terraform: add variable for vulndb bucket project
This project name is needed to compute vuln DB requests.
Change-Id: I4f8fa389528c3e9ac943a80f3ee1b83be171ca96
Reviewed-on: https://go-review.googlesource.com/c/pkgsite-metrics/+/484536
Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com>
Run-TryBot: Jonathan Amsterdam <jba@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
diff --git a/terraform/environment/worker.tf b/terraform/environment/worker.tf
index 459f120..18adbba 100644
--- a/terraform/environment/worker.tf
+++ b/terraform/environment/worker.tf
@@ -37,6 +37,11 @@
type = bool
}
+variable "vulndb_bucket_project" {
+ description = "project ID for vuln DB bucket logs"
+ type = string
+}
+
locals {
worker_url = data.google_cloud_run_service.worker.status[0].url
tz = "America/New_York"
@@ -154,6 +159,10 @@
name = "GO_ECOSYSTEM_BINARY_BUCKET"
value = "go-ecosystem"
}
+ env {
+ name = "GO_ECOSYSTEM_VULNDB_BUCKET_PROJECT"
+ value = var.vulndb_bucket_project
+ }
}
service_account_name = local.worker_service_account
diff --git a/terraform/main.tf b/terraform/main.tf
index 41d24af..ab680fc 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -63,6 +63,11 @@
type = string
}
+variable "vulndb_bucket_project" {
+ description = "project ID for vuln DB bucket logs"
+ type = string
+}
+
# Enabled APIs
resource "google_project_service" "apis" {
@@ -159,9 +164,9 @@
}
resource "google_logging_metric" "build_errors" {
- name = "cloud-build-errors"
+ name = "cloud-build-errors"
description = "Errors from Cloud Build"
- filter = "resource.type=build AND textPayload=ERROR"
+ filter = "resource.type=build AND textPayload=ERROR"
metric_descriptor {
metric_kind = "DELTA"
unit = "1"
@@ -262,23 +267,25 @@
# Deployment environments
module "prod" {
- source = "./environment"
- env = "prod"
- project = var.prod_project
- region = local.region
- pkgsite_db_project = var.pkgsite_db_project
- pkgsite_db_name = var.pkgsite_db_name
- use_profiler = true
+ source = "./environment"
+ env = "prod"
+ project = var.prod_project
+ region = local.region
+ pkgsite_db_project = var.pkgsite_db_project
+ pkgsite_db_name = var.pkgsite_db_name
+ vulndb_bucket_project = var.vulndb_bucket_project
+ use_profiler = true
}
module "dev" {
- source = "./environment"
- env = "dev"
- project = var.dev_project
- region = local.region
- pkgsite_db_project = var.pkgsite_db_project
- pkgsite_db_name = var.pkgsite_db_name
- use_profiler = false
+ source = "./environment"
+ env = "dev"
+ project = var.dev_project
+ region = local.region
+ pkgsite_db_project = var.pkgsite_db_project
+ pkgsite_db_name = var.pkgsite_db_name
+ vulndb_bucket_project = var.vulndb_bucket_project
+ use_profiler = false
}
