wiktorn
commented
14 hours ago Subnetwork name is not unique within the project, but it is unique within the region. You're deploying Cloud Run into specific region, so subnetwork is well defined.
I'm reluctant to add network field, as per docs, it results in the following:
- check that provided network exists
- lookup of the subnetwork with the same name in the region
Providing subnetwork is far more straightforward and won't result in errors such as subnetwork doesn't exists, when you provide just the network.
The UI flow is probably defined as such, to improve search for the subnetwork.
The following example deploys without issue:
module "cloud_run" {
source = "./fabric/modules/cloud-run-v2"
project_id = var.project_id
name = "hello"
region = var.region
launch_stage = "BETA"
containers = {
hello = {
image = "us-docker.pkg.dev/cloudrun/container/hello"
}
}
revision = {
gen2_execution_environment = true
max_instance_count = 20
vpc_access = {
egress = "ALL_TRAFFIC"
subnet = var.subnet.name
tags = ["tag1", "tag2", "tag3"]
}
}
deletion_protection = false
}
Describe the bug The module for cloud-run-v2 is missing support for "network" attribute of (direct) vpc_access.
The example in upstream module https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/cloud_run_v2_service#example-usage---cloudrunv2-service-directvpc includes this:
It should be optional. See structure at https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/cloud_run_v2_service#network_interfaces-1
It says "If network is not specified, it will be looked up from the subnetwork." but subnet names are not guaranteed to be project-unique, are they?
I tried using subnetwork=default (in VPC/network=default) and it ended up with an invalid-looking configuration in the console
Environment
To Reproduce Sample config.
Expected behavior Can specify "network" value
Result No error, just strange situation per screenshot
Additional context Add any other context about the problem here