David WOGLO
David WOGLO

David WOGLO

Quickly automate resources deployment on Google Cloud using an IaC tool and CI/CD Platform

David WOGLO's photo
David WOGLO
·Aug 9, 2022·

3 min read

Quickly automate resources deployment on Google Cloud using an IaC tool and CI/CD Platform

Table of contents

  • Objectives
  • Requirements
  • Granting necessary permissions to Cloud Build
  • Setup the Github repo and connect Cloud Build to it

In this article I will show you in a simple way, how to set up a CI/CD pipeline that automatically deploys your google cloud infrastructure resources using Terraform, Cloud Build and Github.

Objectives

Automatically deploy resources to Google Cloud from Terraform code hosted in the source control repository. Arch.png

Requirements

To be able to realize all the steps of this article, you will need a functional google cloud account (You can use the free trial ), a Github account, and some basic knowledge in Google Cloud and Terraform.

Granting necessary permissions to Cloud Build

To be able to perform the necessary deployments on the infrastructure, Cloud Build will need proper permissions. In this lab I will go faster by giving the service account the project editor role. Get the Cloud Build service account and give it the necessary permissions so that it can make required changes to the resources.

Of course, in a production environment it is necessary to comply with the principle of least privilege.

To do so, run the following command in the cloud shell gcloud projects add-iam-policy-binding $PROJECT_ID --member serviceAccount:theCloudBuidServiceAccount --role roles/editor

To get Cloud Build service account, click on Cloud Build then settings image.png And there you will find the email address of the service account image.png

Setup the Github repo and connect Cloud Build to it

Login to Github and create a new repo , then upload Terraform files or edit new ones directly on Github. [Click here](Github.com/davWK/ci-cd-terraform-cloudbuild.. to fork my example infrastructure files repository, or if you are comfortable with Terraform and want to deploy a custom infrastructure write ones from scratch. After that go to Cloud Build to set up automated deployment with a build trigger, you will use Cloud Build and its build triggers to deploy your ressources automatically every time you push a new git commit to the source repository.

  1. Go to Cloud Build

  2. And on the left select trigger

  3. click on create trigger

  4. Give it a name, and for the event choose push to the branch

  5. For the source , select repository and click connect new repository Here it is possible to link a Github repo to Cloud Build by mirroring a Github repository to Cloud Source Repositories or by using Google Cloud Build Github app. We will use the application in this case see how to configure the application . After configuring the app,

  6. Back to create trigger page, and click on repository and choose the newly created repository

  7. In branch set it to ^master$ or ^main$

  8. For the configuration type choose Cloud Build configuration file (yaml or json) and in your Github repo create a cloudbuid.yaml with the content below.

steps:
- id: 'tf init'
  name: 'hashicorp/terraform:1.0.0'
  entrypoint: 'sh'
  args: 
  - '-c'
  - |
      terraform init

- id: 'tf apply'
  name: 'hashicorp/terraform:1.0.0'
  entrypoint: 'sh'
  args: 
  - '-c'
  - |
      terraform apply -auto-approve

Back yo trigger page, in the location, by selecting repository, put the path to the yaml file or choose inline (in this case you would not need to create the yaml file in the repo but rather paste the yaml content directly into code editor) Leave the other values as default and click on create

Voila :) the deployment of your resources should start automatically if you make a push of the yaml file created previously, if not you can run it manually for the first time, for the next times as soon as you update your Terraform configuration the update of your resources should be done automatically

 
Share this