├── .gitignore
├── CONTRIBUTING.md
├── LICENSE
├── README.md
├── policies
├── README.md
├── apply-policies.sh
├── oslogin.yaml.template
├── restrictpeering.yaml.template
├── restrictvpn.yaml.template
├── shieldedvm.yaml.template
├── svcaccts.yaml.template
└── vmipfwd.yaml.template
├── renovate.json
└── tutorials
├── base
├── cleanup.sh
├── clouddeploy-config
│ ├── delivery-pipeline.yaml.template
│ ├── skaffold.yaml.template
│ ├── target-prod.yaml.template
│ ├── target-staging.yaml.template
│ └── target-test.yaml.template
├── kubernetes-config
│ └── web-app-namespace.yaml
├── setup.sh
├── terraform-config
│ ├── .terraform.lock.hcl
│ ├── apis.tf
│ ├── ar.tf
│ ├── clusters.tf
│ ├── main.template
│ ├── modules
│ │ └── cluster
│ │ │ ├── cluster.tf
│ │ │ ├── outputs.tf
│ │ │ └── variables.tf
│ ├── networking.tf
│ ├── sa.tf
│ └── variables.tf
└── web
│ ├── README.md
│ ├── leeroy-app
│ ├── Dockerfile
│ ├── app.go
│ └── kubernetes
│ │ └── deployment.yaml
│ └── leeroy-web
│ ├── Dockerfile
│ ├── kubernetes
│ └── deployment.yaml
│ └── web.go
├── deploy-hooks-run
├── app-config
│ ├── hello-app
│ │ ├── Dockerfile
│ │ ├── go.mod
│ │ └── main.go
│ ├── manifests
│ │ └── hello-app.yaml.template
│ └── skaffold.yaml.template
├── cleanup.sh
├── clouddeploy-config
│ └── clouddeploy.yaml.template
├── scripts
│ └── call-cloudrun-service.sh
├── setup.sh
└── terraform-config
│ ├── .terraform.lock.hcl
│ ├── apis.tf
│ ├── ar.tf
│ ├── bq.tf
│ ├── main.template
│ ├── sa.tf
│ └── variables.tf
├── deployment-strategies-run
├── app-config
│ ├── demo-app
│ │ ├── Dockerfile
│ │ ├── go.mod
│ │ └── main.go
│ ├── manifests
│ │ ├── base
│ │ │ ├── demo-app.yaml.template
│ │ │ └── kustomization.yaml
│ │ └── overlays
│ │ │ ├── prod
│ │ │ └── kustomization.yaml
│ │ │ └── staging
│ │ │ └── kustomization.yaml
│ └── skaffold.yaml.template
├── cleanup.sh
├── clouddeploy-config
│ └── clouddeploy.yaml.template
├── scripts
│ └── call-cloudrun-service.sh
├── setup.sh
└── terraform-config
│ ├── .terraform.lock.hcl
│ ├── apis.tf
│ ├── ar.tf
│ ├── main.template
│ ├── sa.tf
│ └── variables.tf
├── e2e-gke
├── e2e-run
├── app-config
│ ├── hello-app-prod.yaml.template
│ ├── hello-app-staging.yaml.template
│ ├── hello-app-test.yaml.template
│ ├── hello-app
│ │ ├── Dockerfile
│ │ ├── go.mod
│ │ └── main.go
│ └── skaffold.yaml.template
├── cleanup.sh
├── clouddeploy-config
│ ├── delivery-pipeline.yaml.template
│ ├── target-prod.yaml.template
│ ├── target-staging.yaml.template
│ └── target-test.yaml.template
├── setup.sh
└── terraform-config
│ ├── .terraform.lock.hcl
│ ├── apis.tf
│ ├── ar.tf
│ ├── main.template
│ ├── sa.tf
│ └── variables.tf
├── exec-envs
├── cleanup.sh
├── clouddeploy-config
│ ├── delivery-pipeline-exec-envs.yaml.template
│ ├── skaffold-exec-envs.yaml.template
│ ├── target-prod-exec-envs.yaml.template
│ ├── target-staging-exec-envs.yaml.template
│ └── target-test-exec-envs.yaml.template
├── kubernetes-config
│ └── web-app-ee-namespace.yaml
├── setup.sh
└── web-exec-envs
│ ├── leeroy-app-exec-envs
│ ├── Dockerfile
│ ├── app.go
│ └── kubernetes
│ │ └── deployment.yaml
│ └── leeroy-web-exec-envs
│ ├── Dockerfile
│ ├── kubernetes
│ └── deployment.yaml
│ └── web.go
├── execution-environments-gke
├── external-integration-gke
├── external-integration
├── cleanup.sh
├── delivery-pipeline-pubsub.yaml
└── listener.py
├── private-targets-gke
├── private-targets
├── cleanup.sh
├── clouddeploy-config
│ ├── delivery-pipeline.yaml.template
│ ├── skaffold.yaml.template
│ ├── target-prod.yaml.template
│ ├── target-staging.yaml.template
│ └── target-test.yaml.template
├── setup.sh
├── terraform-config
│ ├── .terraform.lock.hcl
│ ├── apis.tf
│ ├── ar.tf
│ ├── cloudbuild.tf
│ ├── clusters.tf
│ ├── main.template
│ ├── modules
│ │ └── cluster
│ │ │ ├── cluster.tf
│ │ │ ├── outputs.tf
│ │ │ └── variables.tf
│ ├── networking.tf
│ ├── sa.tf
│ └── variables.tf
└── web-private-targets
│ ├── leeroy-app
│ ├── Dockerfile
│ ├── app.go
│ └── kubernetes
│ │ └── deployment.yaml
│ └── leeroy-web
│ ├── Dockerfile
│ ├── kubernetes
│ └── deployment.yaml
│ └── web.go
├── profiles-gke
├── profiles
├── cleanup.sh
├── clouddeploy-config
│ ├── delivery-pipeline-profiles.yaml.template
│ └── skaffold-profiles.yaml.template
├── kubernetes-config
│ └── web-app-profiles-namespace.yaml
├── setup.sh
└── web-profiles
│ ├── leeroy-app-profiles
│ ├── Dockerfile
│ ├── app.go
│ └── kubernetes
│ │ ├── base
│ │ ├── deployment.yaml
│ │ └── kustomization.yaml
│ │ ├── prod
│ │ ├── kustomization.yaml
│ │ └── target.yaml
│ │ ├── staging
│ │ ├── kustomization.yaml
│ │ └── target.yaml
│ │ └── test
│ │ ├── kustomization.yaml
│ │ └── target.yaml
│ └── leeroy-web-profiles
│ ├── Dockerfile
│ ├── kubernetes
│ └── deployment.yaml
│ └── web.go
└── verification-run
├── app-config
├── hello-app-prod.yaml.template
├── hello-app-staging.yaml.template
├── hello-app-test.yaml.template
├── hello-app
│ ├── Dockerfile
│ ├── go.mod
│ └── main.go
├── hello-verify
│ ├── Dockerfile
│ └── verify.sh
└── skaffold.yaml.template
├── cleanup.sh
├── clouddeploy-config
├── delivery-pipeline.yaml.template
├── target-prod.yaml.template
├── target-staging.yaml.template
└── target-test.yaml.template
├── setup.sh
└── terraform-config
├── .terraform.lock.hcl
├── apis.tf
├── ar.tf
├── main.template
├── sa.tf
└── variables.tf
/.gitignore:
--------------------------------------------------------------------------------
1 | # Ignore common Terraform files
2 | **/.terraform/*
3 | *.tfstate
4 | *.tfstate.*
5 | crash.log
6 | *.tfvars
7 | *tfplan*
8 |
9 | # Ignore generated files
10 | main.tf
11 |
12 | # Ignore generated files
13 | **/clouddeploy-config/*.yaml
14 | tutorials/e2e-run/app-config/*.yaml
15 | tutorials/verification-run/app-config/*.yaml
16 | artifacts.json
17 | skaffold.yaml
18 |
--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
1 | # How to Contribute
2 |
3 | We'd love to accept your patches and contributions to this project. There are
4 | just a few small guidelines you need to follow.
5 |
6 | ## Contributor License Agreement
7 |
8 | Contributions to this project must be accompanied by a Contributor License
9 | Agreement (CLA). You (or your employer) retain the copyright to your
10 | contribution; this simply gives us permission to use and redistribute your
11 | contributions as part of the project. Head over to
12 | to see your current agreements on file or
13 | to sign a new one.
14 |
15 | You generally only need to submit a CLA once, so if you've already submitted one
16 | (even if it was for a different project), you probably don't need to do it
17 | again.
18 |
19 | ## Code Reviews
20 |
21 | All submissions, including submissions by project members, require review. We
22 | use GitHub pull requests for this purpose. Consult
23 | [GitHub Help](https://help.github.com/articles/about-pull-requests/) for more
24 | information on using pull requests.
25 |
26 | ## Community Guidelines
27 |
28 | This project follows
29 | [Google's Open Source Community Guidelines](https://opensource.google/conduct/).
30 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Google Cloud Deploy Tutorials
2 |
3 | Copyright Google LLC 2021
4 |
5 | ## Overview
6 |
7 | This repository contains code and configuration to help you try out the [Google Cloud Deploy](https://cloud.google.com/deploy) service.
8 |
9 | To use these tutorials, please [choose one of the tutorials from the list](https://cloud.google.com/deploy/docs/tutorials), and follow the instructions.
10 |
11 | Please note that the content of this repository is for example use only.
12 |
13 | ## Getting Started
14 |
15 | To learn more and get started with the tutorials in this repository, please see the official [Google Cloud Deploy documentation](https://cloud.google.com/deploy/docs/overview).
16 |
--------------------------------------------------------------------------------
/policies/README.md:
--------------------------------------------------------------------------------
1 | # Google Cloud Deploy Tutorial Policies
2 |
3 | Copyright Google LLC 2021
4 |
5 | ## Overview
6 |
7 | This directory contains templates for YAML-encoded organizational policy that is necessary to run the Cloud Deploy tutorials.
8 |
9 | This may be useful when you want to run the tutorials in a restricted Org. It is required that you have the ability to override policy in specific projects.
10 |
11 | ## Usage
12 |
13 | You must perform these steps before starting the Cloud Deploy tutorial(s).
14 |
15 | This is because, without these policy modifications, organizational policies may prevent the required creation of defualt service accounts with the required permissions.
16 |
17 | Ensure that you are logged in as a privileged user and that your `gcloud` SDK is set to the correct project, and run:
18 |
19 | ```
20 | ./apply-policies.sh
21 | ```
22 |
23 | The policies that will be overridden for the current project are:
24 |
25 | ```
26 | compute.requireOsLogin
27 | compute.requireShieldedVm
28 | compute.restrictVpcPeering
29 | compute.restrictVpnPeerIPs
30 | compute.vmCanIpForward
31 | iam.automaticIamGrantsForDefaultServiceAccounts
32 | ```
33 |
34 | You can now begin the Cloud Deploy tutorial of your choice.
35 |
--------------------------------------------------------------------------------
/policies/apply-policies.sh:
--------------------------------------------------------------------------------
1 | #!/user/bin/env bash
2 | # Copyright 2021 Google LLC
3 | #
4 | # Licensed under the Apache License, Version 2.0 (the "License");
5 | # you may not use this file except in compliance with the License.
6 | # You may obtain a copy of the License at
7 | #
8 | # http://www.apache.org/licenses/LICENSE-2.0
9 | #
10 | # Unless required by applicable law or agreed to in writing, software
11 | # distributed under the License is distributed on an "AS IS" BASIS,
12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | # See the License for the specific language governing permissions and
14 | # limitations under the License.
15 |
16 | export PROJECT_ID=$(gcloud config list --format 'value(core.project)')
17 | export PROJECT_NUMBER=$(gcloud projects list --filter=${PROJECT_ID} --format="value(PROJECT_NUMBER)")
18 |
19 | echo Setting policies for project ${PROJECT_ID}...
20 |
21 | for template in $(ls *.template); do
22 | base=${template%.*}
23 | envsubst < ${template} > ${base}
24 | gcloud org-policies set-policy --project ${PROJECT_ID} ${base}
25 | rm ${base}
26 | done
27 |
28 | echo Done
29 |
--------------------------------------------------------------------------------
/policies/oslogin.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | name: projects/$PROJECT_NUMBER/policies/compute.requireOsLogin
16 | spec:
17 | rules:
18 | - enforce: false
19 |
--------------------------------------------------------------------------------
/policies/restrictpeering.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | name: projects/$PROJECT_NUMBER/policies/compute.restrictVpcPeering
16 | spec:
17 | rules:
18 | - allowAll: true
19 |
--------------------------------------------------------------------------------
/policies/restrictvpn.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | name: projects/$PROJECT_NUMBER/policies/compute.restrictVpnPeerIPs
16 | spec:
17 | rules:
18 | - allowAll: true
19 |
--------------------------------------------------------------------------------
/policies/shieldedvm.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | name: projects/$PROJECT_NUMBER/policies/compute.requireShieldedVm
16 | spec:
17 | rules:
18 | - enforce: false
19 |
--------------------------------------------------------------------------------
/policies/svcaccts.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | name: projects/$PROJECT_NUMBER/policies/iam.automaticIamGrantsForDefaultServiceAccounts
16 | spec:
17 | rules:
18 | - enforce: false
19 |
--------------------------------------------------------------------------------
/policies/vmipfwd.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | name: projects/$PROJECT_NUMBER/policies/compute.vmCanIpForward
16 | spec:
17 | rules:
18 | - allowAll: true
19 |
--------------------------------------------------------------------------------
/renovate.json:
--------------------------------------------------------------------------------
1 | {
2 | "$schema": "https://docs.renovatebot.com/renovate-schema.json",
3 | "extends": [
4 | "config:recommended"
5 | ]
6 | }
7 |
--------------------------------------------------------------------------------
/tutorials/base/cleanup.sh:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | TUTORIAL=base
16 | ROOT_DIR=$(git rev-parse --show-toplevel)
17 | TUTORIAL_DIR=${ROOT_DIR}/tutorials/${TUTORIAL}
18 | CD_CONFIG_DIR=${TUTORIAL_DIR}/clouddeploy-config
19 | TF_DIR=${TUTORIAL_DIR}/terraform-config
20 | KUBERNETES_DIR=${TUTORIAL_DIR}/kubernetes-config
21 | GCLOUD_CONFIG=clouddeploy
22 |
23 | PROJECT_ID=$(gcloud config get-value core/project)
24 | REGION=$(gcloud config get-value compute/region)
25 |
26 | BACKEND=${PROJECT_ID}-${TUTORIAL}-tf
27 |
28 | cd $TF_DIR
29 | terraform destroy -auto-approve -var=project_id=$PROJECT_ID -var=region=$REGION
30 | cd $ROOT_DIR
31 |
32 | gsutil rm -r gs://$BACKEND/
33 |
34 | rm -rf $TF_DIR/.terraform
35 | rm -rf $TF_DIR/main.tf
36 | rm -rf $TF_DIR/terraform.tfstat*
37 | rm -rf $TF_DIR/terraform.tfplan
38 |
--------------------------------------------------------------------------------
/tutorials/base/clouddeploy-config/delivery-pipeline.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: DeliveryPipeline
17 | metadata:
18 | name: web-app
19 | description: web-app delivery pipeline
20 | serialPipeline:
21 | stages:
22 | - targetId: test
23 | - targetId: staging
24 | - targetId: prod
25 |
--------------------------------------------------------------------------------
/tutorials/base/clouddeploy-config/skaffold.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: skaffold/v3
16 | kind: Config
17 | build:
18 | artifacts:
19 | - image: leeroy-web
20 | context: leeroy-web
21 | - image: leeroy-app
22 | context: leeroy-app
23 | googleCloudBuild:
24 | projectId: ${PROJECT_ID}
25 | serviceAccount: projects/${PROJECT_ID}/serviceAccounts/cd-tut-build-sa@${PROJECT_ID}.iam.gserviceaccount.com
26 | manifests:
27 | rawYaml:
28 | - leeroy-web/kubernetes/*
29 | - leeroy-app/kubernetes/*
30 | deploy:
31 | kubectl:
32 | portForward:
33 | - resourceType: deployment
34 | resourceName: leeroy-web
35 | port: 8080
36 | localPort: 9000
37 |
--------------------------------------------------------------------------------
/tutorials/base/clouddeploy-config/target-prod.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: Target
17 | metadata:
18 | name: prod
19 | description: prod cluster
20 | requireApproval: true
21 | gke:
22 | cluster: projects/${PROJECT_ID}/locations/${REGION}/clusters/prod
23 | executionConfigs:
24 | - usages:
25 | - RENDER
26 | - DEPLOY
27 | serviceAccount: cd-tut-deploy-sa@${PROJECT_ID}.iam.gserviceaccount.com
28 |
--------------------------------------------------------------------------------
/tutorials/base/clouddeploy-config/target-staging.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: Target
17 | metadata:
18 | name: staging
19 | description: staging cluster
20 | gke:
21 | cluster: projects/${PROJECT_ID}/locations/${REGION}/clusters/staging
22 | executionConfigs:
23 | - usages:
24 | - RENDER
25 | - DEPLOY
26 | serviceAccount: cd-tut-deploy-sa@${PROJECT_ID}.iam.gserviceaccount.com
27 |
--------------------------------------------------------------------------------
/tutorials/base/clouddeploy-config/target-test.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: Target
17 | metadata:
18 | name: test
19 | description: test cluster
20 | gke:
21 | cluster: projects/${PROJECT_ID}/locations/${REGION}/clusters/test
22 | executionConfigs:
23 | - usages:
24 | - RENDER
25 | - DEPLOY
26 | serviceAccount: cd-tut-deploy-sa@${PROJECT_ID}.iam.gserviceaccount.com
27 |
--------------------------------------------------------------------------------
/tutorials/base/kubernetes-config/web-app-namespace.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: Namespace
17 | metadata:
18 | name: web-app
19 |
--------------------------------------------------------------------------------
/tutorials/base/terraform-config/apis.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2021 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | module "project-services" {
18 | source = "terraform-google-modules/project-factory/google//modules/project_services"
19 | version = "14.5.0"
20 |
21 | project_id = var.project_id
22 |
23 | # Don't disable the services
24 | disable_services_on_destroy = false
25 | disable_dependent_services = false
26 |
27 | activate_apis = [
28 | "compute.googleapis.com",
29 | "container.googleapis.com",
30 | "cloudbuild.googleapis.com",
31 | "cloudresourcemanager.googleapis.com",
32 | "iam.googleapis.com",
33 | "clouddeploy.googleapis.com"
34 | ]
35 | }
36 |
--------------------------------------------------------------------------------
/tutorials/base/terraform-config/ar.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2021 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | resource "google_artifact_registry_repository" "artifact-registry" {
18 |
19 | provider = google-beta
20 |
21 | location = var.region
22 | repository_id = "web-app"
23 | description = "Image registry for tutorial web app"
24 | format = "DOCKER"
25 | }
26 |
27 | resource "google_artifact_registry_repository" "artifact-registry-profiles" {
28 |
29 | provider = google-beta
30 |
31 | location = var.region
32 | repository_id = "web-app-profiles"
33 | description = "Image registry for tutorial web app with Skaffold profiles"
34 | format = "DOCKER"
35 | }
36 |
37 | resource "google_artifact_registry_repository" "artifact-registry-exec-envs" {
38 |
39 | provider = google-beta
40 |
41 | location = var.region
42 | repository_id = "web-app-exec-envs"
43 | description = "Image registry for tutorial web app with custom execution environments"
44 | format = "DOCKER"
45 | }
46 |
--------------------------------------------------------------------------------
/tutorials/base/terraform-config/clusters.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2021 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | locals {
18 | cluster_type = "regional"
19 | }
20 |
21 | module "cluster-test" {
22 | source = "./modules/cluster"
23 | project_id = module.project-services.project_id
24 | name = "test"
25 | region = var.region
26 | network = google_compute_network.network.name
27 | subnetwork = google_compute_subnetwork.subnetwork.name
28 | ip_range_master = "10.1.0.0/28"
29 | ip_range_pods = ""
30 | ip_range_services = ""
31 | release_channel = "STABLE"
32 | }
33 |
34 | module "cluster-staging" {
35 | source = "./modules/cluster"
36 | project_id = module.project-services.project_id
37 | name = "staging"
38 | region = var.region
39 | network = google_compute_network.network.name
40 | subnetwork = google_compute_subnetwork.subnetwork.name
41 | ip_range_master = "10.1.1.0/28"
42 | ip_range_pods = ""
43 | ip_range_services = ""
44 | release_channel = "STABLE"
45 | }
46 |
47 | module "cluster-prod" {
48 | source = "./modules/cluster"
49 | project_id = module.project-services.project_id
50 | name = "prod"
51 | region = var.region
52 | network = google_compute_network.network.name
53 | subnetwork = google_compute_subnetwork.subnetwork.name
54 | ip_range_master = "10.1.2.0/28"
55 | ip_range_pods = ""
56 | ip_range_services = ""
57 | release_channel = "STABLE"
58 | }
59 |
--------------------------------------------------------------------------------
/tutorials/base/terraform-config/main.template:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2021 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | terraform {
18 | backend "gcs" {
19 | bucket="{{BACKEND_BUCKET}}"
20 | prefix="foundation"
21 | }
22 | required_providers {
23 | google = {
24 | source = "hashicorp/google"
25 | version = "~> 4.51.0"
26 | }
27 | google-beta = {
28 | source = "hashicorp/google-beta"
29 | version = "~> 4.51.0"
30 | }
31 | }
32 | }
33 |
34 | provider "google" {
35 | project = var.project_id
36 | region = var.region
37 | }
38 |
39 | provider "google-beta" {
40 | project = var.project_id
41 | region = var.region
42 | }
43 |
--------------------------------------------------------------------------------
/tutorials/base/terraform-config/modules/cluster/outputs.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2021 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | output "service_account" {
18 | value = module.delivery_platform_cluster.service_account
19 | description = "Service account used to create the cluster and node pool(s)"
20 | }
21 |
22 | output "region" {
23 | value = var.region
24 | description = "Region for development cluster"
25 | }
26 |
27 | output "cluster-name" {
28 | value = var.name
29 | description = "Cluster Name"
30 | }
31 |
32 | output "endpoint" {
33 | value = module.delivery_platform_cluster.endpoint
34 | description = "Cluster endpoint used to identify the cluster"
35 | }
36 |
--------------------------------------------------------------------------------
/tutorials/base/terraform-config/modules/cluster/variables.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2021 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | variable "project_id" {
18 | description = "Project ID where the cluster will run"
19 | }
20 |
21 | variable "name" {
22 | description = "A unique name for the resource"
23 | }
24 |
25 | variable "region" {
26 | description = "The name of the region to run the cluster"
27 | }
28 |
29 | variable "network" {
30 | description = "The name of the network to run the cluster"
31 | }
32 |
33 | variable "subnetwork" {
34 | description = "The name of the subnet to run the cluster"
35 | }
36 |
37 | variable "ip_range_master" {
38 | description = "The range for the private master"
39 | }
40 |
41 | variable "ip_range_pods" {
42 | description = "The secondary range for the pods"
43 | }
44 |
45 | variable "ip_range_services" {
46 | description = "The secondary range for the services"
47 | }
48 |
49 | variable "machine_type" {
50 | description = "Type of node to use to run the cluster"
51 | default = "n1-standard-2"
52 | }
53 |
54 | variable "gke_kubernetes_version" {
55 | description = "Kubernetes version to deploy Masters and Nodes with"
56 | default = "1.14"
57 | }
58 |
59 | variable "minimum_node_pool_instances" {
60 | type = number
61 | description = "Number of node-pool instances to have active"
62 | default = 1
63 | }
64 |
65 | variable "maximum_node_pool_instances" {
66 | type = number
67 | description = "Maximum number of node-pool instances to scale to"
68 | default = 3
69 | }
70 |
71 | variable "release_channel" {
72 | type = string
73 | description = "(Beta) The release channel of this cluster. Accepted values are `UNSPECIFIED`, `RAPID`, `REGULAR` and `STABLE`. Defaults to `UNSPECIFIED`."
74 | default = "STABLE"
75 | }
76 |
--------------------------------------------------------------------------------
/tutorials/base/terraform-config/networking.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2021 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | resource "google_compute_network" "network" {
18 | name = "app-network"
19 | auto_create_subnetworks = false
20 | }
21 |
22 | resource "google_compute_subnetwork" "subnetwork" {
23 | name = "app-subnetwork"
24 | network = google_compute_network.network.id
25 | region = var.region
26 | ip_cidr_range = "10.0.0.0/16"
27 | }
28 |
29 | resource "google_compute_router" "router" {
30 | name = "app-router"
31 | region = var.region
32 | network = google_compute_network.network.id
33 | }
34 |
35 | resource "google_compute_router_nat" "nat" {
36 | name = "app-router-nat"
37 | router = google_compute_router.router.name
38 | region = google_compute_router.router.region
39 | nat_ip_allocate_option = "AUTO_ONLY"
40 | source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
41 |
42 | log_config {
43 | enable = true
44 | filter = "ERRORS_ONLY"
45 | }
46 | }
47 |
--------------------------------------------------------------------------------
/tutorials/base/terraform-config/sa.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2023 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | # Cloud Deploy service account
18 |
19 | resource "google_service_account" "deploy_service_account" {
20 | project = var.project_id
21 | account_id = "cd-tut-deploy-sa"
22 | display_name = "Cloud Deploy tutorial deploy service account"
23 | }
24 |
25 | resource "google_project_iam_member" "deploy_sa_clouddeploy_jobrunner" {
26 | project = var.project_id
27 | role = "roles/clouddeploy.jobRunner"
28 | member = "serviceAccount:${google_service_account.deploy_service_account.email}"
29 | }
30 |
31 | resource "google_project_iam_member" "deploy_sa_container_developer" {
32 | project = var.project_id
33 | role = "roles/container.developer"
34 | member = "serviceAccount:${google_service_account.deploy_service_account.email}"
35 | }
36 |
37 | # Cloud Build service account
38 |
39 | resource "google_service_account" "build_service_account" {
40 | project = var.project_id
41 | account_id = "cd-tut-build-sa"
42 | display_name = "Cloud Deploy tutorial Cloud Build service account"
43 | }
44 |
45 | resource "google_project_iam_member" "build_sa_iam_storageadmin" {
46 | project = var.project_id
47 | role = "roles/storage.admin"
48 | member = "serviceAccount:${google_service_account.build_service_account.email}"
49 | }
50 |
51 | resource "google_project_iam_member" "build_sa_iam_logginglogwriter" {
52 | project = var.project_id
53 | role = "roles/logging.logWriter"
54 | member = "serviceAccount:${google_service_account.build_service_account.email}"
55 | }
56 |
57 | resource "google_project_iam_member" "build_sa_iam_artifactwriter" {
58 | project = var.project_id
59 | role = "roles/artifactregistry.writer"
60 | member = "serviceAccount:${google_service_account.build_service_account.email}"
61 | }
62 |
--------------------------------------------------------------------------------
/tutorials/base/terraform-config/variables.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2021 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | variable "project_id" {
18 | description = "The project ID to host the cluster in"
19 | }
20 |
21 | variable "region" {
22 | description = "GCP region in which to build the infrastructure"
23 | }
24 |
--------------------------------------------------------------------------------
/tutorials/base/web/README.md:
--------------------------------------------------------------------------------
1 | ### Example: µSvcs with Skaffold
2 |
3 | In this example:
4 |
5 | * Deploy multiple applications with skaffold
6 | * In development, only rebuild and redeploy the artifacts that have changed
7 | * Deploy multiple applications outside the working directory
8 |
9 | In the real world, Kubernetes deployments will consist of multiple applications that work together.
10 | In this example, we'll walk through using skaffold to develop and deploy two applications, an exposed "web" frontend which calls an unexposed "app" backend.
11 |
12 | **WARNING: If you're running this on a cloud cluster, this example will create a service and expose a webserver.
13 | It's highly suggested that you only run this example on a local, private cluster like minikube or Kubernetes in Docker for Desktop.**
14 |
15 | #### Running the example on minikube
16 |
17 | From this directory, run
18 |
19 | ```bash
20 | skaffold dev
21 | ```
22 |
23 | Now, in a different terminal, hit the `leeroy-web` endpoint
24 |
25 | ```bash
26 | $ curl $(minikube service leeroy-web --url)
27 | leeroooooy app!
28 | ```
29 |
30 | Now, let's change the message in `leeroy-app` without changing `leeroy-web`.
31 | Add a few exclamations points because this is exhilarating stuff.
32 |
33 | In `leeroy-app/app.go`, change the message here
34 |
35 | ```golang
36 | func handler(w http.ResponseWriter, r *http.Request) {
37 | fmt.Fprintf(w, "leeroooooy app!!!\n")
38 | }
39 | ```
40 |
41 | Once you see the log message
42 |
43 | ```
44 | [leeroy-app-5b4dfdcbc6-6vf6r leeroy-app] 2018/03/30 06:28:47 leeroy app server ready
45 | ```
46 |
47 | Your service will be ready to hit again with
48 |
49 | ```bash
50 | $ curl $(minikube service leeroy-web --url)
51 | leeroooooy app!!!
52 | ```
53 |
54 | #### Configuration walkthrough
55 |
56 | Let's walk through the first part of the skaffold.yaml
57 |
58 | ```yaml
59 | artifacts:
60 | - image: leeroy-web
61 | context: ./leeroy-web/
62 | - image: leeroy-app
63 | context: ./leeroy-app/
64 | ```
65 |
66 | We're deploying a `leeroy-web` image, which we build in the context of its subdirectory and a `leeroy-app` image built in a similar manner.
67 |
68 | `leeroy-web` will listen for requests, and then make a simple HTTP call to `leeroy-app` using Kubernetes service discovery and return that result.
69 |
70 | In the deploy stanza, we use the glob matching pattern to deploy all YAML and JSON files in the respective Kubernetes manifest directories.
71 |
72 | ```yaml
73 | deploy:
74 | kubectl:
75 | manifests:
76 | - ./leeroy-web/kubernetes/*
77 | - ./leeroy-app/kubernetes/*
78 | ```
79 |
80 |
--------------------------------------------------------------------------------
/tutorials/base/web/leeroy-app/Dockerfile:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | FROM golang:1.13.11-alpine3.10 as builder
16 | COPY app.go .
17 | RUN go build -o /app .
18 |
19 | FROM alpine:3.20
20 | # Define GOTRACEBACK to mark this container as using the Go language runtime
21 | # for `skaffold debug` (https://skaffold.dev/docs/workflows/debug/).
22 | ENV GOTRACEBACK=single
23 | CMD ["./app"]
24 | COPY --from=builder /app .
25 |
--------------------------------------------------------------------------------
/tutorials/base/web/leeroy-app/app.go:
--------------------------------------------------------------------------------
1 | // Copyright 2021 Google LLC
2 | //
3 | // Licensed under the Apache License, Version 2.0 (the "License");
4 | // you may not use this file except in compliance with the License.
5 | // You may obtain a copy of the License at
6 | //
7 | // http://www.apache.org/licenses/LICENSE-2.0
8 | //
9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 |
15 | package main
16 |
17 | import (
18 | "fmt"
19 | "log"
20 | "net/http"
21 | )
22 |
23 | func handler(w http.ResponseWriter, r *http.Request) {
24 | fmt.Fprintf(w, "leeroooooy app!!\n")
25 | }
26 |
27 | func main() {
28 | log.Print("leeroy app server ready")
29 | http.HandleFunc("/", handler)
30 | http.ListenAndServe(":50051", nil)
31 | }
32 |
--------------------------------------------------------------------------------
/tutorials/base/web/leeroy-app/kubernetes/deployment.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: Service
17 | metadata:
18 | name: leeroy-app
19 | namespace: web-app
20 | labels:
21 | app: leeroy-app
22 | spec:
23 | clusterIP: None
24 | ports:
25 | - port: 50051
26 | name: leeroy-app
27 | selector:
28 | app: leeroy-app
29 | ---
30 | apiVersion: apps/v1
31 | kind: Deployment
32 | metadata:
33 | name: leeroy-app
34 | namespace: web-app
35 | labels:
36 | app: leeroy-app
37 | spec:
38 | replicas: 1
39 | selector:
40 | matchLabels:
41 | app: leeroy-app
42 | template:
43 | metadata:
44 | labels:
45 | app: leeroy-app
46 | spec:
47 | containers:
48 | - name: leeroy-app
49 | image: leeroy-app
50 | ports:
51 | - containerPort: 50051
52 |
--------------------------------------------------------------------------------
/tutorials/base/web/leeroy-web/Dockerfile:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | FROM golang:1.13.11-alpine3.10 as builder
16 | COPY web.go .
17 | RUN go build -o /web .
18 |
19 | FROM alpine:3.20
20 | # Define GOTRACEBACK to mark this container as using the Go language runtime
21 | # for `skaffold debug` (https://skaffold.dev/docs/workflows/debug/).
22 | ENV GOTRACEBACK=single
23 | CMD ["./web"]
24 | COPY --from=builder /web .
25 |
--------------------------------------------------------------------------------
/tutorials/base/web/leeroy-web/kubernetes/deployment.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: apps/v1
16 | kind: Deployment
17 | metadata:
18 | name: leeroy-web
19 | namespace: web-app
20 | labels:
21 | app: leeroy-web
22 | spec:
23 | replicas: 1
24 | selector:
25 | matchLabels:
26 | app: leeroy-web
27 | template:
28 | metadata:
29 | labels:
30 | app: leeroy-web
31 | spec:
32 | containers:
33 | - name: leeroy-web
34 | image: leeroy-web
35 | ports:
36 | - containerPort: 8080
37 |
--------------------------------------------------------------------------------
/tutorials/base/web/leeroy-web/web.go:
--------------------------------------------------------------------------------
1 | // Copyright 2021 Google LLC
2 | //
3 | // Licensed under the Apache License, Version 2.0 (the "License");
4 | // you may not use this file except in compliance with the License.
5 | // You may obtain a copy of the License at
6 | //
7 | // http://www.apache.org/licenses/LICENSE-2.0
8 | //
9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 |
15 | package main
16 |
17 | import (
18 | "io"
19 | "net/http"
20 |
21 | "log"
22 | )
23 |
24 | func handler(w http.ResponseWriter, r *http.Request) {
25 | resp, err := http.Get("http://leeroy-app:50051")
26 | if err != nil {
27 | panic(err)
28 | }
29 | defer resp.Body.Close()
30 | if _, err := io.Copy(w, resp.Body); err != nil {
31 | panic(err)
32 | }
33 | }
34 |
35 | func main() {
36 | log.Print("leeroy web server ready")
37 | http.HandleFunc("/", handler)
38 | http.ListenAndServe(":8080", nil)
39 | }
40 |
--------------------------------------------------------------------------------
/tutorials/deploy-hooks-run/app-config/hello-app/Dockerfile:
--------------------------------------------------------------------------------
1 | # Copyright 2023 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | FROM golang:1.22 AS builder
16 | WORKDIR /go/src/hello
17 | COPY . .
18 | RUN CGO_ENABLED=0 go build -o /go/bin/hello
19 |
20 | FROM gcr.io/distroless/static-debian11
21 | COPY --from=builder /go/bin/hello /
22 | CMD ["/hello"]
23 |
--------------------------------------------------------------------------------
/tutorials/deploy-hooks-run/app-config/hello-app/go.mod:
--------------------------------------------------------------------------------
1 | module hello
2 |
3 | go 1.19
4 |
--------------------------------------------------------------------------------
/tutorials/deploy-hooks-run/app-config/hello-app/main.go:
--------------------------------------------------------------------------------
1 | // Copyright 2023 Google LLC
2 | //
3 | // Licensed under the Apache License, Version 2.0 (the "License");
4 | // you may not use this file except in compliance with the License.
5 | // You may obtain a copy of the License at
6 | //
7 | // https://www.apache.org/licenses/LICENSE-2.0
8 | //
9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 |
15 | // Sample run-helloworld is a minimal Cloud Run service.
16 | package main
17 |
18 | import (
19 | "fmt"
20 | "log"
21 | "net/http"
22 | "os"
23 | )
24 |
25 | func main() {
26 | log.Print("starting server...")
27 | http.HandleFunc("/", handler)
28 |
29 | // Determine port for HTTP service.
30 | port := os.Getenv("PORT")
31 | if port == "" {
32 | port = "8080"
33 | log.Printf("defaulting to port %s", port)
34 | }
35 |
36 | // Start HTTP server.
37 | log.Printf("listening on port %s", port)
38 | if err := http.ListenAndServe(":"+port, nil); err != nil {
39 | log.Fatal(err)
40 | }
41 | }
42 |
43 | func handler(w http.ResponseWriter, r *http.Request) {
44 | name := os.Getenv("NAME")
45 | if name == "" {
46 | name = "World"
47 | }
48 | fmt.Fprintf(w, "\nHello %s! 🎉\n\n", name)
49 | log.Printf("Sent response, customization was '%s'", name)
50 | }
51 |
--------------------------------------------------------------------------------
/tutorials/deploy-hooks-run/app-config/manifests/hello-app.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2023 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: serving.knative.dev/v1
16 | kind: Service
17 | metadata:
18 | name: hello-app
19 | spec:
20 | template:
21 | metadata:
22 | annotations:
23 | autoscaling.knative.dev/maxScale: "5"
24 | spec:
25 | serviceAccountName: cd-dh-tut-run-sa@${PROJECT_ID}.iam.gserviceaccount.com
26 | containers:
27 | - name: hello-app
28 | image: hello-app
29 |
--------------------------------------------------------------------------------
/tutorials/deploy-hooks-run/app-config/skaffold.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2023 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: skaffold/v4beta5
16 | kind: Config
17 | metadata:
18 | name: hello-app
19 | build:
20 | artifacts:
21 | - image: hello-app
22 | context: hello-app
23 | googleCloudBuild:
24 | projectId: ${PROJECT_ID}
25 | serviceAccount: projects/${PROJECT_ID}/serviceAccounts/cd-dh-tut-run-build-sa@${PROJECT_ID}.iam.gserviceaccount.com
26 | manifests:
27 | rawYaml:
28 | - ./manifests/hello-app.yaml
29 | deploy:
30 | cloudrun: {}
31 | customActions:
32 | - name: predeploy-action
33 | containers:
34 | - name: predeploy-bq
35 | image: google/cloud-sdk
36 | command: ["/bin/sh"]
37 | args: ["-c", "echo '{\"service\":\"hello-world\",\"change-status\":\"deploy-started\"}' | bq insert --apilog=stdout ${PROJECT_ID}:change_management.changes"]
38 | - name: postdeploy-action
39 | containers:
40 | - name: postdeploy-bq
41 | image: google/cloud-sdk
42 | command: ["/bin/sh"]
43 | args: ["-c", "echo '{\"service\":\"hello-world\",\"change-status\":\"deploy-finished\"}' | bq insert --apilog=stdout ${PROJECT_ID}:change_management.changes"]
44 |
--------------------------------------------------------------------------------
/tutorials/deploy-hooks-run/cleanup.sh:
--------------------------------------------------------------------------------
1 | # Copyright 2023 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | TUTORIAL=deploy-hooks-run
16 | ROOT_DIR=$(git rev-parse --show-toplevel)
17 | TUTORIAL_DIR=${ROOT_DIR}/tutorials/${TUTORIAL}
18 | CD_CONFIG_DIR=${TUTORIAL_DIR}/clouddeploy-config
19 | TF_DIR=${TUTORIAL_DIR}/terraform-config
20 | GCLOUD_CONFIG=clouddeploy
21 |
22 | PROJECT_ID=$(gcloud config get-value core/project)
23 | REGION=$(gcloud config get-value compute/region)
24 |
25 | BACKEND=${PROJECT_ID}-${TUTORIAL}-tf
26 |
27 | cd ${TF_DIR}
28 | terraform destroy -auto-approve -var=project_id=${PROJECT_ID} -var=region=${REGION}
29 |
30 | cd ${ROOT_DIR}
31 |
32 | gsutil rm -r gs://$BACKEND/
33 |
34 | rm -rf $TF_DIR/.terraform
35 | rm -rf $TF_DIR/main.tf
36 | rm -rf $TF_DIR/terraform.tfstat*
37 | rm -rf $TF_DIR/terraform.tfplan
38 |
--------------------------------------------------------------------------------
/tutorials/deploy-hooks-run/clouddeploy-config/clouddeploy.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2023 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: DeliveryPipeline
17 | metadata:
18 | name: hello-app
19 | description: Deployment pipeline for hello-app
20 | serialPipeline:
21 | stages:
22 | - targetId: prod-cloudrun-dh
23 | profiles: []
24 | strategy:
25 | standard:
26 | predeploy:
27 | actions: ["predeploy-action"]
28 | postdeploy:
29 | actions: ["postdeploy-action"]
30 | ---
31 | apiVersion: deploy.cloud.google.com/v1beta1
32 | kind: Target
33 | metadata:
34 | name: prod-cloudrun-dh
35 | description: Production target
36 | run:
37 | location: projects/${PROJECT_ID}/locations/us-central1
38 | executionConfigs:
39 | - usages:
40 | - RENDER
41 | - DEPLOY
42 | - PREDEPLOY
43 | - POSTDEPLOY
44 | serviceAccount: cd-dh-tut-deploy-sa@${PROJECT_ID}.iam.gserviceaccount.com
45 |
--------------------------------------------------------------------------------
/tutorials/deploy-hooks-run/scripts/call-cloudrun-service.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | # Copyright 2023 Google LLC
3 | #
4 | # Licensed under the Apache License, Version 2.0 (the "License");
5 | # you may not use this file except in compliance with the License.
6 | # You may obtain a copy of the License at
7 | #
8 | # http://www.apache.org/licenses/LICENSE-2.0
9 | #
10 | # Unless required by applicable law or agreed to in writing, software
11 | # distributed under the License is distributed on an "AS IS" BASIS,
12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | # See the License for the specific language governing permissions and
14 | # limitations under the License.
15 |
16 | gcurl() {
17 | curl -H "Authorization: Bearer ${1}" "${2}"
18 | }
19 |
20 | gcurl-quiet() {
21 | curl -S -s -o /dev/null -H "Authorization: Bearer ${1}" "${2}"
22 | }
23 |
24 | warm-gcurl() {
25 | for i in {1..20} ; do gcurl-quiet ${1} ${2}; done
26 | }
27 |
28 | multi-gcurl() {
29 | for i in {1..10} ; do printf "%2d. " ${i} && gcurl ${1} ${2}; sleep 1; done
30 | }
31 |
32 | if [ "$#" -ne 1 ]; then
33 | echo "Usage: ${0} "
34 | exit 1
35 | fi
36 |
37 | SVC=${1}
38 | TOKEN=$(gcloud auth print-identity-token)
39 | URL=$(gcloud run services describe ${SVC} --format='value(status.url)')
40 |
41 | gcurl ${TOKEN} ${URL}
42 |
--------------------------------------------------------------------------------
/tutorials/deploy-hooks-run/terraform-config/.terraform.lock.hcl:
--------------------------------------------------------------------------------
1 | # This file is maintained automatically by "terraform init".
2 | # Manual edits may be lost in future updates.
3 |
4 | provider "registry.terraform.io/hashicorp/google" {
5 | version = "4.31.0"
6 | constraints = ">= 3.43.0, ~> 4.31.0, < 5.0.0"
7 | hashes = [
8 | "h1:+X1KG9mnYGMkYD1c/O+uUi72d4kB3kPSDei4yMEDVAQ=",
9 | "h1:p6GUUYG9PQ4XODXBgsHpWTygziRtY61z07slBKYbiCQ=",
10 | "zh:02a19ed46c2007f6aadfb6ff90aa6063be063194d1f0dd02dc839adc212f7cae",
11 | "zh:1046de7e13e81a8f86461f99e9d5ff25d5dabe8465f51efe72084ded426ba771",
12 | "zh:209b054685f7364f3f5e8b570ceb62701e5b466d37cce8b7108385fc1feb3683",
13 | "zh:717773619a1102748204699974c30aba39dc727baf389b874afcab6e17b63ffa",
14 | "zh:7d5f4885cda2ca0ec8cb8bac36ea156aeca7787c01c17e65f7226742b60369d8",
15 | "zh:82df57f2df5708441c57045b3e1a9a91ed55abe67d0d2f00705c7a1f512ec6ec",
16 | "zh:a0191b194e68dd3c0ac5a26712f95d435839ff20d2b2ad53670374c64946042d",
17 | "zh:a95b8358469d6347a5bcf4462ad18efaf80014f07f36bd26019ca039c523ff48",
18 | "zh:b62c968f50d3afa8300c9267388d273a90a5be1a4e9a218205a358e6954e7844",
19 | "zh:bc11cc9b8defec24831bbd6a73a2fa940659c7c610ea7aa0d8b38c2b1af6689b",
20 | "zh:e6ac4c46c3e5a32635fcd27784c189b6cbc6aa9cbf7a3b09e999ec3aa3e2004a",
21 | "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
22 | ]
23 | }
24 |
25 | provider "registry.terraform.io/hashicorp/google-beta" {
26 | version = "4.31.0"
27 | constraints = ">= 3.43.0, ~> 4.31.0, < 5.0.0"
28 | hashes = [
29 | "h1:M2pepGi4wx5wxMcyLLJnnffWx6Eg6lVpFtdbtbuQP74=",
30 | "h1:jLDN1EAlgTQgcG99dEVE0V50VirRFccy8hk7MLhbjdY=",
31 | "zh:101d9711741ce76f1c4a07cd41d9c7d59dd299a52a41e71f0683b7fac8285d8f",
32 | "zh:3d32ab7cdb598a4cd7ce0c6b5dd7a0e69c7b1a974127db888224c36bbd364646",
33 | "zh:6e18ecd2783cf53f6d5316be3b00fb87132f63d5cb8b2908de07c5dc4114e16c",
34 | "zh:787508727b80c55dc58021a2832c057aa3ec96f4691acc74cde992517c48c5bd",
35 | "zh:79e9be806708d2a8ce86b8e9c6506722c5d8e959a5d1af1e34d6db78839b6418",
36 | "zh:9ff3963190eb5626e51f5edbe57b6e7552e8f861d134eea4c785824941ec8f5d",
37 | "zh:a880691ac61468f78df142bf06c117c5aef12b2945ecb12e06c609e9a68b9922",
38 | "zh:bafd09b2ecd678b23fd5f6bd634610074e1d7eb0c7c57887c63245aaebee001a",
39 | "zh:bc6dfab7da73b83b86255fb61ce1b31e7c698ac9fa719e76a58bb85e2c0d3b9d",
40 | "zh:d8415dc96809e8eab1adebea821725bc33ab310a6bae8bd1aec7ef4d9bec625c",
41 | "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
42 | "zh:fb34e29154d17a81f76d16f1831dd69c6d85d9c1539faf7a2cfe775292e88fa0",
43 | ]
44 | }
45 |
--------------------------------------------------------------------------------
/tutorials/deploy-hooks-run/terraform-config/apis.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2023 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | module "project-services" {
18 | source = "terraform-google-modules/project-factory/google//modules/project_services"
19 | version = "~> 13.0"
20 |
21 | project_id = var.project_id
22 |
23 | disable_services_on_destroy = false
24 | disable_dependent_services = false
25 |
26 | activate_apis = [
27 | "cloudbuild.googleapis.com",
28 | "clouddeploy.googleapis.com",
29 | "cloudresourcemanager.googleapis.com",
30 | "compute.googleapis.com",
31 | "iam.googleapis.com",
32 | "run.googleapis.com",
33 | ]
34 | }
35 |
--------------------------------------------------------------------------------
/tutorials/deploy-hooks-run/terraform-config/ar.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2023 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | resource "google_artifact_registry_repository" "artifact_registry" {
18 |
19 | provider = google-beta
20 |
21 | location = var.region
22 | repository_id = "hello-app-dh"
23 | description = "Image registry for Cloud Deploy Hooks tutorial"
24 | format = "DOCKER"
25 | }
26 |
--------------------------------------------------------------------------------
/tutorials/deploy-hooks-run/terraform-config/bq.tf:
--------------------------------------------------------------------------------
1 | resource "google_bigquery_dataset" "change_management" {
2 | dataset_id = "change_management"
3 | friendly_name = "changes"
4 | description = "This is a change management dataset"
5 | location = "US"
6 | default_table_expiration_ms = 3600000
7 | }
8 |
9 | resource "google_bigquery_table" "changes" {
10 | dataset_id = google_bigquery_dataset.change_management.dataset_id
11 | table_id = "changes"
12 | deletion_protection = false
13 |
14 | time_partitioning {
15 | type = "DAY"
16 | }
17 |
18 | schema = <"
34 | exit 1
35 | fi
36 |
37 | SVC=${1}
38 | TOKEN=$(gcloud auth print-identity-token)
39 | URL=$(gcloud run services describe demo-app-${SVC} --format='value(status.url)')
40 |
41 | warm-gcurl ${TOKEN} ${URL}
42 | sleep 1
43 | multi-gcurl ${TOKEN} ${URL}
44 |
--------------------------------------------------------------------------------
/tutorials/deployment-strategies-run/terraform-config/.terraform.lock.hcl:
--------------------------------------------------------------------------------
1 | # This file is maintained automatically by "terraform init".
2 | # Manual edits may be lost in future updates.
3 |
4 | provider "registry.terraform.io/hashicorp/google" {
5 | version = "4.31.0"
6 | constraints = ">= 3.43.0, ~> 4.31.0, < 5.0.0"
7 | hashes = [
8 | "h1:+X1KG9mnYGMkYD1c/O+uUi72d4kB3kPSDei4yMEDVAQ=",
9 | "h1:p6GUUYG9PQ4XODXBgsHpWTygziRtY61z07slBKYbiCQ=",
10 | "zh:02a19ed46c2007f6aadfb6ff90aa6063be063194d1f0dd02dc839adc212f7cae",
11 | "zh:1046de7e13e81a8f86461f99e9d5ff25d5dabe8465f51efe72084ded426ba771",
12 | "zh:209b054685f7364f3f5e8b570ceb62701e5b466d37cce8b7108385fc1feb3683",
13 | "zh:717773619a1102748204699974c30aba39dc727baf389b874afcab6e17b63ffa",
14 | "zh:7d5f4885cda2ca0ec8cb8bac36ea156aeca7787c01c17e65f7226742b60369d8",
15 | "zh:82df57f2df5708441c57045b3e1a9a91ed55abe67d0d2f00705c7a1f512ec6ec",
16 | "zh:a0191b194e68dd3c0ac5a26712f95d435839ff20d2b2ad53670374c64946042d",
17 | "zh:a95b8358469d6347a5bcf4462ad18efaf80014f07f36bd26019ca039c523ff48",
18 | "zh:b62c968f50d3afa8300c9267388d273a90a5be1a4e9a218205a358e6954e7844",
19 | "zh:bc11cc9b8defec24831bbd6a73a2fa940659c7c610ea7aa0d8b38c2b1af6689b",
20 | "zh:e6ac4c46c3e5a32635fcd27784c189b6cbc6aa9cbf7a3b09e999ec3aa3e2004a",
21 | "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
22 | ]
23 | }
24 |
25 | provider "registry.terraform.io/hashicorp/google-beta" {
26 | version = "4.31.0"
27 | constraints = ">= 3.43.0, ~> 4.31.0, < 5.0.0"
28 | hashes = [
29 | "h1:M2pepGi4wx5wxMcyLLJnnffWx6Eg6lVpFtdbtbuQP74=",
30 | "h1:jLDN1EAlgTQgcG99dEVE0V50VirRFccy8hk7MLhbjdY=",
31 | "zh:101d9711741ce76f1c4a07cd41d9c7d59dd299a52a41e71f0683b7fac8285d8f",
32 | "zh:3d32ab7cdb598a4cd7ce0c6b5dd7a0e69c7b1a974127db888224c36bbd364646",
33 | "zh:6e18ecd2783cf53f6d5316be3b00fb87132f63d5cb8b2908de07c5dc4114e16c",
34 | "zh:787508727b80c55dc58021a2832c057aa3ec96f4691acc74cde992517c48c5bd",
35 | "zh:79e9be806708d2a8ce86b8e9c6506722c5d8e959a5d1af1e34d6db78839b6418",
36 | "zh:9ff3963190eb5626e51f5edbe57b6e7552e8f861d134eea4c785824941ec8f5d",
37 | "zh:a880691ac61468f78df142bf06c117c5aef12b2945ecb12e06c609e9a68b9922",
38 | "zh:bafd09b2ecd678b23fd5f6bd634610074e1d7eb0c7c57887c63245aaebee001a",
39 | "zh:bc6dfab7da73b83b86255fb61ce1b31e7c698ac9fa719e76a58bb85e2c0d3b9d",
40 | "zh:d8415dc96809e8eab1adebea821725bc33ab310a6bae8bd1aec7ef4d9bec625c",
41 | "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
42 | "zh:fb34e29154d17a81f76d16f1831dd69c6d85d9c1539faf7a2cfe775292e88fa0",
43 | ]
44 | }
45 |
--------------------------------------------------------------------------------
/tutorials/deployment-strategies-run/terraform-config/apis.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2023 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | module "project-services" {
18 | source = "terraform-google-modules/project-factory/google//modules/project_services"
19 | version = "~> 13.0"
20 |
21 | project_id = var.project_id
22 |
23 | disable_services_on_destroy = false
24 | disable_dependent_services = false
25 |
26 | activate_apis = [
27 | "cloudbuild.googleapis.com",
28 | "clouddeploy.googleapis.com",
29 | "cloudresourcemanager.googleapis.com",
30 | "compute.googleapis.com",
31 | "iam.googleapis.com",
32 | "run.googleapis.com",
33 | ]
34 | }
35 |
--------------------------------------------------------------------------------
/tutorials/deployment-strategies-run/terraform-config/ar.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2023 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | resource "google_artifact_registry_repository" "artifact_registry" {
18 |
19 | provider = google-beta
20 |
21 | location = var.region
22 | repository_id = "demo-app-ds"
23 | description = "Image registry for Cloud Deploy Deployment Strategies tutorial"
24 | format = "DOCKER"
25 | }
26 |
--------------------------------------------------------------------------------
/tutorials/deployment-strategies-run/terraform-config/main.template:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2023 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | terraform {
18 | backend "gcs" {
19 | bucket="{{BACKEND_BUCKET}}"
20 | prefix="ds-run"
21 | }
22 | required_providers {
23 | google = {
24 | source = "hashicorp/google"
25 | version = "~> 4.31.0"
26 | }
27 | google-beta = {
28 | source = "hashicorp/google-beta"
29 | version = "~> 4.31.0"
30 | }
31 | }
32 | }
33 |
34 | provider "google" {
35 | project = var.project_id
36 | region = var.region
37 | }
38 |
39 | provider "google-beta" {
40 | project = var.project_id
41 | region = var.region
42 | }
43 |
--------------------------------------------------------------------------------
/tutorials/deployment-strategies-run/terraform-config/sa.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2023 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | # Cloud Build service account
18 |
19 | resource "google_service_account" "build_service_account" {
20 | project = var.project_id
21 | account_id = "cd-ds-tut-run-build-sa"
22 | display_name = "Cloud Deploy Deployment Strategies tutorial Cloud Build service account"
23 | }
24 |
25 | resource "google_project_iam_member" "build_sa_iam_storageadmin" {
26 | project = var.project_id
27 | role = "roles/storage.admin"
28 | member = "serviceAccount:${google_service_account.build_service_account.email}"
29 | }
30 |
31 | resource "google_project_iam_member" "build_sa_iam_logginglogwriter" {
32 | project = var.project_id
33 | role = "roles/logging.logWriter"
34 | member = "serviceAccount:${google_service_account.build_service_account.email}"
35 | }
36 |
37 | resource "google_project_iam_member" "build_sa_iam_artifactwriter" {
38 | project = var.project_id
39 | role = "roles/artifactregistry.writer"
40 | member = "serviceAccount:${google_service_account.build_service_account.email}"
41 | }
42 |
43 | # Cloud Deploy service account
44 |
45 | resource "google_service_account" "deploy_service_account" {
46 | project = var.project_id
47 | account_id = "cd-ds-tut-deploy-sa"
48 | display_name = "Cloud Deploy Deployment Strategies tutorial deploy service account"
49 | }
50 |
51 | resource "google_project_iam_member" "deploy_sa_clouddeployjobrunner" {
52 | project = var.project_id
53 | role = "roles/clouddeploy.jobRunner"
54 | member = "serviceAccount:${google_service_account.deploy_service_account.email}"
55 | }
56 |
57 | resource "google_project_iam_member" "deploy_sa_logginglogwriter" {
58 | project = var.project_id
59 | role = "roles/logging.logWriter"
60 | member = "serviceAccount:${google_service_account.deploy_service_account.email}"
61 | }
62 |
63 | resource "google_project_iam_member" "deploy_sa_rundeveloper" {
64 | project = var.project_id
65 | role = "roles/run.developer"
66 | member = "serviceAccount:${google_service_account.deploy_service_account.email}"
67 | }
68 |
69 | resource "google_service_account_iam_member" "deploy_sa_actas" {
70 | service_account_id = google_service_account.compute_service_account.name
71 | role = "roles/iam.serviceAccountUser"
72 | member = "serviceAccount:${google_service_account.deploy_service_account.email}"
73 | }
74 |
75 | # Cloud Run service account
76 |
77 | resource "google_service_account" "compute_service_account" {
78 | project = var.project_id
79 | account_id = "cd-ds-tut-run-sa"
80 | display_name = "Cloud Deploy Deployment Strategies tutorial run service account"
81 | }
82 |
83 | resource "google_project_iam_member" "compute_sa_logginglogwriter" {
84 | project = var.project_id
85 | role = "roles/logging.logWriter"
86 | member = "serviceAccount:${google_service_account.compute_service_account.email}"
87 | }
88 |
--------------------------------------------------------------------------------
/tutorials/deployment-strategies-run/terraform-config/variables.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2023 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | variable "project_id" {
18 | description = "The project ID to host the cluster in"
19 | }
20 |
21 | variable "region" {
22 | description = "GCP region in which to build the infrastructure"
23 | }
24 |
--------------------------------------------------------------------------------
/tutorials/e2e-gke:
--------------------------------------------------------------------------------
1 | base
--------------------------------------------------------------------------------
/tutorials/e2e-run/app-config/hello-app-prod.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: serving.knative.dev/v1
16 | kind: Service
17 | metadata:
18 | name: hello-app-prod
19 | spec:
20 | template:
21 | metadata:
22 | annotations:
23 | autoscaling.knative.dev/maxScale: "1"
24 | spec:
25 | serviceAccountName: cd-tut-run-sa@${PROJECT_ID}.iam.gserviceaccount.com
26 | containers:
27 | - name: hello-app
28 | image: hello-app
29 | env:
30 | - name: NAME
31 | value: "Prod"
32 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/app-config/hello-app-staging.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: serving.knative.dev/v1
16 | kind: Service
17 | metadata:
18 | name: hello-app-staging
19 | spec:
20 | template:
21 | metadata:
22 | annotations:
23 | autoscaling.knative.dev/maxScale: "1"
24 | spec:
25 | serviceAccountName: cd-tut-run-sa@${PROJECT_ID}.iam.gserviceaccount.com
26 | containers:
27 | - name: hello-app
28 | image: hello-app
29 | env:
30 | - name: NAME
31 | value: "Staging"
32 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/app-config/hello-app-test.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: serving.knative.dev/v1
16 | kind: Service
17 | metadata:
18 | name: hello-app-test
19 | spec:
20 | template:
21 | metadata:
22 | annotations:
23 | autoscaling.knative.dev/maxScale: "1"
24 | spec:
25 | serviceAccountName: cd-tut-run-sa@${PROJECT_ID}.iam.gserviceaccount.com
26 | containers:
27 | - name: hello-app
28 | image: hello-app
29 | env:
30 | - name: NAME
31 | value: "Test"
32 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/app-config/hello-app/Dockerfile:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | FROM golang:1.22 AS builder
16 | WORKDIR /go/src/hello
17 | COPY . .
18 | RUN CGO_ENABLED=0 go build -o /go/bin/hello
19 |
20 | FROM gcr.io/distroless/static-debian11
21 | COPY --from=builder /go/bin/hello /
22 | CMD ["/hello"]
23 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/app-config/hello-app/go.mod:
--------------------------------------------------------------------------------
1 | module hello
2 |
3 | go 1.19
4 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/app-config/hello-app/main.go:
--------------------------------------------------------------------------------
1 | // Copyright 2020 Google LLC
2 | //
3 | // Licensed under the Apache License, Version 2.0 (the "License");
4 | // you may not use this file except in compliance with the License.
5 | // You may obtain a copy of the License at
6 | //
7 | // https://www.apache.org/licenses/LICENSE-2.0
8 | //
9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 |
15 | // Sample run-helloworld is a minimal Cloud Run service.
16 | package main
17 |
18 | import (
19 | "fmt"
20 | "log"
21 | "net/http"
22 | "os"
23 | )
24 |
25 | func main() {
26 | log.Print("starting server...")
27 | http.HandleFunc("/", handler)
28 |
29 | // Determine port for HTTP service.
30 | port := os.Getenv("PORT")
31 | if port == "" {
32 | port = "8080"
33 | log.Printf("defaulting to port %s", port)
34 | }
35 |
36 | // Start HTTP server.
37 | log.Printf("listening on port %s", port)
38 | if err := http.ListenAndServe(":"+port, nil); err != nil {
39 | log.Fatal(err)
40 | }
41 | }
42 |
43 | func handler(w http.ResponseWriter, r *http.Request) {
44 | name := os.Getenv("NAME")
45 | if name == "" {
46 | name = "World"
47 | }
48 | fmt.Fprintf(w, "\nHello %s! 🎉\n\n", name)
49 | log.Printf("Sent response, customization was '%s'", name)
50 | }
51 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/app-config/skaffold.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: skaffold/v3
16 | kind: Config
17 | metadata:
18 | name: hello-app
19 | build:
20 | artifacts:
21 | - image: hello-app
22 | context: hello-app
23 | googleCloudBuild:
24 | projectId: ${PROJECT_ID}
25 | serviceAccount: projects/${PROJECT_ID}/serviceAccounts/cd-tut-run-build-sa@${PROJECT_ID}.iam.gserviceaccount.com
26 | deploy:
27 | cloudrun: {}
28 | profiles:
29 | - name: test
30 | manifests:
31 | rawYaml:
32 | - hello-app-test.yaml
33 | - name: staging
34 | manifests:
35 | rawYaml:
36 | - hello-app-staging.yaml
37 | - name: prod
38 | manifests:
39 | rawYaml:
40 | - hello-app-prod.yaml
41 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/cleanup.sh:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | TUTORIAL=e2e-run
16 | ROOT_DIR=$(git rev-parse --show-toplevel)
17 | TUTORIAL_DIR=${ROOT_DIR}/tutorials/${TUTORIAL}
18 | CD_CONFIG_DIR=${TUTORIAL_DIR}/clouddeploy-config
19 | TF_DIR=${TUTORIAL_DIR}/terraform-config
20 | GCLOUD_CONFIG=clouddeploy
21 |
22 | PROJECT_ID=$(gcloud config get-value core/project)
23 | REGION=$(gcloud config get-value compute/region)
24 |
25 | BACKEND=${PROJECT_ID}-${TUTORIAL}-tf
26 |
27 | cd ${TF_DIR}
28 | terraform destroy -auto-approve -var=project_id=${PROJECT_ID} -var=region=${REGION}
29 |
30 | cd ${ROOT_DIR}
31 |
32 | gsutil rm -r gs://$BACKEND/
33 |
34 | rm -rf $TF_DIR/.terraform
35 | rm -rf $TF_DIR/main.tf
36 | rm -rf $TF_DIR/terraform.tfstat*
37 | rm -rf $TF_DIR/terraform.tfplan
38 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/clouddeploy-config/delivery-pipeline.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: DeliveryPipeline
17 | metadata:
18 | name: hello-app
19 | description: Deployment pipeline for hello-app
20 | serialPipeline:
21 | stages:
22 | - targetId: test-cloudrun
23 | profiles: [test]
24 | - targetId: staging-cloudrun
25 | profiles: [staging]
26 | - targetId: prod-cloudrun
27 | profiles: [prod]
28 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/clouddeploy-config/target-prod.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: Target
17 | metadata:
18 | name: prod-cloudrun
19 | description: Production target
20 | requireApproval: true
21 | run:
22 | location: projects/${PROJECT_ID}/locations/${REGION}
23 | executionConfigs:
24 | - usages:
25 | - RENDER
26 | - DEPLOY
27 | serviceAccount: cd-tut-run-deploy-sa@${PROJECT_ID}.iam.gserviceaccount.com
28 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/clouddeploy-config/target-staging.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: Target
17 | metadata:
18 | name: staging-cloudrun
19 | description: Staging target
20 | run:
21 | location: projects/${PROJECT_ID}/locations/${REGION}
22 | executionConfigs:
23 | - usages:
24 | - RENDER
25 | - DEPLOY
26 | serviceAccount: cd-tut-run-deploy-sa@${PROJECT_ID}.iam.gserviceaccount.com
27 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/clouddeploy-config/target-test.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: Target
17 | metadata:
18 | name: test-cloudrun
19 | description: Test target
20 | run:
21 | location: projects/${PROJECT_ID}/locations/${REGION}
22 | executionConfigs:
23 | - usages:
24 | - RENDER
25 | - DEPLOY
26 | serviceAccount: cd-tut-run-deploy-sa@${PROJECT_ID}.iam.gserviceaccount.com
27 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/setup.sh:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | # Standard functions begin with manage or run.
16 | # Walkthrough-specific functions begin with the abbreviation for
17 | # that walkthrough
18 |
19 | TUTORIAL=e2e-run
20 | ROOT_DIR=$(git rev-parse --show-toplevel)
21 | TUTORIAL_DIR=${ROOT_DIR}/tutorials/${TUTORIAL}
22 | APP_CONFIG_DIR=${TUTORIAL_DIR}/app-config
23 | CD_CONFIG_DIR=${TUTORIAL_DIR}/clouddeploy-config
24 | TF_DIR=${TUTORIAL_DIR}/terraform-config
25 | GCLOUD_CONFIG=clouddeploy
26 |
27 | export PROJECT_ID=$(gcloud config get-value core/project)
28 | export REGION=us-central1
29 |
30 | BACKEND=${PROJECT_ID}-${TUTORIAL}-tf
31 |
32 | manage_apis() {
33 | # Enables any APIs that we need prior to Terraform being run
34 |
35 | echo "Enabling GCP APIs, please wait, this may take several minutes..."
36 | gcloud services enable storage.googleapis.com \
37 | compute.googleapis.com \
38 | artifactregistry.googleapis.com
39 | }
40 |
41 | manage_configs() {
42 | # Sets any SDK configs and ensures they'll persist across
43 | # Cloud Shell sessions
44 |
45 | echo "Creating persistent Cloud Shell configuration"
46 | SHELL_RC=${HOME}/.$(basename ${SHELL})rc
47 | echo export CLOUDSDK_CONFIG=${HOME}/.gcloud >> ${SHELL_RC}
48 |
49 | if [[ $(gcloud config configurations list --quiet --filter "name=${GCLOUD_CONFIG}") ]]; then
50 | echo "Config ${GCLOUD_CONFIG} already exists, skipping config creation"
51 | else
52 | gcloud config configurations create ${GCLOUD_CONFIG}
53 | echo "Created config ${GCLOUD_CONFIG}"
54 | fi
55 |
56 | gcloud config set project ${PROJECT_ID}
57 | gcloud config set compute/region ${REGION}
58 | gcloud config set deploy/region ${REGION}
59 | gcloud config set run/platform managed
60 | gcloud config set run/region ${REGION}
61 | }
62 |
63 | run_terraform() {
64 | # Terraform workflows
65 |
66 | cd ${TF_DIR}
67 |
68 | sed "s/bucket=.*/bucket=\"$BACKEND\"/g" main.template > main.tf
69 | gsutil mb gs://${BACKEND} || true
70 |
71 | terraform init
72 | terraform plan -out=terraform.tfplan -var="project_id=${PROJECT_ID}" -var="region=${REGION}"
73 | terraform apply -auto-approve terraform.tfplan
74 | }
75 |
76 | configure_git() {
77 | # Ensures some base level git client config is present
78 |
79 | git config user.name "Cloud Deploy"
80 | git config user.email "noreply@google.com"
81 | }
82 |
83 | e2e_apps() {
84 | # Any sample application install and configuration for the E2E walkthrough.
85 |
86 | echo "Configuring walkthrough applications"
87 |
88 | cd ${CD_CONFIG_DIR}
89 | for template in $(ls *.template); do
90 | envsubst < ${template} > ${template%.*}
91 | done
92 |
93 | cd ${APP_CONFIG_DIR}
94 | for template in $(ls *.template); do
95 | envsubst < ${template} > ${template%.*}
96 | done
97 |
98 | git tag -a v1 -m "version 1 release"
99 | }
100 |
101 | manage_apis
102 | manage_configs
103 | run_terraform
104 | configure_git
105 | e2e_apps
106 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/terraform-config/.terraform.lock.hcl:
--------------------------------------------------------------------------------
1 | # This file is maintained automatically by "terraform init".
2 | # Manual edits may be lost in future updates.
3 |
4 | provider "registry.terraform.io/hashicorp/google" {
5 | version = "4.31.0"
6 | constraints = ">= 3.43.0, ~> 4.31.0, < 5.0.0"
7 | hashes = [
8 | "h1:+X1KG9mnYGMkYD1c/O+uUi72d4kB3kPSDei4yMEDVAQ=",
9 | "h1:p6GUUYG9PQ4XODXBgsHpWTygziRtY61z07slBKYbiCQ=",
10 | "zh:02a19ed46c2007f6aadfb6ff90aa6063be063194d1f0dd02dc839adc212f7cae",
11 | "zh:1046de7e13e81a8f86461f99e9d5ff25d5dabe8465f51efe72084ded426ba771",
12 | "zh:209b054685f7364f3f5e8b570ceb62701e5b466d37cce8b7108385fc1feb3683",
13 | "zh:717773619a1102748204699974c30aba39dc727baf389b874afcab6e17b63ffa",
14 | "zh:7d5f4885cda2ca0ec8cb8bac36ea156aeca7787c01c17e65f7226742b60369d8",
15 | "zh:82df57f2df5708441c57045b3e1a9a91ed55abe67d0d2f00705c7a1f512ec6ec",
16 | "zh:a0191b194e68dd3c0ac5a26712f95d435839ff20d2b2ad53670374c64946042d",
17 | "zh:a95b8358469d6347a5bcf4462ad18efaf80014f07f36bd26019ca039c523ff48",
18 | "zh:b62c968f50d3afa8300c9267388d273a90a5be1a4e9a218205a358e6954e7844",
19 | "zh:bc11cc9b8defec24831bbd6a73a2fa940659c7c610ea7aa0d8b38c2b1af6689b",
20 | "zh:e6ac4c46c3e5a32635fcd27784c189b6cbc6aa9cbf7a3b09e999ec3aa3e2004a",
21 | "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
22 | ]
23 | }
24 |
25 | provider "registry.terraform.io/hashicorp/google-beta" {
26 | version = "4.31.0"
27 | constraints = ">= 3.43.0, ~> 4.31.0, < 5.0.0"
28 | hashes = [
29 | "h1:M2pepGi4wx5wxMcyLLJnnffWx6Eg6lVpFtdbtbuQP74=",
30 | "h1:jLDN1EAlgTQgcG99dEVE0V50VirRFccy8hk7MLhbjdY=",
31 | "zh:101d9711741ce76f1c4a07cd41d9c7d59dd299a52a41e71f0683b7fac8285d8f",
32 | "zh:3d32ab7cdb598a4cd7ce0c6b5dd7a0e69c7b1a974127db888224c36bbd364646",
33 | "zh:6e18ecd2783cf53f6d5316be3b00fb87132f63d5cb8b2908de07c5dc4114e16c",
34 | "zh:787508727b80c55dc58021a2832c057aa3ec96f4691acc74cde992517c48c5bd",
35 | "zh:79e9be806708d2a8ce86b8e9c6506722c5d8e959a5d1af1e34d6db78839b6418",
36 | "zh:9ff3963190eb5626e51f5edbe57b6e7552e8f861d134eea4c785824941ec8f5d",
37 | "zh:a880691ac61468f78df142bf06c117c5aef12b2945ecb12e06c609e9a68b9922",
38 | "zh:bafd09b2ecd678b23fd5f6bd634610074e1d7eb0c7c57887c63245aaebee001a",
39 | "zh:bc6dfab7da73b83b86255fb61ce1b31e7c698ac9fa719e76a58bb85e2c0d3b9d",
40 | "zh:d8415dc96809e8eab1adebea821725bc33ab310a6bae8bd1aec7ef4d9bec625c",
41 | "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
42 | "zh:fb34e29154d17a81f76d16f1831dd69c6d85d9c1539faf7a2cfe775292e88fa0",
43 | ]
44 | }
45 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/terraform-config/apis.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2022 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | module "project-services" {
18 | source = "terraform-google-modules/project-factory/google//modules/project_services"
19 | version = "~> 13.0"
20 |
21 | project_id = var.project_id
22 |
23 | disable_services_on_destroy = false
24 | disable_dependent_services = false
25 |
26 | activate_apis = [
27 | "cloudbuild.googleapis.com",
28 | "clouddeploy.googleapis.com",
29 | "cloudresourcemanager.googleapis.com",
30 | "compute.googleapis.com",
31 | "iam.googleapis.com",
32 | "run.googleapis.com",
33 | ]
34 | }
35 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/terraform-config/ar.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2022 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | resource "google_artifact_registry_repository" "artifact-registry" {
18 |
19 | provider = google-beta
20 |
21 | location = var.region
22 | repository_id = "hello-app"
23 | description = "Image registry for Cloud Deploy -> Cloud Run tutorial"
24 | format = "DOCKER"
25 | }
26 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/terraform-config/main.template:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2022 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | terraform {
18 | backend "gcs" {
19 | bucket="{{BACKEND_BUCKET}}"
20 | prefix="e2e-run"
21 | }
22 | required_providers {
23 | google = {
24 | source = "hashicorp/google"
25 | version = "~> 4.31.0"
26 | }
27 | google-beta = {
28 | source = "hashicorp/google-beta"
29 | version = "~> 4.31.0"
30 | }
31 | }
32 | }
33 |
34 | provider "google" {
35 | project = var.project_id
36 | region = var.region
37 | }
38 |
39 | provider "google-beta" {
40 | project = var.project_id
41 | region = var.region
42 | }
43 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/terraform-config/sa.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2023 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | # Cloud Build service account
18 |
19 | resource "google_service_account" "build_service_account" {
20 | project = var.project_id
21 | account_id = "cd-tut-run-build-sa"
22 | display_name = "Cloud Deploy tutorial Cloud Build service account"
23 | }
24 |
25 | resource "google_project_iam_member" "build_sa_iam_storageadmin" {
26 | project = var.project_id
27 | role = "roles/storage.admin"
28 | member = "serviceAccount:${google_service_account.build_service_account.email}"
29 | }
30 |
31 | resource "google_project_iam_member" "build_sa_iam_logginglogwriter" {
32 | project = var.project_id
33 | role = "roles/logging.logWriter"
34 | member = "serviceAccount:${google_service_account.build_service_account.email}"
35 | }
36 |
37 | resource "google_project_iam_member" "build_sa_iam_artifactwriter" {
38 | project = var.project_id
39 | role = "roles/artifactregistry.writer"
40 | member = "serviceAccount:${google_service_account.build_service_account.email}"
41 | }
42 |
43 | # Cloud Deploy service account
44 |
45 | resource "google_service_account" "deploy_service_account" {
46 | project = var.project_id
47 | account_id = "cd-tut-run-deploy-sa"
48 | display_name = "Cloud Deploy tutorial deploy service account"
49 | }
50 |
51 | resource "google_project_iam_member" "deploy_sa_clouddeployjobrunner" {
52 | project = var.project_id
53 | role = "roles/clouddeploy.jobRunner"
54 | member = "serviceAccount:${google_service_account.deploy_service_account.email}"
55 | }
56 |
57 | resource "google_project_iam_member" "deploy_sa_rundeveloper" {
58 | project = var.project_id
59 | role = "roles/run.developer"
60 | member = "serviceAccount:${google_service_account.deploy_service_account.email}"
61 | }
62 |
63 | resource "google_service_account_iam_member" "deploy_sa_actas" {
64 | service_account_id = google_service_account.compute_service_account.name
65 | role = "roles/iam.serviceAccountUser"
66 | member = "serviceAccount:${google_service_account.deploy_service_account.email}"
67 | }
68 |
69 | # Cloud Run service account
70 |
71 | resource "google_service_account" "compute_service_account" {
72 | project = var.project_id
73 | account_id = "cd-tut-run-sa"
74 | display_name = "Cloud Deploy Deployment Strategies tutorial run service account"
75 | }
76 |
77 | resource "google_project_iam_member" "compute_sa_logginglogwriter" {
78 | project = var.project_id
79 | role = "roles/logging.logWriter"
80 | member = "serviceAccount:${google_service_account.compute_service_account.email}"
81 | }
82 |
--------------------------------------------------------------------------------
/tutorials/e2e-run/terraform-config/variables.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2022 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | variable "project_id" {
18 | description = "The project ID to host the cluster in"
19 | }
20 |
21 | variable "region" {
22 | description = "GCP region in which to build the infrastructure"
23 | }
24 |
--------------------------------------------------------------------------------
/tutorials/exec-envs/cleanup.sh:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | TUTORIAL=base
16 | ROOT_DIR=$(git rev-parse --show-toplevel)
17 | TUTORIAL_DIR=${ROOT_DIR}/tutorials/${TUTORIAL}
18 | CD_CONFIG_DIR=${TUTORIAL_DIR}/clouddeploy-config
19 | TF_DIR=${TUTORIAL_DIR}/terraform-config
20 | KUBERNETES_DIR=${TUTORIAL_DIR}/kubernetes-config
21 | GCLOUD_CONFIG=clouddeploy
22 |
23 | PROJECT_ID=$(gcloud config get-value core/project)
24 | REGION=$(gcloud config get-value compute/region)
25 |
26 | BACKEND=${PROJECT_ID}-${TUTORIAL}-tf
27 |
28 | cd $TF_DIR
29 | terraform destroy -auto-approve -var=project_id=$PROJECT_ID -var=region=$REGION
30 | cd $ROOT_DIR
31 |
32 | gsutil rm -r gs://$BACKEND/
33 |
34 | rm -rf $TF_DIR/.terraform
35 | rm -rf $TF_DIR/main.tf
36 | rm -rf $TF_DIR/terraform.tfstat*
37 | rm -rf $TF_DIR/terraform.tfplan
38 |
--------------------------------------------------------------------------------
/tutorials/exec-envs/clouddeploy-config/delivery-pipeline-exec-envs.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: DeliveryPipeline
17 | metadata:
18 | name: web-app-exec-envs
19 | description: web-app delivery pipeline for execution environments
20 | serialPipeline:
21 | stages:
22 | - targetId: test-exec-envs
23 | - targetId: staging-exec-envs
24 | - targetId: prod-exec-envs
25 |
--------------------------------------------------------------------------------
/tutorials/exec-envs/clouddeploy-config/skaffold-exec-envs.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: skaffold/v3
16 | kind: Config
17 | build:
18 | artifacts:
19 | - image: leeroy-web-exec-envs
20 | context: leeroy-web-exec-envs
21 | - image: leeroy-app-exec-envs
22 | context: leeroy-app-exec-envs
23 | googleCloudBuild:
24 | projectId: ${PROJECT_ID}
25 | serviceAccount: projects/${PROJECT_ID}/serviceAccounts/cd-tut-build-sa@${PROJECT_ID}.iam.gserviceaccount.com
26 | manifests:
27 | rawYaml:
28 | - leeroy-web-exec-envs/kubernetes/*
29 | - leeroy-app-exec-envs/kubernetes/*
30 | deploy:
31 | kubectl:
32 | portForward:
33 | - resourceType: deployment
34 | resourceName: leeroy-web
35 | port: 8080
36 | localPort: 9000
37 |
--------------------------------------------------------------------------------
/tutorials/exec-envs/clouddeploy-config/target-prod-exec-envs.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: Target
17 | metadata:
18 | name: prod-exec-envs
19 | description: prod cluster
20 | gke:
21 | cluster: projects/${PROJECT_ID}/locations/us-central1/clusters/prod
22 | executionConfigs:
23 | - privatePool:
24 | workerPool: projects/${PROJECT_ID}/locations/us-central1/workerPools/clouddeploy-private
25 | serviceAccount: cd-executionuser@${PROJECT_ID}.iam.gserviceaccount.com
26 | artifactStorage: gs://${PROJECT_ID}-clouddeploy-test-artifacts
27 | usages:
28 | - RENDER
29 | - DEPLOY
30 |
--------------------------------------------------------------------------------
/tutorials/exec-envs/clouddeploy-config/target-staging-exec-envs.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: Target
17 | metadata:
18 | name: staging-exec-envs
19 | description: staging cluster
20 | gke:
21 | cluster: projects/${PROJECT_ID}/locations/us-central1/clusters/staging
22 | executionConfigs:
23 | - privatePool:
24 | workerPool: projects/${PROJECT_ID}/locations/us-central1/workerPools/clouddeploy-private
25 | serviceAccount: cd-executionuser@${PROJECT_ID}.iam.gserviceaccount.com
26 | artifactStorage: gs://${PROJECT_ID}-clouddeploy-test-artifacts
27 | usages:
28 | - RENDER
29 | - DEPLOY
30 |
--------------------------------------------------------------------------------
/tutorials/exec-envs/clouddeploy-config/target-test-exec-envs.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: Target
17 | metadata:
18 | name: test-exec-envs
19 | description: test cluster
20 | gke:
21 | cluster: projects/${PROJECT_ID}/locations/us-central1/clusters/test
22 | executionConfigs:
23 | - privatePool:
24 | workerPool: projects/${PROJECT_ID}/locations/us-central1/workerPools/clouddeploy-private
25 | serviceAccount: cd-executionuser@${PROJECT_ID}.iam.gserviceaccount.com
26 | artifactStorage: gs://${PROJECT_ID}-clouddeploy-test-artifacts
27 | usages:
28 | - RENDER
29 | - DEPLOY
30 |
--------------------------------------------------------------------------------
/tutorials/exec-envs/kubernetes-config/web-app-ee-namespace.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: Namespace
17 | metadata:
18 | name: web-app-exec-envs
19 |
--------------------------------------------------------------------------------
/tutorials/exec-envs/web-exec-envs/leeroy-app-exec-envs/Dockerfile:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | FROM golang:1.13.11-alpine3.10 as builder
16 | COPY app.go .
17 | RUN go build -o /app .
18 |
19 | FROM alpine:3.20
20 | # Define GOTRACEBACK to mark this container as using the Go language runtime
21 | # for `skaffold debug` (https://skaffold.dev/docs/workflows/debug/).
22 | ENV GOTRACEBACK=single
23 | CMD ["./app"]
24 | COPY --from=builder /app .
25 |
--------------------------------------------------------------------------------
/tutorials/exec-envs/web-exec-envs/leeroy-app-exec-envs/app.go:
--------------------------------------------------------------------------------
1 | // Copyright 2021 Google LLC
2 | //
3 | // Licensed under the Apache License, Version 2.0 (the "License");
4 | // you may not use this file except in compliance with the License.
5 | // You may obtain a copy of the License at
6 | //
7 | // http://www.apache.org/licenses/LICENSE-2.0
8 | //
9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 |
15 | package main
16 |
17 | import (
18 | "fmt"
19 | "log"
20 | "net/http"
21 | )
22 |
23 | func handler(w http.ResponseWriter, r *http.Request) {
24 | fmt.Fprintf(w, "leeroooooy app!!\n")
25 | }
26 |
27 | func main() {
28 | log.Print("leeroy app server ready")
29 | http.HandleFunc("/", handler)
30 | http.ListenAndServe(":50051", nil)
31 | }
32 |
--------------------------------------------------------------------------------
/tutorials/exec-envs/web-exec-envs/leeroy-app-exec-envs/kubernetes/deployment.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: Service
17 | metadata:
18 | name: leeroy-app-exec-envs
19 | namespace: web-app-exec-envs
20 | labels:
21 | app: leeroy-app-exec-envs
22 | spec:
23 | clusterIP: None
24 | ports:
25 | - port: 50051
26 | name: leeroy-app-exec-envs
27 | selector:
28 | app: leeroy-app-exec-envs
29 | ---
30 | apiVersion: apps/v1
31 | kind: Deployment
32 | metadata:
33 | name: leeroy-app-exec-envs
34 | namespace: web-app-exec-envs
35 | labels:
36 | app: leeroy-app-exec-envs
37 | spec:
38 | replicas: 1
39 | selector:
40 | matchLabels:
41 | app: leeroy-app-exec-envs
42 | template:
43 | metadata:
44 | labels:
45 | app: leeroy-app-exec-envs
46 | spec:
47 | containers:
48 | - name: leeroy-app-exec-envs
49 | image: leeroy-app-exec-envs
50 | ports:
51 | - containerPort: 50051
52 |
--------------------------------------------------------------------------------
/tutorials/exec-envs/web-exec-envs/leeroy-web-exec-envs/Dockerfile:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | FROM golang:1.13.11-alpine3.10 as builder
16 | COPY web.go .
17 | RUN go build -o /web .
18 |
19 | FROM alpine:3.20
20 | # Define GOTRACEBACK to mark this container as using the Go language runtime
21 | # for `skaffold debug` (https://skaffold.dev/docs/workflows/debug/).
22 | ENV GOTRACEBACK=single
23 | CMD ["./web"]
24 | COPY --from=builder /web .
25 |
--------------------------------------------------------------------------------
/tutorials/exec-envs/web-exec-envs/leeroy-web-exec-envs/kubernetes/deployment.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: apps/v1
16 | kind: Deployment
17 | metadata:
18 | name: leeroy-web-exec-envs
19 | namespace: web-app-exec-envs
20 | labels:
21 | app: leeroy-web-exec-envs
22 | spec:
23 | replicas: 1
24 | selector:
25 | matchLabels:
26 | app: leeroy-web-exec-envs
27 | template:
28 | metadata:
29 | labels:
30 | app: leeroy-web-exec-envs
31 | spec:
32 | containers:
33 | - name: leeroy-web-exec-envs
34 | image: leeroy-web-exec-envs
35 | ports:
36 | - containerPort: 8080
37 |
--------------------------------------------------------------------------------
/tutorials/exec-envs/web-exec-envs/leeroy-web-exec-envs/web.go:
--------------------------------------------------------------------------------
1 | // Copyright 2021 Google LLC
2 | //
3 | // Licensed under the Apache License, Version 2.0 (the "License");
4 | // you may not use this file except in compliance with the License.
5 | // You may obtain a copy of the License at
6 | //
7 | // http://www.apache.org/licenses/LICENSE-2.0
8 | //
9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 |
15 | package main
16 |
17 | import (
18 | "io"
19 | "net/http"
20 |
21 | "log"
22 | )
23 |
24 | func handler(w http.ResponseWriter, r *http.Request) {
25 | resp, err := http.Get("http://leeroy-app-exec-envs:50051")
26 | if err != nil {
27 | panic(err)
28 | }
29 | defer resp.Body.Close()
30 | if _, err := io.Copy(w, resp.Body); err != nil {
31 | panic(err)
32 | }
33 | }
34 |
35 | func main() {
36 | log.Print("leeroy web server ready")
37 | http.HandleFunc("/", handler)
38 | http.ListenAndServe(":8080", nil)
39 | }
40 |
--------------------------------------------------------------------------------
/tutorials/execution-environments-gke:
--------------------------------------------------------------------------------
1 | exec-envs
--------------------------------------------------------------------------------
/tutorials/external-integration-gke:
--------------------------------------------------------------------------------
1 | external-integration
--------------------------------------------------------------------------------
/tutorials/external-integration/cleanup.sh:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | TUTORIAL=base
16 | ROOT_DIR=$(git rev-parse --show-toplevel)
17 | TUTORIAL_DIR=${ROOT_DIR}/tutorials/${TUTORIAL}
18 | CD_CONFIG_DIR=${TUTORIAL_DIR}/clouddeploy-config
19 | TF_DIR=${TUTORIAL_DIR}/terraform-config
20 | KUBERNETES_DIR=${TUTORIAL_DIR}/kubernetes-config
21 | GCLOUD_CONFIG=clouddeploy
22 |
23 | PROJECT_ID=$(gcloud config get-value core/project)
24 | REGION=$(gcloud config get-value compute/region)
25 |
26 | BACKEND=${PROJECT_ID}-${TUTORIAL}-tf
27 |
28 | cd $TF_DIR
29 | terraform destroy -auto-approve -var=project_id=$PROJECT_ID -var=region=$REGION
30 | cd $ROOT_DIR
31 |
32 | gsutil rm -r gs://$BACKEND/
33 |
34 | rm -rf $TF_DIR/.terraform
35 | rm -rf $TF_DIR/main.tf
36 | rm -rf $TF_DIR/terraform.tfstat*
37 | rm -rf $TF_DIR/terraform.tfplan
38 |
--------------------------------------------------------------------------------
/tutorials/external-integration/delivery-pipeline-pubsub.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: DeliveryPipeline
17 | metadata:
18 | name: pubsub-test
19 | description: Testing Cloud Deploy and Pub/Sub integration
20 | serialPipeline:
21 | stages:
22 | - targetId: test
23 | - targetId: staging
24 | - targetId: prod
25 |
--------------------------------------------------------------------------------
/tutorials/external-integration/listener.py:
--------------------------------------------------------------------------------
1 | import os
2 | from google.cloud import pubsub_v1
3 |
4 |
5 | subscription_name = 'projects/{project_id}/subscriptions/{sub}'.format(
6 | project_id=os.getenv('GOOGLE_CLOUD_PROJECT'),
7 | sub=os.getenv('SUBSCRIPTION_NAME'),
8 | )
9 |
10 | def callback(message):
11 | print(message)
12 |
13 | with pubsub_v1.SubscriberClient() as subscriber:
14 | future = subscriber.subscribe(subscription_name, callback)
15 |
16 | try:
17 | future.result()
18 | except KeyboardInterrupt:
19 | future.cancel()
--------------------------------------------------------------------------------
/tutorials/private-targets-gke:
--------------------------------------------------------------------------------
1 | private-targets
--------------------------------------------------------------------------------
/tutorials/private-targets/cleanup.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | # Copyright 2021 Google LLC
3 | #
4 | # Licensed under the Apache License, Version 2.0 (the "License");
5 | # you may not use this file except in compliance with the License.
6 | # You may obtain a copy of the License at
7 | #
8 | # http://www.apache.org/licenses/LICENSE-2.0
9 | #
10 | # Unless required by applicable law or agreed to in writing, software
11 | # distributed under the License is distributed on an "AS IS" BASIS,
12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | # See the License for the specific language governing permissions and
14 | # limitations under the License.
15 |
16 | set -e
17 |
18 | TUTORIAL=private-targets
19 | ROOT_DIR=$(git rev-parse --show-toplevel)
20 | TUTORIAL_DIR=${ROOT_DIR}/tutorials/${TUTORIAL}
21 | CD_CONFIG_DIR=${TUTORIAL_DIR}/clouddeploy-config
22 | TF_DIR=${TUTORIAL_DIR}/terraform-config
23 | KUBERNETES_DIR=${TUTORIAL_DIR}/kubernetes-config
24 | GCLOUD_CONFIG=clouddeploy
25 |
26 | PROJECT_ID=$(gcloud config get-value core/project)
27 | REGION=$(gcloud config get-value compute/region)
28 |
29 | BACKEND=${PROJECT_ID}-${TUTORIAL}-tf
30 |
31 | cd $TF_DIR
32 | terraform destroy -auto-approve -var=project_id=$PROJECT_ID -var=region=$REGION
33 | cd $ROOT_DIR
34 |
35 | gsutil rm -r gs://$BACKEND/
36 |
37 | rm -rf $TF_DIR/.terraform
38 | rm -rf $TF_DIR/main.tf
39 | rm -rf $TF_DIR/terraform.tfstat*
40 | rm -rf $TF_DIR/terraform.tfplan
41 |
--------------------------------------------------------------------------------
/tutorials/private-targets/clouddeploy-config/delivery-pipeline.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: DeliveryPipeline
17 | metadata:
18 | name: web-app-private-targets
19 | description: web-app delivery pipeline
20 | serialPipeline:
21 | stages:
22 | - targetId: test-private
23 | - targetId: staging-private
24 | - targetId: prod-private
25 |
--------------------------------------------------------------------------------
/tutorials/private-targets/clouddeploy-config/skaffold.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: skaffold/v3
16 | kind: Config
17 | build:
18 | artifacts:
19 | - image: leeroy-web
20 | context: leeroy-web
21 | - image: leeroy-app
22 | context: leeroy-app
23 | googleCloudBuild:
24 | projectId: ${PROJECT_ID}
25 | serviceAccount: projects/${PROJECT_ID}/serviceAccounts/cd-tut-private-build-sa@${PROJECT_ID}.iam.gserviceaccount.com
26 | manifests:
27 | rawYaml:
28 | - leeroy-web/kubernetes/*
29 | - leeroy-app/kubernetes/*
30 | deploy:
31 | kubectl:
32 | portForward:
33 | - resourceType: deployment
34 | resourceName: leeroy-web
35 | port: 8080
36 | localPort: 9000
37 |
--------------------------------------------------------------------------------
/tutorials/private-targets/clouddeploy-config/target-prod.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: Target
17 | metadata:
18 | name: prod-private
19 | description: prod cluster
20 | requireApproval: true
21 | gke:
22 | cluster: projects/${PROJECT_ID}/locations/${REGION}/clusters/prod-private
23 | executionConfigs:
24 | - privatePool:
25 | workerPool: projects/${PROJECT_ID}/locations/${REGION}/workerPools/private-pool
26 | serviceAccount: cd-tut-private-deploy-sa@${PROJECT_ID}.iam.gserviceaccount.com
27 | usages:
28 | - RENDER
29 | - DEPLOY
30 |
--------------------------------------------------------------------------------
/tutorials/private-targets/clouddeploy-config/target-staging.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: Target
17 | metadata:
18 | name: staging-private
19 | description: staging cluster
20 | gke:
21 | cluster: projects/${PROJECT_ID}/locations/${REGION}/clusters/staging-private
22 | executionConfigs:
23 | - privatePool:
24 | workerPool: projects/${PROJECT_ID}/locations/${REGION}/workerPools/private-pool
25 | serviceAccount: cd-tut-private-deploy-sa@${PROJECT_ID}.iam.gserviceaccount.com
26 | usages:
27 | - RENDER
28 | - DEPLOY
29 |
--------------------------------------------------------------------------------
/tutorials/private-targets/clouddeploy-config/target-test.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: Target
17 | metadata:
18 | name: test-private
19 | description: test cluster
20 | gke:
21 | cluster: projects/${PROJECT_ID}/locations/${REGION}/clusters/test-private
22 | executionConfigs:
23 | - privatePool:
24 | workerPool: projects/${PROJECT_ID}/locations/${REGION}/workerPools/private-pool
25 | serviceAccount: cd-tut-private-deploy-sa@${PROJECT_ID}.iam.gserviceaccount.com
26 | usages:
27 | - RENDER
28 | - DEPLOY
29 |
--------------------------------------------------------------------------------
/tutorials/private-targets/setup.sh:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | # Standard functions begin with manage or run.
16 | # Walkthrough-specific functions begin with the abbreviation for
17 | # that walkthrough
18 | # Current walkthroughs:
19 | # e2e - End-to-end (aka primary) walkthrough
20 |
21 | TUTORIAL=private-targets
22 | ROOT_DIR=$(git rev-parse --show-toplevel)
23 | TUTORIAL_DIR=${ROOT_DIR}/tutorials/${TUTORIAL}
24 | CD_CONFIG_DIR=${TUTORIAL_DIR}/clouddeploy-config
25 | TF_DIR=${TUTORIAL_DIR}/terraform-config
26 | KUBERNETES_DIR=${TUTORIAL_DIR}/kubernetes-config
27 | GCLOUD_CONFIG=clouddeploy
28 |
29 | export PROJECT_ID=$(gcloud config get-value core/project)
30 | export REGION=us-central1
31 |
32 | BACKEND=${PROJECT_ID}-${TUTORIAL}-tf
33 |
34 | manage_apis() {
35 | # Enables any APIs that we need prior to Terraform being run
36 |
37 | echo "Enabling GCP APIs, please wait, this may take several minutes..."
38 | gcloud services enable storage.googleapis.com \
39 | compute.googleapis.com \
40 | container.googleapis.com \
41 | artifactregistry.googleapis.com
42 | }
43 |
44 | manage_configs() {
45 | # Sets any SDK configs and ensures they'll persist across
46 | # Cloud Shell sessions
47 |
48 | echo "Creating persistent Cloud Shell configuration"
49 | SHELL_RC=${HOME}/.$(basename ${SHELL})rc
50 | echo export CLOUDSDK_CONFIG=${HOME}/.gcloud >> ${SHELL_RC}
51 |
52 | if [[ $(gcloud config configurations list --quiet --filter "name=${GCLOUD_CONFIG}") ]]; then
53 | echo "Config ${GCLOUD_CONFIG} already exists, skipping config creation"
54 | else
55 | gcloud config configurations create ${GCLOUD_CONFIG}
56 | echo "Created config ${GCLOUD_CONFIG}"
57 | fi
58 |
59 | gcloud config set project ${PROJECT_ID}
60 | gcloud config set compute/region ${REGION}
61 | gcloud config set deploy/region ${REGION}
62 | }
63 |
64 | run_terraform() {
65 | # Terraform workflows
66 |
67 | cd ${TF_DIR}
68 |
69 | sed "s/bucket=.*/bucket=\"$BACKEND\"/g" main.template > main.tf
70 | gsutil mb gs://${BACKEND} || true
71 |
72 | terraform init
73 | terraform plan -out=terraform.tfplan -var="project_id=$PROJECT_ID" -var="region=$REGION"
74 | terraform apply -auto-approve terraform.tfplan
75 | }
76 |
77 | configure_git() {
78 | # Ensures some base level git client config is present
79 |
80 | git config user.name "Cloud Deploy"
81 | git config user.email "noreply@google.com"
82 | }
83 |
84 | private_targets_apps() {
85 | # Any sample application install and configuration for the E2E walkthrough.
86 |
87 | echo "Configuring walkthrough applications"
88 | cd ${CD_CONFIG_DIR}
89 |
90 | for template in $(ls *.template); do
91 | envsubst < ${template} > ${template%.*}
92 | done
93 |
94 | cp skaffold.yaml ${TUTORIAL_DIR}/web-private-targets/skaffold.yaml
95 |
96 | git tag -a v1 -m "version 1 release"
97 | }
98 |
99 | manage_apis
100 | manage_configs
101 | run_terraform
102 | configure_git
103 | private_targets_apps
104 |
--------------------------------------------------------------------------------
/tutorials/private-targets/terraform-config/apis.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2021 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | module "project-services" {
18 | source = "terraform-google-modules/project-factory/google//modules/project_services"
19 | version = "14.5.0"
20 |
21 | project_id = var.project_id
22 |
23 | # Don't disable the services
24 | disable_services_on_destroy = false
25 | disable_dependent_services = false
26 |
27 | activate_apis = [
28 | "compute.googleapis.com",
29 | "container.googleapis.com",
30 | "cloudbuild.googleapis.com",
31 | "clouddeploy.googleapis.com",
32 | "cloudresourcemanager.googleapis.com",
33 | "iam.googleapis.com",
34 | "servicenetworking.googleapis.com"
35 | ]
36 | }
37 |
--------------------------------------------------------------------------------
/tutorials/private-targets/terraform-config/ar.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2021 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | resource "google_artifact_registry_repository" "artifact-registry" {
18 |
19 | provider = google-beta
20 |
21 | location = var.region
22 | repository_id = "web-app-private-targets"
23 | description = "Image registry for tutorial web app"
24 | format = "DOCKER"
25 | }
26 |
--------------------------------------------------------------------------------
/tutorials/private-targets/terraform-config/cloudbuild.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2021 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | resource "google_project_service" "servicenetworking" {
18 | service = "servicenetworking.googleapis.com"
19 | disable_on_destroy = false
20 | }
21 |
22 | resource "google_compute_global_address" "worker_range" {
23 | name = "cloudbuild-worker-pool-range"
24 | purpose = "VPC_PEERING"
25 | address_type = "INTERNAL"
26 | network = google_compute_network.network_gcb.id
27 | prefix_length = var.private_pool_prefix
28 | address = var.private_pool_address
29 | }
30 |
31 | resource "google_service_networking_connection" "worker_pool_connection" {
32 | network = google_compute_network.network_gcb.id
33 | service = "servicenetworking.googleapis.com"
34 | reserved_peering_ranges = [google_compute_global_address.worker_range.name]
35 | depends_on = [google_project_service.servicenetworking]
36 | }
37 |
38 | resource "google_cloudbuild_worker_pool" "cloudbuild_private_pool" {
39 |
40 | provider = google-beta
41 |
42 | name = "private-pool"
43 | location = var.region
44 | worker_config {
45 | disk_size_gb = 100
46 | machine_type = "e2-medium"
47 | no_external_ip = false
48 | }
49 | network_config {
50 | peered_network = google_compute_network.network_gcb.id
51 | }
52 | depends_on = [google_service_networking_connection.worker_pool_connection]
53 | }
54 |
55 | resource "null_resource" "configure_peering_gcb" {
56 |
57 | depends_on = [
58 | google_service_networking_connection.worker_pool_connection
59 | ]
60 |
61 | provisioner "local-exec" {
62 | interpreter = ["/bin/bash", "-c"]
63 | command = "gcloud compute networks peerings update servicenetworking-googleapis-com --network=$NETWORK --export-custom-routes"
64 | environment = {
65 | NETWORK = google_compute_network.network_gcb.name
66 | }
67 | }
68 | }
69 |
--------------------------------------------------------------------------------
/tutorials/private-targets/terraform-config/clusters.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2021 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | locals {
18 | cluster_type = "regional"
19 | }
20 |
21 | module "cluster-test" {
22 | source = "./modules/cluster"
23 | project_id = module.project-services.project_id
24 | name = "test-private"
25 | region = var.region
26 | network = google_compute_network.network_gke.name
27 | subnetwork = google_compute_subnetwork.subnetwork_gke_test.name
28 | ip_range_master = var.test_cluster_master_cidr
29 | ip_range_pods = ""
30 | ip_range_services = ""
31 | release_channel = "STABLE"
32 | }
33 |
34 | module "cluster-staging" {
35 | source = "./modules/cluster"
36 | project_id = module.project-services.project_id
37 | name = "staging-private"
38 | region = var.region
39 | network = google_compute_network.network_gke.name
40 | subnetwork = google_compute_subnetwork.subnetwork_gke_staging.name
41 | ip_range_master = var.staging_cluster_master_cidr
42 | ip_range_pods = ""
43 | ip_range_services = ""
44 | release_channel = "STABLE"
45 | }
46 |
47 | module "cluster-prod" {
48 | source = "./modules/cluster"
49 | project_id = module.project-services.project_id
50 | name = "prod-private"
51 | region = var.region
52 | network = google_compute_network.network_gke.name
53 | subnetwork = google_compute_subnetwork.subnetwork_gke_prod.name
54 | ip_range_master = var.prod_cluster_master_cidr
55 | ip_range_pods = ""
56 | ip_range_services = ""
57 | release_channel = "STABLE"
58 | }
59 |
60 | resource "null_resource" "configure_peering" {
61 |
62 | depends_on = [
63 | module.cluster-prod.peering_name
64 | ]
65 |
66 | provisioner "local-exec" {
67 | interpreter = ["/bin/bash", "-c"]
68 | command = "gcloud compute networks peerings update $PEERING --network=$NETWORK --export-custom-routes"
69 | environment = {
70 | NETWORK = google_compute_network.network_gke.name
71 | PEERING = module.cluster-prod.peering_name
72 | }
73 | }
74 | }
75 |
--------------------------------------------------------------------------------
/tutorials/private-targets/terraform-config/main.template:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2021 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | terraform {
18 | backend "gcs" {
19 | bucket="{{BACKEND_BUCKET}}"
20 | prefix="foundation"
21 | }
22 | required_providers {
23 | google = {
24 | source = "hashicorp/google"
25 | version = "~> 4.51.0"
26 | }
27 | google-beta = {
28 | source = "hashicorp/google-beta"
29 | version = "~> 4.51.0"
30 | }
31 | }
32 | }
33 |
34 | provider "google" {
35 | project = var.project_id
36 | region = var.region
37 | }
38 |
39 | provider "google-beta" {
40 | project = var.project_id
41 | region = var.region
42 | }
43 |
--------------------------------------------------------------------------------
/tutorials/private-targets/terraform-config/modules/cluster/outputs.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2021 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | output "service_account" {
18 | value = module.delivery_platform_cluster.service_account
19 | description = "Service account used to create the cluster and node pool(s)"
20 | }
21 |
22 | output "region" {
23 | value = var.region
24 | description = "Region for development cluster"
25 | }
26 |
27 | output "cluster_name" {
28 | value = var.name
29 | description = "Cluster Name"
30 | }
31 |
32 | output "endpoint" {
33 | value = module.delivery_platform_cluster.endpoint
34 | description = "Cluster endpoint used to identify the cluster"
35 | }
36 |
37 | output "peering_name" {
38 | value = module.delivery_platform_cluster.peering_name
39 | description = "Cluster peering name"
40 | }
41 |
--------------------------------------------------------------------------------
/tutorials/private-targets/terraform-config/modules/cluster/variables.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2021 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | variable "project_id" {
18 | description = "Project ID where the cluster will run"
19 | }
20 |
21 | variable "name" {
22 | description = "A unique name for the resource"
23 | }
24 |
25 | variable "region" {
26 | description = "The name of the region to run the cluster"
27 | }
28 |
29 | variable "network" {
30 | description = "The name of the network to run the cluster"
31 | }
32 |
33 | variable "subnetwork" {
34 | description = "The name of the subnet to run the cluster"
35 | }
36 |
37 | variable "ip_range_master" {
38 | description = "The range for the private master"
39 | }
40 |
41 | variable "ip_range_pods" {
42 | description = "The secondary range for the pods"
43 | }
44 |
45 | variable "ip_range_services" {
46 | description = "The secondary range for the services"
47 | }
48 |
49 | variable "machine_type" {
50 | description = "Type of node to use to run the cluster"
51 | default = "n1-standard-2"
52 | }
53 |
54 | variable "gke_kubernetes_version" {
55 | description = "Kubernetes version to deploy Masters and Nodes with"
56 | default = "1.14"
57 | }
58 |
59 | variable "minimum_node_pool_instances" {
60 | type = number
61 | description = "Number of node-pool instances to have active"
62 | default = 1
63 | }
64 |
65 | variable "maximum_node_pool_instances" {
66 | type = number
67 | description = "Maximum number of node-pool instances to scale to"
68 | default = 3
69 | }
70 |
71 | variable "release_channel" {
72 | type = string
73 | description = "(Beta) The release channel of this cluster. Accepted values are `UNSPECIFIED`, `RAPID`, `REGULAR` and `STABLE`. Defaults to `UNSPECIFIED`."
74 | default = "STABLE"
75 | }
76 |
--------------------------------------------------------------------------------
/tutorials/private-targets/terraform-config/sa.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2021 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | # Cloud Deploy service account
18 |
19 | resource "google_service_account" "deploy_service_account" {
20 | project = var.project_id
21 | account_id = "cd-tut-private-deploy-sa"
22 | display_name = "Cloud Deploy tutorial deploy service account"
23 | }
24 |
25 | resource "google_project_iam_member" "jobrunner_binding" {
26 | project = var.project_id
27 | role = "roles/clouddeploy.jobRunner"
28 | member = "serviceAccount:${google_service_account.deploy_service_account.email}"
29 | }
30 |
31 | resource "google_project_iam_member" "developer_binding" {
32 | project = var.project_id
33 | role = "roles/container.developer"
34 | member = "serviceAccount:${google_service_account.deploy_service_account.email}"
35 | }
36 |
37 | # Cloud Build service account
38 |
39 | resource "google_service_account" "build_service_account" {
40 | project = var.project_id
41 | account_id = "cd-tut-private-build-sa"
42 | display_name = "Cloud Deploy tutorial Cloud Build service account"
43 | }
44 |
45 | resource "google_project_iam_member" "build_sa_iam_storageadmin" {
46 | project = var.project_id
47 | role = "roles/storage.admin"
48 | member = "serviceAccount:${google_service_account.build_service_account.email}"
49 | }
50 |
51 | resource "google_project_iam_member" "build_sa_iam_logginglogwriter" {
52 | project = var.project_id
53 | role = "roles/logging.logWriter"
54 | member = "serviceAccount:${google_service_account.build_service_account.email}"
55 | }
56 |
57 | resource "google_project_iam_member" "build_sa_iam_artifactwriter" {
58 | project = var.project_id
59 | role = "roles/artifactregistry.writer"
60 | member = "serviceAccount:${google_service_account.build_service_account.email}"
61 | }
62 |
--------------------------------------------------------------------------------
/tutorials/private-targets/terraform-config/variables.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2021 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | variable "project_id" {
18 | description = "The project ID to host the cluster in"
19 | }
20 |
21 | variable "region" {
22 | description = "GCP region in which to build the infrastructure"
23 | }
24 |
25 | variable "gke_asn" {
26 | default = "64513"
27 | description = "ASN for GKE side VPN"
28 | }
29 |
30 | variable "gcb_asn" {
31 | default = "64514"
32 | description = "ASN for GCB side VPN"
33 | }
34 |
35 | variable "test_cluster_master_cidr" {
36 | default = "172.16.0.0/28"
37 | description = "Test cluster master CIDR"
38 | }
39 |
40 | variable "staging_cluster_master_cidr" {
41 | default = "172.16.1.0/28"
42 | description = "Staging cluster master CIDR"
43 | }
44 |
45 | variable "prod_cluster_master_cidr" {
46 | default = "172.16.2.0/28"
47 | description = "Prod cluster master CIDR"
48 | }
49 |
50 | variable "private_pool_address" {
51 | default = "172.17.0.0"
52 | description = "Start of Private Pool address block"
53 | }
54 |
55 | variable "private_pool_prefix" {
56 | default = "16"
57 | description = "Size of Private Pool address block"
58 | }
59 |
--------------------------------------------------------------------------------
/tutorials/private-targets/web-private-targets/leeroy-app/Dockerfile:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | FROM golang:1.13.11-alpine3.10 as builder
16 | COPY app.go .
17 | RUN go build -o /app .
18 |
19 | FROM alpine:3.20
20 | # Define GOTRACEBACK to mark this container as using the Go language runtime
21 | # for `skaffold debug` (https://skaffold.dev/docs/workflows/debug/).
22 | ENV GOTRACEBACK=single
23 | CMD ["./app"]
24 | COPY --from=builder /app .
25 |
--------------------------------------------------------------------------------
/tutorials/private-targets/web-private-targets/leeroy-app/app.go:
--------------------------------------------------------------------------------
1 | // Copyright 2021 Google LLC
2 | //
3 | // Licensed under the Apache License, Version 2.0 (the "License");
4 | // you may not use this file except in compliance with the License.
5 | // You may obtain a copy of the License at
6 | //
7 | // http://www.apache.org/licenses/LICENSE-2.0
8 | //
9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 |
15 | package main
16 |
17 | import (
18 | "fmt"
19 | "log"
20 | "net/http"
21 | )
22 |
23 | func handler(w http.ResponseWriter, r *http.Request) {
24 | fmt.Fprintf(w, "leeroooooy app!!\n")
25 | }
26 |
27 | func main() {
28 | log.Print("leeroy app server ready")
29 | http.HandleFunc("/", handler)
30 | http.ListenAndServe(":50051", nil)
31 | }
32 |
--------------------------------------------------------------------------------
/tutorials/private-targets/web-private-targets/leeroy-app/kubernetes/deployment.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: Service
17 | metadata:
18 | name: leeroy-app
19 | labels:
20 | app: leeroy-app
21 | spec:
22 | clusterIP: None
23 | ports:
24 | - port: 50051
25 | name: leeroy-app
26 | selector:
27 | app: leeroy-app
28 | ---
29 | apiVersion: apps/v1
30 | kind: Deployment
31 | metadata:
32 | name: leeroy-app
33 | labels:
34 | app: leeroy-app
35 | spec:
36 | replicas: 1
37 | selector:
38 | matchLabels:
39 | app: leeroy-app
40 | template:
41 | metadata:
42 | labels:
43 | app: leeroy-app
44 | spec:
45 | containers:
46 | - name: leeroy-app
47 | image: leeroy-app
48 | ports:
49 | - containerPort: 50051
50 |
--------------------------------------------------------------------------------
/tutorials/private-targets/web-private-targets/leeroy-web/Dockerfile:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | FROM golang:1.13.11-alpine3.10 as builder
16 | COPY web.go .
17 | RUN go build -o /web .
18 |
19 | FROM alpine:3.20
20 | # Define GOTRACEBACK to mark this container as using the Go language runtime
21 | # for `skaffold debug` (https://skaffold.dev/docs/workflows/debug/).
22 | ENV GOTRACEBACK=single
23 | CMD ["./web"]
24 | COPY --from=builder /web .
25 |
--------------------------------------------------------------------------------
/tutorials/private-targets/web-private-targets/leeroy-web/kubernetes/deployment.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: apps/v1
16 | kind: Deployment
17 | metadata:
18 | name: leeroy-web
19 | labels:
20 | app: leeroy-web
21 | spec:
22 | replicas: 1
23 | selector:
24 | matchLabels:
25 | app: leeroy-web
26 | template:
27 | metadata:
28 | labels:
29 | app: leeroy-web
30 | spec:
31 | containers:
32 | - name: leeroy-web
33 | image: leeroy-web
34 | ports:
35 | - containerPort: 8080
36 |
--------------------------------------------------------------------------------
/tutorials/private-targets/web-private-targets/leeroy-web/web.go:
--------------------------------------------------------------------------------
1 | // Copyright 2021 Google LLC
2 | //
3 | // Licensed under the Apache License, Version 2.0 (the "License");
4 | // you may not use this file except in compliance with the License.
5 | // You may obtain a copy of the License at
6 | //
7 | // http://www.apache.org/licenses/LICENSE-2.0
8 | //
9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 |
15 | package main
16 |
17 | import (
18 | "io"
19 | "net/http"
20 |
21 | "log"
22 | )
23 |
24 | func handler(w http.ResponseWriter, r *http.Request) {
25 | resp, err := http.Get("http://leeroy-app:50051")
26 | if err != nil {
27 | panic(err)
28 | }
29 | defer resp.Body.Close()
30 | if _, err := io.Copy(w, resp.Body); err != nil {
31 | panic(err)
32 | }
33 | }
34 |
35 | func main() {
36 | log.Print("leeroy web server ready")
37 | http.HandleFunc("/", handler)
38 | http.ListenAndServe(":8080", nil)
39 | }
40 |
--------------------------------------------------------------------------------
/tutorials/profiles-gke:
--------------------------------------------------------------------------------
1 | profiles
--------------------------------------------------------------------------------
/tutorials/profiles/cleanup.sh:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | TUTORIAL=base
16 | ROOT_DIR=$(git rev-parse --show-toplevel)
17 | TUTORIAL_DIR=${ROOT_DIR}/tutorials/${TUTORIAL}
18 | CD_CONFIG_DIR=${TUTORIAL_DIR}/clouddeploy-config
19 | TF_DIR=${TUTORIAL_DIR}/terraform-config
20 | KUBERNETES_DIR=${TUTORIAL_DIR}/kubernetes-config
21 | GCLOUD_CONFIG=clouddeploy
22 |
23 | PROJECT_ID=$(gcloud config get-value core/project)
24 | REGION=$(gcloud config get-value compute/region)
25 |
26 | BACKEND=${PROJECT_ID}-${TUTORIAL}-tf
27 |
28 | cd $TF_DIR
29 | terraform destroy -auto-approve -var=project_id=$PROJECT_ID -var=region=$REGION
30 | cd $ROOT_DIR
31 |
32 | gsutil rm -r gs://$BACKEND/
33 |
34 | rm -rf $TF_DIR/.terraform
35 | rm -rf $TF_DIR/main.tf
36 | rm -rf $TF_DIR/terraform.tfstat*
37 | rm -rf $TF_DIR/terraform.tfplan
38 |
--------------------------------------------------------------------------------
/tutorials/profiles/clouddeploy-config/delivery-pipeline-profiles.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: DeliveryPipeline
17 | metadata:
18 | name: web-app-profiles
19 | description: web-app delivery pipeline with Skaffold profiles
20 | serialPipeline:
21 | stages:
22 | - targetId: test
23 | profiles:
24 | - test
25 | - targetId: staging
26 | profiles:
27 | - staging
28 | - targetId: prod
29 | profiles:
30 | - prod
31 |
--------------------------------------------------------------------------------
/tutorials/profiles/clouddeploy-config/skaffold-profiles.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: skaffold/v3
16 | kind: Config
17 | build:
18 | artifacts:
19 | - image: leeroy-web-profiles
20 | context: leeroy-web-profiles
21 | - image: leeroy-app-profiles
22 | context: leeroy-app-profiles
23 | googleCloudBuild:
24 | projectId: ${PROJECT_ID}
25 | serviceAccount: projects/${PROJECT_ID}/serviceAccounts/cd-tut-build-sa@${PROJECT_ID}.iam.gserviceaccount.com
26 | manifests:
27 | rawYaml:
28 | - leeroy-web-profiles/kubernetes/*
29 | profiles:
30 | - name: test
31 | manifests:
32 | kustomize:
33 | paths:
34 | - leeroy-app-profiles/kubernetes/test
35 | - name: staging
36 | manifests:
37 | kustomize:
38 | paths:
39 | - leeroy-app-profiles/kubernetes/staging
40 | - name: prod
41 | manifests:
42 | kustomize:
43 | paths:
44 | - leeroy-app-profiles/kubernetes/prod
45 | deploy:
46 | kubectl:
47 |
--------------------------------------------------------------------------------
/tutorials/profiles/kubernetes-config/web-app-profiles-namespace.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: Namespace
17 | metadata:
18 | name: web-app-profiles
19 |
--------------------------------------------------------------------------------
/tutorials/profiles/web-profiles/leeroy-app-profiles/Dockerfile:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | FROM golang:1.13.11-alpine3.10 as builder
16 | COPY app.go .
17 | RUN go build -o /app .
18 |
19 | FROM alpine:3.20
20 | # Define GOTRACEBACK to mark this container as using the Go language runtime
21 | # for `skaffold debug` (https://skaffold.dev/docs/workflows/debug/).
22 | ENV GOTRACEBACK=single
23 | CMD ["./app"]
24 | COPY --from=builder /app .
25 |
--------------------------------------------------------------------------------
/tutorials/profiles/web-profiles/leeroy-app-profiles/app.go:
--------------------------------------------------------------------------------
1 | // Copyright 2021 Google LLC
2 | //
3 | // Licensed under the Apache License, Version 2.0 (the "License");
4 | // you may not use this file except in compliance with the License.
5 | // You may obtain a copy of the License at
6 | //
7 | // http://www.apache.org/licenses/LICENSE-2.0
8 | //
9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 |
15 | package main
16 |
17 | import (
18 | "fmt"
19 | "log"
20 | "net/http"
21 | "os"
22 | )
23 |
24 | func handler(w http.ResponseWriter, r *http.Request) {
25 | fmt.Fprintf(w, "leeroooooy app running in target: %s!!\n", os.Getenv("TARGET"))
26 | }
27 |
28 | func main() {
29 | log.Printf("leeroy app server ready, running in target: %s", os.Getenv("TARGET"))
30 | http.HandleFunc("/", handler)
31 | http.ListenAndServe(":50051", nil)
32 | }
33 |
--------------------------------------------------------------------------------
/tutorials/profiles/web-profiles/leeroy-app-profiles/kubernetes/base/deployment.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: v1
16 | kind: Service
17 | metadata:
18 | name: leeroy-app-profiles
19 | namespace: web-app-profiles
20 | labels:
21 | app: leeroy-app-profiles
22 | spec:
23 | clusterIP: None
24 | ports:
25 | - port: 50051
26 | name: leeroy-app-profiles
27 | selector:
28 | app: leeroy-app-profiles
29 | ---
30 | apiVersion: apps/v1
31 | kind: Deployment
32 | metadata:
33 | name: leeroy-app-profiles
34 | namespace: web-app-profiles
35 | labels:
36 | app: leeroy-app-profiles
37 | spec:
38 | replicas: 1
39 | selector:
40 | matchLabels:
41 | app: leeroy-app-profiles
42 | template:
43 | metadata:
44 | labels:
45 | app: leeroy-app-profiles
46 | spec:
47 | containers:
48 | - name: leeroy-app-profiles
49 | image: leeroy-app-profiles
50 | ports:
51 | - containerPort: 50051
52 |
--------------------------------------------------------------------------------
/tutorials/profiles/web-profiles/leeroy-app-profiles/kubernetes/base/kustomization.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: kustomize.config.k8s.io/v1beta1
16 | kind: Kustomization
17 | resources:
18 | - deployment.yaml
19 |
--------------------------------------------------------------------------------
/tutorials/profiles/web-profiles/leeroy-app-profiles/kubernetes/prod/kustomization.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: kustomize.config.k8s.io/v1beta1
16 | kind: Kustomization
17 | bases:
18 | - ../base
19 | patchesStrategicMerge:
20 | - target.yaml
21 |
--------------------------------------------------------------------------------
/tutorials/profiles/web-profiles/leeroy-app-profiles/kubernetes/prod/target.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: apps/v1
16 | kind: Deployment
17 | metadata:
18 | name: leeroy-app-profiles
19 | namespace: web-app-profiles
20 | spec:
21 | replicas: 3
22 | template:
23 | spec:
24 | containers:
25 | - name: leeroy-app-profiles
26 | env:
27 | - name: TARGET
28 | value: prod
29 |
--------------------------------------------------------------------------------
/tutorials/profiles/web-profiles/leeroy-app-profiles/kubernetes/staging/kustomization.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: kustomize.config.k8s.io/v1beta1
16 | kind: Kustomization
17 | bases:
18 | - ../base
19 | patchesStrategicMerge:
20 | - target.yaml
21 |
--------------------------------------------------------------------------------
/tutorials/profiles/web-profiles/leeroy-app-profiles/kubernetes/staging/target.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: apps/v1
16 | kind: Deployment
17 | metadata:
18 | name: leeroy-app-profiles
19 | namespace: web-app-profiles
20 | spec:
21 | replicas: 2
22 | template:
23 | spec:
24 | containers:
25 | - name: leeroy-app-profiles
26 | env:
27 | - name: TARGET
28 | value: staging
29 |
--------------------------------------------------------------------------------
/tutorials/profiles/web-profiles/leeroy-app-profiles/kubernetes/test/kustomization.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: kustomize.config.k8s.io/v1beta1
16 | kind: Kustomization
17 | bases:
18 | - ../base
19 | patchesStrategicMerge:
20 | - target.yaml
21 |
--------------------------------------------------------------------------------
/tutorials/profiles/web-profiles/leeroy-app-profiles/kubernetes/test/target.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: apps/v1
16 | kind: Deployment
17 | metadata:
18 | name: leeroy-app-profiles
19 | namespace: web-app-profiles
20 | spec:
21 | template:
22 | spec:
23 | containers:
24 | - name: leeroy-app-profiles
25 | env:
26 | - name: TARGET
27 | value: test
28 |
--------------------------------------------------------------------------------
/tutorials/profiles/web-profiles/leeroy-web-profiles/Dockerfile:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | FROM golang:1.13.11-alpine3.10 as builder
16 | COPY web.go .
17 | RUN go build -o /web .
18 |
19 | FROM alpine:3.20
20 | # Define GOTRACEBACK to mark this container as using the Go language runtime
21 | # for `skaffold debug` (https://skaffold.dev/docs/workflows/debug/).
22 | ENV GOTRACEBACK=single
23 | CMD ["./web"]
24 | COPY --from=builder /web .
25 |
--------------------------------------------------------------------------------
/tutorials/profiles/web-profiles/leeroy-web-profiles/kubernetes/deployment.yaml:
--------------------------------------------------------------------------------
1 | # Copyright 2021 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: apps/v1
16 | kind: Deployment
17 | metadata:
18 | name: leeroy-web-profiles
19 | namespace: web-app-profiles
20 | labels:
21 | app: leeroy-web-profiles
22 | spec:
23 | replicas: 1
24 | selector:
25 | matchLabels:
26 | app: leeroy-web-profiles
27 | template:
28 | metadata:
29 | labels:
30 | app: leeroy-web-profiles
31 | spec:
32 | containers:
33 | - name: leeroy-web-profiles
34 | image: leeroy-web-profiles
35 | ports:
36 | - containerPort: 8080
37 |
--------------------------------------------------------------------------------
/tutorials/profiles/web-profiles/leeroy-web-profiles/web.go:
--------------------------------------------------------------------------------
1 | // Copyright 2021 Google LLC
2 | //
3 | // Licensed under the Apache License, Version 2.0 (the "License");
4 | // you may not use this file except in compliance with the License.
5 | // You may obtain a copy of the License at
6 | //
7 | // http://www.apache.org/licenses/LICENSE-2.0
8 | //
9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 |
15 | package main
16 |
17 | import (
18 | "io"
19 | "net/http"
20 |
21 | "log"
22 | )
23 |
24 | func handler(w http.ResponseWriter, r *http.Request) {
25 | resp, err := http.Get("http://leeroy-app-profiles:50051")
26 | if err != nil {
27 | panic(err)
28 | }
29 | defer resp.Body.Close()
30 | if _, err := io.Copy(w, resp.Body); err != nil {
31 | panic(err)
32 | }
33 | }
34 |
35 | func main() {
36 | log.Print("leeroy web server ready")
37 | http.HandleFunc("/", handler)
38 | http.ListenAndServe(":8080", nil)
39 | }
40 |
--------------------------------------------------------------------------------
/tutorials/verification-run/app-config/hello-app-prod.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: serving.knative.dev/v1
16 | kind: Service
17 | metadata:
18 | name: hello-app-prod
19 | spec:
20 | template:
21 | metadata:
22 | annotations:
23 | autoscaling.knative.dev/maxScale: "1"
24 | spec:
25 | serviceAccountName: cd-dv-tut-run-sa@${PROJECT_ID}.iam.gserviceaccount.com
26 | containers:
27 | - name: hello-app
28 | image: hello-app
29 | env:
30 | - name: NAME
31 | value: "Prod"
32 |
--------------------------------------------------------------------------------
/tutorials/verification-run/app-config/hello-app-staging.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: serving.knative.dev/v1
16 | kind: Service
17 | metadata:
18 | name: hello-app-staging
19 | spec:
20 | template:
21 | metadata:
22 | annotations:
23 | autoscaling.knative.dev/maxScale: "1"
24 | spec:
25 | serviceAccountName: cd-dv-tut-run-sa@${PROJECT_ID}.iam.gserviceaccount.com
26 | containers:
27 | - name: hello-app
28 | image: hello-app
29 | env:
30 | - name: NAME
31 | value: "Stage" # <-- EDIT
32 |
--------------------------------------------------------------------------------
/tutorials/verification-run/app-config/hello-app-test.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: serving.knative.dev/v1
16 | kind: Service
17 | metadata:
18 | name: hello-app-test
19 | spec:
20 | template:
21 | metadata:
22 | annotations:
23 | autoscaling.knative.dev/maxScale: "1"
24 | spec:
25 | serviceAccountName: cd-dv-tut-run-sa@${PROJECT_ID}.iam.gserviceaccount.com
26 | containers:
27 | - name: hello-app
28 | image: hello-app
29 | env:
30 | - name: NAME
31 | value: "Test"
32 |
--------------------------------------------------------------------------------
/tutorials/verification-run/app-config/hello-app/Dockerfile:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | FROM golang:1.22 AS builder
16 | WORKDIR /go/src/hello
17 | COPY . .
18 | RUN CGO_ENABLED=0 go build -o /go/bin/hello
19 |
20 | FROM gcr.io/distroless/static-debian11
21 | COPY --from=builder /go/bin/hello /
22 | CMD ["/hello"]
23 |
--------------------------------------------------------------------------------
/tutorials/verification-run/app-config/hello-app/go.mod:
--------------------------------------------------------------------------------
1 | module hello
2 |
3 | go 1.19
4 |
--------------------------------------------------------------------------------
/tutorials/verification-run/app-config/hello-app/main.go:
--------------------------------------------------------------------------------
1 | // Copyright 2020 Google LLC
2 | //
3 | // Licensed under the Apache License, Version 2.0 (the "License");
4 | // you may not use this file except in compliance with the License.
5 | // You may obtain a copy of the License at
6 | //
7 | // https://www.apache.org/licenses/LICENSE-2.0
8 | //
9 | // Unless required by applicable law or agreed to in writing, software
10 | // distributed under the License is distributed on an "AS IS" BASIS,
11 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | // See the License for the specific language governing permissions and
13 | // limitations under the License.
14 |
15 | // Sample run-helloworld is a minimal Cloud Run service.
16 | package main
17 |
18 | import (
19 | "fmt"
20 | "log"
21 | "net/http"
22 | "os"
23 | )
24 |
25 | func main() {
26 | log.Print("starting server...")
27 | http.HandleFunc("/", handler)
28 |
29 | // Determine port for HTTP service.
30 | port := os.Getenv("PORT")
31 | if port == "" {
32 | port = "8080"
33 | log.Printf("defaulting to port %s", port)
34 | }
35 |
36 | // Start HTTP server.
37 | log.Printf("listening on port %s", port)
38 | if err := http.ListenAndServe(":"+port, nil); err != nil {
39 | log.Fatal(err)
40 | }
41 | }
42 |
43 | func handler(w http.ResponseWriter, r *http.Request) {
44 | name := os.Getenv("NAME")
45 |
46 | switch name {
47 | case "Test", "Staging", "Prod":
48 | fmt.Fprintf(w, "Hello %s! 🎉\n", name)
49 | default:
50 | http.Error(w, "Configuration must match target name (Test, Staging, Prod)", 400)
51 | }
52 |
53 | log.Printf("Sent response, target was '%s'", name)
54 | }
55 |
--------------------------------------------------------------------------------
/tutorials/verification-run/app-config/hello-verify/Dockerfile:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 | FROM docker:26.1.3 as static-docker-source
15 | FROM alpine:3.15
16 | ARG CLOUD_SDK_VERSION=400.0.0
17 | ENV CLOUD_SDK_VERSION=$CLOUD_SDK_VERSION
18 | ENV PATH /google-cloud-sdk/bin:$PATH
19 | COPY --from=static-docker-source /usr/local/bin/docker /usr/local/bin/docker
20 | RUN addgroup -g 1000 -S cloudsdk && adduser -u 1000 -S cloudsdk -G cloudsdk
21 | RUN if [ `uname -m` = 'x86_64' ]; then echo -n "x86_64" > /tmp/arch; else echo -n "arm" > /tmp/arch; fi;
22 | RUN ARCH=`cat /tmp/arch` && apk --no-cache add \
23 | curl \
24 | python3 \
25 | py3-crcmod \
26 | py3-openssl \
27 | bash \
28 | libc6-compat \
29 | openssh-client \
30 | git \
31 | gnupg \
32 | && curl -sS -O https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-${CLOUD_SDK_VERSION}-linux-${ARCH}.tar.gz && \
33 | tar xzf google-cloud-sdk-${CLOUD_SDK_VERSION}-linux-${ARCH}.tar.gz && \
34 | rm google-cloud-sdk-${CLOUD_SDK_VERSION}-linux-${ARCH}.tar.gz && \
35 | gcloud config set core/disable_usage_reporting true && \
36 | gcloud config set component_manager/disable_update_check true && \
37 | gcloud config set survey/disable_prompts True && \
38 | gcloud --version
39 | VOLUME ["/root/.config"]
40 | WORKDIR /
41 | COPY . .
42 |
--------------------------------------------------------------------------------
/tutorials/verification-run/app-config/hello-verify/verify.sh:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | # Copyright 2022 Google LLC
4 | #
5 | # Licensed under the Apache License, Version 2.0 (the "License");
6 | # you may not use this file except in compliance with the License.
7 | # You may obtain a copy of the License at
8 | #
9 | # http://www.apache.org/licenses/LICENSE-2.0
10 | #
11 | # Unless required by applicable law or agreed to in writing, software
12 | # distributed under the License is distributed on an "AS IS" BASIS,
13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 | # See the License for the specific language governing permissions and
15 | # limitations under the License.
16 |
17 | if [ $# -ne 3 ]
18 | then
19 | echo "Usage: "
20 | exit 1
21 | fi
22 |
23 | PATH=/google-cloud-sdk/bin:${PATH}
24 |
25 | SERVICE_NAME=${1}
26 | PROJECT_ID=${2}
27 | REGION=${3}
28 |
29 | gcloud config set core/project ${PROJECT_ID}
30 | gcloud config set run/region ${REGION}
31 |
32 | URL=$(gcloud run services describe ${SERVICE_NAME} --format='value(status.url)')
33 |
34 | status=$?
35 |
36 | if [ "$status" -eq 0 ]; then
37 | echo "Retrieved service endpoint ${URL} for ${SERVICE_NAME}"
38 | else
39 | echo "Failed to retrieve service endpoint for ${SERVICE_NAME}"
40 | exit $status
41 | fi
42 |
43 | AUTH=$(gcloud auth print-identity-token --include-email --audiences ${URL} --impersonate-service-account cd-dv-tutorial-sa@${PROJECT_ID}.iam.gserviceaccount.com --quiet)
44 |
45 | status=$?
46 |
47 | if [ "$status" -eq 0 ]; then
48 | echo "Retrieved identity token for ${SERVICE_NAME}"
49 | else
50 | echo "Failed to retrieve identity token for ${SERVICE_NAME}"
51 | exit $status
52 | fi
53 |
54 | curl --fail --show-error --silent --header "Authorization: Bearer ${AUTH}" "${URL}"
55 |
56 | status=$?
57 |
58 | if [ "$status" -eq 0 ]; then
59 | echo "Service ${SERVICE_NAME} successfully verified"
60 | else
61 | echo "Service ${SERVICE_NAME} failed verification"
62 | fi
63 |
64 | exit $status
65 |
--------------------------------------------------------------------------------
/tutorials/verification-run/app-config/skaffold.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: skaffold/v3
16 | kind: Config
17 | metadata:
18 | name: hello-app
19 | build:
20 | artifacts:
21 | - image: hello-app
22 | context: hello-app
23 | - image: hello-verify
24 | context: hello-verify
25 | googleCloudBuild:
26 | projectId: ${PROJECT_ID}
27 | serviceAccount: projects/${PROJECT_ID}/serviceAccounts/cd-dv-tut-run-build-sa@${PROJECT_ID}.iam.gserviceaccount.com
28 | deploy:
29 | cloudrun: {}
30 | profiles:
31 | - name: test
32 | manifests:
33 | rawYaml:
34 | - hello-app-test.yaml
35 | verify:
36 | - name: verify-deployment
37 | container:
38 | name: hello-verify
39 | image: hello-verify
40 | command: ["/verify.sh"]
41 | args: ["hello-app-test", "${PROJECT_ID}", "${REGION}" ]
42 | - name: staging
43 | manifests:
44 | rawYaml:
45 | - hello-app-staging.yaml
46 | verify:
47 | - name: verify-deployment
48 | container:
49 | name: hello-verify
50 | image: hello-verify
51 | command: ["/verify.sh"]
52 | args: ["hello-app-staging", "${PROJECT_ID}", "${REGION}" ]
53 | - name: prod
54 | manifests:
55 | rawYaml:
56 | - hello-app-prod.yaml
57 | verify:
58 | - name: verify-deployment
59 | container:
60 | name: hello-verify
61 | image: hello-verify
62 | command: ["/verify.sh"]
63 | args: ["hello-app-prod", "${PROJECT_ID}", "${REGION}" ]
64 |
--------------------------------------------------------------------------------
/tutorials/verification-run/cleanup.sh:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | TUTORIAL=verification-run
16 | ROOT_DIR=$(git rev-parse --show-toplevel)
17 | TUTORIAL_DIR=${ROOT_DIR}/tutorials/${TUTORIAL}
18 | CD_CONFIG_DIR=${TUTORIAL_DIR}/clouddeploy-config
19 | TF_DIR=${TUTORIAL_DIR}/terraform-config
20 | GCLOUD_CONFIG=clouddeploy
21 |
22 | PROJECT_ID=$(gcloud config get-value core/project)
23 | REGION=$(gcloud config get-value compute/region)
24 |
25 | BACKEND=${PROJECT_ID}-${TUTORIAL}-tf
26 |
27 | cd ${TF_DIR}
28 | terraform destroy -auto-approve -var=project_id=${PROJECT_ID} -var=region=${REGION}
29 |
30 | cd ${ROOT_DIR}
31 |
32 | gsutil rm -r gs://$BACKEND/
33 |
34 | rm -rf $TF_DIR/.terraform
35 | rm -rf $TF_DIR/main.tf
36 | rm -rf $TF_DIR/terraform.tfstat*
37 | rm -rf $TF_DIR/terraform.tfplan
38 |
--------------------------------------------------------------------------------
/tutorials/verification-run/clouddeploy-config/delivery-pipeline.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: DeliveryPipeline
17 | metadata:
18 | name: hello-app-verification
19 | description: Deployment pipeline for hello-app
20 | serialPipeline:
21 | stages:
22 | - targetId: test-cloudrun-verification
23 | profiles: [test]
24 | strategy:
25 | standard:
26 | verify: true
27 | - targetId: staging-cloudrun-verification
28 | profiles: [staging]
29 | strategy:
30 | standard:
31 | verify: true
32 | - targetId: prod-cloudrun-verification
33 | profiles: [prod]
34 | strategy:
35 | standard:
36 | verify: true
37 |
--------------------------------------------------------------------------------
/tutorials/verification-run/clouddeploy-config/target-prod.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: Target
17 | metadata:
18 | name: prod-cloudrun-verification
19 | description: Production target
20 | run:
21 | location: projects/${PROJECT_ID}/locations/${REGION}
22 | executionConfigs:
23 | - usages:
24 | - RENDER
25 | - DEPLOY
26 | - VERIFY
27 | serviceAccount: cd-dv-tutorial-sa@${PROJECT_ID}.iam.gserviceaccount.com
28 |
--------------------------------------------------------------------------------
/tutorials/verification-run/clouddeploy-config/target-staging.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: Target
17 | metadata:
18 | name: staging-cloudrun-verification
19 | description: Staging target
20 | run:
21 | location: projects/${PROJECT_ID}/locations/${REGION}
22 | executionConfigs:
23 | - usages:
24 | - RENDER
25 | - DEPLOY
26 | - VERIFY
27 | serviceAccount: cd-dv-tutorial-sa@${PROJECT_ID}.iam.gserviceaccount.com
28 |
--------------------------------------------------------------------------------
/tutorials/verification-run/clouddeploy-config/target-test.yaml.template:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | apiVersion: deploy.cloud.google.com/v1beta1
16 | kind: Target
17 | metadata:
18 | name: test-cloudrun-verification
19 | description: Test target
20 | run:
21 | location: projects/${PROJECT_ID}/locations/${REGION}
22 | executionConfigs:
23 | - usages:
24 | - RENDER
25 | - DEPLOY
26 | - VERIFY
27 | serviceAccount: cd-dv-tutorial-sa@${PROJECT_ID}.iam.gserviceaccount.com
28 |
--------------------------------------------------------------------------------
/tutorials/verification-run/setup.sh:
--------------------------------------------------------------------------------
1 | # Copyright 2022 Google LLC
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 |
15 | # Standard functions begin with manage or run.
16 | # Walkthrough-specific functions begin with the abbreviation for
17 | # that walkthrough
18 |
19 | TUTORIAL=verification-run
20 | ROOT_DIR=$(git rev-parse --show-toplevel)
21 | TUTORIAL_DIR=${ROOT_DIR}/tutorials/${TUTORIAL}
22 | APP_CONFIG_DIR=${TUTORIAL_DIR}/app-config
23 | CD_CONFIG_DIR=${TUTORIAL_DIR}/clouddeploy-config
24 | TF_DIR=${TUTORIAL_DIR}/terraform-config
25 | GCLOUD_CONFIG=clouddeploy
26 |
27 | export PROJECT_ID=$(gcloud config get-value core/project)
28 | export REGION=us-central1
29 |
30 | BACKEND=${PROJECT_ID}-${TUTORIAL}-tf
31 |
32 | manage_apis() {
33 | # Enables any APIs that we need prior to Terraform being run
34 |
35 | echo "Enabling GCP APIs, please wait, this may take several minutes..."
36 | gcloud services enable storage.googleapis.com \
37 | compute.googleapis.com \
38 | artifactregistry.googleapis.com
39 | }
40 |
41 | manage_configs() {
42 | # Sets any SDK configs and ensures they'll persist across
43 | # Cloud Shell sessions
44 |
45 | echo "Creating persistent Cloud Shell configuration"
46 | SHELL_RC=${HOME}/.$(basename ${SHELL})rc
47 | echo export CLOUDSDK_CONFIG=${HOME}/.gcloud >> ${SHELL_RC}
48 |
49 | if [[ $(gcloud config configurations list --quiet --filter "name=${GCLOUD_CONFIG}") ]]; then
50 | echo "Config ${GCLOUD_CONFIG} already exists, skipping config creation"
51 | else
52 | gcloud config configurations create ${GCLOUD_CONFIG}
53 | echo "Created config ${GCLOUD_CONFIG}"
54 | fi
55 |
56 | gcloud config set project ${PROJECT_ID}
57 | gcloud config set compute/region ${REGION}
58 | gcloud config set deploy/region ${REGION}
59 | gcloud config set run/platform managed
60 | gcloud config set run/region ${REGION}
61 | }
62 |
63 | run_terraform() {
64 | # Terraform workflows
65 |
66 | cd ${TF_DIR}
67 |
68 | sed "s/bucket=.*/bucket=\"$BACKEND\"/g" main.template > main.tf
69 | gsutil mb gs://${BACKEND} || true
70 |
71 | terraform init
72 | terraform plan -out=terraform.tfplan -var="project_id=${PROJECT_ID}" -var="region=${REGION}"
73 | terraform apply -auto-approve terraform.tfplan
74 | }
75 |
76 | configure_git() {
77 | # Ensures some base level git client config is present
78 |
79 | git config user.name "Cloud Deploy"
80 | git config user.email "noreply@google.com"
81 | }
82 |
83 | verification_apps() {
84 | # Any sample application install and configuration for the verification walkthrough.
85 |
86 | echo "Configuring walkthrough applications"
87 |
88 | cd ${CD_CONFIG_DIR}
89 | for template in $(ls *.template); do
90 | envsubst < ${template} > ${template%.*}
91 | done
92 |
93 | cd ${APP_CONFIG_DIR}
94 | for template in $(ls *.template); do
95 | envsubst < ${template} > ${template%.*}
96 | done
97 |
98 | git tag -a v1 -m "version 1 release"
99 | }
100 |
101 | manage_apis
102 | manage_configs
103 | run_terraform
104 | configure_git
105 | verification_apps
106 |
--------------------------------------------------------------------------------
/tutorials/verification-run/terraform-config/.terraform.lock.hcl:
--------------------------------------------------------------------------------
1 | # This file is maintained automatically by "terraform init".
2 | # Manual edits may be lost in future updates.
3 |
4 | provider "registry.terraform.io/hashicorp/google" {
5 | version = "4.31.0"
6 | constraints = ">= 3.43.0, ~> 4.31.0, < 5.0.0"
7 | hashes = [
8 | "h1:+X1KG9mnYGMkYD1c/O+uUi72d4kB3kPSDei4yMEDVAQ=",
9 | "h1:p6GUUYG9PQ4XODXBgsHpWTygziRtY61z07slBKYbiCQ=",
10 | "zh:02a19ed46c2007f6aadfb6ff90aa6063be063194d1f0dd02dc839adc212f7cae",
11 | "zh:1046de7e13e81a8f86461f99e9d5ff25d5dabe8465f51efe72084ded426ba771",
12 | "zh:209b054685f7364f3f5e8b570ceb62701e5b466d37cce8b7108385fc1feb3683",
13 | "zh:717773619a1102748204699974c30aba39dc727baf389b874afcab6e17b63ffa",
14 | "zh:7d5f4885cda2ca0ec8cb8bac36ea156aeca7787c01c17e65f7226742b60369d8",
15 | "zh:82df57f2df5708441c57045b3e1a9a91ed55abe67d0d2f00705c7a1f512ec6ec",
16 | "zh:a0191b194e68dd3c0ac5a26712f95d435839ff20d2b2ad53670374c64946042d",
17 | "zh:a95b8358469d6347a5bcf4462ad18efaf80014f07f36bd26019ca039c523ff48",
18 | "zh:b62c968f50d3afa8300c9267388d273a90a5be1a4e9a218205a358e6954e7844",
19 | "zh:bc11cc9b8defec24831bbd6a73a2fa940659c7c610ea7aa0d8b38c2b1af6689b",
20 | "zh:e6ac4c46c3e5a32635fcd27784c189b6cbc6aa9cbf7a3b09e999ec3aa3e2004a",
21 | "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
22 | ]
23 | }
24 |
25 | provider "registry.terraform.io/hashicorp/google-beta" {
26 | version = "4.31.0"
27 | constraints = ">= 3.43.0, ~> 4.31.0, < 5.0.0"
28 | hashes = [
29 | "h1:M2pepGi4wx5wxMcyLLJnnffWx6Eg6lVpFtdbtbuQP74=",
30 | "h1:jLDN1EAlgTQgcG99dEVE0V50VirRFccy8hk7MLhbjdY=",
31 | "zh:101d9711741ce76f1c4a07cd41d9c7d59dd299a52a41e71f0683b7fac8285d8f",
32 | "zh:3d32ab7cdb598a4cd7ce0c6b5dd7a0e69c7b1a974127db888224c36bbd364646",
33 | "zh:6e18ecd2783cf53f6d5316be3b00fb87132f63d5cb8b2908de07c5dc4114e16c",
34 | "zh:787508727b80c55dc58021a2832c057aa3ec96f4691acc74cde992517c48c5bd",
35 | "zh:79e9be806708d2a8ce86b8e9c6506722c5d8e959a5d1af1e34d6db78839b6418",
36 | "zh:9ff3963190eb5626e51f5edbe57b6e7552e8f861d134eea4c785824941ec8f5d",
37 | "zh:a880691ac61468f78df142bf06c117c5aef12b2945ecb12e06c609e9a68b9922",
38 | "zh:bafd09b2ecd678b23fd5f6bd634610074e1d7eb0c7c57887c63245aaebee001a",
39 | "zh:bc6dfab7da73b83b86255fb61ce1b31e7c698ac9fa719e76a58bb85e2c0d3b9d",
40 | "zh:d8415dc96809e8eab1adebea821725bc33ab310a6bae8bd1aec7ef4d9bec625c",
41 | "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
42 | "zh:fb34e29154d17a81f76d16f1831dd69c6d85d9c1539faf7a2cfe775292e88fa0",
43 | ]
44 | }
45 |
--------------------------------------------------------------------------------
/tutorials/verification-run/terraform-config/apis.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2022 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | module "project-services" {
18 | source = "terraform-google-modules/project-factory/google//modules/project_services"
19 | version = "~> 13.0"
20 |
21 | project_id = var.project_id
22 |
23 | disable_services_on_destroy = false
24 | disable_dependent_services = false
25 |
26 | activate_apis = [
27 | "cloudbuild.googleapis.com",
28 | "clouddeploy.googleapis.com",
29 | "cloudresourcemanager.googleapis.com",
30 | "compute.googleapis.com",
31 | "iam.googleapis.com",
32 | "run.googleapis.com",
33 | ]
34 | }
35 |
--------------------------------------------------------------------------------
/tutorials/verification-run/terraform-config/ar.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2022 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | resource "google_artifact_registry_repository" "artifact-registry" {
18 |
19 | provider = google-beta
20 |
21 | location = var.region
22 | repository_id = "hello-app-verification"
23 | description = "Image registry for Cloud Deploy Deployment Verification tutorial"
24 | format = "DOCKER"
25 | }
26 |
--------------------------------------------------------------------------------
/tutorials/verification-run/terraform-config/main.template:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2022 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | terraform {
18 | backend "gcs" {
19 | bucket="{{BACKEND_BUCKET}}"
20 | prefix="verification-cr"
21 | }
22 | required_providers {
23 | google = {
24 | source = "hashicorp/google"
25 | version = "~> 4.31.0"
26 | }
27 | google-beta = {
28 | source = "hashicorp/google-beta"
29 | version = "~> 4.31.0"
30 | }
31 | }
32 | }
33 |
34 | provider "google" {
35 | project = var.project_id
36 | region = var.region
37 | }
38 |
39 | provider "google-beta" {
40 | project = var.project_id
41 | region = var.region
42 | }
43 |
--------------------------------------------------------------------------------
/tutorials/verification-run/terraform-config/variables.tf:
--------------------------------------------------------------------------------
1 | /**
2 | * Copyright 2022 Google LLC
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | */
16 |
17 | variable "project_id" {
18 | description = "The project ID to host the cluster in"
19 | }
20 |
21 | variable "region" {
22 | description = "GCP region in which to build the infrastructure"
23 | }
24 |
--------------------------------------------------------------------------------