-
Notifications
You must be signed in to change notification settings - Fork 910
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update
modules/artifact-registry
with newly-released features.
Fixes #2377
- Loading branch information
Showing
10 changed files
with
456 additions
and
93 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -3,22 +3,24 @@ | |
This module simplifies the creation of repositories using Google Cloud Artifact Registry. | ||
|
||
<!-- BEGIN TOC --> | ||
- [Standard Repository](#standard-repository) | ||
- [Simple Docker Repository](#simple-docker-repository) | ||
- [Remote and Virtual Repositories](#remote-and-virtual-repositories) | ||
- [Additional Docker and Maven Options](#additional-docker-and-maven-options) | ||
- [Other Formats](#other-formats) | ||
- [Cleanup Policies](#cleanup-policies) | ||
- [Variables](#variables) | ||
- [Outputs](#outputs) | ||
<!-- END TOC --> | ||
|
||
## Standard Repository | ||
## Simple Docker Repository | ||
|
||
```hcl | ||
module "docker_artifact_registry" { | ||
source = "./fabric/modules/artifact-registry" | ||
project_id = "myproject" | ||
location = "europe-west1" | ||
name = "myregistry" | ||
format = { docker = { standard = {} } } | ||
iam = { | ||
"roles/artifactregistry.admin" = ["group:[email protected]"] | ||
} | ||
|
@@ -35,33 +37,43 @@ module "registry-local" { | |
project_id = var.project_id | ||
location = "europe-west1" | ||
name = "local" | ||
format = { python = {} } | ||
format = { | ||
python = { | ||
standard = true | ||
} | ||
} | ||
} | ||
module "registry-remote" { | ||
source = "./fabric/modules/artifact-registry" | ||
project_id = var.project_id | ||
location = "europe-west1" | ||
name = "remote" | ||
format = { python = {} } | ||
mode = { remote = true } | ||
format = { | ||
python = { | ||
remote = { | ||
public_repository = "PYPI" | ||
} | ||
} | ||
} | ||
} | ||
module "registry-virtual" { | ||
source = "./fabric/modules/artifact-registry" | ||
project_id = var.project_id | ||
location = "europe-west1" | ||
name = "virtual" | ||
format = { python = {} } | ||
mode = { | ||
virtual = { | ||
remote = { | ||
repository = module.registry-remote.id | ||
priority = 1 | ||
} | ||
local = { | ||
repository = module.registry-local.id | ||
priority = 10 | ||
format = { | ||
python = { | ||
virtual = { | ||
remote = { | ||
repository = module.registry-remote.id | ||
priority = 1 | ||
} | ||
local = { | ||
repository = module.registry-local.id | ||
priority = 10 | ||
} | ||
} | ||
} | ||
} | ||
|
@@ -81,7 +93,9 @@ module "registry-docker" { | |
name = "docker" | ||
format = { | ||
docker = { | ||
immutable_tags = true | ||
standard = { | ||
immutable_tags = true | ||
} | ||
} | ||
} | ||
} | ||
|
@@ -93,25 +107,88 @@ module "registry-maven" { | |
name = "maven" | ||
format = { | ||
maven = { | ||
allow_snapshot_overwrites = true | ||
version_policy = "RELEASE" | ||
standard = { | ||
allow_snapshot_overwrites = true | ||
version_policy = "RELEASE" | ||
} | ||
} | ||
} | ||
} | ||
# tftest modules=2 resources=2 | ||
``` | ||
|
||
## Cleanup Policies | ||
## Other Formats | ||
|
||
```hcl | ||
module "apt-registry" { | ||
source = "./fabric/modules/artifact-registry" | ||
project_id = var.project_id | ||
location = var.region | ||
name = "apt-registry" | ||
format = { apt = { standard = true } } | ||
} | ||
module "generic-registry" { | ||
source = "./fabric/modules/artifact-registry" | ||
project_id = var.project_id | ||
location = var.region | ||
name = "generic-registry" | ||
format = { generic = { standard = true } } | ||
} | ||
module "go-registry" { | ||
source = "./fabric/modules/artifact-registry" | ||
project_id = var.project_id | ||
location = var.region | ||
name = "go-registry" | ||
format = { go = { standard = true } } | ||
} | ||
module "googet-registry" { | ||
source = "./fabric/modules/artifact-registry" | ||
project_id = var.project_id | ||
location = var.region | ||
name = "googet-registry" | ||
format = { googet = { standard = true } } | ||
} | ||
module "kfp-registry" { | ||
source = "./fabric/modules/artifact-registry" | ||
project_id = var.project_id | ||
location = var.region | ||
name = "kfp-registry" | ||
format = { kfp = { standard = true } } | ||
} | ||
module "npm-registry" { | ||
source = "./fabric/modules/artifact-registry" | ||
project_id = var.project_id | ||
location = var.region | ||
name = "npm-registry" | ||
format = { npm = { standard = true } } | ||
} | ||
module "yum-registry" { | ||
source = "./fabric/modules/artifact-registry" | ||
project_id = var.project_id | ||
location = var.region | ||
name = "yum-registry" | ||
format = { yum = { standard = true } } | ||
} | ||
# tftest modules=7 resources=7 inventory=other-formats.yaml | ||
``` | ||
|
||
## Cleanup Policies | ||
|
||
```hcl | ||
module "registry-docker" { | ||
source = "./fabric/modules/artifact-registry" | ||
project_id = var.project_id | ||
location = "europe-west1" | ||
name = "docker-cleanup-policies" | ||
format = { docker = {} } | ||
format = { docker = { standard = {} } } | ||
cleanup_policy_dry_run = false | ||
cleanup_policies = { | ||
keep-5-versions = { | ||
|
@@ -131,8 +208,6 @@ module "registry-docker" { | |
} | ||
} | ||
} | ||
# tftest modules=1 resources=1 inventory=cleanup-policies.yaml | ||
``` | ||
<!-- BEGIN TFDOC --> | ||
|
@@ -141,22 +216,21 @@ module "registry-docker" { | |
| name | description | type | required | default | | ||
|---|---|:---:|:---:|:---:| | ||
| [cleanup_policies](variables.tf#L17) | Object containing details about the cleanup policies for an Artifact Registry repository. | <code title="map(object({ action = string condition = optional(object({ tag_state = optional(string) tag_prefixes = optional(list(string)) older_than = optional(string) newer_than = optional(string) package_name_prefixes = optional(list(string)) version_name_prefixes = optional(list(string)) })) most_recent_versions = optional(object({ package_name_prefixes = optional(list(string)) keep_count = optional(number) })) })) default = null">map(object({…default = null</code> | ✓ | | | ||
| [location](variables.tf#L95) | Registry location. Use `gcloud beta artifacts locations list' to get valid values. | <code>string</code> | ✓ | | | ||
| [name](variables.tf#L120) | Registry name. | <code>string</code> | ✓ | | | ||
| [project_id](variables.tf#L125) | Registry project id. | <code>string</code> | ✓ | | | ||
| [format](variables.tf#L56) | Repository format. | <code title="object({ apt = optional(object({ remote = optional(object({ public_repository = string # "BASE path" disable_upstream_validation = optional(bool) upstream_credentials = optional(object({ username = string password_secret_version = string })) })) standard = optional(bool) })) docker = optional(object({ remote = optional(object({ public_repository = optional(string) custom_repository = optional(string) disable_upstream_validation = optional(bool) upstream_credentials = optional(object({ username = string password_secret_version = string })) })) standard = optional(object({ immutable_tags = optional(bool) })) virtual = optional(map(object({ repository = string priority = number }))) })) kfp = optional(object({ standard = optional(bool) })) generic = optional(object({ standard = optional(bool) })) go = optional(object({ standard = optional(bool) })) googet = optional(object({ standard = optional(bool) })) maven = optional(object({ remote = optional(object({ public_repository = optional(string) custom_repository = optional(string) disable_upstream_validation = optional(bool) upstream_credentials = optional(object({ username = string password_secret_version = string })) })) standard = optional(object({ allow_snapshot_overwrites = optional(bool) version_policy = optional(string) })) virtual = optional(map(object({ repository = string priority = number }))) })) npm = optional(object({ remote = optional(object({ public_repository = optional(string) custom_repository = optional(string) disable_upstream_validation = optional(bool) upstream_credentials = optional(object({ username = string password_secret_version = string })) })) standard = optional(bool) virtual = optional(map(object({ repository = string priority = number }))) })) python = optional(object({ remote = optional(object({ public_repository = optional(string) custom_repository = optional(string) disable_upstream_validation = optional(bool) upstream_credentials = optional(object({ username = string password_secret_version = string })) })) standard = optional(bool) virtual = optional(map(object({ repository = string priority = number }))) })) yum = optional(object({ remote = optional(object({ public_repository = string # "BASE path" disable_upstream_validation = optional(bool) upstream_credentials = optional(object({ username = string password_secret_version = string })) })) standard = optional(bool) })) })">object({…})</code> | ✓ | | | ||
| [location](variables.tf#L208) | Registry location. Use `gcloud beta artifacts locations list' to get valid values. | <code>string</code> | ✓ | | | ||
| [name](variables.tf#L213) | Registry name. | <code>string</code> | ✓ | | | ||
| [project_id](variables.tf#L218) | Registry project id. | <code>string</code> | ✓ | | | ||
| [cleanup_policy_dry_run](variables.tf#L38) | If true, the cleanup pipeline is prevented from deleting versions in this repository. | <code>bool</code> | | <code>null</code> | | ||
| [description](variables.tf#L44) | An optional description for the repository. | <code>string</code> | | <code>"Terraform-managed registry"</code> | | ||
| [encryption_key](variables.tf#L50) | The KMS key name to use for encryption at rest. | <code>string</code> | | <code>null</code> | | ||
| [format](variables.tf#L56) | Repository format. | <code title="object({ apt = optional(object({})) docker = optional(object({ immutable_tags = optional(bool) })) kfp = optional(object({})) go = optional(object({})) maven = optional(object({ allow_snapshot_overwrites = optional(bool) version_policy = optional(string) })) npm = optional(object({})) python = optional(object({})) yum = optional(object({})) })">object({…})</code> | | <code>{ docker = {} }</code> | | ||
| [iam](variables.tf#L83) | IAM bindings in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>{}</code> | | ||
| [labels](variables.tf#L89) | Labels to be attached to the registry. | <code>map(string)</code> | | <code>{}</code> | | ||
| [mode](variables.tf#L100) | Repository mode. | <code title="object({ standard = optional(bool) remote = optional(bool) virtual = optional(map(object({ repository = string priority = number }))) })">object({…})</code> | | <code>{ standard = true }</code> | | ||
| [iam](variables.tf#L196) | IAM bindings in {ROLE => [MEMBERS]} format. | <code>map(list(string))</code> | | <code>{}</code> | | ||
| [labels](variables.tf#L202) | Labels to be attached to the registry. | <code>map(string)</code> | | <code>{}</code> | | ||
|
||
## Outputs | ||
|
||
| name | description | sensitive | | ||
|---|---|:---:| | ||
| [id](outputs.tf#L17) | Fully qualified repository id. | | | ||
| [image_path](outputs.tf#L22) | Repository path for images. | | | ||
| [name](outputs.tf#L32) | Repository name. | | | ||
| [name](outputs.tf#L22) | Repository name. | | | ||
| [repository](outputs.tf#L27) | Repository object. | | | ||
<!-- END TFDOC --> |
Oops, something went wrong.