IaC for Cloud Run for Anthos
- 環境変数をセットし、ログインします
export GCLOUD_PROJECT_ID=
gcloud auth login
- Terraform の状態保存用にバケットを作ります
- dev 環境のベースを作ります
cd ../environments/dev
terraform init -backend-config="bucket=${GCLOUD_PROJECT_ID}-tfstate"
terraform plan -var "project_id=${GCLOUD_PROJECT_ID}"
terraform apply -var "project_id=${GCLOUD_PROJECT_ID}" -auto-approve
- サービスアカウントとその鍵を生成します
gcloud iam service-accounts create terraform \
--display-name "Terraform admin account"
SA_EMAIL="$( gcloud iam service-accounts list \
--filter 'email ~ terraform@.*' --format='value(email)' )"
gcloud projects add-iam-policy-binding "${GCLOUD_PROJECT_ID}" \
--member "serviceAccount:${SA_EMAIL}" \
--role roles/editor
gcloud iam service-accounts keys create terraform-creds.json \
--iam-account "${SA_EMAIL}"
- Circle CI の環境変数
GOOGLE_CREDENTIALS に以下の値を設定