humanitec-architecture · dharsanb · Aug 22, 2024 · Aug 21, 2024
@@ -109,6 +109,14 @@ This reference architecture implementation uses Terraform. You will need to do t
    terraform plan
    terraform apply
    ```
+> If you're recreating the reference architecture and facing the issue of `WorkloadIdentityPool already exists`,
+> please run the following commands to import workload identity pools and workload identity pool provider
+> ```shell
+> gcloud iam workload-identity-pools undelete humanitec-wif-pool --location=global
+> gcloud iam workload-identity-pools providers undelete humanitec-wif --workload-identity-pool=humanitec-wif-pool --location=global
+> terraform import module.base.module.credentials.google_iam_workload_identity_pool.pool humanitec-wif-pool
+> terraform import module.base.module.credentials.google_iam_workload_identity_pool_provider.pool_provider humanitec-wif-pool/humanitec-wif
+> ```
 
 #### Required input variables
 
@@ -257,7 +265,7 @@ Once you are finished with the reference architecture, you can remove all provis
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| gar\_repository\_location | Location of the Google Artifact Registry repository, | `string` | n/a | yes |
+| gar\_repository\_region | Region of the Google Artifact Registry repository, | `string` | n/a | yes |
 | project\_id | GCP Project ID to provision resources in. | `string` | n/a | yes |
 | region | GCP Region to provision resources in. | `string` | n/a | yes |
 | gar\_repository\_id | Google Artifact Registry repository ID. | `string` | `"htc-ref-arch"` | no |

@@ -7,8 +7,8 @@ module "base" {
   humanitec_prefix = var.humanitec_prefix
   humanitec_org_id = var.humanitec_org_id
 
-  gar_repository_id       = var.gar_repository_id
-  gar_repository_location = var.gar_repository_location
+  gar_repository_id     = var.gar_repository_id
+  gar_repository_region = var.gar_repository_region
 }
 
 # User used for scaffolding and deploying apps
@@ -40,7 +40,7 @@ module "github" {
   project_id                      = var.project_id
   github_org_id                   = var.github_org_id
   gar_repository_id               = var.gar_repository_id
-  gar_repository_location         = var.gar_repository_location
+  gar_repository_region           = var.gar_repository_region
 
   depends_on = [module.base]
 }

@@ -35,7 +35,7 @@
 | project\_id | GCP Project ID to provision resources in. | `string` | n/a | yes |
 | region | GCP Region to provision resources in. | `string` | n/a | yes |
 | gar\_repository\_id | ID of the Google Artifact Registry repository (not created if empty). | `string` | `null` | no |
-| gar\_repository\_location | Location of the Google Artifact Registry repository (required when gar\_repository\_id is set). | `string` | `null` | no |
+| gar\_repository\_region | Region of the Google Artifact Registry repository (required when gar\_repository\_id is set). | `string` | `null` | no |
 | gke\_autopilot | Whether GKE Autopilot should be used | `bool` | `true` | no |
 | gke\_cluster\_name | The name of the GKE Cluster. Must be unique within the project. | `string` | `"htc-ref-arch-cluster"` | no |
 | gke\_subnet\_name | The name of the subnet to allocate IPs for the GKE Cluster from. If vpc\_subnet is set, this must be updated. | `string` | `"htc-ref-arch-subnet"` | no |

@@ -40,8 +40,8 @@ module "k8s" {
   vpc_name         = var.vpc_name
   enable_autopilot = var.gke_autopilot
 
-  gar_repository_id       = var.gar_repository_id
-  gar_repository_location = var.gar_repository_location
+  gar_repository_id     = var.gar_repository_id
+  gar_repository_region = var.gar_repository_region
 }
 
 # ######################################################################

@@ -2,8 +2,8 @@
 # ID of the Google Artifact Registry repository (not created if empty).
 gar_repository_id = ""
 
-# Location of the Google Artifact Registry repository (required when gar_repository_id is set).
-gar_repository_location = ""
+# Region of the Google Artifact Registry repository (required when gar_repository_id is set).
+gar_repository_region = ""
 
 # Whether GKE Autopilot should be used
 gke_autopilot = true

@@ -95,8 +95,8 @@ variable "gar_repository_id" {
   default     = null
 }
 
-variable "gar_repository_location" {
+variable "gar_repository_region" {
   type        = string
-  description = "Location of the Google Artifact Registry repository (required when gar_repository_id is set)."
+  description = "Region of the Google Artifact Registry repository (required when gar_repository_id is set)."
   default     = null
 }
@@ -42,7 +42,7 @@
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | gar\_repository\_id | Google Artifact Registry repository ID. | `string` | n/a | yes |
-| gar\_repository\_location | Location of the Google Artifact Registry repository. | `string` | n/a | yes |
+| gar\_repository\_region | Region of the Google Artifact Registry repository. | `string` | n/a | yes |
 | github\_org\_id | GitHub org id | `string` | n/a | yes |
 | humanitec\_ci\_service\_user\_token | Humanitec CI Service User Token | `string` | n/a | yes |
 | humanitec\_org\_id | Humanitec Organization ID. | `string` | n/a | yes |

@@ -42,7 +42,7 @@ resource "google_service_account" "sa" {
 # Reference https://cloud.google.com/artifact-registry/docs/access-control#roles
 resource "google_artifact_registry_repository_iam_member" "gha_gar_containers_writer" {
   project    = var.project_id
-  location   = var.gar_repository_location
+  location   = var.gar_repository_region
   repository = var.gar_repository_id
   role       = "roles/artifactregistry.writer"
   member     = "serviceAccount:${google_service_account.sa.email}"

@@ -1,7 +1,7 @@
 locals {
   cloud_provider = "gcp"
 
-  repository_host = "${var.gar_repository_location}-docker.pkg.dev"
+  repository_host = "${var.gar_repository_region}-docker.pkg.dev"
   repository_name = "${local.repository_host}/${var.project_id}/${var.gar_repository_id}"
 }
 

@@ -2,8 +2,8 @@
 # Google Artifact Registry repository ID.
 gar_repository_id = ""
 
-# Location of the Google Artifact Registry repository.
-gar_repository_location = ""
+# Region of the Google Artifact Registry repository.
+gar_repository_region = ""
 
 # GitHub org id
 github_org_id = ""

@@ -8,9 +8,9 @@ variable "gar_repository_id" {
   description = "Google Artifact Registry repository ID."
 }
 
-variable "gar_repository_location" {
+variable "gar_repository_region" {
   type        = string
-  description = "Location of the Google Artifact Registry repository."
+  description = "Region of the Google Artifact Registry repository."
 }
 
 variable "humanitec_org_id" {

@@ -2,7 +2,7 @@
 resource "google_artifact_registry_repository" "repo" {
   count = var.gar_repository_id == null ? 0 : 1
 
-  location      = var.gar_repository_location
+  location      = var.gar_repository_region
   repository_id = var.gar_repository_id
   description   = "htc-ref-arch docker repository"
   format        = "DOCKER"

@@ -65,8 +65,8 @@ variable "gar_repository_id" {
   default     = null
 }
 
-variable "gar_repository_location" {
-  description = "Location of the Google Artifact Registry repository."
+variable "gar_repository_region" {
+  description = "Region of the Google Artifact Registry repository."
   type        = string
   default     = null
 }
@@ -2,8 +2,8 @@
 # Google Artifact Registry repository ID.
 gar_repository_id = "htc-ref-arch"
 
-# Location of the Google Artifact Registry repository,
-gar_repository_location = ""
+# Region of the Google Artifact Registry repository,
+gar_repository_region = ""
 
 # GitHub org id (required for Backstage)
 github_org_id = ""

@@ -13,9 +13,9 @@ variable "region" {
   description = "GCP Region to provision resources in."
 }
 
-variable "gar_repository_location" {
+variable "gar_repository_region" {
   type        = string
-  description = "Location of the Google Artifact Registry repository,"
+  description = "Region of the Google Artifact Registry repository,"
 }
 
 variable "gar_repository_id" {