terraform-google-gcloud
This module allows you to use gcloud, gsutil, any gcloud component, and jq in Terraform. Sometimes, there isn't Terraform GCP support for a particular feature, or you'd like to do something each time Terraform runs (ie: upload a file to a Kubernetes pod) that lacks Terraform support.
This module does not create any resources on GCP itself, rather exposes the GCP SDK to you for usage in null resources & external data resources.
Usage
Basic usage of this module is as follows:
module "gcloud" {
source = "terraform-google-modules/gcloud/google"
version = "~> 2.0"
platform = "linux"
additional_components = ["kubectl", "beta"]
create_cmd_entrypoint = "gcloud"
create_cmd_body = "version"
destroy_cmd_entrypoint = "gcloud"
destroy_cmd_body = "version"
}Functional examples are included in the examples directory.
The jq binary is also included in this module so you can use it as well for either of your create_cmd_entrypoint or destroy_cmd_entrypoint values.
Downloading
By default, this module assumes you already have gcloud installed in your $PATH.
If you need to run Terraform in environments without a gcloud binary available, you can override this behavior by setting the skip_download variable to false.
You can also override the behavior by setting the GCLOUD_TF_DOWNLOAD environment variable.
This environment variable will override all other settings.
Setting it to never will never gcloud download and setting it to always will always download gcloud.
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| additional_components | Additional gcloud CLI components to install. Defaults to none. Valid value are components listed in gcloud components list |
list(string) |
[] |
no |
| create_cmd_body | On create, the command body you'd like to run with your entrypoint. | string |
"info" |
no |
| create_cmd_entrypoint | On create, the command entrypoint you'd like to use. Can also be set to a custom script. Module's bin directory will be prepended to path. | string |
"gcloud" |
no |
| create_cmd_triggers | List of any additional triggers to re-run the create command execution when either of values in the maps change. Some keys are reserved and will be overwritten if specified in this option. (eg. md5, arguments, download_gcloud_command, download_jq_command, etc. See details in the source.) |
map(any) |
{} |
no |
| destroy_cmd_body | On destroy, the command body you'd like to run with your entrypoint. | string |
"info" |
no |
| destroy_cmd_entrypoint | On destroy, the command entrypoint you'd like to use. Can also be set to a custom script. Module's bin directory will be prepended to path. | string |
"gcloud" |
no |
| enabled | Flag to optionally disable usage of this module. | bool |
true |
no |
| gcloud_download_url | Custom gcloud download url. Optional. | string |
"" |
no |
| gcloud_sdk_version | The gcloud sdk version to download. | string |
"434.0.0" |
no |
| jq_download_url | Custom jq download url. Optional. | string |
"" |
no |
| jq_version | The jq version to download. | string |
"1.6" |
no |
| module_depends_on | List of modules or resources this module depends on. | list(any) |
[] |
no |
| platform | Platform CLI will run on. Defaults to linux. Valid values: linux, darwin | string |
"linux" |
no |
| service_account_key_file | Path to service account key file to run gcloud auth activate-service-account with. Optional. |
string |
"" |
no |
| skip_download | Whether to skip downloading gcloud (assumes gcloud is already available outside the module) | bool |
true |
no |
| upgrade | Whether to upgrade gcloud at runtime | bool |
true |
no |
| use_tf_google_credentials_env_var | Use GOOGLE_CREDENTIALS environment variable to run gcloud auth activate-service-account with. Optional. |
bool |
false |
no |
Outputs
| Name | Description |
|---|---|
| bin_dir | The full bin path of the modules executables |
| create_cmd_bin | The full bin path & command used on create |
| destroy_cmd_bin | The full bin path & command used on destroy |
| downloaded | Whether gcloud was downloaded or not |
| wait | An output to use when you want to depend on cmd finishing |
Requirements
These sections describe requirements for using this module.
Software
The following dependencies must be available:
- Terraform v0.12
- Terraform Provider for GCP plugin v2.0
- curl
Service Account
A service account must be created, along with a key, to use this module. The service account must have the proper IAM roles for whatever commands you're running with this module.
APIs
A project is not required to host resources of this module, since this module does not create any resources.
However you will likely need a project for your service account and any resources you'd like to interact with while using this module.
Contributing
Refer to the contribution guidelines for information on contributing to this module.