infra

package
v0.0.0-...-f3ea40d Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 29, 2024 License: Apache-2.0 Imports: 29 Imported by: 0

README

Website Deployment

Website infra is built on Cloud Run with a global load balancer in-front and Cloud CDN enabled. This directory contains all the Lingon/OpenTofu code to configure the production, pre-production and PR preview environment infrastructure.

The actual deployment of the site is decoupled from the infra for convenience, it does not matter for the infrastructure which container is running inside the Cloud Run service(s). Changes to the image of the deployed Cloud Run services are ignored, could add more fields in future if needed.

Usage

# Login to GCP (fetches Application Default Credentials for use by Tofu).
gcloud auth application-default login

# Bootstrap infra, creating OIDC trust for GitHub Actions to assume a
# Google Cloud IAM service account.
go run ./cmd/bootstrap/main.go

# Deploy LB and prod and staging environments.
go run ./cmd/base/main.go

# Deploy Preview environments.
go run ./cmd/preview/main.go

THen run:

Documentation

Index

Constants

View Source 
const URLMapActionType sylt.ActionType = "urlmap"

Variables

View Source 
var S = terra.String

Functions

This section is empty.

Types

type BackendService 

type BackendService struct {
	ID      string
	Domains []string
}

type DefaultBackend 

type DefaultBackend struct {
	Bucket       *google_storage_bucket.Resource
	NotFoundPage *google_storage_bucket_object.Resource
	Backend      *google_compute_backend_bucket.Resource
	IAMMember    *google_storage_bucket_iam_member.Resource
}

func NewDefaultBackend 

func NewDefaultBackend() DefaultBackend

type GCSBackend 

type GCSBackend struct {
	Bucket string `hcl:"bucket"`
	Prefix string `hcl:"prefix"`
}

func (*GCSBackend) BackendType 

func (g *GCSBackend) BackendType() string

type GitHubOIDC 

type GitHubOIDC struct {
	ProjectIAMMember
	ServiceAccount *google_service_account.Resource

	WorkloadIDPool         *google_iam_workload_identity_pool.Resource
	WorkloadIDPoolProvider *google_iam_workload_identity_pool_provider.Resource
	WorkloadIDMember       *google_service_account_iam_member.Resource
}

func NewGitHubOIDC 

func NewGitHubOIDC(opts GitHubOIDCOpts) GitHubOIDC

type GitHubOIDCOpts 

type GitHubOIDCOpts struct {
	Project string
}

type HTTPSRedirect 

type HTTPSRedirect struct {
	URLMap         *google_compute_url_map.Resource
	HTTPProxy      *google_compute_target_http_proxy.Resource
	ForwardingRule *google_compute_global_forwarding_rule.Resource
}

func NewHTTPSRedirect 

func NewHTTPSRedirect(
	opts LoadBalancerOpts,
	ipAddress terra.StringValue,
) *HTTPSRedirect

type LoadBalancer 

type LoadBalancer struct {
	GlobalAddress        *google_compute_global_address.Resource
	URLMap               *google_compute_url_map.Resource
	TargetHTTPSProxy     *google_compute_target_https_proxy.Resource
	CertManagerMap       *google_certificate_manager_certificate_map.Resource
	CertManagerMapEntry  *google_certificate_manager_certificate_map_entry.Resource
	GlobalForwardingRule *google_compute_global_forwarding_rule.Resource

	HTTPSRedirect
}

func NewLoadBalancer 

func NewLoadBalancer(opts LoadBalancerOpts) LoadBalancer

type LoadBalancerOpts 

type LoadBalancerOpts struct {
	DefaultService string
}

type ProjectIAMMember 

type ProjectIAMMember struct {
	CloudRunAdmin           *google_project_iam_member.Resource
	LBAdmin                 *google_project_iam_member.Resource
	StorageObjectUser       *google_project_iam_member.Resource
	IAMWorkloadIdentityUser *google_project_iam_member.Resource
	IAMServiceAccountUser   *google_project_iam_member.Resource
	ArtifactRegistryWriter  *google_project_iam_member.Resource
}

func NewProjectIAMMember 

func NewProjectIAMMember(
	project string,
	serviceAccountEmail terra.StringValue,
) ProjectIAMMember

type Service 

type Service struct {
	BackendService       *google_compute_backend_service.Resource
	CloudRunService      *google_cloud_run_service.Resource
	IAMMember            *google_cloud_run_service_iam_member.Resource
	NetworkEndpointGroup *google_compute_region_network_endpoint_group.Resource
}

func NewService 

func NewService(opts ServiceOpts) Service

type ServiceOpts 

type ServiceOpts struct {
	Name     string
	MinScale int
	MaxScale int
}

type URLMapAction 

type URLMapAction struct {
	// Unique ID of this URLMap.
	ID string
	// Google cloud project.
	Project string
	// URLMap to update.
	URLMap string
	// Backend service to map to.
	Service string
	// Host (domain) to map to the service.
	Host string
}

func (*URLMapAction) ActionName 

func (a *URLMapAction) ActionName() string

func (*URLMapAction) ActionType 

func (a *URLMapAction) ActionType() sylt.ActionType

func (*URLMapAction) Cleanup 

func (a *URLMapAction) Cleanup(
	ctx context.Context,
	opts sylt.RunOpts,
) error

func (*URLMapAction) Run 

func (a *URLMapAction) Run(ctx context.Context, opts sylt.RunOpts) error

Source Files

View all Source files

Directories

Path Synopsis
cmd
base
bootstrap
preview

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.