Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix non-empty plan after mixing CloudSQL with other mounts #2700

Merged
merged 1 commit into from
Nov 16, 2024
Merged

Fix non-empty plan after mixing CloudSQL with other mounts #2700

merged 1 commit into from
Nov 16, 2024

Conversation

wiktorn
Copy link
Collaborator

@wiktorn wiktorn commented Nov 16, 2024
edited
Loading

Closes: #2698
Testcase:

module "project" {
  source         = "./fabric/modules/project"
  name           = var.project_id
  project_create = false
  services = ["file.googleapis.com"]
}

module "bucket" {
  source     = "./fabric/modules/gcs"
  project_id = var.project_id
  prefix     = var.prefix
  name       = "my-bucket"
  location   = var.region
  versioning = true
  labels = {
    cost-center = "devops"
  }
  iam = {
    "roles/storage.objectAdmin" = ["serviceAccount:${module.project.default_service_accounts.compute}"]
  }
}

module "bucket2" {
  source     = "./fabric/modules/gcs"
  project_id = var.project_id
  prefix     = var.prefix
  name       = "my-bucket2"
  location   = var.region
  versioning = true
  labels = {
    cost-center = "devops"
  }
  iam = {
    "roles/storage.objectAdmin" = ["serviceAccount:${module.project.default_service_accounts.compute}"]
  }
}

resource "google_filestore_instance" "instance" {
  project  = var.project_id
  name     = "test-provisioning"
  location = "${var.region}-b"
  tier     = "BASIC_HDD"

  file_shares {
    capacity_gb = 1024
    name        = "share1"
  }

  networks {
    network      = var.vpc.id
    modes        = ["MODE_IPV4"]
    connect_mode = "PRIVATE_SERVICE_ACCESS" # works
  }
}



module "cloudsql-instance" {
  source     = "./fabric/modules/cloudsql-instance"
  project_id = var.project_id
  network_config = {
    connectivity = {
      psc_allowed_consumer_projects = [var.project_id]
    }
  }
  ## define a consumer project with an endpoint within the project
  name                          = "db"
  region                        = var.region
  availability_type             = "REGIONAL"
  database_version              = "POSTGRES_13"
  tier                          = "db-g1-small"
  gcp_deletion_protection       = false
  terraform_deletion_protection = false
}

module "cloud_run" {
  source     = "./fabric/modules/cloud-run-v2"
  project_id = var.project_id
  name       = "hello"
  region     = var.region
  create_job = false
  containers = {
    hello = {
      image = "us-docker.pkg.dev/cloudrun/container/hello"
      env = {
        VAR1 = "VALUE1"
        VAR2 = "VALUE2"
      }
      volume_mounts = {
        acredentials = "/cred1"
        anfs         = "/nfs1"
        bucket       = "/bucket2"
        bempty_dir   = "/empty1"
        cloudsql     = "/cloudsql"
        empty_dir    = "/empty2"
        website      = "/bucket"
        zcredentials = "/cred2"
        znfs         = "/nfs2"
      }
    }
  }
  revision = {
    gen2_execution_environment = true
        vpc_access = {
      egress = "ALL_TRAFFIC"
      subnet = var.subnet.name
    }
  }
  volumes = {
    website = {
      gcs = {
        bucket       = module.bucket2.name
        is_read_only = false
      }
    }
    cloudsql = {
      cloud_sql_instances = [module.cloudsql-instance.connection_name]
    }
    bucket = {
      gcs = {
        bucket       = module.bucket.name
        is_read_only = false
      }
    }
    bempty_dir = {
      empty_dir_size = 1
    }
    empty_dir = {
      empty_dir_size = 1
    }
    acredentials = {
      secret = {
        name    = module.secret-manager.secrets["credentials"].id
        path    = "my-secret"
        version = "latest" # TODO: should be optional, but results in API error
      }
    }
    zcredentials = {
      secret = {
        name    = module.secret-manager.secrets["credentials"].id
        path    = "my-secret"
        version = "latest" # TODO: should be optional, but results in API error
      }
    }
    anfs = {
      nfs = {
        server = google_filestore_instance.instance.networks[0].ip_addresses[0]
        path   = "/share1"
      }
    }
    znfs = {
      nfs = {
        server = google_filestore_instance.instance.networks[0].ip_addresses[0]
        path   = "/share1"
      }
    }
  }
  deletion_protection = false
}

Checklist

I applicable, I acknowledge that I have:

  • Read the contributing guide
  • Ran terraform fmt on all modified files
  • Regenerated the relevant README.md files using tools/tfdoc.py
  • Made sure all relevant tests pass

@wiktorn wiktorn enabled auto-merge (rebase) November 16, 2024 10:25
@wiktorn wiktorn merged commit 020aa8c into master Nov 16, 2024
18 checks passed
@wiktorn wiktorn deleted the wiktorn-cloudsql-mount-order branch November 16, 2024 10:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ludoo ludoo ludoo approved these changes

Assignees
No one assigned
Labels
on:modules
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Order of google_cloud_run_v2_service => volumes constantly need update
2 participants
@wiktorn @ludoo