terraform-google-gcr-cleaner
Terraform module that implements gcr-cleaner, a tool that deletes untagged images in Google Cloud Container Registry.
Prerequisites
Please install:
Usage
Cleaning test/nginx, test/db/mariadb repositories from current project (the provider project ) and test/os/centos from another-project-id project:
module "gcr_cleaner" {
source = "mirakl/gcr-cleaner/google"
version = "0.5.0"
app_engine_application_location = "europe-west3"
gcr_repositories = [
{
storage_region = "eu"
repositories = [
"test/nginx",
"test/db/mariadb",
]
},
{
project_id = "another-project-id"
repositories = [
"test/os/centos",
]
}
]
}Cleaning all repositories from yet-another-project-id project:
module "gcr_cleaner" {
source = "mirakl/gcr-cleaner/google"
version = "0.5.0"
app_engine_application_location = "us-central"
gcr_repositories = [
{
project_id = "yet-another-project-id"
clean_all = true
}
]
}To fetch all repositories for a given project, this module is using an external data source running a local script that build the list of repositories with the help of gcloud and jq commands.
Examples
- complete - complete usage of the module (setting values for all variables)
- minimal - minimal usage of the module (using default values for variables)
TODO
This version of the module implements just repo parameter of the gcr-cleaner payload. Other parameters will be implemented in future versions.
Requirements
| Name | Version |
|---|---|
| terraform | >= 0.15.0 |
| external | >= 2.1.0 |
| >= 3.62.0 |
Providers
| Name | Version |
|---|---|
| external | >= 2.1.0 |
| >= 3.62.0 |
Modules
No modules.
Resources
| Name | Type |
|---|---|
| google_app_engine_application.this | resource |
| google_cloud_run_service.this | resource |
| google_cloud_run_service_iam_binding.this | resource |
| google_cloud_scheduler_job.this | resource |
| google_project_service.this | resource |
| google_service_account.cleaner | resource |
| google_service_account.invoker | resource |
| google_storage_bucket_access_control.this | resource |
| external_external.this | data source |
| google_project.this | data source |
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| app_engine_application_location | The location to serve the app from. | string |
"europe-west1" |
no |
| cloud_run_service_location | The location of the cloud run instance. Make sure to provide a valid location. More at https://cloud.google.com/run/docs/locations. | string |
"europe-west1" |
no |
| cloud_run_service_maximum_instances | The number of maximum instances to set for this revision. This value will be used in the autoscaling.knative.dev/maxScale annotation key. |
number |
100 |
no |
| cloud_run_service_name | The name of the cloud run service. | string |
"gcr-cleaner" |
no |
| cloud_run_service_timeout_seconds | TimeoutSeconds holds the max duration the instance is allowed for responding to a request. | number |
60 |
no |
| cloud_scheduler_job_attempt_deadline | The deadline for job attempts in seconds. If the request handler does not respond by this deadline then the request is cancelled and the attempt is marked as a DEADLINE_EXCEEDED failure. The failed attempt can be viewed in execution logs. Cloud Scheduler will retry the job according to the RetryConfig. Value must be between 15 seconds and 24 hours |
number |
320 |
no |
| cloud_scheduler_job_max_backoff_duration | The maximum amount of time to wait before retrying a job after it fails. A duration in seconds with up to nine fractional digits. | number |
3600 |
no |
| cloud_scheduler_job_max_doublings | The time between retries will double maxDoublings times. A job's retry interval starts at minBackoffDuration, then doubles maxDoublings times, then increases linearly, and finally retries retries at intervals of maxBackoffDuration up to retryCount times. | number |
5 |
no |
| cloud_scheduler_job_max_retry_duration | The time limit for retrying a failed job, measured from time when an execution was first attempted. If specified with retryCount, the job will be retried until both limits are reached. A duration in seconds with up to nine fractional digits. | number |
0 |
no |
| cloud_scheduler_job_min_backoff_duration | The minimum amount of time to wait before retrying a job after it fails. A duration in seconds with up to nine fractional digits. | number |
5 |
no |
| cloud_scheduler_job_retry_count | The number of attempts that the system will make to run a job using the exponential backoff procedure described by maxDoublings. Values greater than 5 and negative values are not allowed. | number |
1 |
no |
| cloud_scheduler_job_schedule | Describes the schedule on which the job will be executed. | string |
"0 4 * * 1" |
no |
| cloud_scheduler_job_time_zone | Specifies the time zone to be used in interpreting schedule. The value of this field must be a time zone name from the tz database. More on https://en.wikipedia.org/wiki/List_of_tz_database_time_zones | string |
"Europe/Brussels" |
no |
| create_app_engine_app | Whether to create an App Engine application. | bool |
false |
no |
| disable_dependent_services | If true, services that are enabled and which depend on this service should also be disabled when this service is destroyed. If false or unset, an error will be generated if any enabled services depend on this service when destroying it. |
bool |
false |
no |
| disable_on_destroy | If true, disable the service when the terraform resource is destroyed. May be useful in the event that a project is long-lived but the infrastructure running in that project changes frequently. |
bool |
false |
no |
| gcr_cleaner_image | The docker image of the gcr cleaner to deploy to Cloud Run. | string |
"gcr.io/gcr-cleaner/gcr-cleaner" |
no |
| gcr_repositories | List of Google Container Registries objects. | list(object({ |
[] |
no |
Outputs
| Name | Description |
|---|---|
| app_engine_application_name | The name of the app engine application. |
| cloud_run_service_id | The ID of the cloud run service. |
| cloud_scheduler_jobs | List of the created scheduler jobs. |