Google Cloud Source Repository Module
This module allows managing a single Cloud Source Repository, including IAM bindings and basic Cloud Build triggers.
module "repo" {
source = " ./modules/source-repository"
project_id = " my-project"
name = " my-repo"
iam = {
" roles/source.reader" = [" user:[email protected] " ]
}
}
# tftest modules=1 resources=2
Repository with Cloud Build trigger
module "repo" {
source = " ./modules/source-repository"
project_id = " my-project"
name = " my-repo"
triggers = {
foo = {
filename = " ci/workflow-foo.yaml"
included_files = [" **/*tf" ]
service_account = null
substitutions = {
BAR = 1
}
template = {
branch_name = " main"
project_id = null
tag_name = null
}
}
}
}
# tftest modules=1 resources=2
name
description
resources
iam.tf
IAM resources.
google_sourcerepo_repository_iam_binding
· google_sourcerepo_repository_iam_member
main.tf
Module-level locals and resources.
google_cloudbuild_trigger
· google_sourcerepo_repository
outputs.tf
Module outputs.
variables.tf
Module variables.
versions.tf
Version pins.
name
description
type
required
default
name
Repository name.
string
✓
project_id
Project used for resources.
string
✓
group_iam
Authoritative IAM binding for organization groups, in {GROUP_EMAIL => [ROLES]} format. Group emails need to be static. Can be used in combination with the iam
variable.
map(list(string))
{}
iam
IAM bindings in {ROLE => [MEMBERS]} format.
map(list(string))
{}
iam_additive
IAM additive bindings in {ROLE => [MEMBERS]} format.
map(list(string))
{}
iam_additive_members
IAM additive bindings in {MEMBERS => [ROLE]} format. This might break if members are dynamic values.
map(list(string))
{}
triggers
Cloud Build triggers.
map(object({…}))
{}
name
description
sensitive
id
Repository id.
name
Repository name.
url
Repository URL.