The purpose of this step is to set up a folder structure, projects, and infrastructure and application pipelines, which are connected as service projects to deploy an example application called Bank of Anthos.
- 0-bootstrap executed successfully.
- 1-org executed successfully.
- 2-environments executed successfully.
- 3-networks executed successfully.
Troubleshooting:
If your user does not have access to run the commands above and you are in the organization admins group, you can append --impersonate-service-account=org-terraform@<SEED_PROJECT_ID>.iam.gserviceaccount.com to run the command as the terraform service account.
- Clone repo
gcloud source repos clone gcp-projects --project=YOUR_CLOUD_BUILD_PROJECT_ID. - Change freshly cloned repo and change to non master branch
git checkout -b plan(the branchplanis not a special one. Any branch which name is different fromdevelopment,non-productionorproductionwill trigger a terraform plan). - Copy example foundation to new repo
cp -R ../terraform-example-foundation/4-projects/ .(modify accordingly based on your current directory). - Find and remove the example projects
find ../terraform-example-foundation/4-projects/ -type f -name example_*project.tf -exec ls {} \;and change thelstormto remove the example project files. - Copy Bank of Anthos and pipeline projects to new repo
cp -R ../terraform-example-foundation-app/4-projects/ .(modify accordingly based on your current directory). - Copy cloud build configuration files for terraform
cp ../terraform-example-foundation/build/cloudbuild-tf-* .(modify accordingly based on your current directory). - Copy terraform wrapper script
cp ../terraform-example-foundation/build/tf-wrapper.sh .to the root of your new repository (modify accordingly based on your current directory). - Ensure wrapper script can be executed
chmod 755 ./tf-wrapper.sh. - Rename
common.auto.example.tfvarstocommon.auto.tfvarsand update the file with values from your environment and bootstrap. - Rename
development.auto.example.tfvarstodevelopment.auto.tfvarsand update the file with theperimeter_namethat starts withsp_d_shared_restricted. - Rename
non-production.auto.example.tfvarstonon-production.auto.tfvarsand update the file with theperimeter_namethat starts withsp_n_shared_restricted. - Rename
production.auto.example.tfvarstoproduction.auto.tfvarsand update the file with theperimeter_namethat starts withsp_p_shared_restricted. - Commit changes with
git add .andgit commit -m 'Your message'. - You will need only once to manually plan + apply the
sharedpipeline environments sincedevelopment,non-productionandproductionwill depend on it.- cd to ./shared
- Update
backend.tfwith your bucket name from the bootstrap step. - Run
terraform init - Run
terraform planand review output - Run
terraform apply - If you would like the bucket to be replaced by cloud build at run time, change the bucket name back to
UPDATE_ME
- Push your plan branch to trigger a plan
git push --set-upstream origin plan(the branchplanis not a special one. Any branch which name is different fromdevelopment,non-productionorproductionwill trigger a terraform plan).- Review the plan output in your cloud build project https://console.cloud.google.com/cloud-build/builds?project=YOUR_CLOUD_BUILD_PROJECT_ID
- Merge changes to production with
git checkout -b productionandgit push origin production.- Review the apply output in your cloud build project. https://console.cloud.google.com/cloud-build/builds?project=YOUR_CLOUD_BUILD_PROJECT_ID
- Merge changes to development with
git checkout -b developmentandgit push origin development.- Review the apply output in your cloud build project https://console.cloud.google.com/cloud-build/builds?project=YOUR_CLOUD_BUILD_PROJECT_ID
- Merge changes to non-production with
git checkout -b non-productionandgit push origin non-production.- Review the apply output in your cloud build project. https://console.cloud.google.com/cloud-build/builds?project=YOUR_CLOUD_BUILD_PROJECT_ID