This repo explains how to manage infrastructure as code with Terraform and Cloud Build using GitOps.
-
In Cloud Shell, create the Cloud Storage bucket:
PROJECT_ID=$(gcloud config get-value project) gsutil mb gs://${PROJECT_ID}-tfstate -
Enable Object Versioning to keep the history of your deployments:
gsutil versioning set on gs://${PROJECT_ID}-tfstate
- Connect your repository to Cloud Build
- Create a trigger
To make sure merges can be applied only when respective Cloud Build executions are successful, proceed with the following steps:
- On GitHub, navigate to the main page of your forked repository.
- Under your repository name, click Settings.
- In the left menu, click Branches.
- Under Branch protection rules, click Add rule.
- In Branch name pattern, select dev.
- In Rule settings, select Require status checks to pass before merging, and then in Status checks found in the last week for this repository, click Build.
- Click Create.
- Repeat steps 5–8, setting Branch name pattern to prod.
This configuration is important to protect both the dev and prod branches. Meaning, commits must first be pushed to another branch, and only then they can be merged to the protected branch. In this tutorial, the protection requires that the Cloud Build execution be successful for the merge to be allowed.
Once you have tested your app, you can promote your configuration to production by merging the dev branch to prod.