Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature/336 gcloud module #343

Merged
merged 14 commits into from
Dec 27, 2019
Merged

Feature/336 gcloud module #343

merged 14 commits into from
Dec 27, 2019

Conversation

taylorludwig
Copy link
Contributor

@taylorludwig taylorludwig commented Dec 17, 2019
edited

Fixes #342
Fixes #336

  • Got precondition step working again
  • Removed on_failure = "continue" from precondition and modify-service-account.sh steps
  • Added optional gcloud_executable_path var for specifying a different path for gcloud
  • Added use_bundled_gcloud_binary (default false) var. When true uses gcloud from google-terraform-gcloud module rather than rely on it being pre-installed.

@taylorludwig taylorludwig self-assigned this Dec 17, 2019
@taylorludwig
Copy link
Contributor Author

Tests look good and show its working as intended again

Precondition

Step #2 - "converge": module.project-factory.module.project-factory.null_resource.preconditions (local-exec): Executing: ["/bin/sh" "-c" "python3 /workspace/test/fixtures/minimal/../../../modules/core_project_factory/scripts/preconditions/preconditions.py --billing_account=\"01D904-DAF6EC-F34EF7\" --credentials_path=\"\" --folder_id=\"folders/898319216858\" --impersonate_service_account=\"\" --org_id=\"943740911108\" --shared_vpc=\"\" "]
Step #2 - "converge": module.project-factory.module.project-factory.null_resource.preconditions: Creation complete after 7s [id=6995777690283997562]

modify-service-account.sh with bundled gcoud

Step #2 - "converge": module.project-factory.module.project-factory.null_resource.disable_default_compute_service_account[0]: Creating...
Step #2 - "converge": module.project-factory.module.project-factory.null_resource.disable_default_compute_service_account[0]: Provisioning with 'local-exec'...
Step #2 - "converge": module.project-factory.module.project-factory.null_resource.disable_default_compute_service_account[0] (local-exec): Executing: ["/bin/sh" "-c" "../../../modules/core_project_factory/scripts/modify-service-account.sh \\\n --project_id='pf-ci-test-minimal-465f74-be61' \\\n --sa_id='674049482515-compute@developer.gserviceaccount.com' \\\n --credentials_path='' \\\n --impersonate-service-account='' \\\n --action='disable' \\\n --gcloud_bin='.terraform/modules/project-factory.project-factory.gcloud/terraform-google-modules-terraform-google-gcloud-81086f8/cache/linux/google-cloud-sdk/bin/gcloud'\n"]
Step #2 - "converge": module.project-factory.module.project-factory.null_resource.disable_default_compute_service_account[0] (local-exec): Using gcloud binary at .terraform/modules/project-factory.project-factory.gcloud/terraform-google-modules-terraform-google-gcloud-81086f8/cache/linux/google-cloud-sdk/bin/gcloud
Step #2 - "converge": module.project-factory.module.project-factory.null_resource.disable_default_compute_service_account[0] (local-exec): Disabling service account 674049482515-compute@developer.gserviceaccount.com in project pf-ci-test-minimal-465f74-be61
Step #2 - "converge": module.project-factory.module.project-factory.null_resource.disable_default_compute_service_account[0] (local-exec): Disabled service account [674049482515-compute@developer.gserviceaccount.com].
Step #2 - "converge": module.project-factory.module.project-factory.null_resource.disable_default_compute_service_account[0]: Creation complete after 2s [id=4504532100494043745]

@taylorludwig taylorludwig marked this pull request as ready for review December 18, 2019 00:21
@morgante morgante self-assigned this Dec 18, 2019
morgante
morgante suggested changes Dec 18, 2019
View reviewed changes
Copy link
Contributor

@morgante morgante left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for working on this. Instead of updating script with multiple entrypoints I'd like to:

  1. Update the gcloud module to accept a script as input (easily)
  2. Switch to always using the gcloud module to execute scripts in project factory

@taylorludwig taylorludwig mentioned this pull request Dec 19, 2019
Merged
@taylorludwig
Copy link
Contributor Author

Script runs at the right time with dependencies, runs in the gcloud module, and uses the gcloud module's binary

Step #2 - "converge": module.project-factory.module.project-factory.module.project_services.google_project_service.project_services["compute.googleapis.com"]: Creation complete after 27s [id=pf-ci-test-minimal-adcd52-b866/compute.googleapis.com]
Step #2 - "converge": module.project-factory.module.project-factory.module.gcloud_disable.null_resource.run_script_create[0]: Creating...
Step #2 - "converge": module.project-factory.module.project-factory.module.gcloud_disable.null_resource.run_script_create[0]: Provisioning with 'local-exec'...
Step #2 - "converge": module.project-factory.module.project-factory.module.gcloud_disable.null_resource.run_script_create[0] (local-exec): Executing: ["/bin/sh" "-c" "PATH=/workspace/test/fixtures/minimal/.terraform/modules/project-factory.project-factory.gcloud_disable/cache/linux/google-cloud-sdk/bin:$PATH\n../../../modules/core_project_factory/scripts/modify-service-account.sh --project_id='pf-ci-test-minimal-adcd52-b866' \\\n--sa_id='996957836188-compute@developer.gserviceaccount.com' \\\n--credentials_path='' \\\n--impersonate-service-account='' \\\n--action='disable'\n\n"]
Step #2 - "converge": module.project-factory.module.project-factory.module.gcloud_disable.null_resource.run_script_create[0] (local-exec): Disabling service account 996957836188-compute@developer.gserviceaccount.com in project pf-ci-test-minimal-adcd52-b866
Step #2 - "converge": module.project-factory.module.project-factory.module.gcloud_disable.null_resource.run_script_create[0] (local-exec): Disabled service account [996957836188-compute@developer.gserviceaccount.com].
Step #2 - "converge": module.project-factory.module.project-factory.module.gcloud_disable.null_resource.run_script_create[0]: Creation complete after 2s [id=8761042379654110551]
Step #2 - "converge":
Step #2 - "converge": Apply complete! Resources: 11 added, 0 changed, 0 destroyed.

@taylorludwig
Copy link
Contributor Author

This isn't ready to be merged yet. Needs terraform-google-modules/terraform-google-gcloud#9 to be merged and released first.

And then the source of the gcloud module can be updated.

@taylorludwig
Copy link
Contributor Author

One big problem i see with this is the gcloud module has a few triggers{ always = uuid()}

https://github.com/terraform-google-modules/terraform-google-gcloud/blob/master/main.tf#L42

This makes it so terraform will never converge.

And anyone that'll now use project-factory will have terraform apply|plan always show there are changes.

@taylorludwig taylorludwig changed the title Feature/336 gcloud module [WIP] Feature/336 gcloud module Dec 19, 2019
@taylorludwig taylorludwig changed the title [WIP] Feature/336 gcloud module Feature/336 gcloud module Dec 22, 2019
@taylorludwig
Copy link
Contributor Author

Thanks for working on this. Instead of updating script with multiple entrypoints I'd like to:

  1. Update the gcloud module to accept a script as input (easily)
  2. Switch to always using the gcloud module to execute scripts in project factory

This is ready to go. It's pointing at gcloud 0.3.0 version.

@morgante morgante merged commit 199c6f0 into terraform-google-modules:master Dec 27, 2019
@Rycieos Rycieos mentioned this pull request Dec 30, 2019
Closed
@Rycieos Rycieos mentioned this pull request Jan 9, 2020
Closed
@marshallford marshallford mentioned this pull request Jan 14, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@morgante morgante morgante approved these changes

@aaron-lane aaron-lane Awaiting requested review from aaron-lane

@adrienthebo adrienthebo Awaiting requested review from adrienthebo

Assignees

@taylorludwig taylorludwig

@morgante morgante

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Precondition no longer works gcloud executable requirement
2 participants
@taylorludwig @morgante