[#77] Add GCS artifact storage to GKE Argo installation

odahu · Apr 5, 2021 · 8e274a4 · 8e274a4
1 parent 5c8100c
commit 8e274a4
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 17 deletions.
diff --git a/terraform/modules/k8s/argo/main/main.tf b/terraform/modules/k8s/argo/main/main.tf
@@ -23,15 +23,15 @@ locals {
     }
   }
 
-#  artifact_repository = {
-#    artifactRepository = {
-#      archiveLogs = true
-#      gcs = {
-#        bucket    = var.configuration.artifact_bucket
-#        keyFormat = "argo/{{workflow.namespace}}/{{workflow.name}}/"
-#      }
-#    }
-#  }
+  artifact_repository = {
+    artifactRepository = {
+      archiveLogs = true
+      gcs = {
+        bucket    = var.configuration.artifact_bucket
+        keyFormat = "argo/{{workflow.namespace}}/{{workflow.name}}/"
+      }
+    }
+  }
 
   controller = {
     controller = {
@@ -176,7 +176,7 @@ resource "helm_release" "argo_workflows" {
       controller    = yamlencode(local.controller)
       pgsql_enabled = var.pgsql.enabled
       workflow            = yamlencode(local.workflow)
-#      artifact_repository = yamlencode(local.artifact_repository)
+      artifact_repository = yamlencode(local.artifact_repository)
       #      workflows_namespace = local.workflows_namespace
       #      node_selector = var.configuration.node_pool[keys(var.configuration.node_pool)[0]].labels.mode
       #      node_taint    = var.configuration.node_pool[keys(var.configuration.node_pool)[0]].taints[0].value

diff --git a/terraform/modules/k8s/argo/prereqs/gke/main.tf b/terraform/modules/k8s/argo/prereqs/gke/main.tf
@@ -26,12 +26,12 @@ resource "google_storage_bucket_iam_member" "argo_store_legacy_write" {
   depends_on = [google_service_account.argo]
 }
 
-#resource "google_storage_bucket_iam_member" "odahu_store" {
-#  bucket     = var.bucket
-#  member     = "serviceAccount:${google_service_account.airflow.email}"
-#  role       = "roles/storage.objectAdmin"
-#  depends_on = [google_service_account.airflow]
-#}
+resource "google_storage_bucket_iam_member" "odahu_store" {
+  bucket     = var.bucket
+  member     = "serviceAccount:${google_service_account.argo.email}"
+  role       = "roles/storage.objectAdmin"
+  depends_on = [google_service_account.argo]
+}
 
 resource "google_kms_crypto_key_iam_member" "argo_kms_decrypt" {
   count = var.kms_key_id == "" ? 0 : 1
@@ -45,7 +45,7 @@ resource "google_service_account_iam_binding" "argo_web_identity" {
   service_account_id = google_service_account.argo.name
   role               = "roles/iam.workloadIdentityUser"
 
-  members = ["serviceAccount:${var.project_id}.svc.id.goog[argo-workflow]"]
+  members = ["serviceAccount:${var.project_id}.svc.id.goog[argo]"]
 }
 
 resource "google_service_account_key" "argo_sa_key" {