Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for Shared VPC in Cloud Run #1360

Merged
merged 5 commits into from
May 5, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 23 additions & 1 deletion modules/cloud-run/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,28 @@ module "cloud_run" {
# tftest modules=1 resources=2 inventory=connector.yaml
```

Note that if you are using Shared VPC you need to specify a subnet:

```hcl
module "cloud_run" {
source = "./fabric/modules/cloud-run"
project_id = var.project_id
name = "hello"
containers = {
hello = {
image = "us-docker.pkg.dev/cloudrun/container/hello"
}
}
vpc_connector_create = {
subnet = {
name = "subnet-vpc-access"
project_id = "host-project"
}
}
}
# tftest modules=1 resources=2 inventory=connector-shared.yaml
```

### Traffic split

This deploys a Cloud Run service with traffic split between two revisions.
Expand Down Expand Up @@ -254,7 +276,7 @@ module "cloud_run" {
| [timeout_seconds](variables.tf#L180) | Maximum duration the instance is allowed for responding to a request. | <code>number</code> | | <code>null</code> |
| [traffic](variables.tf#L186) | Traffic steering configuration. If revision name is null the latest revision will be used. | <code title="map&#40;object&#40;&#123;&#10; percent &#61; number&#10; latest &#61; optional&#40;bool&#41;&#10; tag &#61; optional&#40;string&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>&#123;&#125;</code> |
| [volumes](variables.tf#L197) | Named volumes in containers in name => attributes format. | <code title="map&#40;object&#40;&#123;&#10; secret_name &#61; string&#10; default_mode &#61; optional&#40;string&#41;&#10; items &#61; optional&#40;map&#40;object&#40;&#123;&#10; path &#61; string&#10; mode &#61; optional&#40;string&#41;&#10; &#125;&#41;&#41;&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>&#123;&#125;</code> |
| [vpc_connector_create](variables.tf#L211) | Populate this to create a VPC connector. You can then refer to it in the template annotations. | <code title="object&#40;&#123;&#10; ip_cidr_range &#61; string&#10; vpc_self_link &#61; string&#10; machine_type &#61; optional&#40;string&#41;&#10; name &#61; optional&#40;string&#41;&#10; instances &#61; optional&#40;object&#40;&#123;&#10; max &#61; optional&#40;number&#41;&#10; min &#61; optional&#40;number&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; throughput &#61; optional&#40;object&#40;&#123;&#10; max &#61; optional&#40;number&#41;&#10; min &#61; optional&#40;number&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
| [vpc_connector_create](variables.tf#L211) | Populate this to create a VPC connector. You can then refer to it in the template annotations. | <code title="object&#40;&#123;&#10; ip_cidr_range &#61; optional&#40;string&#41;&#10; vpc_self_link &#61; optional&#40;string&#41;&#10; machine_type &#61; optional&#40;string&#41;&#10; name &#61; optional&#40;string&#41;&#10; instances &#61; optional&#40;object&#40;&#123;&#10; max &#61; optional&#40;number&#41;&#10; min &#61; optional&#40;number&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; throughput &#61; optional&#40;object&#40;&#123;&#10; max &#61; optional&#40;number&#41;&#10; min &#61; optional&#40;number&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; subnet &#61; optional&#40;object&#40;&#123;&#10; name &#61; optional&#40;string&#41;&#10; project_id &#61; optional&#40;string&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |

## Outputs

Expand Down
4 changes: 4 additions & 0 deletions modules/cloud-run/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,10 @@ resource "google_vpc_access_connector" "connector" {
max_throughput = var.vpc_connector_create.throughput.max
min_instances = var.vpc_connector_create.instances.min
min_throughput = var.vpc_connector_create.throughput.min
subnet {
name = var.vpc_connector_create.subnet.name
project_id = var.vpc_connector_create.subnet.project_id
}
}

resource "google_cloud_run_service" "service" {
Expand Down
8 changes: 6 additions & 2 deletions modules/cloud-run/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -211,8 +211,8 @@ variable "volumes" {
variable "vpc_connector_create" {
description = "Populate this to create a VPC connector. You can then refer to it in the template annotations."
type = object({
ip_cidr_range = string
vpc_self_link = string
ip_cidr_range = optional(string)
vpc_self_link = optional(string)
machine_type = optional(string)
name = optional(string)
instances = optional(object({
Expand All @@ -223,6 +223,10 @@ variable "vpc_connector_create" {
max = optional(number)
min = optional(number)
}), {})
subnet = optional(object({
name = optional(string)
project_id = optional(string)
}), {})
})
default = null
}
53 changes: 53 additions & 0 deletions tests/modules/cloud_run/examples/connector-shared.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
# Copyright 2023 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

values:
module.cloud_run.google_cloud_run_service.service:
autogenerate_revision_name: false
location: europe-west1
metadata:
- {}
name: hello
project: project-id
template:
- metadata:
- labels: null
spec:
- containers:
- args: null
command: null
env: []
env_from: []
image: us-docker.pkg.dev/cloudrun/container/hello
liveness_probe: []
volume_mounts: []
working_dir: null
volumes: []
timeouts: null
module.cloud_run.google_vpc_access_connector.connector[0]:
ip_cidr_range: null
machine_type: e2-micro
max_throughput: 300
min_throughput: 200
name: hello
project: project-id
region: europe-west1
subnet:
- name: subnet-vpc-access
project_id: host-project
timeouts: null

counts:
google_cloud_run_service: 1
google_vpc_access_connector: 1
3 changes: 2 additions & 1 deletion tests/modules/cloud_run/examples/connector.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,8 @@ values:
network: projects/example/host/global/networks/host
project: project-id
region: europe-west1
subnet: []
subnet:
- name: null

counts:
google_cloud_run_service: 1
Expand Down