Autogenerate Cloud Build Trigger in Terraform (#1145)

Merged PR #1145.
GoogleCloudPlatform · Jan 4, 2019 · 17c8cc7 · 17c8cc7
1 parent f0c89a3
commit 17c8cc7
Show file tree

Hide file tree

Showing 13 changed files with 314 additions and 785 deletions.
diff --git a/build/terraform b/build/terraform
diff --git a/build/terraform-beta b/build/terraform-beta
diff --git a/products/cloudbuild/api.yaml b/products/cloudbuild/api.yaml
@@ -0,0 +1,184 @@
+# Copyright 2018 Google Inc.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+--- !ruby/object:Api::Product
+name: Cloud Build
+prefix: gcloudbuild
+versions:
+  - !ruby/object:Api::Product::Version
+    name: ga
+    base_url: https://cloudbuild.googleapis.com/v1/
+scopes:
+  - https://www.googleapis.com/auth/cloud-platform
+objects:
+  - !ruby/object:Api::Resource
+    name: 'Trigger'
+    base_url: projects/{{project}}/triggers
+    self_link: projects/{{project}}/triggers/{{id}}
+    update_verb: :PATCH
+    references: !ruby/object:Api::Resource::ReferenceLinks
+      guides:
+        'Automating builds using build triggers': 'https://cloud.google.com/cloud-build/docs/running-builds/automate-builds'
+      api: 'https://cloud.google.com/cloud-build/docs/api/reference/rest/'
+    description: |
+      Configuration for an automated build in response to source repository changes.
+    properties:
+      - !ruby/object:Api::Type::String
+        name: 'id'
+        description: |
+          The unique identifier for the trigger.
+        output: true
+      - !ruby/object:Api::Type::String
+        name: 'description'
+        description: |
+          Human-readable description of the trigger.
+      - !ruby/object:Api::Type::String
+        name: 'disabled'
+        description: |
+          Whether the trigger is disabled or not. If true, the trigger will never result in a build.
+      - !ruby/object:Api::Type::Time
+        name: 'createTime'
+        output: true
+        description: |
+          Time when the trigger was created.
+      - !ruby/object:Api::Type::KeyValuePairs
+        name: 'substitutions'
+        description: |
+          Substitutions data for Build resource.
+      - !ruby/object:Api::Type::String
+        name: 'filename'
+        conflicts:
+          - build
+        description: |
+          Path, from the source root, to a file whose contents is used for the template.
+      - !ruby/object:Api::Type::Array
+        name: 'ignoredFiles'
+        item_type: Api::Type::String
+        input: true
+        description: |
+          ignoredFiles and includedFiles are file glob matches using http://godoc/pkg/path/filepath#Match
+          extended with support for "**".
+
+          If ignoredFiles and changed files are both empty, then they are not
+          used to determine whether or not to trigger a build.
+
+          If ignoredFiles is not empty, then we ignore any files that match any
+          of the ignored_file globs. If the change has no files that are outside
+          of the ignoredFiles globs, then we do not trigger a build.
+      - !ruby/object:Api::Type::Array
+        name: 'includedFiles'
+        item_type: Api::Type::String
+        input: true
+        description: |
+          ignoredFiles and includedFiles are file glob matches using http://godoc/pkg/path/filepath#Match
+          extended with support for "**".
+
+          If any of the files altered in the commit pass the ignoredFiles filter
+          and includedFiles is empty, then as far as this filter is concerned, we
+          should trigger the build.
+
+          If any of the files altered in the commit pass the ignoredFiles filter
+          and includedFiles is not empty, then we make sure that at least one of
+          those files matches a includedFiles glob. If not, then we do not trigger
+          a build.
+      - !ruby/object:Api::Type::NestedObject
+        name: 'triggerTemplate'
+        description: |
+          Template describing the types of source changes to trigger a build.
+
+          Branch and tag names in trigger templates are interpreted as regular
+          expressions. Any branch or tag change that matches that regular
+          expression will trigger a build.
+        properties:
+          - !ruby/object:Api::Type::String
+            name: 'projectId'
+            description: |
+              ID of the project that owns the Cloud Source Repository. If
+              omitted, the project ID requesting the build is assumed.
+          - !ruby/object:Api::Type::String
+            name: 'repoName'
+            default_value: 'default'
+            description: |
+              Name of the Cloud Source Repository. If omitted, the name "default" is assumed.
+          - !ruby/object:Api::Type::String
+            name: 'dir'
+            description: |
+              Directory, relative to the source root, in which to run the build.
+
+              This must be a relative path. If a step's dir is specified and
+              is an absolute path, this value is ignored for that step's
+              execution.
+          - !ruby/object:Api::Type::String
+            name: 'branchName'
+            description: |
+              Name of the branch to build.
+          - !ruby/object:Api::Type::String
+            name: 'tagName'
+            description: |
+              Name of the tag to build.
+          - !ruby/object:Api::Type::String
+            name: 'commitSha'
+            description: |
+              Explicit commit SHA to build.
+      - !ruby/object:Api::Type::NestedObject
+        name: 'build'
+        description: |
+          Contents of the build template.
+        properties:
+          - !ruby/object:Api::Type::Array
+            name: 'tags'
+            item_type: Api::Type::String
+            description: |
+              Tags for annotation of a Build. These are not docker tags.
+          - !ruby/object:Api::Type::Array
+            name: 'images'
+            item_type: Api::Type::String
+            description: |
+              A list of images to be pushed upon the successful completion of all build steps.
+              The images are pushed using the builder service account's credentials.
+              The digests of the pushed images will be stored in the Build resource's results field.
+              If any of the images fail to be pushed, the build status is marked FAILURE.
+          - !ruby/object:Api::Type::Array
+            name: 'steps'
+            description: |
+              The operations to be performed on the workspace.
+            item_type: !ruby/object:Api::Type::NestedObject
+              properties:
+                - !ruby/object:Api::Type::String
+                  name: 'name'
+                  description: |
+                    The name of the container image that will run this particular build step.
+
+                    If the image is available in the host's Docker daemon's cache, it will be
+                    run directly. If not, the host will attempt to pull the image first, using
+                    the builder service account's credentials if necessary.
+
+                    The Docker daemon's cache will already have the latest versions of all of
+                    the officially supported build steps (https://github.com/GoogleCloudPlatform/cloud-builders).
+                    The Docker daemon will also have cached many of the layers for some popular
+                    images, like "ubuntu", "debian", but they will be refreshed at the time
+                    you attempt to use them.
+
+                    If you built an image in a previous build step, it will be stored in the
+                    host's Docker daemon's cache and is available to use as the name for a
+                    later build step.
+                - !ruby/object:Api::Type::Array
+                  name: 'args'
+                  item_type: Api::Type::String
+                  description: |
+                    A list of arguments that will be presented to the step when it is started.
+
+                    If the image used to run the step's container has an entrypoint, the args
+                    are used as arguments to that entrypoint. If the image does not define an
+                    entrypoint, the first element in args is used as the entrypoint, and the
+                    remainder will be used as arguments.
diff --git a/products/cloudbuild/terraform.yaml b/products/cloudbuild/terraform.yaml
@@ -0,0 +1,42 @@
+# Copyright 2018 Google Inc.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+--- !ruby/object:Provider::Terraform::Config
+overrides: !ruby/object:Provider::ResourceOverrides
+  Trigger: !ruby/object:Provider::Terraform::ResourceOverride
+    # import by default only works with old-style self links ending in a name
+    import_format: ["projects/{{project}}/triggers/{{trigger_id}}"]
+    id_format: '{{project}}/{{trigger_id}}'
+    self_link: 'projects/{{project}}/triggers/{{trigger_id}}'
+    example:
+      - !ruby/object:Provider::Terraform::Examples
+        name: "cloudbuild_trigger_filename"
+        primary_resource_id: "filename-trigger"
+        version: <%= version_name %>
+    properties:
+      id: !ruby/object:Provider::Terraform::PropertyOverride
+        name: 'trigger_id'
+      build.steps: !ruby/object:Provider::Terraform::PropertyOverride
+        name: 'step'
+      triggerTemplate.projectId: !ruby/object:Provider::Terraform::PropertyOverride
+        default_from_api: true
+    custom_code: !ruby/object:Provider::Terraform::CustomCode
+      post_create: templates/terraform/post_create/cloudbuild_trigger_id.go.erb
+      pre_update: templates/terraform/pre_update/cloudbuild_trigger.go.erb
+      resource_definition: templates/terraform/resource_definition/cloudbuild_trigger.go.erb
+# This is for copying files over
+files: !ruby/object:Provider::Config::Files
+  # These files have templating (ERB) code that will be run.
+  # This is usually to add licensing info, autogeneration notices, etc.
+  compile:
+<%= lines(indent(compile('provider/terraform/product~compile.yaml'), 4)) -%>
diff --git a/templates/terraform/examples/cloudbuild_trigger_filename.tf.erb b/templates/terraform/examples/cloudbuild_trigger_filename.tf.erb
@@ -0,0 +1,13 @@
+resource "google_cloudbuild_trigger" "<%= ctx[:primary_resource_id] %>" {
+  trigger_template {
+    branch_name = "master"
+    repo_name   = "my-repo"
+  }
+
+  substitutions = {
+    _FOO = "bar"
+    _BAZ = "qux"
+  }
+
+  filename = "cloudbuild.yaml"
+}
diff --git a/templates/terraform/post_create/cloudbuild_trigger_id.go.erb b/templates/terraform/post_create/cloudbuild_trigger_id.go.erb
@@ -0,0 +1,14 @@
+// `name` is autogenerated from the api so needs to be set post-create
+triggerId, ok := res["id"]
+if !ok {
+  return fmt.Errorf("Create response didn't contain id. Create may not have succeeded.")
+}
+d.Set("trigger_id", triggerId.(string))
+
+// Store the ID now. We tried to set it before and it failed because
+// trigger_id didn't exist yet.
+id, err = replaceVars(d, config, "{{project}}/{{trigger_id}}")
+if err != nil {
+  return fmt.Errorf("Error constructing id: %s", err)
+}
+d.SetId(id)
diff --git a/templates/terraform/pre_update/cloudbuild_trigger.go.erb b/templates/terraform/pre_update/cloudbuild_trigger.go.erb
@@ -0,0 +1,15 @@
+<%- # the license inside this block applies to this file
+	# Copyright 2018 Google Inc.
+	# Licensed under the Apache License, Version 2.0 (the "License");
+	# you may not use this file except in compliance with the License.
+	# You may obtain a copy of the License at
+	#
+	#     http://www.apache.org/licenses/LICENSE-2.0
+	#
+	# Unless required by applicable law or agreed to in writing, software
+	# distributed under the License is distributed on an "AS IS" BASIS,
+	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+	# See the License for the specific language governing permissions and
+	# limitations under the License.
+-%>
+	obj["id"] = d.Get("trigger_id")
diff --git a/templates/terraform/resource_definition/cloudbuild_trigger.go.erb b/templates/terraform/resource_definition/cloudbuild_trigger.go.erb
@@ -0,0 +1,15 @@
+<%# The license inside this block applies to this file.
+	# Copyright 2017 Google Inc.
+	# Licensed under the Apache License, Version 2.0 (the "License");
+	# you may not use this file except in compliance with the License.
+	# You may obtain a copy of the License at
+	#
+	#     http://www.apache.org/licenses/LICENSE-2.0
+	#
+	# Unless required by applicable law or agreed to in writing, software
+	# distributed under the License is distributed on an "AS IS" BASIS,
+	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+	# See the License for the specific language governing permissions and
+	# limitations under the License.
+-%>
+SchemaVersion: 1,