chore: Adds additional_substitutions variable (#234)

Co-authored-by: Caetano Colin <[email protected]> Co-authored-by: Andrew Peabody <[email protected]>
GoogleCloudPlatform · Sep 16, 2024 · 4b918f4 · 4b918f4
1 parent 1a4991f
commit 4b918f4
Show file tree

Hide file tree

Showing 15 changed files with 122 additions and 53 deletions.
diff --git a/5-appinfra/apps/cymbal-bank/accounts-contacts/envs/shared/main.tf b/5-appinfra/apps/cymbal-bank/accounts-contacts/envs/shared/main.tf
@@ -16,8 +16,9 @@
 
 locals {
   application_name = "cymbal-bank"
-  service_name     = "accounts-contacts"
-  repo_name        = "eab-${local.application_name}-${local.service_name}"
+  service_name     = "contacts"
+  team_name        = "accounts"
+  repo_name        = "eab-${local.application_name}-${local.team_name}-${local.service_name}"
   repo_branch      = "main"
 }
 
@@ -28,9 +29,16 @@ module "app" {
   region                     = var.region
   env_cluster_membership_ids = var.env_cluster_membership_ids
 
-  service     = local.service_name
-  repo_name   = local.repo_name
-  repo_branch = local.repo_branch
+  service_name           = local.service_name
+  team_name              = local.team_name
+  repo_name              = local.repo_name
+  repo_branch            = local.repo_branch
+  app_build_trigger_yaml = "src/${local.team_name}/cloudbuild.yaml"
+
+  additional_substitutions = {
+    _SERVICE = local.service_name
+    _TEAM    = local.team_name
+  }
 
   buckets_force_destroy = var.buckets_force_destroy
 }
diff --git a/5-appinfra/apps/cymbal-bank/accounts-userservice/envs/shared/main.tf b/5-appinfra/apps/cymbal-bank/accounts-userservice/envs/shared/main.tf
@@ -16,8 +16,9 @@
 
 locals {
   application_name = "cymbal-bank"
-  service_name     = "accounts-userservice"
-  repo_name        = "eab-${local.application_name}-${local.service_name}"
+  service_name     = "userservice"
+  team_name        = "accounts"
+  repo_name        = "eab-${local.application_name}-${local.team_name}-${local.service_name}"
   repo_branch      = "main"
 }
 
@@ -28,9 +29,16 @@ module "app" {
   region                     = var.region
   env_cluster_membership_ids = var.env_cluster_membership_ids
 
-  service     = local.service_name
-  repo_name   = local.repo_name
-  repo_branch = local.repo_branch
+  service_name           = local.service_name
+  team_name              = local.team_name
+  repo_name              = local.repo_name
+  repo_branch            = local.repo_branch
+  app_build_trigger_yaml = "src/${local.team_name}/cloudbuild.yaml"
+
+  additional_substitutions = {
+    _SERVICE = local.service_name
+    _TEAM    = local.team_name
+  }
 
   buckets_force_destroy = var.buckets_force_destroy
 }
diff --git a/5-appinfra/apps/cymbal-bank/frontend/envs/shared/main.tf b/5-appinfra/apps/cymbal-bank/frontend/envs/shared/main.tf
@@ -17,6 +17,7 @@
 locals {
   application_name = "cymbal-bank"
   service_name     = "frontend"
+  team_name        = "frontend"
   repo_name        = "eab-${local.application_name}-${local.service_name}"
   repo_branch      = "main"
 }
@@ -28,9 +29,16 @@ module "app" {
   region                     = var.region
   env_cluster_membership_ids = var.env_cluster_membership_ids
 
-  service     = local.service_name
-  repo_name   = local.repo_name
-  repo_branch = local.repo_branch
+  service_name           = local.service_name
+  team_name              = local.team_name
+  repo_name              = local.repo_name
+  repo_branch            = local.repo_branch
+  app_build_trigger_yaml = "src/${local.team_name}/cloudbuild.yaml"
+
+  additional_substitutions = {
+    _SERVICE = local.service_name
+    _TEAM    = local.team_name
+  }
 
   buckets_force_destroy = var.buckets_force_destroy
 }
diff --git a/5-appinfra/apps/cymbal-bank/ledger-balancereader/envs/shared/main.tf b/5-appinfra/apps/cymbal-bank/ledger-balancereader/envs/shared/main.tf
@@ -16,8 +16,9 @@
 
 locals {
   application_name = "cymbal-bank"
-  service_name     = "ledger-balancereader"
-  repo_name        = "eab-${local.application_name}-${local.service_name}"
+  service_name     = "balancereader"
+  team_name        = "ledger"
+  repo_name        = "eab-${local.application_name}-${local.team_name}-${local.service_name}"
   repo_branch      = "main"
 }
 
@@ -28,9 +29,16 @@ module "app" {
   region                     = var.region
   env_cluster_membership_ids = var.env_cluster_membership_ids
 
-  service     = local.service_name
-  repo_name   = local.repo_name
-  repo_branch = local.repo_branch
+  service_name           = local.service_name
+  team_name              = local.team_name
+  repo_name              = local.repo_name
+  repo_branch            = local.repo_branch
+  app_build_trigger_yaml = "src/${local.team_name}/cloudbuild.yaml"
+
+  additional_substitutions = {
+    _SERVICE = local.service_name
+    _TEAM    = local.team_name
+  }
 
   buckets_force_destroy = var.buckets_force_destroy
 }
diff --git a/5-appinfra/apps/cymbal-bank/ledger-ledgerwriter/envs/shared/main.tf b/5-appinfra/apps/cymbal-bank/ledger-ledgerwriter/envs/shared/main.tf
@@ -16,8 +16,9 @@
 
 locals {
   application_name = "cymbal-bank"
-  service_name     = "ledger-ledgerwriter"
-  repo_name        = "eab-${local.application_name}-${local.service_name}"
+  service_name     = "ledgerwriter"
+  team_name        = "ledger"
+  repo_name        = "eab-${local.application_name}-${local.team_name}-${local.service_name}"
   repo_branch      = "main"
 }
 
@@ -28,9 +29,16 @@ module "app" {
   region                     = var.region
   env_cluster_membership_ids = var.env_cluster_membership_ids
 
-  service     = local.service_name
-  repo_name   = local.repo_name
-  repo_branch = local.repo_branch
+  service_name           = local.service_name
+  team_name              = local.team_name
+  repo_name              = local.repo_name
+  repo_branch            = local.repo_branch
+  app_build_trigger_yaml = "src/${local.team_name}/cloudbuild.yaml"
+
+  additional_substitutions = {
+    _SERVICE = local.service_name
+    _TEAM    = local.team_name
+  }
 
   buckets_force_destroy = var.buckets_force_destroy
 }
diff --git a/5-appinfra/apps/cymbal-bank/ledger-transactionhistory/envs/shared/main.tf b/5-appinfra/apps/cymbal-bank/ledger-transactionhistory/envs/shared/main.tf
@@ -16,8 +16,9 @@
 
 locals {
   application_name = "cymbal-bank"
-  service_name     = "ledger-transactionhistory"
-  repo_name        = "eab-${local.application_name}-${local.service_name}"
+  service_name     = "transactionhistory"
+  team_name        = "ledger"
+  repo_name        = "eab-${local.application_name}-${local.team_name}-${local.service_name}"
   repo_branch      = "main"
 }
 
@@ -28,9 +29,15 @@ module "app" {
   region                     = var.region
   env_cluster_membership_ids = var.env_cluster_membership_ids
 
-  service     = local.service_name
-  repo_name   = local.repo_name
-  repo_branch = local.repo_branch
+  service_name           = local.service_name
+  team_name              = local.team_name
+  repo_name              = local.repo_name
+  repo_branch            = local.repo_branch
+  app_build_trigger_yaml = "src/${local.team_name}/cloudbuild.yaml"
 
+  additional_substitutions = {
+    _SERVICE = local.service_name
+    _TEAM    = local.team_name
+  }
   buckets_force_destroy = var.buckets_force_destroy
 }
diff --git a/5-appinfra/modules/cicd-pipeline/README.md b/5-appinfra/modules/cicd-pipeline/README.md
@@ -5,13 +5,16 @@
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| additional\_substitutions | A map of additional substitution variables for Google Cloud Build Trigger Specification. All keys must start with an underscore (\_). | `map(string)` | `{}` | no |
+| app\_build\_trigger\_yaml | Path to the Cloud Build YAML file for the application | `string` | n/a | yes |
 | buckets\_force\_destroy | When deleting the bucket for storing CICD artifacts, this boolean option will delete all contained objects. If false, Terraform will fail to delete buckets which contain objects. | `bool` | `false` | no |
 | env\_cluster\_membership\_ids | Env Cluster Membership IDs | <pre>map(object({<br>    cluster_membership_ids = list(string)<br>  }))</pre> | n/a | yes |
 | project\_id | CI/CD project ID | `string` | n/a | yes |
 | region | CI/CD Region (e.g. us-central1) | `string` | n/a | yes |
 | repo\_branch | Branch to sync ACM configs from & trigger CICD if pushed to. | `string` | n/a | yes |
 | repo\_name | Short version of repository to sync ACM configs from & use source for CI (e.g. 'bank-of-anthos' for https://www.github.com/GoogleCloudPlatform/bank-of-anthos) | `string` | n/a | yes |
-| service | service name (e.g. 'frontend') | `string` | n/a | yes |
+| service\_name | service name (e.g. 'transactionhistory') | `string` | n/a | yes |
+| team\_name | Team name (e.g. 'ledger'). This will be the prefix to the service CI Build Trigger Name. | `string` | n/a | yes |
 
 ## Outputs
 

diff --git a/5-appinfra/modules/cicd-pipeline/artifact-registry.tf b/5-appinfra/modules/cicd-pipeline/artifact-registry.tf
@@ -14,10 +14,10 @@
 
 # create artifact registry for container images
 resource "google_artifact_registry_repository" "container_registry" {
-  repository_id = local.service_name
+  repository_id = var.service_name
   location      = var.region
   format        = "docker"
-  description   = "${local.service_name} docker repository"
+  description   = "${var.service_name} docker repository"
   project       = var.project_id
 
   depends_on = [
@@ -33,7 +33,7 @@ resource "google_artifact_registry_repository_iam_member" "member" {
 
   project    = var.project_id
   location   = var.region
-  repository = local.service_name
+  repository = var.service_name
   role       = "roles/artifactregistry.reader"
   member     = each.value
 

diff --git a/5-appinfra/modules/cicd-pipeline/cloud-build-trigger.tf b/5-appinfra/modules/cicd-pipeline/cloud-build-trigger.tf
@@ -22,15 +22,19 @@ resource "google_cloudbuild_trigger" "ci" {
     branch_name = var.repo_branch
     repo_name   = var.repo_name
   }
-  included_files = ["src/${local.team_name}/**", "src/components/**"]
-  filename       = "src/${local.team_name}/cloudbuild.yaml"
-  substitutions = {
-    _SERVICE               = local.service_name
-    _TEAM                  = local.team_name
-    _CACHE_URI             = "gs://${google_storage_bucket.build_cache.name}/${google_storage_bucket_object.cache.name}"
-    _CONTAINER_REGISTRY    = "${local.container_registry.location}-docker.pkg.dev/${local.container_registry.project}/${local.container_registry.repository_id}"
-    _SOURCE_STAGING_BUCKET = "gs://${google_storage_bucket.release_source_development.name}"
-    _CACHE                 = local.cache_filename
-  }
+  included_files = ["src/${var.team_name}/**", "src/components/**"]
+  filename       = var.app_build_trigger_yaml
+
+  substitutions = merge(
+    {
+      _CACHE_URI                 = "gs://${google_storage_bucket.build_cache.name}/${google_storage_bucket_object.cache.name}"
+      _CONTAINER_REGISTRY        = "${local.container_registry.location}-docker.pkg.dev/${local.container_registry.project}/${local.container_registry.repository_id}"
+      _SOURCE_STAGING_BUCKET     = "gs://${google_storage_bucket.release_source_development.name}"
+      _CACHE                     = local.cache_filename
+      _CLOUDDEPLOY_PIPELINE_NAME = google_clouddeploy_delivery_pipeline.delivery-pipeline.name
+    },
+    var.additional_substitutions
+  )
+
   service_account = google_service_account.cloud_build.id
 }
diff --git a/5-appinfra/modules/cicd-pipeline/cloud-deploy.tf b/5-appinfra/modules/cicd-pipeline/cloud-deploy.tf
@@ -16,7 +16,7 @@
 resource "google_clouddeploy_delivery_pipeline" "delivery-pipeline" {
   project  = var.project_id
   location = var.region
-  name     = local.service_name
+  name     = var.service_name
   serial_pipeline {
     dynamic "stages" {
       for_each = google_clouddeploy_target.clouddeploy_targets

diff --git a/5-appinfra/modules/cicd-pipeline/cloud-storage.tf b/5-appinfra/modules/cicd-pipeline/cloud-storage.tf
@@ -15,15 +15,15 @@
 # GCS bucket used as skaffold build cache
 resource "google_storage_bucket" "build_cache" {
   project                     = var.project_id
-  name                        = "build-cache-${local.service_name}-${data.google_project.project.number}"
+  name                        = "build-cache-${var.service_name}-${data.google_project.project.number}"
   uniform_bucket_level_access = true
   location                    = var.region
   force_destroy               = var.buckets_force_destroy
 }
 
 resource "google_storage_bucket" "release_source_development" {
   project                     = var.project_id
-  name                        = "release-source-development-${local.service_name}-${data.google_project.project.number}"
+  name                        = "release-source-development-${var.service_name}-${data.google_project.project.number}"
   uniform_bucket_level_access = true
   location                    = var.region
   force_destroy               = var.buckets_force_destroy

diff --git a/5-appinfra/modules/cicd-pipeline/locals.tf b/5-appinfra/modules/cicd-pipeline/locals.tf
@@ -14,8 +14,7 @@
 
 locals {
   cache_filename     = "cache"
-  service_name       = reverse(split("-", var.service))[0]
-  team_name          = split("-", var.service)[0]
-  service_clean      = replace(var.service, "/", "-")
+  full_service       = var.team_name == var.service_name ? var.service_name : "${var.team_name}-${var.service_name}"
+  service_clean      = replace(local.full_service, "/", "-")
   container_registry = google_artifact_registry_repository.container_registry
 }
diff --git a/5-appinfra/modules/cicd-pipeline/pipelines.tf b/5-appinfra/modules/cicd-pipeline/pipelines.tf
@@ -22,7 +22,7 @@ locals {
 # cloud deploy service account
 resource "google_service_account" "cloud_deploy" {
   project                      = var.project_id
-  account_id                   = "deploy-${local.service_name}"
+  account_id                   = "deploy-${var.service_name}"
   create_ignore_already_exists = true
 }
 
@@ -59,7 +59,7 @@ resource "google_storage_bucket" "delivery_artifacts" {
   for_each = var.env_cluster_membership_ids
 
   project                     = var.project_id
-  name                        = "artifacts-${each.key}-${data.google_project.project.number}-${local.service_name}"
+  name                        = "artifacts-${each.key}-${data.google_project.project.number}-${var.service_name}"
   uniform_bucket_level_access = true
   location                    = regex(local.membership_re, each.value.cluster_membership_ids[0])[1]
   force_destroy               = var.buckets_force_destroy

diff --git a/5-appinfra/modules/cicd-pipeline/service-accounts.tf b/5-appinfra/modules/cicd-pipeline/service-accounts.tf
@@ -15,7 +15,7 @@
 # cloud build service account
 resource "google_service_account" "cloud_build" {
   project                      = var.project_id
-  account_id                   = "ci-${local.service_name}"
+  account_id                   = "ci-${var.service_name}"
   create_ignore_already_exists = true
 }
 

diff --git a/5-appinfra/modules/cicd-pipeline/variables.tf b/5-appinfra/modules/cicd-pipeline/variables.tf
@@ -29,9 +29,14 @@ variable "env_cluster_membership_ids" {
   }))
 }
 
-variable "service" {
+variable "service_name" {
   type        = string
-  description = "service name (e.g. 'frontend')"
+  description = "service name (e.g. 'transactionhistory')"
+}
+
+variable "team_name" {
+  type        = string
+  description = "Team name (e.g. 'ledger'). This will be the prefix to the service CI Build Trigger Name."
 }
 
 variable "repo_name" {
@@ -49,3 +54,14 @@ variable "buckets_force_destroy" {
   type        = bool
   default     = false
 }
+
+variable "additional_substitutions" {
+  description = "A map of additional substitution variables for Google Cloud Build Trigger Specification. All keys must start with an underscore (_)."
+  type        = map(string)
+  default     = {}
+}
+
+variable "app_build_trigger_yaml" {
+  type        = string
+  description = "Path to the Cloud Build YAML file for the application"
+}