- Artifact Registry API
- Cloud Run API
- Cloud DNS API
- Compute Engine API
- Identity and Access Management (IAM) API
- Manually create DNS zone
- Manually create service account for deploying via Pulumi
- Manually create Artifact Registry repo
- Artifact Registry Administrator (roles/artifactregistry.admin)
- Cloud Run Admin (roles/run.admin)
- Compute Load Balancer Admin (roles/compute.loadBalancerAdmin)
- Compute Network Admin (roles/compute.networkAdmin)
- DNS Administrator (roles/dns.admin)
- Service Account Admin (roles/iam.serviceAccountAdmin))
- Service Account Token Creator (roles/iam.serviceAccountTokenCreator)
- Service Account User (roles/iam.serviceAccountUser)
- Create Pulumi account & organization
- Create Pulumi access token
- GOOGLE_CREDENTIALS - service account key in JSON format
- DOCKER_REGISTRY - location of GAR repo
- PULUMI_ACCESS_TOKEN
- DISCORD_WEBHOOK_URL
- https://qasimalbaqali.medium.com/deploy-a-stack-on-every-pull-request-using-pulumi-and-github-actions-d5dbfa8946f6
- https://ardalis.com/integrate-github-and-discord-with-webhooks/
- https://medium.com/develop-everything/create-a-cloud-run-service-and-https-load-balancer-with-pulumi-3ba542e60367
- https://www.pulumi.com/registry/packages/gcp/api-docs/compute/managedsslcertificate/
- Static IP
- Check stack exists (stack manager github action)
- Cleanup outdated main images