Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cloud run v2 custom audiences #2476

Merged
merged 8 commits into from
Aug 7, 2024
31 changes: 16 additions & 15 deletions modules/cloud-run-v2/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -435,23 +435,24 @@ module "cloud_run" {

| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
| [name](variables.tf#L153) | Name used for Cloud Run service. | <code>string</code> | ✓ | |
| [project_id](variables.tf#L168) | Project id used for all resources. | <code>string</code> | ✓ | |
| [region](variables.tf#L173) | Region used for all resources. | <code>string</code> | ✓ | |
| [name](variables.tf#L159) | Name used for Cloud Run service. | <code>string</code> | ✓ | |
| [project_id](variables.tf#L174) | Project id used for all resources. | <code>string</code> | ✓ | |
| [region](variables.tf#L179) | Region used for all resources. | <code>string</code> | ✓ | |
| [containers](variables.tf#L17) | Containers in name => attributes format. | <code title="map&#40;object&#40;&#123;&#10; image &#61; string&#10; command &#61; optional&#40;list&#40;string&#41;&#41;&#10; args &#61; optional&#40;list&#40;string&#41;&#41;&#10; env &#61; optional&#40;map&#40;string&#41;&#41;&#10; env_from_key &#61; optional&#40;map&#40;object&#40;&#123;&#10; secret &#61; string&#10; version &#61; string&#10; &#125;&#41;&#41;&#41;&#10; liveness_probe &#61; optional&#40;object&#40;&#123;&#10; grpc &#61; optional&#40;object&#40;&#123;&#10; port &#61; optional&#40;number&#41;&#10; service &#61; optional&#40;string&#41;&#10; &#125;&#41;&#41;&#10; http_get &#61; optional&#40;object&#40;&#123;&#10; http_headers &#61; optional&#40;map&#40;string&#41;&#41;&#10; path &#61; optional&#40;string&#41;&#10; &#125;&#41;&#41;&#10; failure_threshold &#61; optional&#40;number&#41;&#10; initial_delay_seconds &#61; optional&#40;number&#41;&#10; period_seconds &#61; optional&#40;number&#41;&#10; timeout_seconds &#61; optional&#40;number&#41;&#10; &#125;&#41;&#41;&#10; ports &#61; optional&#40;map&#40;object&#40;&#123;&#10; container_port &#61; optional&#40;number&#41;&#10; name &#61; optional&#40;string&#41;&#10; &#125;&#41;&#41;&#41;&#10; resources &#61; optional&#40;object&#40;&#123;&#10; limits &#61; optional&#40;object&#40;&#123;&#10; cpu &#61; string&#10; memory &#61; string&#10; &#125;&#41;&#41;&#10; cpu_idle &#61; optional&#40;bool&#41;&#10; startup_cpu_boost &#61; optional&#40;bool&#41;&#10; &#125;&#41;&#41;&#10; startup_probe &#61; optional&#40;object&#40;&#123;&#10; grpc &#61; optional&#40;object&#40;&#123;&#10; port &#61; optional&#40;number&#41;&#10; service &#61; optional&#40;string&#41;&#10; &#125;&#41;&#41;&#10; http_get &#61; optional&#40;object&#40;&#123;&#10; http_headers &#61; optional&#40;map&#40;string&#41;&#41;&#10; path &#61; optional&#40;string&#41;&#10; &#125;&#41;&#41;&#10; tcp_socket &#61; optional&#40;object&#40;&#123;&#10; port &#61; optional&#40;number&#41;&#10; &#125;&#41;&#41;&#10; failure_threshold &#61; optional&#40;number&#41;&#10; initial_delay_seconds &#61; optional&#40;number&#41;&#10; period_seconds &#61; optional&#40;number&#41;&#10; timeout_seconds &#61; optional&#40;number&#41;&#10; &#125;&#41;&#41;&#10; volume_mounts &#61; optional&#40;map&#40;string&#41;&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>&#123;&#125;</code> |
| [create_job](variables.tf#L77) | Create Cloud Run Job instead of Service. | <code>bool</code> | | <code>false</code> |
| [encryption_key](variables.tf#L83) | The full resource name of the Cloud KMS CryptoKey. | <code>string</code> | | <code>null</code> |
| [eventarc_triggers](variables.tf#L89) | Event arc triggers for different sources. | <code title="object&#40;&#123;&#10; audit_log &#61; optional&#40;map&#40;object&#40;&#123;&#10; method &#61; string&#10; service &#61; string&#10; &#125;&#41;&#41;&#41;&#10; pubsub &#61; optional&#40;map&#40;string&#41;&#41;&#10; service_account_email &#61; optional&#40;string&#41;&#10; service_account_create &#61; optional&#40;bool, false&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> |
| [iam](variables.tf#L107) | IAM bindings for Cloud Run service in {ROLE => [MEMBERS]} format. | <code>map&#40;list&#40;string&#41;&#41;</code> | | <code>&#123;&#125;</code> |
| [ingress](variables.tf#L113) | Ingress settings. | <code>string</code> | | <code>null</code> |
| [labels](variables.tf#L130) | Resource labels. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> |
| [launch_stage](variables.tf#L136) | The launch stage as defined by Google Cloud Platform Launch Stages. | <code>string</code> | | <code>null</code> |
| [prefix](variables.tf#L158) | Optional prefix used for resource names. | <code>string</code> | | <code>null</code> |
| [revision](variables.tf#L178) | Revision template configurations. | <code title="object&#40;&#123;&#10; name &#61; optional&#40;string&#41;&#10; gen2_execution_environment &#61; optional&#40;bool&#41;&#10; max_concurrency &#61; optional&#40;number&#41;&#10; max_instance_count &#61; optional&#40;number&#41;&#10; min_instance_count &#61; optional&#40;number&#41;&#10; vpc_access &#61; optional&#40;object&#40;&#123;&#10; connector &#61; optional&#40;string&#41;&#10; egress &#61; optional&#40;string&#41;&#10; subnet &#61; optional&#40;string&#41;&#10; tags &#61; optional&#40;list&#40;string&#41;&#41;&#10; &#125;&#41;&#41;&#10; timeout &#61; optional&#40;string&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> |
| [service_account](variables.tf#L205) | Service account email. Unused if service account is auto-created. | <code>string</code> | | <code>null</code> |
| [service_account_create](variables.tf#L211) | Auto-create service account. | <code>bool</code> | | <code>false</code> |
| [tag_bindings](variables.tf#L217) | Tag bindings for this service, in key => tag value id format. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> |
| [volumes](variables.tf#L224) | Named volumes in containers in name => attributes format. | <code title="map&#40;object&#40;&#123;&#10; secret &#61; optional&#40;object&#40;&#123;&#10; name &#61; string&#10; default_mode &#61; optional&#40;string&#41;&#10; path &#61; optional&#40;string&#41;&#10; version &#61; optional&#40;string&#41;&#10; mode &#61; optional&#40;string&#41;&#10; &#125;&#41;&#41;&#10; cloud_sql_instances &#61; optional&#40;list&#40;string&#41;&#41;&#10; empty_dir_size &#61; optional&#40;string&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>&#123;&#125;</code> |
| [custom_audiences](variables.tf#L83) | Custom audiences for service. | <code>list&#40;string&#41;</code> | | <code>null</code> |
| [encryption_key](variables.tf#L89) | The full resource name of the Cloud KMS CryptoKey. | <code>string</code> | | <code>null</code> |
| [eventarc_triggers](variables.tf#L95) | Event arc triggers for different sources. | <code title="object&#40;&#123;&#10; audit_log &#61; optional&#40;map&#40;object&#40;&#123;&#10; method &#61; string&#10; service &#61; string&#10; &#125;&#41;&#41;&#41;&#10; pubsub &#61; optional&#40;map&#40;string&#41;&#41;&#10; service_account_email &#61; optional&#40;string&#41;&#10; service_account_create &#61; optional&#40;bool, false&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> |
| [iam](variables.tf#L113) | IAM bindings for Cloud Run service in {ROLE => [MEMBERS]} format. | <code>map&#40;list&#40;string&#41;&#41;</code> | | <code>&#123;&#125;</code> |
| [ingress](variables.tf#L119) | Ingress settings. | <code>string</code> | | <code>null</code> |
| [labels](variables.tf#L136) | Resource labels. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> |
| [launch_stage](variables.tf#L142) | The launch stage as defined by Google Cloud Platform Launch Stages. | <code>string</code> | | <code>null</code> |
| [prefix](variables.tf#L164) | Optional prefix used for resource names. | <code>string</code> | | <code>null</code> |
| [revision](variables.tf#L184) | Revision template configurations. | <code title="object&#40;&#123;&#10; name &#61; optional&#40;string&#41;&#10; gen2_execution_environment &#61; optional&#40;bool&#41;&#10; max_concurrency &#61; optional&#40;number&#41;&#10; max_instance_count &#61; optional&#40;number&#41;&#10; min_instance_count &#61; optional&#40;number&#41;&#10; vpc_access &#61; optional&#40;object&#40;&#123;&#10; connector &#61; optional&#40;string&#41;&#10; egress &#61; optional&#40;string&#41;&#10; subnet &#61; optional&#40;string&#41;&#10; tags &#61; optional&#40;list&#40;string&#41;&#41;&#10; &#125;&#41;&#41;&#10; timeout &#61; optional&#40;string&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> |
| [service_account](variables.tf#L211) | Service account email. Unused if service account is auto-created. | <code>string</code> | | <code>null</code> |
| [service_account_create](variables.tf#L217) | Auto-create service account. | <code>bool</code> | | <code>false</code> |
| [tag_bindings](variables.tf#L223) | Tag bindings for this service, in key => tag value id format. | <code>map&#40;string&#41;</code> | | <code>&#123;&#125;</code> |
| [volumes](variables.tf#L230) | Named volumes in containers in name => attributes format. | <code title="map&#40;object&#40;&#123;&#10; secret &#61; optional&#40;object&#40;&#123;&#10; name &#61; string&#10; default_mode &#61; optional&#40;string&#41;&#10; path &#61; optional&#40;string&#41;&#10; version &#61; optional&#40;string&#41;&#10; mode &#61; optional&#40;string&#41;&#10; &#125;&#41;&#41;&#10; cloud_sql_instances &#61; optional&#40;list&#40;string&#41;&#41;&#10; empty_dir_size &#61; optional&#40;string&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>&#123;&#125;</code> |
| [vpc_connector_create](variables-vpcconnector.tf#L17) | Populate this to create a Serverless VPC Access connector. | <code title="object&#40;&#123;&#10; ip_cidr_range &#61; optional&#40;string&#41;&#10; machine_type &#61; optional&#40;string&#41;&#10; name &#61; optional&#40;string&#41;&#10; network &#61; optional&#40;string&#41;&#10; instances &#61; optional&#40;object&#40;&#123;&#10; max &#61; optional&#40;number&#41;&#10; min &#61; optional&#40;number&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; throughput &#61; optional&#40;object&#40;&#123;&#10; max &#61; optional&#40;number, 1000&#41; &#35; workaround for a wrong default in provider&#10; min &#61; optional&#40;number&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; subnet &#61; optional&#40;object&#40;&#123;&#10; name &#61; optional&#40;string&#41;&#10; project_id &#61; optional&#40;string&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |

## Outputs
Expand Down
17 changes: 9 additions & 8 deletions modules/cloud-run-v2/service.tf
Original file line number Diff line number Diff line change
Expand Up @@ -15,14 +15,15 @@
*/

resource "google_cloud_run_v2_service" "service" {
count = var.create_job ? 0 : 1
provider = google-beta
project = var.project_id
location = var.region
name = "${local.prefix}${var.name}"
ingress = var.ingress
labels = var.labels
launch_stage = var.launch_stage
count = var.create_job ? 0 : 1
provider = google-beta
project = var.project_id
location = var.region
name = "${local.prefix}${var.name}"
ingress = var.ingress
labels = var.labels
launch_stage = var.launch_stage
custom_audiences = var.custom_audiences

template {
encryption_key = var.encryption_key
Expand Down
6 changes: 6 additions & 0 deletions modules/cloud-run-v2/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,12 @@ variable "create_job" {
default = false
}

variable "custom_audiences" {
description = "Custom audiences for service."
type = list(string)
default = null
}

variable "encryption_key" {
description = "The full resource name of the Cloud KMS CryptoKey."
type = string
Expand Down