Skip to content

Commit

Permalink
Merge pull request #173 from openearth/clode-clone-infra
Browse files Browse the repository at this point in the history
Clode clone infra
  • Loading branch information
florislangeraert authored Apr 17, 2024
2 parents 9dfc2d2 + 9b8c168 commit 7acfb5b
Show file tree
Hide file tree
Showing 2 changed files with 53 additions and 2 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/docker-image.yml
Original file line number Diff line number Diff line change
Expand Up @@ -85,10 +85,10 @@ jobs:
file_name: .env

- name: Build Docker image
run: docker build . -f Dockerfile -t containers.deltares.nl/blue_earth_data/dgds-frontend
run: docker build . -f Dockerfile -t containers.deltares.nl/${{ secrets.CONTAINER_REPOSITORY }}/dgds-frontend

- name: Push Docker image
run: docker push containers.deltares.nl/blue_earth_data/dgds-frontend
run: docker push containers.deltares.nl/${{ secrets.CONTAINER_REPOSITORY }}/dgds-frontend

deploy:
# Add 'id-token' with the intended permissions for workload identity federation
Expand Down
51 changes: 51 additions & 0 deletions infra/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
provider "google" {
project = "dgds-i1000482-002"
region = "europe-west4"
}

resource "google_cloud_run_service" "blue_earth_service" {
name = "blue-earth-service"
location = "europe-west4"

template {
spec {
containers {
image = "europe-west4-docker.pkg.dev/dgds-i1000482-002/dgds-frontend/dgds-frontend:latest"

ports {
container_port = 80
}
}
}
}
}

data "google_iam_policy" "noauth" {
binding {
role = "roles/run.invoker"
members = [
"allUsers",
]
}
}

resource "google_cloud_run_service_iam_policy" "noauth" {
location = google_cloud_run_service.blue_earth_service.location
project = google_cloud_run_service.blue_earth_service.project
service = google_cloud_run_service.blue_earth_service.name

policy_data = data.google_iam_policy.noauth.policy_data
}

# resource "google_cloud_run_service_iam_binding" "blue_earth_service_binding" {
# service = google_cloud_run_service.blue_earth_service.name
# location = google_cloud_run_service.blue_earth_service.location
# role = "roles/run.invoker"

# members = [
# "user:<YOUR_EMAIL>",
# "group:<YOUR_GROUP>",
# "serviceAccount:<YOUR_SERVICE_ACCOUNT>"
# # Add more members as needed
# ]
# }

0 comments on commit 7acfb5b

Please sign in to comment.