feat: add migration support for artifact registry
Add support for external docker registry URLs allowing one to specify the artifact registry URL and start migrating away from use of this module.
Merge request reports
Activity
assigned to @rjw57
added 1 commit
- ac15cf0f - feat: add migration support for artifact registry
added 1 commit
- aad31b06 - feat: add migration support for artifact registry
added 1 commit
- 8f8a9d13 - feat: add migration support for artifact registry
62 62 } 63 64 variable "external_repository_url" { 65 description = <<-EOI 66 Location of external repository to push image. 67 68 If you are using the artifact registry, this will be something like: 69 europe-west2-docker.pkg.dev/some-meta-project-id/default. 70 71 Required if use_external_repository is true. 72 EOI 73 default = null 74 type = string 75 } 76 77 variable "use_external_repository" { Ah, yes and no. The tl;dr is that terraform will moan trying to create a plan if
external_repository_url
depends on resources which have not yet been created.The longer story is below.
There is a little subtlety in terraform which has bitten me before that the value of
count
andfor_each
must be known quite early on in the process. So, indeed, we don't needuse_external_repository
ifexternal_repository_url
is a static string but if it is the output of a not yet createdresource
then terraform will moan that it can't determine the value of the string before applying and so can't generate a plan.It hits me often enough that I now keep all conditions which end up turning into
count = ... ? 1 : 0
as explicit booleans.You can see this pattern being used in other terraform modules where people have hard-won experience. An example which springs to mind is
create_url_map
from https://registry.terraform.io/modules/GoogleCloudPlatform/lb-http/google/latest/submodules/serverless_negs. Strictly speaking it is inferable fromurl_map
. Indeed the docs say "[s]et to false if url_map variable is provided" implying that the variable is redundant but sinceurl_map
may depend on other resources, terraform may not always be able to determine its value at plan time.So, yes, if terraform worked perfectly we don't need this but just-often-enough it's the case that we need to keep the flag and value which that flag depends on separate.
Edited by Dr Rich Wareham
60 60 default = {} 61 61 type = map(string) 62 62 } 63 64 variable "external_repository_url" { 65 description = <<-EOI 66 Location of external repository to push image. 67 68 If you are using the artifact registry, this will be something like: 69 europe-west2-docker.pkg.dev/some-meta-project-id/default. - Comment on lines +68 to +69
May be too much trouble... but would using a
data.google_artifact_registry_repository
save someone having to construct this URL to use the module? Possibly. But then that would preclude the use of any other external repository. Or special cases where the external repository needs to be outside of europe-west2. (We've had examples where features launch only in europe-west1, for example.)
I wanted to keep this change orthogonal to which external repository was being used since it's a generic escape hatch.
mentioned in epic uis/devops#251
requested review from @rk725
mentioned in commit c9afd7d4