allow webapp service account id to be customised and SQL instance to be blank

As noted in #6 (closed), we were hard-coding the service account id used for the webapp to "webapp-run". This meant it was impossible to deploy more than one webapp in a project.

As noted in #5 (closed), sometimes we didn't want to associate a SQL instance with the webapp.

Form a better default from the "name" variable. For existing deployments the service account id will be unchanged if the "name" variable is at its default value.

Allow the service account id to be specified explicitly via the optional "service_account_id" variable.

Allow sql_instance_connection_name to be blank. If so, we don't set the Cloud SQL annotation on the service or attempt to grant the service account roles.

Closes #6 (closed) Closes #5 (closed)

main.tf

@@ -8,7 +8,10 @@ resource "google_service_account" "webapp" {
 }
 
 # The webapp service account has the ability to connect to the SQL instance.
+# (Only if sql_instance_connection_name is non-empty.)
 resource "google_project_iam_member" "webapp_sql_client" {
+  count = (var.sql_instance_connection_name != "") ? 1 : 0
+
   project = local.sql_instance_project
   role    = "roles/cloudsql.client"
   member  = "serviceAccount:${google_service_account.webapp.email}"
@@ -28,23 +31,29 @@ resource "google_cloud_run_service" "webapp" {
 
   template {
     metadata {
-      annotations = {
-        # Maximum number of auto-scaled instances.  For a container with
-        # N-workers, maxScale should be less than 1/N of the maximum connection
-        # count for the Cloud SQL instance.
-        "autoscaling.knative.dev/maxScale" = var.max_scale
-
-        # Cloud SQL instances to auto-magically make appear in the container as
-        # Unix sockets.
-        "run.googleapis.com/cloudsql-instances" = var.sql_instance_connection_name
-
-        # As mentioned at https://www.terraform.io/docs/configuration/resources.html#ignore_changes
-        # placeholders need to be created as the adding the key to the map is
-        # considered a change and not ignored by ignore_changes
-        "client.knative.dev/user-image"     = "placeholder"
-        "run.googleapis.com/client-name"    = "placeholder"
-        "run.googleapis.com/client-version" = "placeholder"
-      }
+      annotations = merge(
+        # Annotations which are always set:
+        {
+          # Maximum number of auto-scaled instances.  For a container with
+          # N-workers, maxScale should be less than 1/N of the maximum connection
+          # count for the Cloud SQL instance.
+          "autoscaling.knative.dev/maxScale" = var.max_scale
+
+          # As mentioned at https://www.terraform.io/docs/configuration/resources.html#ignore_changes
+          # placeholders need to be created as the adding the key to the map is
+          # considered a change and not ignored by ignore_changes
+          "client.knative.dev/user-image"     = "placeholder"
+          "run.googleapis.com/client-name"    = "placeholder"
+          "run.googleapis.com/client-version" = "placeholder"
+        },
+
+        # Annotations which are only set if there is a Cloud SQL instance:
+        (var.sql_instance_connection_name != "") ? {
+          # Cloud SQL instances to auto-magically make appear in the container as
+          # Unix sockets.
+          "run.googleapis.com/cloudsql-instances" = var.sql_instance_connection_name
+        } : {},
+      )
 
       # See the README for information on this.
       name = random_id.webapp_revision_name.hex