From 3fdf684be2d30e2f3a08c67c424db7ca590c9252 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wiktor=20Niesiob=C4=99dzki?= Date: Wed, 24 Jan 2024 09:51:02 +0000 Subject: [PATCH 1/2] Remove default region for Cloud Function and Cloud Run --- modules/cloud-function-v1/README.md | 27 +++++++++++----- modules/cloud-function-v1/variables.tf | 3 +- modules/cloud-function-v2/README.md | 25 ++++++++++----- modules/cloud-function-v2/variables.tf | 1 - modules/cloud-run-v2/README.md | 19 +++++++++--- modules/cloud-run-v2/variables.tf | 1 - modules/cloud-run/README.md | 31 +++++++++++++------ modules/cloud-run/variables.tf | 1 - .../cloud_function_v2/examples/iam.yaml | 2 +- .../cloud_run/examples/audit-logs.yaml | 6 ++-- .../cloud_run/examples/connector-shared.yaml | 4 +-- .../modules/cloud_run/examples/connector.yaml | 4 +-- .../modules/cloud_run/examples/eventarc.yaml | 4 +-- tests/modules/cloud_run/examples/gen2.yaml | 2 +- .../examples/revision-annotations.yaml | 2 +- .../examples/service-account-external.yaml | 2 +- .../cloud_run/examples/service-account.yaml | 2 +- tests/modules/cloud_run/examples/simple.yaml | 4 +-- .../examples/trigger-service-account.yaml | 8 ++--- 19 files changed, 93 insertions(+), 55 deletions(-) diff --git a/modules/cloud-function-v1/README.md b/modules/cloud-function-v1/README.md index 2b768ac4f8..75e6c38201 100644 --- a/modules/cloud-function-v1/README.md +++ b/modules/cloud-function-v1/README.md @@ -34,6 +34,7 @@ This deploys a Cloud Function with an HTTP endpoint, using a pre-existing GCS bu module "cf-http" { source = "./fabric/modules/cloud-function-v1" project_id = var.project_id + region = "europe-west1" name = "test-cf-http" bucket_name = var.bucket bundle_config = { @@ -52,6 +53,7 @@ Other trigger types other than HTTP are configured via the `trigger_config` vari module "cf-http" { source = "./fabric/modules/cloud-function-v1" project_id = "my-project" + region = "europe-west1" name = "test-cf-http" bucket_name = "test-cf-bundles" bundle_config = { @@ -74,6 +76,7 @@ To allow anonymous access to the function, grant the `roles/cloudfunctions.invok module "cf-http" { source = "./fabric/modules/cloud-function-v1" project_id = "my-project" + region = "europe-west1" name = "test-cf-http" bucket_name = "test-cf-bundles" bundle_config = { @@ -95,6 +98,7 @@ You can have the module auto-create the GCS bucket used for deployment via the ` module "cf-http" { source = "./fabric/modules/cloud-function-v1" project_id = "my-project" + region = "europe-west1" prefix = "my-prefix" name = "test-cf-http" bucket_name = "test-cf-bundles" @@ -116,6 +120,7 @@ To use a custom service account managed by the module, set `service_account_crea module "cf-http" { source = "./fabric/modules/cloud-function-v1" project_id = "my-project" + region = "europe-west1" name = "test-cf-http" bucket_name = "test-cf-bundles" bundle_config = { @@ -133,6 +138,7 @@ To use an externally managed service account, pass its email in `service_account module "cf-http" { source = "./fabric/modules/cloud-function-v1" project_id = "my-project" + region = "europe-west1" name = "test-cf-http" bucket_name = "test-cf-bundles" bundle_config = { @@ -152,6 +158,7 @@ In order to help prevent `archive_zip.output_md5` from changing cross platform ( module "cf-http" { source = "./fabric/modules/cloud-function-v1" project_id = "my-project" + region = "europe-west1" name = "test-cf-http" bucket_name = "test-cf-bundles" bundle_config = { @@ -171,6 +178,7 @@ This deploys a Cloud Function with an HTTP endpoint, using a pre-existing GCS bu module "cf-http" { source = "./fabric/modules/cloud-function-v1" project_id = "my-project" + region = "europe-west1" name = "test-cf-http" bucket_name = "test-cf-bundles" build_worker_pool = "projects/my-project/locations/europe-west1/workerPools/my_build_worker_pool" @@ -190,6 +198,7 @@ When deploying multiple functions do not reuse `bundle_config.output_path` betwe module "cf-http-one" { source = "./fabric/modules/cloud-function-v1" project_id = "my-project" + region = "europe-west1" name = "test-cf-http-one" bucket_name = "test-cf-bundles" bundle_config = { @@ -200,6 +209,7 @@ module "cf-http-one" { module "cf-http-two" { source = "./fabric/modules/cloud-function-v1" project_id = "my-project" + region = "europe-west1" name = "test-cf-http-two" bucket_name = "test-cf-bundles" bundle_config = { @@ -218,6 +228,7 @@ This provides the latest value of the secret `var_secret` as `VARIABLE_SECRET` e module "cf-http" { source = "./fabric/modules/cloud-function-v1" project_id = "my-project" + region = "europe-west1" name = "test-cf-http" bucket_name = "test-cf-bundles" bundle_config = { @@ -256,6 +267,7 @@ module "cf-http" { | [bundle_config](variables.tf#L38) | Cloud function source folder and generated zip bundle paths. Output path defaults to '/tmp/bundle.zip' if null. | object({…}) | ✓ | | | [name](variables.tf#L97) | Name used for cloud function and associated resources. | string | ✓ | | | [project_id](variables.tf#L112) | Project id used for all resources. | string | ✓ | | +| [region](variables.tf#L117) | Region used for all resources. | string | ✓ | | | [bucket_config](variables.tf#L17) | Enable and configure auto-created bucket. Set fields to null to use defaults. | object({…}) | | null | | [build_worker_pool](variables.tf#L32) | Build worker pool, in projects//locations//workerPools/ format. | string | | null | | [description](variables.tf#L47) | Optional description. | string | | "Terraform managed." | @@ -265,13 +277,12 @@ module "cf-http" { | [ingress_settings](variables.tf#L85) | Control traffic that reaches the cloud function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY . | string | | null | | [labels](variables.tf#L91) | Resource labels. | map(string) | | {} | | [prefix](variables.tf#L102) | Optional prefix used for resource names. | string | | null | -| [region](variables.tf#L117) | Region used for all resources. | string | | "europe-west1" | -| [secrets](variables.tf#L123) | Secret Manager secrets. Key is the variable name or mountpoint, volume versions are in version:path format. | map(object({…})) | | {} | -| [service_account](variables.tf#L135) | Service account email. Unused if service account is auto-created. | string | | null | -| [service_account_create](variables.tf#L141) | Auto-create service account. | bool | | false | -| [trigger_config](variables.tf#L147) | Function trigger configuration. Leave null for HTTP trigger. | object({…}) | | null | -| [vpc_connector](variables.tf#L157) | VPC connector configuration. Set create to 'true' if a new connector needs to be created. | object({…}) | | null | -| [vpc_connector_config](variables.tf#L167) | VPC connector network configuration. Must be provided if new VPC connector is being created. | object({…}) | | null | +| [secrets](variables.tf#L122) | Secret Manager secrets. Key is the variable name or mountpoint, volume versions are in version:path format. | map(object({…})) | | {} | +| [service_account](variables.tf#L134) | Service account email. Unused if service account is auto-created. | string | | null | +| [service_account_create](variables.tf#L140) | Auto-create service account. | bool | | false | +| [trigger_config](variables.tf#L146) | Function trigger configuration. Leave null for HTTP trigger. | object({…}) | | null | +| [vpc_connector](variables.tf#L156) | VPC connector configuration. Set create to 'true' if a new connector needs to be created. | object({…}) | | null | +| [vpc_connector_config](variables.tf#L166) | VPC connector network configuration. Must be provided if new VPC connector is being created. | object({…}) | | null | ## Outputs @@ -286,4 +297,4 @@ module "cf-http" { | [service_account_email](outputs.tf#L49) | Service account email. | | | [service_account_iam_email](outputs.tf#L54) | Service account email. | | | [vpc_connector](outputs.tf#L62) | VPC connector resource if created. | | - \ No newline at end of file + diff --git a/modules/cloud-function-v1/variables.tf b/modules/cloud-function-v1/variables.tf index 13947e0245..e3e0139cd4 100644 --- a/modules/cloud-function-v1/variables.tf +++ b/modules/cloud-function-v1/variables.tf @@ -117,7 +117,6 @@ variable "project_id" { variable "region" { description = "Region used for all resources." type = string - default = "europe-west1" } variable "secrets" { @@ -171,4 +170,4 @@ variable "vpc_connector_config" { network = string }) default = null -} \ No newline at end of file +} diff --git a/modules/cloud-function-v2/README.md b/modules/cloud-function-v2/README.md index bbce16429a..a5bad718e0 100644 --- a/modules/cloud-function-v2/README.md +++ b/modules/cloud-function-v2/README.md @@ -34,6 +34,7 @@ This deploys a Cloud Function with an HTTP endpoint, using a pre-existing GCS bu module "cf-http" { source = "./fabric/modules/cloud-function-v2" project_id = "my-project" + region = var.region name = "test-cf-http" bucket_name = "test-cf-bundles" bundle_config = { @@ -63,6 +64,7 @@ module "trigger-service-account" { module "cf-http" { source = "./fabric/modules/cloud-function-v2" project_id = "my-project" + region = var.region name = "test-cf-http" bucket_name = "test-cf-bundles" bundle_config = { @@ -89,6 +91,7 @@ To allow anonymous access to the function, grant the `roles/run.invoker` role to module "cf-http" { source = "./fabric/modules/cloud-function-v2" project_id = "my-project" + region = var.region name = "test-cf-http" bucket_name = "test-cf-bundles" bundle_config = { @@ -110,6 +113,7 @@ You can have the module auto-create the GCS bucket used for deployment via the ` module "cf-http" { source = "./fabric/modules/cloud-function-v2" project_id = "my-project" + region = var.region prefix = "my-prefix" name = "test-cf-http" bucket_name = "test-cf-bundles" @@ -131,6 +135,7 @@ To use a custom service account managed by the module, set `service_account_crea module "cf-http" { source = "./fabric/modules/cloud-function-v2" project_id = "my-project" + region = var.region name = "test-cf-http" bucket_name = "test-cf-bundles" bundle_config = { @@ -148,6 +153,7 @@ To use an externally managed service account, pass its email in `service_account module "cf-http" { source = "./fabric/modules/cloud-function-v2" project_id = "my-project" + region = var.region name = "test-cf-http" bucket_name = "test-cf-bundles" bundle_config = { @@ -167,6 +173,7 @@ In order to help prevent `archive_zip.output_md5` from changing cross platform ( module "cf-http" { source = "./fabric/modules/cloud-function-v2" project_id = "my-project" + region = var.region name = "test-cf-http" bucket_name = "test-cf-bundles" bundle_config = { @@ -186,6 +193,7 @@ This deploys a Cloud Function with an HTTP endpoint, using a pre-existing GCS bu module "cf-http" { source = "./fabric/modules/cloud-function-v2" project_id = "my-project" + region = var.region name = "test-cf-http" bucket_name = "test-cf-bundles" build_worker_pool = "projects/my-project/locations/europe-west1/workerPools/my_build_worker_pool" @@ -205,6 +213,7 @@ When deploying multiple functions do not reuse `bundle_config.output_path` betwe module "cf-http-one" { source = "./fabric/modules/cloud-function-v2" project_id = "my-project" + region = var.region name = "test-cf-http-one" bucket_name = "test-cf-bundles" bundle_config = { @@ -215,6 +224,7 @@ module "cf-http-one" { module "cf-http-two" { source = "./fabric/modules/cloud-function-v2" project_id = "my-project" + region = var.region name = "test-cf-http-two" bucket_name = "test-cf-bundles" bundle_config = { @@ -233,6 +243,7 @@ This provides the latest value of the secret `var_secret` as `VARIABLE_SECRET` e module "cf-http" { source = "./fabric/modules/cloud-function-v2" project_id = "my-project" + region = var.region name = "test-cf-http" bucket_name = "test-cf-bundles" bundle_config = { @@ -272,6 +283,7 @@ module "cf-http" { | [bundle_config](variables.tf#L38) | Cloud function source folder and generated zip bundle paths. Output path defaults to '/tmp/bundle.zip' if null. | object({…}) | ✓ | | | [name](variables.tf#L103) | Name used for cloud function and associated resources. | string | ✓ | | | [project_id](variables.tf#L118) | Project id used for all resources. | string | ✓ | | +| [region](variables.tf#L123) | Region used for all resources. | string | ✓ | | | [bucket_config](variables.tf#L17) | Enable and configure auto-created bucket. Set fields to null to use defaults. | object({…}) | | null | | [build_worker_pool](variables.tf#L32) | Build worker pool, in projects//locations//workerPools/ format. | string | | null | | [description](variables.tf#L47) | Optional description. | string | | "Terraform managed." | @@ -282,13 +294,12 @@ module "cf-http" { | [ingress_settings](variables.tf#L91) | Control traffic that reaches the cloud function. Allowed values are ALLOW_ALL, ALLOW_INTERNAL_AND_GCLB and ALLOW_INTERNAL_ONLY . | string | | null | | [labels](variables.tf#L97) | Resource labels. | map(string) | | {} | | [prefix](variables.tf#L108) | Optional prefix used for resource names. | string | | null | -| [region](variables.tf#L123) | Region used for all resources. | string | | "europe-west1" | -| [secrets](variables.tf#L129) | Secret Manager secrets. Key is the variable name or mountpoint, volume versions are in version:path format. | map(object({…})) | | {} | -| [service_account](variables.tf#L141) | Service account email. Unused if service account is auto-created. | string | | null | -| [service_account_create](variables.tf#L147) | Auto-create service account. | bool | | false | -| [trigger_config](variables.tf#L153) | Function trigger configuration. Leave null for HTTP trigger. | object({…}) | | null | -| [vpc_connector](variables.tf#L171) | VPC connector configuration. Set create to 'true' if a new connector needs to be created. | object({…}) | | null | -| [vpc_connector_config](variables.tf#L181) | VPC connector network configuration. Must be provided if new VPC connector is being created. | object({…}) | | null | +| [secrets](variables.tf#L128) | Secret Manager secrets. Key is the variable name or mountpoint, volume versions are in version:path format. | map(object({…})) | | {} | +| [service_account](variables.tf#L140) | Service account email. Unused if service account is auto-created. | string | | null | +| [service_account_create](variables.tf#L146) | Auto-create service account. | bool | | false | +| [trigger_config](variables.tf#L152) | Function trigger configuration. Leave null for HTTP trigger. | object({…}) | | null | +| [vpc_connector](variables.tf#L170) | VPC connector configuration. Set create to 'true' if a new connector needs to be created. | object({…}) | | null | +| [vpc_connector_config](variables.tf#L180) | VPC connector network configuration. Must be provided if new VPC connector is being created. | object({…}) | | null | ## Outputs diff --git a/modules/cloud-function-v2/variables.tf b/modules/cloud-function-v2/variables.tf index a66d3e16a0..af97650fc3 100644 --- a/modules/cloud-function-v2/variables.tf +++ b/modules/cloud-function-v2/variables.tf @@ -123,7 +123,6 @@ variable "project_id" { variable "region" { description = "Region used for all resources." type = string - default = "europe-west1" } variable "secrets" { diff --git a/modules/cloud-run-v2/README.md b/modules/cloud-run-v2/README.md index 7fa4258b79..bef0f0fed6 100644 --- a/modules/cloud-run-v2/README.md +++ b/modules/cloud-run-v2/README.md @@ -116,6 +116,7 @@ You can use an existing [VPC Access Connector](https://cloud.google.com/vpc/docs module "cloud_run" { source = "./fabric/modules/cloud-run-v2" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -138,6 +139,7 @@ If creation of the VPC Access Connector is required, use the `vpc_connector_crea module "cloud_run" { source = "./fabric/modules/cloud-run-v2" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -162,6 +164,7 @@ Note that if you are using a Shared VPC for the connector, you need to specify a module "cloud_run" { source = "./fabric/modules/cloud-run-v2" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -189,6 +192,7 @@ This deploys a Cloud Run service that will be triggered when messages are publis module "cloud_run" { source = "./fabric/modules/cloud-run-v2" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -213,6 +217,7 @@ This deploys a Cloud Run service that will be triggered when specific log events module "cloud_run" { source = "./fabric/modules/cloud-run-v2" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -241,6 +246,7 @@ Example using provided service account: module "cloud_run" { source = "./fabric/modules/cloud-run-v2" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -266,6 +272,7 @@ Example using automatically created service account: module "cloud_run" { source = "./fabric/modules/cloud-run-v2" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -291,6 +298,7 @@ To use a custom service account managed by the module, set `service_account_crea module "cloud_run" { source = "./fabric/modules/cloud-run-v2" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -308,6 +316,7 @@ To use an externally managed service account, use its email in `service_account` module "cloud_run" { source = "./fabric/modules/cloud-run-v2" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -325,6 +334,7 @@ module "cloud_run" { |---|---|:---:|:---:|:---:| | [name](variables.tf#L137) | Name used for Cloud Run service. | string | ✓ | | | [project_id](variables.tf#L152) | Project id used for all resources. | string | ✓ | | +| [region](variables.tf#L157) | Region used for all resources. | string | ✓ | | | [containers](variables.tf#L17) | Containers in name => attributes format. | map(object({…})) | | {} | | [eventarc_triggers](variables.tf#L77) | Event arc triggers for different sources. | object({…}) | | {} | | [iam](variables.tf#L91) | IAM bindings for Cloud Run service in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} | @@ -332,11 +342,10 @@ module "cloud_run" { | [labels](variables.tf#L114) | Resource labels. | map(string) | | {} | | [launch_stage](variables.tf#L120) | The launch stage as defined by Google Cloud Platform Launch Stages. | string | | null | | [prefix](variables.tf#L142) | Optional prefix used for resource names. | string | | null | -| [region](variables.tf#L157) | Region used for all resources. | string | | "europe-west1" | -| [revision](variables.tf#L163) | Revision template configurations. | object({…}) | | {} | -| [service_account](variables.tf#L190) | Service account email. Unused if service account is auto-created. | string | | null | -| [service_account_create](variables.tf#L196) | Auto-create service account. | bool | | false | -| [volumes](variables.tf#L202) | Named volumes in containers in name => attributes format. | map(object({…})) | | {} | +| [revision](variables.tf#L162) | Revision template configurations. | object({…}) | | {} | +| [service_account](variables.tf#L189) | Service account email. Unused if service account is auto-created. | string | | null | +| [service_account_create](variables.tf#L195) | Auto-create service account. | bool | | false | +| [volumes](variables.tf#L201) | Named volumes in containers in name => attributes format. | map(object({…})) | | {} | | [vpc_connector_create](variables-vpcconnector.tf#L17) | Populate this to create a Serverless VPC Access connector. | object({…}) | | null | ## Outputs diff --git a/modules/cloud-run-v2/variables.tf b/modules/cloud-run-v2/variables.tf index cae50a0b8b..d518823259 100644 --- a/modules/cloud-run-v2/variables.tf +++ b/modules/cloud-run-v2/variables.tf @@ -157,7 +157,6 @@ variable "project_id" { variable "region" { description = "Region used for all resources." type = string - default = "europe-west1" } variable "revision" { diff --git a/modules/cloud-run/README.md b/modules/cloud-run/README.md index 91cc47e5a4..4909391391 100644 --- a/modules/cloud-run/README.md +++ b/modules/cloud-run/README.md @@ -43,6 +43,7 @@ module "secret-manager" { module "cloud_run" { source = "./fabric/modules/cloud-run" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -124,6 +125,7 @@ Annotations can be specified via the `revision_annotations` variable: module "cloud_run" { source = "./fabric/modules/cloud-run" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -151,6 +153,7 @@ Second generation execution environment (gen2) can be enabled by setting the `ge module "cloud_run" { source = "./fabric/modules/cloud-run" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -170,6 +173,7 @@ If creation of a [VPC Access Connector](https://cloud.google.com/vpc/docs/server module "cloud_run" { source = "./fabric/modules/cloud-run" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -190,6 +194,7 @@ Note that if you are using Shared VPC you need to specify a subnet: module "cloud_run" { source = "./fabric/modules/cloud-run" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -214,6 +219,7 @@ This deploys a Cloud Run service with traffic split between two revisions. module "cloud_run" { source = "./fabric/modules/cloud-run" project_id = var.project_id + region = var.region name = "hello" revision_name = "green" containers = { @@ -245,6 +251,7 @@ module "pubsub" { module "cloud_run" { source = "./fabric/modules/cloud-run" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -277,6 +284,7 @@ module "sa" { module "cloud_run" { source = "./fabric/modules/cloud-run" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -317,6 +325,7 @@ module "pubsub" { module "cloud_run" { source = "./fabric/modules/cloud-run" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -341,6 +350,7 @@ To use a custom service account managed by the module, set `service_account_crea module "cloud_run" { source = "./fabric/modules/cloud-run" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -358,6 +368,7 @@ To use an externally managed service account, pass its email in `service_account module "cloud_run" { source = "./fabric/modules/cloud-run" project_id = var.project_id + region = var.region name = "hello" containers = { hello = { @@ -375,6 +386,7 @@ module "cloud_run" { |---|---|:---:|:---:|:---:| | [name](variables.tf#L144) | Name used for cloud run service. | string | ✓ | | | [project_id](variables.tf#L159) | Project id used for all resources. | string | ✓ | | +| [region](variables.tf#L164) | Region used for all resources. | string | ✓ | | | [container_concurrency](variables.tf#L18) | Maximum allowed in-flight (concurrent) requests per container of the revision. | string | | null | | [containers](variables.tf#L24) | Containers in arbitrary key => attributes format. | map(object({…})) | | {} | | [eventarc_triggers](variables.tf#L91) | Event arc triggers for different sources. | object({…}) | | {} | @@ -383,16 +395,15 @@ module "cloud_run" { | [ingress_settings](variables.tf#L125) | Ingress settings. | string | | null | | [labels](variables.tf#L138) | Resource labels. | map(string) | | {} | | [prefix](variables.tf#L149) | Optional prefix used for resource names. | string | | null | -| [region](variables.tf#L164) | Region used for all resources. | string | | "europe-west1" | -| [revision_annotations](variables.tf#L170) | Configure revision template annotations. | object({…}) | | {} | -| [revision_name](variables.tf#L185) | Revision name. | string | | null | -| [service_account](variables.tf#L191) | Service account email. Unused if service account is auto-created. | string | | null | -| [service_account_create](variables.tf#L197) | Auto-create service account. | bool | | false | -| [startup_cpu_boost](variables.tf#L203) | Enable startup cpu boost. | bool | | false | -| [timeout_seconds](variables.tf#L209) | Maximum duration the instance is allowed for responding to a request. | number | | null | -| [traffic](variables.tf#L215) | Traffic steering configuration. If revision name is null the latest revision will be used. | map(object({…})) | | {} | -| [volumes](variables.tf#L226) | Named volumes in containers in name => attributes format. | map(object({…})) | | {} | -| [vpc_connector_create](variables.tf#L240) | Populate this to create a VPC connector. You can then refer to it in the template annotations. | object({…}) | | null | +| [revision_annotations](variables.tf#L169) | Configure revision template annotations. | object({…}) | | {} | +| [revision_name](variables.tf#L184) | Revision name. | string | | null | +| [service_account](variables.tf#L190) | Service account email. Unused if service account is auto-created. | string | | null | +| [service_account_create](variables.tf#L196) | Auto-create service account. | bool | | false | +| [startup_cpu_boost](variables.tf#L202) | Enable startup cpu boost. | bool | | false | +| [timeout_seconds](variables.tf#L208) | Maximum duration the instance is allowed for responding to a request. | number | | null | +| [traffic](variables.tf#L214) | Traffic steering configuration. If revision name is null the latest revision will be used. | map(object({…})) | | {} | +| [volumes](variables.tf#L225) | Named volumes in containers in name => attributes format. | map(object({…})) | | {} | +| [vpc_connector_create](variables.tf#L239) | Populate this to create a VPC connector. You can then refer to it in the template annotations. | object({…}) | | null | ## Outputs diff --git a/modules/cloud-run/variables.tf b/modules/cloud-run/variables.tf index 46e92b0d22..4213484810 100644 --- a/modules/cloud-run/variables.tf +++ b/modules/cloud-run/variables.tf @@ -164,7 +164,6 @@ variable "project_id" { variable "region" { description = "Region used for all resources." type = string - default = "europe-west1" } variable "revision_annotations" { diff --git a/tests/modules/cloud_function_v2/examples/iam.yaml b/tests/modules/cloud_function_v2/examples/iam.yaml index 21b1eff65d..11f656fd1c 100644 --- a/tests/modules/cloud_function_v2/examples/iam.yaml +++ b/tests/modules/cloud_function_v2/examples/iam.yaml @@ -15,7 +15,7 @@ values: module.cf-http.google_cloud_run_service_iam_binding.invoker[0]: condition: [] - location: europe-west1 + location: europe-west8 members: - allUsers project: my-project diff --git a/tests/modules/cloud_run/examples/audit-logs.yaml b/tests/modules/cloud_run/examples/audit-logs.yaml index e4cfddf7b6..3b1d964dcf 100644 --- a/tests/modules/cloud_run/examples/audit-logs.yaml +++ b/tests/modules/cloud_run/examples/audit-logs.yaml @@ -23,7 +23,7 @@ values: module.cloud_run.google_cloud_run_service_iam_binding.binding["roles/run.invoker"]: condition: [] - location: europe-west1 + location: europe-west8 members: - serviceAccount:eventarc-trigger@project-id.iam.gserviceaccount.com project: project-id @@ -35,11 +35,11 @@ values: - cloud_function: null cloud_run_service: - path: null - region: europe-west1 + region: europe-west8 service: hello gke: [] workflow: null - location: europe-west1 + location: europe-west8 matching_criteria: - attribute: methodName operator: '' diff --git a/tests/modules/cloud_run/examples/connector-shared.yaml b/tests/modules/cloud_run/examples/connector-shared.yaml index 05b3fc0104..edc9502993 100644 --- a/tests/modules/cloud_run/examples/connector-shared.yaml +++ b/tests/modules/cloud_run/examples/connector-shared.yaml @@ -15,7 +15,7 @@ values: module.cloud_run.google_cloud_run_service.service: autogenerate_revision_name: false - location: europe-west1 + location: europe-west8 metadata: - {} name: hello @@ -41,7 +41,7 @@ values: min_throughput: 200 name: hello project: project-id - region: europe-west1 + region: europe-west8 subnet: - name: subnet-vpc-access project_id: host-project diff --git a/tests/modules/cloud_run/examples/connector.yaml b/tests/modules/cloud_run/examples/connector.yaml index 0733ee7ec4..de3aba22bd 100644 --- a/tests/modules/cloud_run/examples/connector.yaml +++ b/tests/modules/cloud_run/examples/connector.yaml @@ -15,7 +15,7 @@ values: module.cloud_run.google_cloud_run_service.service: autogenerate_revision_name: false - location: europe-west1 + location: europe-west8 metadata: - {} name: hello @@ -42,7 +42,7 @@ values: name: hello network: projects/xxx/global/networks/aaa project: project-id - region: europe-west1 + region: europe-west8 subnet: [] counts: diff --git a/tests/modules/cloud_run/examples/eventarc.yaml b/tests/modules/cloud_run/examples/eventarc.yaml index 3c838e8f78..961add60e2 100644 --- a/tests/modules/cloud_run/examples/eventarc.yaml +++ b/tests/modules/cloud_run/examples/eventarc.yaml @@ -25,11 +25,11 @@ values: - cloud_function: null cloud_run_service: - path: null - region: europe-west1 + region: europe-west8 service: hello gke: [] workflow: null - location: europe-west1 + location: europe-west8 matching_criteria: - attribute: type operator: '' diff --git a/tests/modules/cloud_run/examples/gen2.yaml b/tests/modules/cloud_run/examples/gen2.yaml index e38bffad82..1f0a4eaa90 100644 --- a/tests/modules/cloud_run/examples/gen2.yaml +++ b/tests/modules/cloud_run/examples/gen2.yaml @@ -15,7 +15,7 @@ values: module.cloud_run.google_cloud_run_service.service: autogenerate_revision_name: false - location: europe-west1 + location: europe-west8 metadata: - {} name: hello diff --git a/tests/modules/cloud_run/examples/revision-annotations.yaml b/tests/modules/cloud_run/examples/revision-annotations.yaml index 7d5e1c0181..a1e8617fd6 100644 --- a/tests/modules/cloud_run/examples/revision-annotations.yaml +++ b/tests/modules/cloud_run/examples/revision-annotations.yaml @@ -15,7 +15,7 @@ values: module.cloud_run.google_cloud_run_service.service: autogenerate_revision_name: false - location: europe-west1 + location: europe-west8 metadata: - {} name: hello diff --git a/tests/modules/cloud_run/examples/service-account-external.yaml b/tests/modules/cloud_run/examples/service-account-external.yaml index c9aa892b59..2cd946995a 100644 --- a/tests/modules/cloud_run/examples/service-account-external.yaml +++ b/tests/modules/cloud_run/examples/service-account-external.yaml @@ -15,7 +15,7 @@ values: module.cloud_run.google_cloud_run_service.service: autogenerate_revision_name: false - location: europe-west1 + location: europe-west8 metadata: - {} name: hello diff --git a/tests/modules/cloud_run/examples/service-account.yaml b/tests/modules/cloud_run/examples/service-account.yaml index 2d422397d1..58b4bd7710 100644 --- a/tests/modules/cloud_run/examples/service-account.yaml +++ b/tests/modules/cloud_run/examples/service-account.yaml @@ -15,7 +15,7 @@ values: module.cloud_run.google_cloud_run_service.service: autogenerate_revision_name: false - location: europe-west1 + location: europe-west8 metadata: - {} name: hello diff --git a/tests/modules/cloud_run/examples/simple.yaml b/tests/modules/cloud_run/examples/simple.yaml index 3d428c3dce..5001c3867f 100644 --- a/tests/modules/cloud_run/examples/simple.yaml +++ b/tests/modules/cloud_run/examples/simple.yaml @@ -15,7 +15,7 @@ values: module.cloud_run.google_cloud_run_service.service: autogenerate_revision_name: false - location: europe-west1 + location: europe-west8 metadata: - {} name: hello @@ -42,7 +42,7 @@ values: volumes: [] module.cloud_run.google_cloud_run_service_iam_binding.binding["roles/run.invoker"]: condition: [] - location: europe-west1 + location: europe-west8 members: - allUsers project: project-id diff --git a/tests/modules/cloud_run/examples/trigger-service-account.yaml b/tests/modules/cloud_run/examples/trigger-service-account.yaml index eabdaa0fe4..3877a71e0e 100644 --- a/tests/modules/cloud_run/examples/trigger-service-account.yaml +++ b/tests/modules/cloud_run/examples/trigger-service-account.yaml @@ -15,7 +15,7 @@ values: module.cloud_run.google_cloud_run_service.service: autogenerate_revision_name: false - location: europe-west1 + location: europe-west8 metadata: - {} name: hello @@ -38,7 +38,7 @@ values: module.cloud_run.google_cloud_run_service_iam_member.default[0]: condition: [] - location: europe-west1 + location: europe-west8 project: project-id role: roles/run.invoker service: hello @@ -49,12 +49,12 @@ values: - cloud_function: null cloud_run_service: - path: null - region: europe-west1 + region: europe-west8 service: hello gke: [] workflow: null labels: null - location: europe-west1 + location: europe-west8 matching_criteria: - attribute: type operator: '' From 764078a931b387792e248bf74350737f1adbc9f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wiktor=20Niesiob=C4=99dzki?= Date: Wed, 24 Jan 2024 10:08:18 +0000 Subject: [PATCH 2/2] Fix blueprints --- .../cloud-operations/asset-inventory-feed-remediation/main.tf | 1 + blueprints/networking/private-cloud-function-from-onprem/main.tf | 1 + 2 files changed, 2 insertions(+) diff --git a/blueprints/cloud-operations/asset-inventory-feed-remediation/main.tf b/blueprints/cloud-operations/asset-inventory-feed-remediation/main.tf index e396364e89..18ae142575 100644 --- a/blueprints/cloud-operations/asset-inventory-feed-remediation/main.tf +++ b/blueprints/cloud-operations/asset-inventory-feed-remediation/main.tf @@ -78,6 +78,7 @@ module "service-account" { module "cf" { source = "../../../modules/cloud-function-v1" project_id = module.project.project_id + region = var.region name = var.name bucket_name = "${var.name}-${random_pet.random.id}" bucket_config = { diff --git a/blueprints/networking/private-cloud-function-from-onprem/main.tf b/blueprints/networking/private-cloud-function-from-onprem/main.tf index c44ac78586..b279da9f4e 100644 --- a/blueprints/networking/private-cloud-function-from-onprem/main.tf +++ b/blueprints/networking/private-cloud-function-from-onprem/main.tf @@ -179,6 +179,7 @@ module "test-vm" { module "function-hello" { source = "../../../modules/cloud-function-v1" project_id = module.project.project_id + region = var.region name = var.name bucket_name = "${var.name}-tf-cf-deploy" ingress_settings = "ALLOW_INTERNAL_ONLY"