From c9169daf40e13db3810c50738ea69d6ee044062c Mon Sep 17 00:00:00 2001 From: Al Cutter Date: Thu, 29 Aug 2024 14:57:14 +0000 Subject: [PATCH] Update terraform to support terragrunt builder --- deployment/modules/gcp/cloudbuild/main.tf | 25 ++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/deployment/modules/gcp/cloudbuild/main.tf b/deployment/modules/gcp/cloudbuild/main.tf index fc313cb0..19b90f28 100644 --- a/deployment/modules/gcp/cloudbuild/main.tf +++ b/deployment/modules/gcp/cloudbuild/main.tf @@ -17,6 +17,29 @@ terraform { backend "gcs" {} } +# This is the target registry for the terragrunt community builder image. +# Note that it needs to have location "us" rather than var.region as this +# is hard-coded in the builder config. +resource "google_artifact_registry_repository" "terragrunt" { + repository_id = "terragrunt" + location = "us" + description = "Terragrunt builder image" + format = "DOCKER" +} + +data "google_compute_default_service_account" "default" { +} + +resource "google_artifact_registry_repository_iam_binding" "binding" { + project = google_artifact_registry_repository.terragrunt.project + location = google_artifact_registry_repository.terragrunt.location + repository = google_artifact_registry_repository.terragrunt.name + role = "roles/artifactregistry.writer" + members = [ + google_compute_default_service_account.default.member, + ] +} + resource "google_artifact_registry_repository" "docker" { repository_id = "docker-${var.env}" location = var.region @@ -82,7 +105,7 @@ resource "google_cloudbuild_trigger" "docker" { // for instructions. step { id = "terraform_plan_all" - name = "cloud-builders-community/terragrunt" + name = "gcr.io/${var.project_id}/terragrunt" args = ["plan-all"] env = [ "TF_IN_AUTOMATION=1",