[#77]argo: parametrize some some stuff for GKE

odahu · Apr 12, 2021 · dceec04 · dceec04
1 parent 468bfed
commit dceec04
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 8 deletions.
diff --git a/terraform/modules/k8s/argo/prereqs/gke/main.tf b/terraform/modules/k8s/argo/prereqs/gke/main.tf
@@ -1,5 +1,5 @@
 locals {
-  gsa_argo_name = "${var.cluster_name}-argo"
+  gsa_argo_name       = "${var.cluster_name}-argo"
   workflows_namespace = var.workflows_namespace == "" ? var.namespace : var.workflows_namespace
 }
 
@@ -46,7 +46,10 @@ resource "google_service_account_iam_binding" "argo_web_identity" {
   service_account_id = google_service_account.argo.name
   role               = "roles/iam.workloadIdentityUser"
 
-  members = ["serviceAccount:${var.project_id}.svc.id.goog[${var.namespace}/argo-server]", "serviceAccount:${var.project_id}.svc.id.goog[${local.workflows_namespace}/argo-workflow]"]
+  members = [
+    "serviceAccount:${var.project_id}.svc.id.goog[${var.namespace}/argo-server]",
+    "serviceAccount:${var.project_id}.svc.id.goog[${local.workflows_namespace}/argo-workflow]"
+  ]
 }
 
 resource "google_service_account_key" "argo_sa_key" {

diff --git a/terraform/modules/k8s/argo/prereqs/gke/output.tf b/terraform/modules/k8s/argo/prereqs/gke/output.tf
@@ -1,3 +1,15 @@
-output "argo_workflows_sa" {
-  value = google_service_account.argo.email
+output "argo_sa_annotations" {
+  value = {
+    "iam.gke.io/gcp-service-account" = google_service_account.argo.email
+  }
+}
+
+output "argo_artifact_repository_config" {
+  value = {
+    gcs = {
+      bucket    = var.configuration.artifact_bucket,
+      endpoint  = "storage.googleapis.com",
+      keyFormat = "argo/{{workflow.namespace}}/{{workflow.name}}/"
+    }
+  }
 }
diff --git a/terraform/modules/odahuflow/prereqs/gke/main.tf b/terraform/modules/odahuflow/prereqs/gke/main.tf
@@ -25,8 +25,6 @@ locals {
       }
     }
   }
-
-  argo_artifact_bucket_name = var.argo_artifact_bucket == "" ? "${var.cluster_name}-argo-artifacts" : var.argo_artifact_bucket
 }
 
 ########################################################
@@ -82,7 +80,9 @@ resource "google_storage_bucket" "log" {
 # GCS Argo artifacts bucket
 ########################################################
 resource "google_storage_bucket" "argo_artifacts" {
-  name                        = local.argo_artifact_bucket_name
+  count = var.argo_artifact_bucket_name == "" ? 0 : 1
+
+  name                        = var.argo_artifact_bucket_name
   location                    = var.region
   storage_class               = "REGIONAL"
   force_destroy               = true

diff --git a/terraform/modules/odahuflow/prereqs/gke/output.tf b/terraform/modules/odahuflow/prereqs/gke/output.tf
@@ -21,7 +21,7 @@ output "odahu_log_bucket_name" {
 }
 
 output "argo_artifact_bucket_name" {
-  value = google_storage_bucket.argo_artifacts.name
+  value = google_storage_bucket.argo_artifacts[0].name
 }
 
 output "odahu_collector_sa_key" {