search

terraform-google-modules / terraform-example-foundation

Shows how the CFT modules can be composed to build a secure cloud foundation
https://cloud.google.com/architecture/security-foundations
Apache License 2.0
1.2k stars 706 forks source link

Sections "Run Terraform locally" refer to CLOUD_BUILD_PROJECT_ID which does not exist #1168

Closed mromascanu123 closed 3 months ago

mromascanu123 commented 5 months ago

TL;DR

When running locally w/o CB, Jenkins, TFC, etc there is no cloudbuild project. We have just a seed project and a "dummy" ci-cd project, unused but created anyway to avoid fixing broken code assuming it should exist even when deploying locally

Expected behavior

The command, if required and if the result pertinent, should succeed. Otherwise remove it from the readme's or change it providing an existing project id

Observed behavior

Subdjacent command fails: gcloud beta terraform vet "${tf_file}.json" --policy-library="${policy_file_path}" --project="${project_id}"

./tf-wrapper.sh validate production $(pwd)/../policy-library ${CLOUD_BUILD_PROJECT_ID}

ERROR: (gcloud.beta.terraform.vet) The project property is set to the empty string, which is invalid.

Terraform Configuration

in 0-bootstrap : terraform.tf
locals {
  cicd_project_id = module.local_cicd.project_id
}

module "local_cicd" {
  source  = "terraform-google-modules/project-factory/google"

  name              = "${var.project_prefix}-b-cicd-local"
  random_project_id = true
  org_id            = var.org_id
  folder_id         = google_folder.bootstrap.id
  billing_account   = var.billing_account
  activate_apis = [
    "compute.googleapis.com",
    "admin.googleapis.com",
    "iam.googleapis.com",
    "billingbudgets.googleapis.com",
    "cloudbilling.googleapis.com",
    "serviceusage.googleapis.com",
    "cloudresourcemanager.googleapis.com",
    "iamcredentials.googleapis.com",
  ]
}

Terraform Version

Terraform v1.6.0
on linux_amd64

Your version of Terraform is out of date! The latest version
is 1.7.5. You can update by downloading from https://www.terraform.io/downloads.html

Additional information

No response

fmichaelobrien commented 4 months ago

stale bot timer restart - https://github.com/terraform-google-modules/terraform-example-foundation/blob/master/.github/workflows/stale.yml#L21

eeaton commented 3 months ago

Agree that this is a poor experience, there are a few issues open already to track improving/merging/aligning the directions for each of the deployment methods so I'll close this issue, but it's on the backlog to improve.