diff --git a/README.md b/README.md index 290c2f6..350b52d 100644 --- a/README.md +++ b/README.md @@ -109,6 +109,14 @@ This reference architecture implementation uses Terraform. You will need to do t terraform plan terraform apply ``` +> If you're recreating the reference architecture and facing the issue of `WorkloadIdentityPool already exists`, +> please run the following commands to import workload identity pools and workload identity pool provider +> ```shell +> gcloud iam workload-identity-pools undelete humanitec-wif-pool --location=global +> gcloud iam workload-identity-pools providers undelete humanitec-wif --workload-identity-pool=humanitec-wif-pool --location=global +> terraform import module.base.module.credentials.google_iam_workload_identity_pool.pool humanitec-wif-pool +> terraform import module.base.module.credentials.google_iam_workload_identity_pool_provider.pool_provider humanitec-wif-pool/humanitec-wif +> ``` #### Required input variables @@ -257,7 +265,7 @@ Once you are finished with the reference architecture, you can remove all provis | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| -| gar\_repository\_location | Location of the Google Artifact Registry repository, | `string` | n/a | yes | +| gar\_repository\_region | Region of the Google Artifact Registry repository, | `string` | n/a | yes | | project\_id | GCP Project ID to provision resources in. | `string` | n/a | yes | | region | GCP Region to provision resources in. | `string` | n/a | yes | | gar\_repository\_id | Google Artifact Registry repository ID. | `string` | `"htc-ref-arch"` | no | diff --git a/main.tf b/main.tf index 6298b4a..2d24254 100644 --- a/main.tf +++ b/main.tf @@ -7,8 +7,8 @@ module "base" { humanitec_prefix = var.humanitec_prefix humanitec_org_id = var.humanitec_org_id - gar_repository_id = var.gar_repository_id - gar_repository_location = var.gar_repository_location + gar_repository_id = var.gar_repository_id + gar_repository_region = var.gar_repository_region } # User used for scaffolding and deploying apps @@ -40,7 +40,7 @@ module "github" { project_id = var.project_id github_org_id = var.github_org_id gar_repository_id = var.gar_repository_id - gar_repository_location = var.gar_repository_location + gar_repository_region = var.gar_repository_region depends_on = [module.base] } diff --git a/modules/base/README.md b/modules/base/README.md index b7629dd..2aa4ac2 100644 --- a/modules/base/README.md +++ b/modules/base/README.md @@ -35,7 +35,7 @@ | project\_id | GCP Project ID to provision resources in. | `string` | n/a | yes | | region | GCP Region to provision resources in. | `string` | n/a | yes | | gar\_repository\_id | ID of the Google Artifact Registry repository (not created if empty). | `string` | `null` | no | -| gar\_repository\_location | Location of the Google Artifact Registry repository (required when gar\_repository\_id is set). | `string` | `null` | no | +| gar\_repository\_region | Region of the Google Artifact Registry repository (required when gar\_repository\_id is set). | `string` | `null` | no | | gke\_autopilot | Whether GKE Autopilot should be used | `bool` | `true` | no | | gke\_cluster\_name | The name of the GKE Cluster. Must be unique within the project. | `string` | `"htc-ref-arch-cluster"` | no | | gke\_subnet\_name | The name of the subnet to allocate IPs for the GKE Cluster from. If vpc\_subnet is set, this must be updated. | `string` | `"htc-ref-arch-subnet"` | no | diff --git a/modules/base/main.tf b/modules/base/main.tf index 4f86302..89b17fe 100644 --- a/modules/base/main.tf +++ b/modules/base/main.tf @@ -40,8 +40,8 @@ module "k8s" { vpc_name = var.vpc_name enable_autopilot = var.gke_autopilot - gar_repository_id = var.gar_repository_id - gar_repository_location = var.gar_repository_location + gar_repository_id = var.gar_repository_id + gar_repository_region = var.gar_repository_region } # ###################################################################### diff --git a/modules/base/terraform.tfvars.example b/modules/base/terraform.tfvars.example index 7a9d8f0..8d99e71 100644 --- a/modules/base/terraform.tfvars.example +++ b/modules/base/terraform.tfvars.example @@ -2,8 +2,8 @@ # ID of the Google Artifact Registry repository (not created if empty). gar_repository_id = "" -# Location of the Google Artifact Registry repository (required when gar_repository_id is set). -gar_repository_location = "" +# Region of the Google Artifact Registry repository (required when gar_repository_id is set). +gar_repository_region = "" # Whether GKE Autopilot should be used gke_autopilot = true diff --git a/modules/base/variables.tf b/modules/base/variables.tf index aaf3507..e9fc116 100644 --- a/modules/base/variables.tf +++ b/modules/base/variables.tf @@ -95,8 +95,8 @@ variable "gar_repository_id" { default = null } -variable "gar_repository_location" { +variable "gar_repository_region" { type = string - description = "Location of the Google Artifact Registry repository (required when gar_repository_id is set)." + description = "Region of the Google Artifact Registry repository (required when gar_repository_id is set)." default = null } diff --git a/modules/github/README.md b/modules/github/README.md index d515f49..d29faca 100644 --- a/modules/github/README.md +++ b/modules/github/README.md @@ -42,7 +42,7 @@ | Name | Description | Type | Default | Required | |------|-------------|------|---------|:--------:| | gar\_repository\_id | Google Artifact Registry repository ID. | `string` | n/a | yes | -| gar\_repository\_location | Location of the Google Artifact Registry repository. | `string` | n/a | yes | +| gar\_repository\_region | Region of the Google Artifact Registry repository. | `string` | n/a | yes | | github\_org\_id | GitHub org id | `string` | n/a | yes | | humanitec\_ci\_service\_user\_token | Humanitec CI Service User Token | `string` | n/a | yes | | humanitec\_org\_id | Humanitec Organization ID. | `string` | n/a | yes | diff --git a/modules/github/gcp.tf b/modules/github/gcp.tf index 216df63..3158b33 100644 --- a/modules/github/gcp.tf +++ b/modules/github/gcp.tf @@ -42,7 +42,7 @@ resource "google_service_account" "sa" { # Reference https://cloud.google.com/artifact-registry/docs/access-control#roles resource "google_artifact_registry_repository_iam_member" "gha_gar_containers_writer" { project = var.project_id - location = var.gar_repository_location + location = var.gar_repository_region repository = var.gar_repository_id role = "roles/artifactregistry.writer" member = "serviceAccount:${google_service_account.sa.email}" diff --git a/modules/github/main.tf b/modules/github/main.tf index 1c1cc30..fa8946b 100644 --- a/modules/github/main.tf +++ b/modules/github/main.tf @@ -1,7 +1,7 @@ locals { cloud_provider = "gcp" - repository_host = "${var.gar_repository_location}-docker.pkg.dev" + repository_host = "${var.gar_repository_region}-docker.pkg.dev" repository_name = "${local.repository_host}/${var.project_id}/${var.gar_repository_id}" } diff --git a/modules/github/terraform.tfvars.example b/modules/github/terraform.tfvars.example index 07ce19e..a43351d 100644 --- a/modules/github/terraform.tfvars.example +++ b/modules/github/terraform.tfvars.example @@ -2,8 +2,8 @@ # Google Artifact Registry repository ID. gar_repository_id = "" -# Location of the Google Artifact Registry repository. -gar_repository_location = "" +# Region of the Google Artifact Registry repository. +gar_repository_region = "" # GitHub org id github_org_id = "" diff --git a/modules/github/variables.tf b/modules/github/variables.tf index e7e0a19..c508c02 100644 --- a/modules/github/variables.tf +++ b/modules/github/variables.tf @@ -8,9 +8,9 @@ variable "gar_repository_id" { description = "Google Artifact Registry repository ID." } -variable "gar_repository_location" { +variable "gar_repository_region" { type = string - description = "Location of the Google Artifact Registry repository." + description = "Region of the Google Artifact Registry repository." } variable "humanitec_org_id" { diff --git a/modules/gke/gar.tf b/modules/gke/gar.tf index 98f1d9d..9c09aed 100644 --- a/modules/gke/gar.tf +++ b/modules/gke/gar.tf @@ -2,7 +2,7 @@ resource "google_artifact_registry_repository" "repo" { count = var.gar_repository_id == null ? 0 : 1 - location = var.gar_repository_location + location = var.gar_repository_region repository_id = var.gar_repository_id description = "htc-ref-arch docker repository" format = "DOCKER" diff --git a/modules/gke/variables.tf b/modules/gke/variables.tf index 2f5539c..c17c365 100644 --- a/modules/gke/variables.tf +++ b/modules/gke/variables.tf @@ -65,8 +65,8 @@ variable "gar_repository_id" { default = null } -variable "gar_repository_location" { - description = "Location of the Google Artifact Registry repository." +variable "gar_repository_region" { + description = "Region of the Google Artifact Registry repository." type = string default = null } diff --git a/terraform.tfvars.example b/terraform.tfvars.example index e936219..675f705 100644 --- a/terraform.tfvars.example +++ b/terraform.tfvars.example @@ -2,8 +2,8 @@ # Google Artifact Registry repository ID. gar_repository_id = "htc-ref-arch" -# Location of the Google Artifact Registry repository, -gar_repository_location = "" +# Region of the Google Artifact Registry repository, +gar_repository_region = "" # GitHub org id (required for Backstage) github_org_id = "" diff --git a/variables.tf b/variables.tf index ea4d49e..f6702ea 100644 --- a/variables.tf +++ b/variables.tf @@ -13,9 +13,9 @@ variable "region" { description = "GCP Region to provision resources in." } -variable "gar_repository_location" { +variable "gar_repository_region" { type = string - description = "Location of the Google Artifact Registry repository," + description = "Region of the Google Artifact Registry repository," } variable "gar_repository_id" {