From 94a27ca796aec65b8b591687c3d9ec56694896e6 Mon Sep 17 00:00:00 2001 From: Katie McLaughlin Date: Tue, 24 Sep 2024 14:02:29 +1000 Subject: [PATCH 01/12] fix(cloudrun): make delete protection explicit fixes #730 --- eventarc/basic/main.tf | 2 ++ run/access_control/main.tf | 2 ++ run/cloud_run_configuration_concurrency/main.tf | 2 ++ run/cloud_run_configuration_containers/main.tf | 2 ++ run/cloud_run_configuration_cpu/main.tf | 2 ++ run/cloud_run_configuration_cpu_allocation/main.tf | 2 ++ run/cloud_run_configuration_description/main.tf | 2 ++ run/cloud_run_configuration_environment_variables/main.tf | 2 ++ run/cloud_run_configuration_http2/main.tf | 2 ++ run/cloud_run_configuration_labels/main.tf | 2 ++ run/cloud_run_configuration_max_instances/main.tf | 2 ++ run/cloud_run_configuration_memory_limits/main.tf | 2 ++ run/cloud_run_configuration_min_instances/main.tf | 2 ++ run/cloud_run_configuration_request_timeout/main.tf | 2 ++ run/connect_cloud_sql/main.tf | 2 ++ run/deploy_tag/main.tf | 2 ++ run/direct_vpc/main.tf | 2 ++ run/healthchecks_liveness_probe_grpc/main.tf | 2 ++ run/healthchecks_liveness_probe_http/main.tf | 2 ++ run/healthchecks_startup_probe_http/main.tf | 2 ++ run/identity/main.tf | 2 ++ run/image_processing/main.tf | 4 +++- run/ingress/main.tf | 2 ++ run/interservice/main.tf | 2 ++ run/multiple_regions/main.tf | 2 ++ run/noauth/main.tf | 2 ++ run/scheduled/main.tf | 2 ++ run/secret_manager/main.tf | 4 ++++ run/static_outbound/main.tf | 2 ++ run/system_packages/main.tf | 2 ++ run/tasks/main.tf | 2 ++ 31 files changed, 65 insertions(+), 1 deletion(-) diff --git a/eventarc/basic/main.tf b/eventarc/basic/main.tf index b6da1094b..ad14fc72d 100644 --- a/eventarc/basic/main.tf +++ b/eventarc/basic/main.tf @@ -93,6 +93,8 @@ resource "google_cloud_run_v2_service" "default" { name = "hello-events" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { # This container will log received events diff --git a/run/access_control/main.tf b/run/access_control/main.tf index e6a89f180..4ab880499 100644 --- a/run/access_control/main.tf +++ b/run/access_control/main.tf @@ -20,6 +20,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloud-run-srv" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/cloud_run_configuration_concurrency/main.tf b/run/cloud_run_configuration_concurrency/main.tf index 070510953..0ed544416 100644 --- a/run/cloud_run_configuration_concurrency/main.tf +++ b/run/cloud_run_configuration_concurrency/main.tf @@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service-concurrency" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/cloud_run_configuration_containers/main.tf b/run/cloud_run_configuration_containers/main.tf index d4d27eac8..d25aa54ef 100644 --- a/run/cloud_run_configuration_containers/main.tf +++ b/run/cloud_run_configuration_containers/main.tf @@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service-containers" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/cloud_run_configuration_cpu/main.tf b/run/cloud_run_configuration_cpu/main.tf index 0ac38634a..83bfc9b04 100644 --- a/run/cloud_run_configuration_cpu/main.tf +++ b/run/cloud_run_configuration_cpu/main.tf @@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service-cpu" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/cloud_run_configuration_cpu_allocation/main.tf b/run/cloud_run_configuration_cpu_allocation/main.tf index 3c294e333..bbd7ef241 100644 --- a/run/cloud_run_configuration_cpu_allocation/main.tf +++ b/run/cloud_run_configuration_cpu_allocation/main.tf @@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service-cpu-allocation" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/cloud_run_configuration_description/main.tf b/run/cloud_run_configuration_description/main.tf index 5a376ffc0..7e091158c 100644 --- a/run/cloud_run_configuration_description/main.tf +++ b/run/cloud_run_configuration_description/main.tf @@ -23,6 +23,8 @@ resource "google_cloud_run_v2_service" "default" { description = "This service has a custom description" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/cloud_run_configuration_environment_variables/main.tf b/run/cloud_run_configuration_environment_variables/main.tf index a8970bcba..931371dca 100644 --- a/run/cloud_run_configuration_environment_variables/main.tf +++ b/run/cloud_run_configuration_environment_variables/main.tf @@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service-env-var" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/cloud_run_configuration_http2/main.tf b/run/cloud_run_configuration_http2/main.tf index ec81d0b31..27e0d6a23 100644 --- a/run/cloud_run_configuration_http2/main.tf +++ b/run/cloud_run_configuration_http2/main.tf @@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service-h2c" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/cloud_run_configuration_labels/main.tf b/run/cloud_run_configuration_labels/main.tf index e600c86a8..b8e6c468e 100644 --- a/run/cloud_run_configuration_labels/main.tf +++ b/run/cloud_run_configuration_labels/main.tf @@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service-labels" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/cloud_run_configuration_max_instances/main.tf b/run/cloud_run_configuration_max_instances/main.tf index 32f2d5ec4..956783257 100644 --- a/run/cloud_run_configuration_max_instances/main.tf +++ b/run/cloud_run_configuration_max_instances/main.tf @@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service-max-instances" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/cloud_run_configuration_memory_limits/main.tf b/run/cloud_run_configuration_memory_limits/main.tf index d8c018a98..6ab55a4c3 100644 --- a/run/cloud_run_configuration_memory_limits/main.tf +++ b/run/cloud_run_configuration_memory_limits/main.tf @@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service-memory-limits" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/cloud_run_configuration_min_instances/main.tf b/run/cloud_run_configuration_min_instances/main.tf index 604d3f443..4794b21a9 100644 --- a/run/cloud_run_configuration_min_instances/main.tf +++ b/run/cloud_run_configuration_min_instances/main.tf @@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service-min-instances" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/cloud_run_configuration_request_timeout/main.tf b/run/cloud_run_configuration_request_timeout/main.tf index 053e98d1d..40f1be310 100644 --- a/run/cloud_run_configuration_request_timeout/main.tf +++ b/run/cloud_run_configuration_request_timeout/main.tf @@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service-request-timeout" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/connect_cloud_sql/main.tf b/run/connect_cloud_sql/main.tf index 7c1bb3278..9351cc393 100644 --- a/run/connect_cloud_sql/main.tf +++ b/run/connect_cloud_sql/main.tf @@ -155,6 +155,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello:latest" # Image to deploy diff --git a/run/deploy_tag/main.tf b/run/deploy_tag/main.tf index 548cad677..7ccabea82 100644 --- a/run/deploy_tag/main.tf +++ b/run/deploy_tag/main.tf @@ -19,6 +19,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-srv" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { # image or tag must be different from previous revision diff --git a/run/direct_vpc/main.tf b/run/direct_vpc/main.tf index 44c3785fd..fbad6babd 100644 --- a/run/direct_vpc/main.tf +++ b/run/direct_vpc/main.tf @@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/healthchecks_liveness_probe_grpc/main.tf b/run/healthchecks_liveness_probe_grpc/main.tf index 408aaafc7..b59a7169b 100644 --- a/run/healthchecks_liveness_probe_grpc/main.tf +++ b/run/healthchecks_liveness_probe_grpc/main.tf @@ -26,6 +26,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service-healthcheck" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { # Note: Change to the name of your image diff --git a/run/healthchecks_liveness_probe_http/main.tf b/run/healthchecks_liveness_probe_http/main.tf index 7718d8242..2d4c4287e 100644 --- a/run/healthchecks_liveness_probe_http/main.tf +++ b/run/healthchecks_liveness_probe_http/main.tf @@ -26,6 +26,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service-healthcheck" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/healthchecks_startup_probe_http/main.tf b/run/healthchecks_startup_probe_http/main.tf index d02746d9b..e46796d97 100644 --- a/run/healthchecks_startup_probe_http/main.tf +++ b/run/healthchecks_startup_probe_http/main.tf @@ -27,6 +27,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service-healthcheck" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/identity/main.tf b/run/identity/main.tf index c03c0fb7e..ad613d470 100644 --- a/run/identity/main.tf +++ b/run/identity/main.tf @@ -26,6 +26,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloud-run-srv" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/image_processing/main.tf b/run/image_processing/main.tf index 5d5a157b3..2244bc525 100644 --- a/run/image_processing/main.tf +++ b/run/image_processing/main.tf @@ -91,9 +91,11 @@ output "blurred_bucket_name" { resource "google_cloud_run_v2_service" "default" { name = "pubsub-tutorial" location = "us-central1" + + deletion_protection = false # set to "true" in production + template { containers { - # Replace with newly created image gcr.io//pubsub image = "us-docker.pkg.dev/cloudrun/container/hello" env { diff --git a/run/ingress/main.tf b/run/ingress/main.tf index e25b39dde..7c5d192e7 100644 --- a/run/ingress/main.tf +++ b/run/ingress/main.tf @@ -30,6 +30,8 @@ resource "google_cloud_run_v2_service" "default" { name = "ingress-service" location = "us-central1" + deletion_protection = false # set to "true" in production + # For valid annotation values and descriptions, see # https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/cloud_run_v2_service#ingress ingress = "INGRESS_TRAFFIC_INTERNAL_ONLY" diff --git a/run/interservice/main.tf b/run/interservice/main.tf index 49b9ff720..39a27e056 100644 --- a/run/interservice/main.tf +++ b/run/interservice/main.tf @@ -22,6 +22,8 @@ resource "google_cloud_run_v2_service" "public" { name = "public-service" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { # TODO: replace this with a public service container diff --git a/run/multiple_regions/main.tf b/run/multiple_regions/main.tf index 67226c8e4..2f134c01d 100644 --- a/run/multiple_regions/main.tf +++ b/run/multiple_regions/main.tf @@ -152,6 +152,8 @@ resource "google_cloud_run_v2_service" "run_default" { name = "myservice-run-app-${local.run_regions[count.index]}" location = local.run_regions[count.index] + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/noauth/main.tf b/run/noauth/main.tf index da1f9da37..8e68e7ee1 100644 --- a/run/noauth/main.tf +++ b/run/noauth/main.tf @@ -22,6 +22,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-srv" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/scheduled/main.tf b/run/scheduled/main.tf index 991312f60..b4aa1fe06 100644 --- a/run/scheduled/main.tf +++ b/run/scheduled/main.tf @@ -40,6 +40,8 @@ resource "google_cloud_run_v2_service" "default" { name = "my-scheduled-service" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/secret_manager/main.tf b/run/secret_manager/main.tf index b0bf3221f..3f213f5fe 100644 --- a/run/secret_manager/main.tf +++ b/run/secret_manager/main.tf @@ -65,6 +65,8 @@ resource "google_cloud_run_v2_service" "mounted_secret" { location = "us-central1" ingress = "INGRESS_TRAFFIC_ALL" + deletion_protection = false # set to "true" in production + template { volumes { name = "my-service-volume" @@ -96,6 +98,8 @@ resource "google_cloud_run_v2_service" "env_variable_secret" { location = "us-central1" ingress = "INGRESS_TRAFFIC_ALL" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/static_outbound/main.tf b/run/static_outbound/main.tf index a80680011..34f84cc2b 100644 --- a/run/static_outbound/main.tf +++ b/run/static_outbound/main.tf @@ -114,6 +114,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cr-static-ip-service" location = google_compute_subnetwork.default.region + deletion_protection = false # set to "true" in production + template { containers { # Replace with the URL of your container diff --git a/run/system_packages/main.tf b/run/system_packages/main.tf index d71478f82..076cb416e 100644 --- a/run/system_packages/main.tf +++ b/run/system_packages/main.tf @@ -27,6 +27,8 @@ resource "google_cloud_run_v2_service" "default" { name = "graphviz-example" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { # Replace with the URL of your graphviz image diff --git a/run/tasks/main.tf b/run/tasks/main.tf index 08831f555..8970639ef 100644 --- a/run/tasks/main.tf +++ b/run/tasks/main.tf @@ -20,6 +20,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloud-run-task-service" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" From cbc5075ad301f2d9615602ebf368f0bb6b815545 Mon Sep 17 00:00:00 2001 From: Katie McLaughlin Date: Tue, 24 Sep 2024 14:07:23 +1000 Subject: [PATCH 02/12] fix(cloudrun): update cloud run services names to unique values fixes #164 --- run/access_control/main.tf | 2 +- run/add_tag/main.tf | 6 +++--- run/custom_domain_mapping/main.tf | 2 +- run/deploy_tag/main.tf | 8 ++++---- run/identity/main.tf | 2 +- run/noauth/main.tf | 2 +- run/remove_tag/main.tf | 6 +++--- run/secret_manager/main.tf | 4 ++-- run/traffic_gradual_rollout/main.tf | 4 ++-- run/traffic_latest_revision/main.tf | 2 +- run/traffic_rollback/main.tf | 4 ++-- run/traffic_split/main.tf | 8 ++++---- run/traffic_split_tag/main.tf | 4 ++-- 13 files changed, 27 insertions(+), 27 deletions(-) diff --git a/run/access_control/main.tf b/run/access_control/main.tf index 4ab880499..e6cad66f2 100644 --- a/run/access_control/main.tf +++ b/run/access_control/main.tf @@ -17,7 +17,7 @@ # [START cloudrun_access_control_parent_tag] # [START cloudrun_service_access_control_run_service] resource "google_cloud_run_v2_service" "default" { - name = "cloud-run-srv" + name = "public-service" location = "us-central1" deletion_protection = false # set to "true" in production diff --git a/run/add_tag/main.tf b/run/add_tag/main.tf index 39c41be8c..f4410ebde 100644 --- a/run/add_tag/main.tf +++ b/run/add_tag/main.tf @@ -16,7 +16,7 @@ # [START cloudrun_service_add_tag] resource "google_cloud_run_v2_service" "default" { - name = "cloudrun-srv" + name = "my-service" location = "us-central1" template {} @@ -26,14 +26,14 @@ resource "google_cloud_run_v2_service" "default" { traffic { percent = 100 # This revision needs to already exist - revision = "cloudrun-srv-green" + revision = "green" type = "TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION" } traffic { # Deploy new revision with 0% traffic percent = 0 - revision = "cloudrun-srv-blue" + revision = "blue" tag = "tag-name" type = "TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION" } diff --git a/run/custom_domain_mapping/main.tf b/run/custom_domain_mapping/main.tf index 931375382..7412030d5 100644 --- a/run/custom_domain_mapping/main.tf +++ b/run/custom_domain_mapping/main.tf @@ -17,7 +17,7 @@ # [START cloudrun_custom_domain_mapping_parent_tag] # [START cloudrun_custom_domain_mapping_run_service] resource "google_cloud_run_v2_service" "default" { - name = "cloud-run-srv" + name = "custom-domain" location = "us-central1" template { containers { diff --git a/run/deploy_tag/main.tf b/run/deploy_tag/main.tf index 7ccabea82..6f171c973 100644 --- a/run/deploy_tag/main.tf +++ b/run/deploy_tag/main.tf @@ -16,7 +16,7 @@ # [START cloudrun_service_deploy_tag] resource "google_cloud_run_v2_service" "default" { - name = "cloudrun-srv" + name = "my-service" location = "us-central1" deletion_protection = false # set to "true" in production @@ -26,7 +26,7 @@ resource "google_cloud_run_v2_service" "default" { # image or tag must be different from previous revision image = "us-docker.pkg.dev/cloudrun/container/hello" } - revision = "cloudrun-srv-blue" + revision = "blue" } # Define the traffic split for each revision @@ -34,14 +34,14 @@ resource "google_cloud_run_v2_service" "default" { traffic { percent = 100 # This revision needs to already exist - revision = "cloudrun-srv-green" + revision = "green" type = "TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION" } traffic { # Deploy new revision with 0% traffic percent = 0 - revision = "cloudrun-srv-blue" + revision = "blue" tag = "tag-name" type = "TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION" } diff --git a/run/identity/main.tf b/run/identity/main.tf index ad613d470..5893364a0 100644 --- a/run/identity/main.tf +++ b/run/identity/main.tf @@ -23,7 +23,7 @@ resource "google_service_account" "cloudrun_service_identity" { # [START cloudrun_service_identity_run_service] resource "google_cloud_run_v2_service" "default" { - name = "cloud-run-srv" + name = "id-service" location = "us-central1" deletion_protection = false # set to "true" in production diff --git a/run/noauth/main.tf b/run/noauth/main.tf index 8e68e7ee1..312051165 100644 --- a/run/noauth/main.tf +++ b/run/noauth/main.tf @@ -19,7 +19,7 @@ # [START cloudrun_noauth_parent_tag] # [START cloudrun_service_noauth] resource "google_cloud_run_v2_service" "default" { - name = "cloudrun-srv" + name = "my-public-service" location = "us-central1" deletion_protection = false # set to "true" in production diff --git a/run/remove_tag/main.tf b/run/remove_tag/main.tf index 555d73260..821a4eb51 100644 --- a/run/remove_tag/main.tf +++ b/run/remove_tag/main.tf @@ -16,7 +16,7 @@ # [START cloudrun_service_remove_tag] resource "google_cloud_run_v2_service" "default" { - name = "cloudrun-srv" + name = "my-service" location = "us-central1" template {} @@ -26,7 +26,7 @@ resource "google_cloud_run_v2_service" "default" { traffic { percent = 100 # This revision needs to already exist - revision = "cloudrun-srv-green" + revision = "green" type = "TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION" } @@ -35,7 +35,7 @@ resource "google_cloud_run_v2_service" "default" { # Keep revision at 0% traffic percent = 0 # This revision needs to already exist - revision = "cloudrun-srv-blue" + revision = "blue" type = "TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION" } } diff --git a/run/secret_manager/main.tf b/run/secret_manager/main.tf index 3f213f5fe..99ec3006b 100644 --- a/run/secret_manager/main.tf +++ b/run/secret_manager/main.tf @@ -61,7 +61,7 @@ resource "google_secret_manager_secret_iam_member" "default" { # [START cloudrun_secret_manager_mounted] resource "google_cloud_run_v2_service" "mounted_secret" { - name = "cloudrun-srv-mounted-secret" + name = "service-with-mounted-secret" location = "us-central1" ingress = "INGRESS_TRAFFIC_ALL" @@ -94,7 +94,7 @@ resource "google_cloud_run_v2_service" "mounted_secret" { # [START cloudrun_secret_manager_env_variable] resource "google_cloud_run_v2_service" "env_variable_secret" { - name = "cloudrun-srv-env-var-secret" + name = "service-with-env-var-secret" location = "us-central1" ingress = "INGRESS_TRAFFIC_ALL" diff --git a/run/traffic_gradual_rollout/main.tf b/run/traffic_gradual_rollout/main.tf index 4945bfd59..223fd48bf 100644 --- a/run/traffic_gradual_rollout/main.tf +++ b/run/traffic_gradual_rollout/main.tf @@ -16,7 +16,7 @@ # [START cloudrun_service_traffic_gradual_rollout] resource "google_cloud_run_v2_service" "default" { - name = "cloudrun-srv" + name = "my-service" location = "us-central1" template { @@ -31,7 +31,7 @@ resource "google_cloud_run_v2_service" "default" { traffic { percent = 100 # This revision needs to already exist - revision = "cloudrun-srv-green" + revision = "green" type = "TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION" } diff --git a/run/traffic_latest_revision/main.tf b/run/traffic_latest_revision/main.tf index 3c6c9485b..3bd0e58ff 100644 --- a/run/traffic_latest_revision/main.tf +++ b/run/traffic_latest_revision/main.tf @@ -17,7 +17,7 @@ # [START cloudrun_traffic_latest_revision_parent_tag] # [START cloudrun_service_traffic_latest] resource "google_cloud_run_v2_service" "default" { - name = "cloudrun-srv" + name = "my-service" location = "us-central1" template {} diff --git a/run/traffic_rollback/main.tf b/run/traffic_rollback/main.tf index 65ee74b94..c40dcd5ea 100644 --- a/run/traffic_rollback/main.tf +++ b/run/traffic_rollback/main.tf @@ -16,7 +16,7 @@ # [START cloudrun_service_traffic_rollback] resource "google_cloud_run_v2_service" "default" { - name = "cloudrun-srv" + name = "my-service" location = "us-central1" template {} @@ -24,7 +24,7 @@ resource "google_cloud_run_v2_service" "default" { traffic { percent = 100 # This revision needs to already exist - revision = "cloudrun-srv-green" + revision = "green" type = "TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION" } diff --git a/run/traffic_split/main.tf b/run/traffic_split/main.tf index 7c21e86ce..dc9f0aa50 100644 --- a/run/traffic_split/main.tf +++ b/run/traffic_split/main.tf @@ -16,28 +16,28 @@ # [START cloudrun_service_traffic_split] resource "google_cloud_run_v2_service" "default" { - name = "cloudrun-srv" + name = "my-service" location = "us-central1" template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" } - revision = "cloudrun-srv-green" + revision = "green" } # Define the traffic split for each revision # https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/cloud_run_v2_service#traffic traffic { percent = 25 - revision = "cloudrun-srv-green" + revision = "green" type = "TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION" } traffic { percent = 75 # This revision needs to already exist - revision = "cloudrun-srv-blue" + revision = "blue" type = "TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION" } } diff --git a/run/traffic_split_tag/main.tf b/run/traffic_split_tag/main.tf index 4bfe4c64c..86a6f32c6 100644 --- a/run/traffic_split_tag/main.tf +++ b/run/traffic_split_tag/main.tf @@ -16,7 +16,7 @@ # [START cloudrun_service_traffic_split_tag] resource "google_cloud_run_v2_service" "default" { - name = "cloudrun-srv" + name = "my-service" location = "us-central1" template {} @@ -27,7 +27,7 @@ resource "google_cloud_run_v2_service" "default" { # Update revision to 50% traffic percent = 50 # This revision needs to already exist - revision = "cloudrun-srv-green" + revision = "green" type = "TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION" } From 1e246945b8a9d7ac70e06558571c26d61e375b00 Mon Sep 17 00:00:00 2001 From: Katie McLaughlin Date: Tue, 24 Sep 2024 14:27:24 +1000 Subject: [PATCH 03/12] Remove prev major version locks --- run/connect_cloud_sql/main.tf | 10 ---------- run/secret_manager/main.tf | 10 ---------- 2 files changed, 20 deletions(-) diff --git a/run/connect_cloud_sql/main.tf b/run/connect_cloud_sql/main.tf index 9351cc393..f4de20a78 100644 --- a/run/connect_cloud_sql/main.tf +++ b/run/connect_cloud_sql/main.tf @@ -16,16 +16,6 @@ # Project data # [START cloudrun_connect_cloud_sql_parent_tag] - -terraform { - required_providers { - google = { - source = "hashicorp/google" - version = "~> 5.13.0" - } - } -} - data "google_project" "project" { } diff --git a/run/secret_manager/main.tf b/run/secret_manager/main.tf index 99ec3006b..c2e4fd75d 100644 --- a/run/secret_manager/main.tf +++ b/run/secret_manager/main.tf @@ -21,16 +21,6 @@ */ # [START cloudrun_secret_manager_secret] - -terraform { - required_providers { - google = { - source = "hashicorp/google" - version = "~> 5.13.0" - } - } -} - resource "google_secret_manager_secret" "default" { secret_id = "my-secret" replication { From ce8b6e816bbfc9afa2b06a16c3de01f7179dddc2 Mon Sep 17 00:00:00 2001 From: Katie McLaughlin Date: Tue, 24 Sep 2024 14:57:07 +1000 Subject: [PATCH 04/12] fix(cloudrun): add deletion_protection to jobs, remove beta --- run/jobs_create/main.tf | 4 ++-- run/jobs_execute_jobs_on_schedule/main.tf | 5 ++--- run/jobs_max_retries_create/main.tf | 3 ++- run/jobs_task_parallelism_create/main.tf | 3 ++- run/jobs_task_timeout_create/main.tf | 3 ++- 5 files changed, 10 insertions(+), 8 deletions(-) diff --git a/run/jobs_create/main.tf b/run/jobs_create/main.tf index 993d92806..4d0f0c132 100644 --- a/run/jobs_create/main.tf +++ b/run/jobs_create/main.tf @@ -27,10 +27,10 @@ resource "google_project_service" "cloudrun_api" { # Create basic Cloud Run Job using sample container image #[START cloudrun_jobs_create] resource "google_cloud_run_v2_job" "default" { - provider = google-beta name = "cloud-run-job" location = "us-central1" - launch_stage = "BETA" + + deletion_protection = false # set to "true" in production template { template { diff --git a/run/jobs_execute_jobs_on_schedule/main.tf b/run/jobs_execute_jobs_on_schedule/main.tf index cfef04fa4..f666c1ef3 100644 --- a/run/jobs_execute_jobs_on_schedule/main.tf +++ b/run/jobs_execute_jobs_on_schedule/main.tf @@ -67,11 +67,10 @@ resource "google_project_iam_binding" "token_creator_binding" { # Cloud Run Job resource "google_cloud_run_v2_job" "default" { - provider = google-beta name = "cloud-run-job" location = "us-central1" - launch_stage = "BETA" - project = data.google_project.project.project_id + + deletion_protection = false # set to "true" in production template { template { diff --git a/run/jobs_max_retries_create/main.tf b/run/jobs_max_retries_create/main.tf index 049c327d3..fe5ba17e7 100644 --- a/run/jobs_max_retries_create/main.tf +++ b/run/jobs_max_retries_create/main.tf @@ -28,7 +28,8 @@ resource "google_project_service" "cloudrun_api" { resource "google_cloud_run_v2_job" "default" { name = "cloud-run-job-retries" location = "us-central1" - launch_stage = "BETA" + + deletion_protection = false # set to "true" in production template { template { diff --git a/run/jobs_task_parallelism_create/main.tf b/run/jobs_task_parallelism_create/main.tf index 752407e90..aa1b17e77 100644 --- a/run/jobs_task_parallelism_create/main.tf +++ b/run/jobs_task_parallelism_create/main.tf @@ -28,7 +28,8 @@ resource "google_project_service" "cloudrun_api" { resource "google_cloud_run_v2_job" "default" { name = "cloud-run-job-parallelism" location = "us-central1" - launch_stage = "BETA" + + deletion_protection = false # set to "true" in production template { task_count = 3 diff --git a/run/jobs_task_timeout_create/main.tf b/run/jobs_task_timeout_create/main.tf index 1e8a80e1b..90bf5d35b 100644 --- a/run/jobs_task_timeout_create/main.tf +++ b/run/jobs_task_timeout_create/main.tf @@ -28,7 +28,8 @@ resource "google_project_service" "cloudrun_api" { resource "google_cloud_run_v2_job" "default" { name = "cloud-run-job-timeout" location = "us-central1" - launch_stage = "BETA" + + deletion_protection = false # set to "true" in production template { template { From d4c9d2f99ae2b97fa918b6c7c259e81165913f2e Mon Sep 17 00:00:00 2001 From: Katie McLaughlin Date: Tue, 24 Sep 2024 15:25:49 +1000 Subject: [PATCH 05/12] terraform fmt --- run/jobs_create/main.tf | 4 ++-- run/jobs_execute_jobs_on_schedule/main.tf | 4 ++-- run/jobs_max_retries_create/main.tf | 4 ++-- run/jobs_task_parallelism_create/main.tf | 4 ++-- run/jobs_task_timeout_create/main.tf | 4 ++-- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/run/jobs_create/main.tf b/run/jobs_create/main.tf index 4d0f0c132..8ca84c1d8 100644 --- a/run/jobs_create/main.tf +++ b/run/jobs_create/main.tf @@ -27,8 +27,8 @@ resource "google_project_service" "cloudrun_api" { # Create basic Cloud Run Job using sample container image #[START cloudrun_jobs_create] resource "google_cloud_run_v2_job" "default" { - name = "cloud-run-job" - location = "us-central1" + name = "cloud-run-job" + location = "us-central1" deletion_protection = false # set to "true" in production diff --git a/run/jobs_execute_jobs_on_schedule/main.tf b/run/jobs_execute_jobs_on_schedule/main.tf index f666c1ef3..7898b6e43 100644 --- a/run/jobs_execute_jobs_on_schedule/main.tf +++ b/run/jobs_execute_jobs_on_schedule/main.tf @@ -67,8 +67,8 @@ resource "google_project_iam_binding" "token_creator_binding" { # Cloud Run Job resource "google_cloud_run_v2_job" "default" { - name = "cloud-run-job" - location = "us-central1" + name = "cloud-run-job" + location = "us-central1" deletion_protection = false # set to "true" in production diff --git a/run/jobs_max_retries_create/main.tf b/run/jobs_max_retries_create/main.tf index fe5ba17e7..23504da64 100644 --- a/run/jobs_max_retries_create/main.tf +++ b/run/jobs_max_retries_create/main.tf @@ -26,8 +26,8 @@ resource "google_project_service" "cloudrun_api" { #[START cloudrun_jobs_max_retries_create] resource "google_cloud_run_v2_job" "default" { - name = "cloud-run-job-retries" - location = "us-central1" + name = "cloud-run-job-retries" + location = "us-central1" deletion_protection = false # set to "true" in production diff --git a/run/jobs_task_parallelism_create/main.tf b/run/jobs_task_parallelism_create/main.tf index aa1b17e77..ef9cf6d3e 100644 --- a/run/jobs_task_parallelism_create/main.tf +++ b/run/jobs_task_parallelism_create/main.tf @@ -26,8 +26,8 @@ resource "google_project_service" "cloudrun_api" { #[START cloudrun_jobs_task_parallelism_create] resource "google_cloud_run_v2_job" "default" { - name = "cloud-run-job-parallelism" - location = "us-central1" + name = "cloud-run-job-parallelism" + location = "us-central1" deletion_protection = false # set to "true" in production diff --git a/run/jobs_task_timeout_create/main.tf b/run/jobs_task_timeout_create/main.tf index 90bf5d35b..a783ec13d 100644 --- a/run/jobs_task_timeout_create/main.tf +++ b/run/jobs_task_timeout_create/main.tf @@ -26,8 +26,8 @@ resource "google_project_service" "cloudrun_api" { #[START cloudrun_jobs_task_timeout_create] resource "google_cloud_run_v2_job" "default" { - name = "cloud-run-job-timeout" - location = "us-central1" + name = "cloud-run-job-timeout" + location = "us-central1" deletion_protection = false # set to "true" in production From ac7566d7434db39d42196f6354aba386cf3ba217 Mon Sep 17 00:00:00 2001 From: Katie McLaughlin Date: Tue, 24 Sep 2024 18:55:19 +1000 Subject: [PATCH 06/12] Removing optional param that's throwing errors --- run/vpc_access_connector/main.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/run/vpc_access_connector/main.tf b/run/vpc_access_connector/main.tf index f56889876..77a084cd3 100644 --- a/run/vpc_access_connector/main.tf +++ b/run/vpc_access_connector/main.tf @@ -37,7 +37,6 @@ resource "google_vpc_access_connector" "connector" { provider = google-beta region = "us-west1" ip_cidr_range = "10.8.0.0/28" - max_throughput = 300 network = google_compute_network.default.name depends_on = [google_project_service.vpcaccess_api] } From f7a8b0412e4dafa5356a074f49123b5ade9b8dbe Mon Sep 17 00:00:00 2001 From: Katie McLaughlin Date: Tue, 24 Sep 2024 21:28:49 +1000 Subject: [PATCH 07/12] use min_instances=2 for both google_vpc_access_connector, rmv beta --- run/static_outbound/main.tf | 35 +++++++++++--------------------- run/vpc_access_connector/main.tf | 23 ++++++++------------- 2 files changed, 21 insertions(+), 37 deletions(-) diff --git a/run/static_outbound/main.tf b/run/static_outbound/main.tf index 34f84cc2b..b651ab0fc 100644 --- a/run/static_outbound/main.tf +++ b/run/static_outbound/main.tf @@ -14,10 +14,6 @@ * limitations under the License. */ -provider "google-beta" { - region = "us-central1" -} - # Enable Compute Engine API # [START cloudrun_static_outbound_parent_tag] resource "google_project_service" "compute_engine_api" { @@ -34,14 +30,12 @@ resource "google_project_service" "cloudrun_api" { # Example of setting up a Cloud Run service with a static outbound IP # [START cloudrun_service_static_network] resource "google_compute_network" "default" { - provider = google-beta - name = "cr-static-ip-network" + name = "cr-static-ip-network" } # [END cloudrun_service_static_network] # [START cloudrun_service_static_subnet] resource "google_compute_subnetwork" "default" { - provider = google-beta name = "cr-static-ip" ip_cidr_range = "10.124.0.0/28" network = google_compute_network.default.id @@ -51,15 +45,14 @@ resource "google_compute_subnetwork" "default" { # [START cloudrun_service_static_vpc_conn] resource "google_project_service" "vpc" { - provider = google-beta service = "vpcaccess.googleapis.com" disable_on_destroy = false } resource "google_vpc_access_connector" "default" { - provider = google-beta - name = "cr-conn" - region = "us-central1" + name = "cr-conn" + region = "us-central1" + min_instances = 2 subnet { name = google_compute_subnetwork.default.name @@ -75,27 +68,24 @@ resource "google_vpc_access_connector" "default" { # [START cloudrun_service_static_router] resource "google_compute_router" "default" { - provider = google-beta - name = "cr-static-ip-router" - network = google_compute_network.default.name - region = google_compute_subnetwork.default.region + name = "cr-static-ip-router" + network = google_compute_network.default.name + region = google_compute_subnetwork.default.region } # [END cloudrun_service_static_router] # [START cloudrun_service_static_addr] resource "google_compute_address" "default" { - provider = google-beta - name = "cr-static-ip-addr" - region = google_compute_subnetwork.default.region + name = "cr-static-ip-addr" + region = google_compute_subnetwork.default.region } # [END cloudrun_service_static_addr] # [START cloudrun_service_static_nat] resource "google_compute_router_nat" "default" { - provider = google-beta - name = "cr-static-nat" - router = google_compute_router.default.name - region = google_compute_subnetwork.default.region + name = "cr-static-nat" + router = google_compute_router.default.name + region = google_compute_subnetwork.default.region nat_ip_allocate_option = "MANUAL_ONLY" nat_ips = [google_compute_address.default.self_link] @@ -110,7 +100,6 @@ resource "google_compute_router_nat" "default" { # [START cloudrun_service_static_service] resource "google_cloud_run_v2_service" "default" { - provider = google-beta name = "cr-static-ip-service" location = google_compute_subnetwork.default.region diff --git a/run/vpc_access_connector/main.tf b/run/vpc_access_connector/main.tf index 77a084cd3..12db510db 100644 --- a/run/vpc_access_connector/main.tf +++ b/run/vpc_access_connector/main.tf @@ -18,7 +18,6 @@ # [START vpc_serverless_connector_enable_api] resource "google_project_service" "vpcaccess_api" { service = "vpcaccess.googleapis.com" - provider = google-beta disable_on_destroy = false } # [END vpc_serverless_connector_enable_api] @@ -27,32 +26,29 @@ resource "google_project_service" "vpcaccess_api" { # VPC resource "google_compute_network" "default" { name = "cloudrun-network" - provider = google-beta auto_create_subnetworks = false } # VPC access connector resource "google_vpc_access_connector" "connector" { - name = "vpcconn" - provider = google-beta - region = "us-west1" - ip_cidr_range = "10.8.0.0/28" - network = google_compute_network.default.name - depends_on = [google_project_service.vpcaccess_api] + name = "vpcconn" + region = "us-west1" + ip_cidr_range = "10.8.0.0/28" + network = google_compute_network.default.name + depends_on = [google_project_service.vpcaccess_api] + min_instances = 2 } # Cloud Router resource "google_compute_router" "router" { - name = "router" - provider = google-beta - region = "us-west1" - network = google_compute_network.default.id + name = "router" + region = "us-west1" + network = google_compute_network.default.id } # NAT configuration resource "google_compute_router_nat" "router_nat" { name = "nat" - provider = google-beta region = "us-west1" router = google_compute_router.router.name source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES" @@ -64,7 +60,6 @@ resource "google_compute_router_nat" "router_nat" { # Cloud Run service resource "google_cloud_run_v2_service" "gcr_service" { name = "mygcrservice" - provider = google-beta location = "us-west1" template { From 9ba057063f831be1c1c156e89d9bb6aef209f639 Mon Sep 17 00:00:00 2001 From: Katie McLaughlin Date: Wed, 25 Sep 2024 13:41:28 +1000 Subject: [PATCH 08/12] set both min and max instances --- run/static_outbound/main.tf | 1 + run/vpc_access_connector/main.tf | 1 + 2 files changed, 2 insertions(+) diff --git a/run/static_outbound/main.tf b/run/static_outbound/main.tf index b651ab0fc..90ad0dc70 100644 --- a/run/static_outbound/main.tf +++ b/run/static_outbound/main.tf @@ -53,6 +53,7 @@ resource "google_vpc_access_connector" "default" { name = "cr-conn" region = "us-central1" min_instances = 2 + max_instances = 3 subnet { name = google_compute_subnetwork.default.name diff --git a/run/vpc_access_connector/main.tf b/run/vpc_access_connector/main.tf index 12db510db..55dc17f23 100644 --- a/run/vpc_access_connector/main.tf +++ b/run/vpc_access_connector/main.tf @@ -37,6 +37,7 @@ resource "google_vpc_access_connector" "connector" { network = google_compute_network.default.name depends_on = [google_project_service.vpcaccess_api] min_instances = 2 + max_instances = 3 } # Cloud Router From 07b182f75cb5562b357deaabfbcdc575d1029728 Mon Sep 17 00:00:00 2001 From: Katie McLaughlin Date: Wed, 25 Sep 2024 16:57:10 +1000 Subject: [PATCH 09/12] protecc --- run/vpc_access_connector/main.tf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/run/vpc_access_connector/main.tf b/run/vpc_access_connector/main.tf index 55dc17f23..efbe0b1e1 100644 --- a/run/vpc_access_connector/main.tf +++ b/run/vpc_access_connector/main.tf @@ -63,6 +63,8 @@ resource "google_cloud_run_v2_service" "gcr_service" { name = "mygcrservice" location = "us-west1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" From f5860fffd9c0373248e13d0876a3c3646e1eb38e Mon Sep 17 00:00:00 2001 From: Katie McLaughlin Date: Thu, 26 Sep 2024 08:50:23 +1000 Subject: [PATCH 10/12] update secure services with delete protection --- run/secure_services/main.tf | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/run/secure_services/main.tf b/run/secure_services/main.tf index f0b67d4d8..8df9afce0 100644 --- a/run/secure_services/main.tf +++ b/run/secure_services/main.tf @@ -17,9 +17,11 @@ # [START cloudrun_secure_services_parent_tag] # [START cloudrun_secure_services_backend] resource "google_cloud_run_v2_service" "renderer" { - provider = google-beta name = "renderer" location = "us-central1" + + deletion_protection = false # set to "true" in production + template { containers { # Replace with the URL of your Secure Services > Renderer image. @@ -33,7 +35,6 @@ resource "google_cloud_run_v2_service" "renderer" { # [START cloudrun_secure_services_frontend] resource "google_cloud_run_v2_service" "editor" { - provider = google-beta name = "editor" location = "us-central1" template { @@ -54,7 +55,6 @@ resource "google_cloud_run_v2_service" "editor" { # [START cloudrun_secure_services_backend_identity] resource "google_service_account" "renderer" { - provider = google-beta account_id = "renderer-identity" display_name = "Service identity of the Renderer (Backend) service." } @@ -62,7 +62,6 @@ resource "google_service_account" "renderer" { # [START cloudrun_secure_services_frontend_identity] resource "google_service_account" "editor" { - provider = google-beta account_id = "editor-identity" display_name = "Service identity of the Editor (Frontend) service." } @@ -70,7 +69,6 @@ resource "google_service_account" "editor" { # [START cloudrun_secure_services_backend_invoker_access] resource "google_cloud_run_service_iam_member" "editor_invokes_renderer" { - provider = google-beta location = google_cloud_run_v2_service.renderer.location service = google_cloud_run_v2_service.renderer.name role = "roles/run.invoker" @@ -80,7 +78,6 @@ resource "google_cloud_run_service_iam_member" "editor_invokes_renderer" { # [START cloudrun_secure_services_frontend_access] data "google_iam_policy" "noauth" { - provider = google-beta binding { role = "roles/run.invoker" members = [ @@ -90,7 +87,6 @@ data "google_iam_policy" "noauth" { } resource "google_cloud_run_service_iam_policy" "noauth" { - provider = google-beta location = google_cloud_run_v2_service.editor.location project = google_cloud_run_v2_service.editor.project service = google_cloud_run_v2_service.editor.name From 6f23a782aaf94811192b3b75f94af654e69b1022 Mon Sep 17 00:00:00 2001 From: Katie McLaughlin Date: Thu, 26 Sep 2024 09:42:25 +1000 Subject: [PATCH 11/12] more outliers --- run/healthchecks_startup_probe_grpc/main.tf | 2 ++ run/healthchecks_startup_probe_tcp/main.tf | 2 ++ run/interservice/main.tf | 2 ++ 3 files changed, 6 insertions(+) diff --git a/run/healthchecks_startup_probe_grpc/main.tf b/run/healthchecks_startup_probe_grpc/main.tf index f783b9521..42e24f7c0 100644 --- a/run/healthchecks_startup_probe_grpc/main.tf +++ b/run/healthchecks_startup_probe_grpc/main.tf @@ -26,6 +26,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service-healthcheck" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { # Note: Change to the name of your image diff --git a/run/healthchecks_startup_probe_tcp/main.tf b/run/healthchecks_startup_probe_tcp/main.tf index dbc3fcaf8..42545c68f 100644 --- a/run/healthchecks_startup_probe_tcp/main.tf +++ b/run/healthchecks_startup_probe_tcp/main.tf @@ -26,6 +26,8 @@ resource "google_cloud_run_v2_service" "default" { name = "cloudrun-service-healthcheck" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { image = "us-docker.pkg.dev/cloudrun/container/hello" diff --git a/run/interservice/main.tf b/run/interservice/main.tf index 39a27e056..11e588213 100644 --- a/run/interservice/main.tf +++ b/run/interservice/main.tf @@ -76,6 +76,8 @@ resource "google_cloud_run_v2_service" "private" { name = "private-service" location = "us-central1" + deletion_protection = false # set to "true" in production + template { containers { // TODO: replace this with a private service container From 6238de6b2690915a24d243f1a5ce1df88258d5d2 Mon Sep 17 00:00:00 2001 From: Katie McLaughlin Date: Thu, 26 Sep 2024 13:08:44 +1000 Subject: [PATCH 12/12] one more --- run/secure_services/main.tf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/run/secure_services/main.tf b/run/secure_services/main.tf index 8df9afce0..a510b851c 100644 --- a/run/secure_services/main.tf +++ b/run/secure_services/main.tf @@ -37,6 +37,9 @@ resource "google_cloud_run_v2_service" "renderer" { resource "google_cloud_run_v2_service" "editor" { name = "editor" location = "us-central1" + + deletion_protection = false # set to "true" in production + template { containers { # Replace with the URL of your Secure Services > Editor image.