googleCloudbuildv2Repository
Beta only: The Cloudbuildv2 Repository resource
Example Usage - ghe
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const googleSecretManagerSecretPrivateKeySecret =
new google.secretManagerSecret.SecretManagerSecret(
this,
"private-key-secret",
{
provider: "${google-beta}",
replication: [
{
automatic: true,
},
],
secret_id: "ghe-pk-secret",
}
);
const googleSecretManagerSecretWebhookSecretSecret =
new google.secretManagerSecret.SecretManagerSecret(
this,
"webhook-secret-secret",
{
provider: "${google-beta}",
replication: [
{
automatic: true,
},
],
secret_id: "github-token-secret",
}
);
const googleSecretManagerSecretVersionPrivateKeySecretVersion =
new google.secretManagerSecretVersion.SecretManagerSecretVersion(
this,
"private-key-secret-version",
{
provider: "${google-beta}",
secret: googleSecretManagerSecretPrivateKeySecret.id,
secret_data: '${file("private-key.pem")}',
}
);
const googleSecretManagerSecretVersionWebhookSecretSecretVersion =
new google.secretManagerSecretVersion.SecretManagerSecretVersion(
this,
"webhook-secret-secret-version",
{
provider: "${google-beta}",
secret: googleSecretManagerSecretWebhookSecretSecret.id,
secret_data: "<webhook-secret-data>",
}
);
const dataGoogleIamPolicyP4SaSecretAccessor =
new google.dataGoogleIamPolicy.DataGoogleIamPolicy(
this,
"p4sa-secretAccessor",
{
binding: [
{
members: [
"serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com",
],
role: "roles/secretmanager.secretAccessor",
},
],
provider: "${google-beta}",
}
);
const googleSecretManagerSecretIamPolicyPolicyPk =
new google.secretManagerSecretIamPolicy.SecretManagerSecretIamPolicy(
this,
"policy-pk",
{
policy_data: dataGoogleIamPolicyP4SaSecretAccessor.policyData,
provider: "${google-beta}",
secret_id: googleSecretManagerSecretPrivateKeySecret.secretId,
}
);
const googleSecretManagerSecretIamPolicyPolicyWhs =
new google.secretManagerSecretIamPolicy.SecretManagerSecretIamPolicy(
this,
"policy-whs",
{
policy_data: dataGoogleIamPolicyP4SaSecretAccessor.policyData,
provider: "${google-beta}",
secret_id: googleSecretManagerSecretWebhookSecretSecret.secretId,
}
);
const googleCloudbuildv2ConnectionMyConnection =
new google.cloudbuildv2Connection.Cloudbuildv2Connection(
this,
"my-connection",
{
depends_on: [
`\${${googleSecretManagerSecretIamPolicyPolicyPk.fqn}}`,
`\${${googleSecretManagerSecretIamPolicyPolicyWhs.fqn}}`,
],
github_enterprise_config: [
{
app_id: 200,
app_installation_id: 300,
app_slug: "gcb-app",
host_uri: "https://ghe.com",
private_key_secret_version:
googleSecretManagerSecretVersionPrivateKeySecretVersion.id,
webhook_secret_secret_version:
googleSecretManagerSecretVersionWebhookSecretSecretVersion.id,
},
],
location: "us-central1",
name: "my-terraform-ghe-connection",
provider: "${google-beta}",
}
);
new google.cloudbuildv2Repository.Cloudbuildv2Repository(
this,
"my-repository",
{
location: "us-central1",
name: "my-terraform-ghe-repo",
parent_connection: googleCloudbuildv2ConnectionMyConnection.id,
provider: "${google-beta}",
remote_uri: "https://ghe.com/hashicorp/terraform-provider-google.git",
}
);
Example Usage - Repository in GitHub Connection
Creates a Repository resource inside a Connection to github.com
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const googleSecretManagerSecretGithubTokenSecret =
new google.secretManagerSecret.SecretManagerSecret(
this,
"github-token-secret",
{
provider: "${google-beta}",
replication: [
{
automatic: true,
},
],
secret_id: "github-token-secret",
}
);
const googleSecretManagerSecretVersionGithubTokenSecretVersion =
new google.secretManagerSecretVersion.SecretManagerSecretVersion(
this,
"github-token-secret-version",
{
provider: "${google-beta}",
secret: googleSecretManagerSecretGithubTokenSecret.id,
secret_data: '${file("my-github-token.txt")}',
}
);
const dataGoogleIamPolicyP4SaSecretAccessor =
new google.dataGoogleIamPolicy.DataGoogleIamPolicy(
this,
"p4sa-secretAccessor",
{
binding: [
{
members: [
"serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com",
],
role: "roles/secretmanager.secretAccessor",
},
],
provider: "${google-beta}",
}
);
const googleCloudbuildv2ConnectionMyConnection =
new google.cloudbuildv2Connection.Cloudbuildv2Connection(
this,
"my-connection",
{
github_config: [
{
app_installation_id: 123123,
authorizer_credential: [
{
oauth_token_secret_version:
googleSecretManagerSecretVersionGithubTokenSecretVersion.id,
},
],
},
],
location: "us-west1",
name: "my-connection",
provider: "${google-beta}",
}
);
new google.cloudbuildv2Repository.Cloudbuildv2Repository(
this,
"my-repository",
{
location: "us-west1",
name: "my-repo",
parent_connection: googleCloudbuildv2ConnectionMyConnection.name,
provider: "${google-beta}",
remote_uri: "https://github.com/myuser/myrepo.git",
}
);
new google.secretManagerSecretIamPolicy.SecretManagerSecretIamPolicy(
this,
"policy",
{
policy_data: dataGoogleIamPolicyP4SaSecretAccessor.policyData,
provider: "${google-beta}",
secret_id: googleSecretManagerSecretGithubTokenSecret.secretId,
}
);
Argument Reference
The following arguments are supported:
-
name
- (Required) Name of the repository. -
parentConnection
- (Required) The connection for the resource -
remoteUri
- (Required) Required. Git Clone HTTPS URI.
-
annotations
- (Optional) Allows clients to store small amounts of arbitrary data. -
location
- (Optional) The location for the resource -
project
- (Optional) The project for the resource
Attributes Reference
In addition to the arguments listed above, the following computed attributes are exported:
-
id
- an identifier for the resource with formatprojects/{{project}}/locations/{{location}}/connections/{{parentConnection}}/repositories/{{name}}
-
createTime
- Output only. Server assigned timestamp for when the connection was created. -
etag
- This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding. -
updateTime
- Output only. Server assigned timestamp for when the connection was updated.
Timeouts
This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.delete
- Default is 20 minutes.
Import
Repository can be imported using any of these accepted formats:
$ terraform import google_cloudbuildv2_repository.default projects/{{project}}/locations/{{location}}/connections/{{parent_connection}}/repositories/{{name}}
$ terraform import google_cloudbuildv2_repository.default {{project}}/{{location}}/{{parent_connection}}/{{name}}
$ terraform import google_cloudbuildv2_repository.default {{location}}/{{parent_connection}}/{{name}}