fix(cloudrun): delete protection, default service names (#739)

* fix(cloudrun): make delete protection explicit fixes #730 * fix(cloudrun): update cloud run services names to unique values fixes #164 * Remove prev major version locks * fix(cloudrun): add deletion_protection to jobs, remove beta * terraform fmt * Removing optional param that's throwing errors * use min_instances=2 for both google_vpc_access_connector, rmv beta * set both min and max instances * protecc * update secure services with delete protection * more outliers * one more
terraform-google-modules · Sep 26, 2024 · 93d1efa · 93d1efa
1 parent 055285a
commit 93d1efa
Show file tree

Hide file tree

Showing 48 changed files with 149 additions and 111 deletions.
diff --git a/eventarc/basic/main.tf b/eventarc/basic/main.tf
@@ -93,6 +93,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "hello-events"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       # This container will log received events

diff --git a/run/access_control/main.tf b/run/access_control/main.tf
@@ -17,9 +17,11 @@
 # [START cloudrun_access_control_parent_tag]
 # [START cloudrun_service_access_control_run_service]
 resource "google_cloud_run_v2_service" "default" {
-  name     = "cloud-run-srv"
+  name     = "public-service"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/add_tag/main.tf b/run/add_tag/main.tf
@@ -16,7 +16,7 @@
 
 # [START cloudrun_service_add_tag]
 resource "google_cloud_run_v2_service" "default" {
-  name     = "cloudrun-srv"
+  name     = "my-service"
   location = "us-central1"
 
   template {}
@@ -26,14 +26,14 @@ resource "google_cloud_run_v2_service" "default" {
   traffic {
     percent = 100
     # This revision needs to already exist
-    revision = "cloudrun-srv-green"
+    revision = "green"
     type     = "TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION"
   }
 
   traffic {
     # Deploy new revision with 0% traffic
     percent  = 0
-    revision = "cloudrun-srv-blue"
+    revision = "blue"
     tag      = "tag-name"
     type     = "TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION"
   }

diff --git a/run/cloud_run_configuration_concurrency/main.tf b/run/cloud_run_configuration_concurrency/main.tf
@@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service-concurrency"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/cloud_run_configuration_containers/main.tf b/run/cloud_run_configuration_containers/main.tf
@@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service-containers"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/cloud_run_configuration_cpu/main.tf b/run/cloud_run_configuration_cpu/main.tf
@@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service-cpu"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/cloud_run_configuration_cpu_allocation/main.tf b/run/cloud_run_configuration_cpu_allocation/main.tf
@@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service-cpu-allocation"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/cloud_run_configuration_description/main.tf b/run/cloud_run_configuration_description/main.tf
@@ -23,6 +23,8 @@ resource "google_cloud_run_v2_service" "default" {
 
   description = "This service has a custom description"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/cloud_run_configuration_environment_variables/main.tf b/run/cloud_run_configuration_environment_variables/main.tf
@@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service-env-var"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/cloud_run_configuration_http2/main.tf b/run/cloud_run_configuration_http2/main.tf
@@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service-h2c"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/cloud_run_configuration_labels/main.tf b/run/cloud_run_configuration_labels/main.tf
@@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service-labels"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/cloud_run_configuration_max_instances/main.tf b/run/cloud_run_configuration_max_instances/main.tf
@@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service-max-instances"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/cloud_run_configuration_memory_limits/main.tf b/run/cloud_run_configuration_memory_limits/main.tf
@@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service-memory-limits"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/cloud_run_configuration_min_instances/main.tf b/run/cloud_run_configuration_min_instances/main.tf
@@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service-min-instances"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/cloud_run_configuration_request_timeout/main.tf b/run/cloud_run_configuration_request_timeout/main.tf
@@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service-request-timeout"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/connect_cloud_sql/main.tf b/run/connect_cloud_sql/main.tf
@@ -16,16 +16,6 @@
 
 # Project data
 # [START cloudrun_connect_cloud_sql_parent_tag]
-
-terraform {
-  required_providers {
-    google = {
-      source  = "hashicorp/google"
-      version = "~> 5.13.0"
-    }
-  }
-}
-
 data "google_project" "project" {
 }
 
@@ -155,6 +145,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello:latest" # Image to deploy

diff --git a/run/custom_domain_mapping/main.tf b/run/custom_domain_mapping/main.tf
@@ -17,7 +17,7 @@
 # [START cloudrun_custom_domain_mapping_parent_tag]
 # [START cloudrun_custom_domain_mapping_run_service]
 resource "google_cloud_run_v2_service" "default" {
-  name     = "cloud-run-srv"
+  name     = "custom-domain"
   location = "us-central1"
   template {
     containers {

diff --git a/run/deploy_tag/main.tf b/run/deploy_tag/main.tf
@@ -16,30 +16,32 @@
 
 # [START cloudrun_service_deploy_tag]
 resource "google_cloud_run_v2_service" "default" {
-  name     = "cloudrun-srv"
+  name     = "my-service"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       # image or tag must be different from previous revision
       image = "us-docker.pkg.dev/cloudrun/container/hello"
     }
-    revision = "cloudrun-srv-blue"
+    revision = "blue"
   }
 
   # Define the traffic split for each revision
   # https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/cloud_run_v2_service#traffic
   traffic {
     percent = 100
     # This revision needs to already exist
-    revision = "cloudrun-srv-green"
+    revision = "green"
     type     = "TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION"
   }
 
   traffic {
     # Deploy new revision with 0% traffic
     percent  = 0
-    revision = "cloudrun-srv-blue"
+    revision = "blue"
     tag      = "tag-name"
     type     = "TRAFFIC_TARGET_ALLOCATION_TYPE_REVISION"
   }

diff --git a/run/direct_vpc/main.tf b/run/direct_vpc/main.tf
@@ -21,6 +21,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/healthchecks_liveness_probe_grpc/main.tf b/run/healthchecks_liveness_probe_grpc/main.tf
@@ -26,6 +26,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service-healthcheck"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       # Note: Change to the name of your image

diff --git a/run/healthchecks_liveness_probe_http/main.tf b/run/healthchecks_liveness_probe_http/main.tf
@@ -26,6 +26,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service-healthcheck"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/healthchecks_startup_probe_grpc/main.tf b/run/healthchecks_startup_probe_grpc/main.tf
@@ -26,6 +26,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service-healthcheck"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       # Note: Change to the name of your image

diff --git a/run/healthchecks_startup_probe_http/main.tf b/run/healthchecks_startup_probe_http/main.tf
@@ -27,6 +27,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service-healthcheck"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/healthchecks_startup_probe_tcp/main.tf b/run/healthchecks_startup_probe_tcp/main.tf
@@ -26,6 +26,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "cloudrun-service-healthcheck"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/identity/main.tf b/run/identity/main.tf
@@ -23,9 +23,11 @@ resource "google_service_account" "cloudrun_service_identity" {
 
 # [START cloudrun_service_identity_run_service]
 resource "google_cloud_run_v2_service" "default" {
-  name     = "cloud-run-srv"
+  name     = "id-service"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       image = "us-docker.pkg.dev/cloudrun/container/hello"

diff --git a/run/image_processing/main.tf b/run/image_processing/main.tf
@@ -91,9 +91,11 @@ output "blurred_bucket_name" {
 resource "google_cloud_run_v2_service" "default" {
   name     = "pubsub-tutorial"
   location = "us-central1"
+
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
-
       # Replace with newly created image gcr.io/<project_id>/pubsub
       image = "us-docker.pkg.dev/cloudrun/container/hello"
       env {

diff --git a/run/ingress/main.tf b/run/ingress/main.tf
@@ -30,6 +30,8 @@ resource "google_cloud_run_v2_service" "default" {
   name     = "ingress-service"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   # For valid annotation values and descriptions, see
   # https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/cloud_run_v2_service#ingress
   ingress = "INGRESS_TRAFFIC_INTERNAL_ONLY"

diff --git a/run/interservice/main.tf b/run/interservice/main.tf
@@ -22,6 +22,8 @@ resource "google_cloud_run_v2_service" "public" {
   name     = "public-service"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       # TODO<developer>: replace this with a public service container
@@ -74,6 +76,8 @@ resource "google_cloud_run_v2_service" "private" {
   name     = "private-service"
   location = "us-central1"
 
+  deletion_protection = false # set to "true" in production
+
   template {
     containers {
       // TODO<developer>: replace this with a private service container

diff --git a/run/jobs_create/main.tf b/run/jobs_create/main.tf
@@ -27,10 +27,10 @@ resource "google_project_service" "cloudrun_api" {
 # Create basic Cloud Run Job using sample container image
 #[START cloudrun_jobs_create]
 resource "google_cloud_run_v2_job" "default" {
-  provider     = google-beta
-  name         = "cloud-run-job"
-  location     = "us-central1"
-  launch_stage = "BETA"
+  name     = "cloud-run-job"
+  location = "us-central1"
+
+  deletion_protection = false # set to "true" in production
 
   template {
     template {

diff --git a/run/jobs_execute_jobs_on_schedule/main.tf b/run/jobs_execute_jobs_on_schedule/main.tf
@@ -67,11 +67,10 @@ resource "google_project_iam_binding" "token_creator_binding" {
 
 # Cloud Run Job
 resource "google_cloud_run_v2_job" "default" {
-  provider     = google-beta
-  name         = "cloud-run-job"
-  location     = "us-central1"
-  launch_stage = "BETA"
-  project      = data.google_project.project.project_id
+  name     = "cloud-run-job"
+  location = "us-central1"
+
+  deletion_protection = false # set to "true" in production
 
   template {
     template {

diff --git a/run/jobs_max_retries_create/main.tf b/run/jobs_max_retries_create/main.tf
@@ -26,9 +26,10 @@ resource "google_project_service" "cloudrun_api" {
 
 #[START cloudrun_jobs_max_retries_create]
 resource "google_cloud_run_v2_job" "default" {
-  name         = "cloud-run-job-retries"
-  location     = "us-central1"
-  launch_stage = "BETA"
+  name     = "cloud-run-job-retries"
+  location = "us-central1"
+
+  deletion_protection = false # set to "true" in production
 
   template {
     template {

diff --git a/run/jobs_task_parallelism_create/main.tf b/run/jobs_task_parallelism_create/main.tf
@@ -26,9 +26,10 @@ resource "google_project_service" "cloudrun_api" {
 
 #[START cloudrun_jobs_task_parallelism_create]
 resource "google_cloud_run_v2_job" "default" {
-  name         = "cloud-run-job-parallelism"
-  location     = "us-central1"
-  launch_stage = "BETA"
+  name     = "cloud-run-job-parallelism"
+  location = "us-central1"
+
+  deletion_protection = false # set to "true" in production
 
   template {
     task_count  = 3