optional variable `image_name` determines what will be deployed, and TF correctly determines "no changes" if it's the same image as currently deployed.
~~However, if `image_name` is empty, to avoid either TF attempting to deploy a `null` image, or deploying the fall-back `hello:latest` image, `existing_image_name` must be supplied.~~
~~`existing_image_name` needs to be determined outside of this module, and I thought it safer to make it a mandatory variable.~~
Not supplying `image_name` keeps any existing image (there should be no image based changes).
The module now includes the data resource which reads any existing Cloud Run instance and determines the currently deployed image. This behaviour relies on Terraform performing the refresh walk first, see below for concerns.DevOps Sprint 124https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/31Added Cloud NAT "min ports per VM" config2021-07-13T15:24:02ZWajdi HajjiAdded Cloud NAT "min ports per VM" configCloses https://gitlab.developers.cam.ac.uk/uis/devops/ssgw/deploy/-/issues/41Closes https://gitlab.developers.cam.ac.uk/uis/devops/ssgw/deploy/-/issues/41DevOps Sprint 125https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/32Resolve "Adding LB config for load-balanced Cloud Run services"2021-07-28T15:17:39ZWajdi HajjiResolve "Adding LB config for load-balanced Cloud Run services"The MR has breaking changes so I've set the target branch to https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/tree/v4.
Basically, the MR sets up a Load Balancer for the Cloud Run service when the variab...The MR has breaking changes so I've set the target branch to https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/tree/v4.
Basically, the MR sets up a Load Balancer for the Cloud Run service when the variable `use_cloud_load_balancer` is set to `true`.
Closes #24DevOps Sprint 126https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/33Merge the latest changes into v32021-07-15T16:49:52ZArun PatelMerge the latest changes into v3https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/34update CHANGELOG for 3.1.22021-07-15T10:25:22ZArun Patelupdate CHANGELOG for 3.1.2The change is already in master, this is an after-thought.
Even though the original change was minor, it needed to be reflected in the CHANGELOG because of it's significant context.The change is already in master, this is an after-thought.
Even though the original change was minor, it needed to be reflected in the CHANGELOG because of it's significant context.https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/35Added Cloud NAT "min ports per VM" config2021-07-15T17:27:26ZArun PatelAdded Cloud NAT "min ports per VM" config(cherry picked from commit a068f5997592b0158f94da1de5b3ea9f695d4ed8)(cherry picked from commit a068f5997592b0158f94da1de5b3ea9f695d4ed8)https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/36Added interface for auth proxy egress settings2021-08-03T09:22:23ZWajdi HajjiAdded interface for auth proxy egress settingspartially addresses: https://gitlab.developers.cam.ac.uk/uis/devops/ssgw/deploy/-/issues/35partially addresses: https://gitlab.developers.cam.ac.uk/uis/devops/ssgw/deploy/-/issues/35DevOps Sprint 126https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/37Align v4 branch and master2021-07-28T16:20:05ZDr Rich WarehamAlign v4 branch and masterMerge master and v4 and update README on versioning. Post merging, `master` needs to be `git reset` to point at `v4`.
Closes #28.Merge master and v4 and update README on versioning. Post merging, `master` needs to be `git reset` to point at `v4`.
Closes #28.https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/38Draft: Merge v3 into master2021-08-26T10:38:33ZArun PatelDraft: Merge v3 into masterAssessing adding the latest v3 changes into master.Assessing adding the latest v3 changes into master.https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/39Merge v3 into master2021-08-26T10:38:33ZWajdi HajjiMerge v3 into masterCloses #31Closes #31DevOps Sprint 128https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/40Merge master into v42021-08-26T10:38:55ZWajdi HajjiMerge master into v4Only merge this MR after https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/39.
Closes #31Only merge this MR after https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/39.
Closes #31DevOps Sprint 128https://gitlab.developers.cam.ac.uk/uis/devops/infra/terraform/gcp-cloud-run-app/-/merge_requests/41Fix typo in monitor_hosts2021-08-26T13:22:23ZWajdi HajjiFix typo in monitor_hostsCloses #32Closes #32DevOps Sprint 128