wip

Pierre-Alexandre35 · Nov 2, 2024 · a594885 · a594885
1 parent a7eae6b
commit a594885
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 36 deletions.
diff --git a/iac/main.tf b/iac/main.tf
@@ -18,32 +18,26 @@ resource "random_id" "project_suffix" {
 resource "google_project" "gcp_prod_project" {
   name            = "travian-prod-3919"
   project_id      = "travian-3919"
-  folder_id      = var.folder_id
+  #folder_id      = var.folder_id
   #name            = "travian-prod-${random_id.project_suffix.hex}"
   #project_id      = "travian-${random_id.project_suffix.hex}"
   billing_account = var.billing_account_id   
 }
 */
 
-resource "google_project" "gcp_prod_project" {
-  name            = "travian-prod-3919"
-  project_id      = "travian-3919"
-  billing_account = var.billing_account_id   
-}
-
 # Call the API module
 module "api" {
   source     = "./modules/api"
-  project_id = google_project.gcp_prod_project.project_id
+  project_id = var.existing_project_id
 }
 
-# Create a Google Storage Bucket within the newly created project
+# Create a Google Storage Bucket within the existing project
 resource "google_storage_bucket" "static_site" {
-  name          = var.bucket_name
-  location      = "EU"
-  force_destroy = true
+  name                       = var.bucket_name
+  location                   = "EU"
+  force_destroy              = true
   uniform_bucket_level_access = true
-  project       = google_project.gcp_prod_project.project_id
+  project                    = var.existing_project_id
 
   website {
     main_page_suffix = "index.html"
@@ -58,23 +52,23 @@ resource "google_storage_bucket" "static_site" {
   }
 }
 
-# Create a Service Account within the newly created project
+# Create a Service Account within the existing project
 resource "google_service_account" "gcs_deploy_sa" {
   account_id   = var.service_account_id
   display_name = "GCS Deploy Service Account"
-  project      = google_project.gcp_prod_project.project_id
+  project      = var.existing_project_id
 }
 
 # Assign Storage Admin Role to the Service Account
 resource "google_project_iam_member" "gcs_deploy_sa_storage_admin" {
-  project = google_project.gcp_prod_project.project_id
+  project = var.existing_project_id
   member  = "serviceAccount:${google_service_account.gcs_deploy_sa.email}"
   role    = "roles/storage.admin"
 }
 
-# Assign Object Viewer Role to Service Account (for public access)
+# Assign Object Viewer Role to Service Account for public access
 resource "google_project_iam_member" "gcs_deploy_sa_object_viewer" {
-  project = google_project.gcp_prod_project.project_id
+  project = var.existing_project_id
   member  = "serviceAccount:${google_service_account.gcs_deploy_sa.email}"
   role    = "roles/storage.objectViewer"
 }
@@ -106,35 +100,35 @@ output "gcs_deploy_sa_key" {
   description = "Service account key for deploying to GCS."
 }
 
-# Grant Cloud Build permissions to the Compute Engine default service account
+# Assign Cloud Build permissions to the Compute Engine default service account
 resource "google_project_iam_member" "cloud_build_compute_role" {
-  project = google_project.gcp_prod_project.project_id
-  member  = "serviceAccount:${google_project.gcp_prod_project.number}[email protected]"
+  project = var.existing_project_id
+  member  = "serviceAccount:${var.existing_project_id}[email protected]"
   role    = "roles/cloudbuild.builds.builder"
 }
 
 # Create Artifact Registry repository for Docker images
 resource "google_artifact_registry_repository" "docker_repo" {
-  project     = google_project.gcp_prod_project.project_id
-  location    = var.region
+  project       = var.existing_project_id
+  location      = var.region
   repository_id = "python-backend-repo"
-  description = "Docker repository for Cloud Run"
-  format      = "DOCKER"
+  description   = "Docker repository for Cloud Run"
+  format        = "DOCKER"
 }
 
-
 # Assign Artifact Registry permissions to Cloud Build
 resource "google_project_iam_member" "cloud_build_artifact_registry_pusher" {
-  project = google_project.gcp_prod_project.project_id
-  member  = "serviceAccount:${google_project.gcp_prod_project.number}@cloudbuild.gserviceaccount.com"
+  project = var.existing_project_id
+  member  = "serviceAccount:${var.existing_project_id}@cloudbuild.gserviceaccount.com"
   role    = "roles/artifactregistry.writer"
 }
 
+# Deploy Cloud Run service
 resource "google_cloud_run_service" "python_backend" {
   depends_on = [module.api]
 
   name     = "python-backend"
-  project  = google_project.gcp_prod_project.project_id
+  project  = var.existing_project_id
   location = var.region
 
   template {
@@ -159,18 +153,17 @@ resource "google_cloud_run_service" "python_backend" {
   }
 }
 
-
 # Allow public access to Cloud Run service
 resource "google_cloud_run_service_iam_member" "invoker" {
-  project        = google_project.gcp_prod_project.project_id
-  location       = var.region
-  service        = google_cloud_run_service.python_backend.name
-  role           = "roles/run.invoker"
-  member         = "allUsers"
+  project  = var.existing_project_id
+  location = var.region
+  service  = google_cloud_run_service.python_backend.name
+  role     = "roles/run.invoker"
+  member   = "allUsers"
 }
 
 # Output Cloud Run URL
 output "cloud_run_url" {
   value       = google_cloud_run_service.python_backend.status[0].url
   description = "URL of the deployed Python backend on Cloud Run."
-}
+}
diff --git a/iac/variables.tf b/iac/variables.tf
@@ -10,6 +10,11 @@ variable "folder_name" {
   default     = "my-projects-folder"
 }
 */
+variable "existing_project_id" {
+  description = "ID of the manually created Google Cloud project"
+  type        = string
+  default     = "travian-3919"  # Set this to your actual project ID
+}
 variable "region" {}
 variable "bucket_name" {}
 variable "service_account_id" {}