Skip to content

Latest commit

 

History

History

1-bootstrap

README.md

1. Bootstrap phase

The bootstrap phase establishes the 3 initial pipelines of the Enterprise Application blueprint. These pipelines are:

  • the Multitenant Infrastructure pipeline
  • the Application Factory
  • the Fleet-Scope pipeline

An overview of the deployment methodology for the Enterprise Application blueprint is shown below. Enterprise Application blueprint deployment diagram

Each pipeline has the following associated resources:

  • 2 Cloud Build triggers
    • 1 trigger to run Terraform Plan commands upon changes to a non-main git branch
    • 1 trigger to run Terraform Apply commands upon changes to the main git branch
  • 3 Cloud Storage buckets
    • Terraform State bucket, to store the current state
    • Build Artifacts bucket, to store any artifacts generated during the build process, such as .tfplan files
    • Build Logs bucket, to store the logs from the build process
  • 1 service account for executing the Cloud Build build process

Usage

Deploying with Cloud Build

Deploying on Enterprise Foundation blueprint

If you have previously deployed the Enterprise Foundation blueprint, create the pipelines in this phase by pushing the contents of this folder to a workload repo created at stage 5. Instead of deploying to multiple environments, create these pipelines in the common folder of the foundation.

Start at "5. Clone the bu1-example-app repo". Replace the contents of that repo with the contents of this folder.

Running Terraform locally

Requirements

You will need a project to host your resources, you can manually create it:

example-organization
└── fldr-common
    └── prj-c-eab-bootstrap

Step-by-Step

  1. The next instructions assume that you are in the terraform-google-enterprise-application/1-bootstrap folder.

    cd terraform-google-enterprise-application/1-bootstrap

  2. Rename terraform.example.tfvars to terraform.tfvars.

    mv terraform.example.tfvars terraform.tfvars

  3. Update the terraform.tfvars file with your project id.

You can now deploy the common environment for these pipelines.

  1. Run init and plan and review the output.

    terraform init
terraform plan

  2. Run apply.

    terraform apply

If you receive any errors or made any changes to the Terraform config or terraform.tfvars, re-run terraform plan before you run terraform apply.

Updating backend.tf files on the repository

Within the repository, you'll find backend.tf files that define the GCS bucket for storing the Terraform state. By running the commands below, instances of UPDATE_ME placeholders in these files will be automatically replaced with the actual name of your GCS bucket.

  1. Running the series of commands below will update the remote state bucket for backend.tf files on the repository.

    export backend_bucket=$(terraform output -raw state_bucket)
echo "backend_bucket = ${backend_bucket}"

cp backend.tf.example backend.tf
cd ..

for i in `find . -name 'backend.tf'`; do sed -i'' -e "s/UPDATE_ME/${backend_bucket}/" $i; done

  2. Re-run terraform init. When you're prompted, agree to copy Terraform state to Cloud Storage.

    cd 1-bootstrap

terraform init

Inputs

Name Description Type Default Required
bucket_force_destroy When deleting a bucket, this boolean option will delete all contained objects. If false, Terraform will fail to delete buckets which contain objects. bool false no
bucket_prefix Name prefix to use for buckets created. string "bkt" no
common_folder_id Folder ID in which to create all application admin projects, must be prefixed with 'folders/' string n/a yes
envs Environments 
map(object({
    billing_account    = string
    folder_id          = string
    network_project_id = string
    network_self_link  = string
    org_id             = string
    subnets_self_links = list(string)
  }))
 n/a yes
location Location for build buckets. string "us-central1" no
project_id Project ID for initial resources string n/a yes
tf_apply_branches List of git branches configured to run terraform apply Cloud Build trigger. All other branches will run plan by default. list(string) 
[
  "development",
  "nonproduction",
  "production"
]
 no
trigger_location Location of for Cloud Build triggers created in the workspace. If using private pools should be the same location as the pool. string "global" no

Outputs

Name Description
artifacts_bucket Bucket for storing TF plans
cb_service_accounts_emails Service Accounts for the Multitenant Administration Cloud Build Triggers
logs_bucket Bucket for storing TF logs
project_id Project ID
source_repo_urls Source repository URLs
state_bucket Bucket for storing TF state