From f0160a8abd71cac3f729486a15fc73dcdb920193 Mon Sep 17 00:00:00 2001
From: Tom Alexander <tom@fizz.buzz>
Date: Tue, 15 Oct 2024 20:45:34 -0400
Subject: [PATCH] Add a cloud run service.

---
 api_server/docker/Makefile     | 16 ++++++++++
 terraform/.terraform.lock.hcl  | 56 +++++++++++++++++-----------------
 terraform/artifact_registry.tf | 17 +++++++++++
 terraform/cloud_run_service.tf | 18 +++++++++++
 terraform/main.tf              |  7 +++--
 5 files changed, 83 insertions(+), 31 deletions(-)
 create mode 100644 terraform/artifact_registry.tf
 create mode 100644 terraform/cloud_run_service.tf

diff --git a/api_server/docker/Makefile b/api_server/docker/Makefile
index 230553e..a1f40a1 100644
--- a/api_server/docker/Makefile
+++ b/api_server/docker/Makefile
@@ -12,6 +12,7 @@ endif
 .RECIPEPREFIX = >
 
 IMAGE_NAME:= gateway-test
+REMOTE_REPO:=harbor.fizz.buzz/library
 TARGET :=
 
 .PHONY: help
@@ -22,6 +23,16 @@ help:
 build: ## Build the docker image.
 > docker build --tag $(IMAGE_NAME) --target=$(TARGET) --file Dockerfile ../
 
+.PHONY: push
+push: ## Push the docker image to a remote repository.
+push: build
+ifdef REMOTE_REPO
+> docker tag $(IMAGE_NAME) $(REMOTE_REPO)/$(IMAGE_NAME)
+> docker push $(REMOTE_REPO)/$(IMAGE_NAME)
+else
+> @echo "REMOTE_REPO not defined, not pushing to a remote repo."
+endif
+
 .PHONY: shell
 shell: ## Launch an interactive shell inside the docker image.
 shell: build
@@ -30,3 +41,8 @@ shell: build
 .PHONY: clean
 clean:
 > docker rmi $(IMAGE_NAME)
+ifdef REMOTE_REPO
+> docker rmi $(REMOTE_REPO)/$(IMAGE_NAME)
+else
+> @echo "REMOTE_REPO not defined, not removing from remote repo."
+endif
diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl
index 63c144f..3b66f82 100644
--- a/terraform/.terraform.lock.hcl
+++ b/terraform/.terraform.lock.hcl
@@ -2,41 +2,41 @@
 # Manual edits may be lost in future updates.
 
 provider "registry.terraform.io/hashicorp/google" {
-  version     = "5.36.0"
-  constraints = "5.36.0"
+  version     = "6.7.0"
+  constraints = "6.7.0"
   hashes = [
-    "h1:ZEMkbWcaEqnSb6UQhMXFzs6B2xDgvbKlkBIrrk862V8=",
-    "zh:091f4e82ee4ba77cd37b67d9c24448a1317e8e103bd5f3191f7b4b26b314f2e6",
-    "zh:15aed0b4cc85ee275aa32740ecf745f4ff6da09ed7c705900d93f5d0e454fcd1",
-    "zh:403cc4daf32aa31fe89940aca6d1d320531103801d5c4678107f3c952d126875",
-    "zh:539c774fb97bc2dd6cd67f436ae062c2fc50d9181aa4f4ae626dc428dce1bb82",
-    "zh:5857cf533a5db0853f81f2662681e95556b0972cae0bd5cff02d24f2a0cb395e",
-    "zh:7e802ee04b9ea84f1667ac8e970dc559709628555e1350b4996f07b067da041d",
-    "zh:90a62593c84543f8d8f7848ae3b75d3190e6ad36cf38e2d5ca321771668c77e6",
-    "zh:9e2cf799c61dd4f534f84705db3ab00142d0a5b58ea147a6a67f5bd902f31eba",
-    "zh:b3470f63ef5621eab6501c7024ba74480def676cb58331755484ffcf1c64b3d8",
-    "zh:b6a640f7cbee78880e901512d193e6863339eb18f552903e7298ceb023543486",
-    "zh:cddaca8c950334a22849b6499c0dde289ac8e9767d29ee1504e70872201d8da8",
+    "h1:sMGHFZFZKvUr8FB1Ocm5612HsMeO4umUu6UW1UAgTds=",
+    "zh:16ac63e56986916015637bdc26a93e375aa84f22381d37dea51b227bc8fd58e3",
+    "zh:3d27c11cfd55394e247b01dc5d8bf4b892940ac0b66785cf565fbbabe8b8363b",
+    "zh:40011688dd3d5294f92bc0d85f30f26c427adc9a0e5c5053ca71a66f322e6edd",
+    "zh:84f2b94480c0979fbef001bc040dcaa5ac7b7d3cb47edc24ef612f6ede8ecb84",
+    "zh:9350b88bfeedf91176ed8447e368a980b0f5c9ad5f6bc0eff62e8889888a60df",
+    "zh:a0aba100e12c1a4e45ed9c66a95edb6c1f51d4f88ac4a38e0f64ee057128b23d",
+    "zh:cc5b520ea5806b967559f6f7fa07e7f0e9fe380bfb68d2f8b5afc1c94e99cd70",
+    "zh:d1eaea3ed952dff0337930938ae031841175725a6da1a512d8dfd649b1e2a83f",
+    "zh:d9deed8a673ce1d1f9ebcb6186ee4068933720d0d97ef7b627d7d0f819b67eed",
+    "zh:df342d4ab9cd3d1e26bd338bc4a2f0fd136c96f8861ce0ab63a7e6e41f62254b",
+    "zh:f0438dbdacdcfc2727b09752f682c96f5f575fdb3282b6fb1721756d83b390c7",
     "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
   ]
 }
 
 provider "registry.terraform.io/hashicorp/google-beta" {
-  version     = "5.36.0"
-  constraints = "5.36.0"
+  version     = "6.7.0"
+  constraints = "6.7.0"
   hashes = [
-    "h1:Hj9tw3fkPV5f1/CviqSfW0Ex2Pg/bba+HXq1ek/tszQ=",
-    "zh:1516867331b7c1e53d28e929d4bcc77199e9ed2c733b1dd805a0445c7bd55708",
-    "zh:25750a11add3099e8773c512e7820a4c5e04a66b431626a47d37e992308387dc",
-    "zh:5085899f0d71fa03798da4285e6334464abf8ad8bc86017c795942aceeac1b34",
-    "zh:53f2b06d25948ba222a2d8cc4583bb14c588aa37e2eeca4b63eaa609665d9e72",
-    "zh:5a78890d4e88085b4f17b7d3266773ae1d95ac2376a945defb77125831fa3546",
-    "zh:5cdb4c91c65688a3a6341f543aaee5e4645003f9af152189bd324589f3449535",
-    "zh:6cfa032855dbb86325a7c832164346b83fda7ee41a6e679d1b06fb3d4eebd5d6",
-    "zh:9d4c34d545fcafa928d38c41b76d8638109924a176e9d8da74eca835874c0181",
-    "zh:a330ec2300476d553f553863f1d6183053ac669f6e9663f095cf3f712485b666",
-    "zh:d1fa47a22727931d16282a7b14c0476383820db5bc266632e5df5a2506562735",
-    "zh:e243237d3415452935b3e42dd90ab170feb4fc1511819e6a99f895c29e9a73c1",
+    "h1:w5bxwp3tSvAViwW/14MyjaWXbA3bdSdx0nxnNv0OOEw=",
+    "zh:0def181a8781c13f002bf77afb83ce600bd5c08e4324f5d2c2e4d60a8b41dd5c",
+    "zh:323453165fa8c69a4400c0c14750bce9ac9729f2313966e983a13aa8a0d68f9e",
+    "zh:5507893e7115d0702de0a87f583d09639e082c825ec1e5bd1e4317061d5c7b04",
+    "zh:74505c85aaa9ef70491bdb708e0aee459fb1b85848d170217a6bf0c4cd2edf5c",
+    "zh:81d7f41eda8547e140304320fa0d188be26982234831c8405db5a91aef20e478",
+    "zh:95cd1322406f7cd97e6e4c0ddedf60060fa70481c9134871148ef6dd71d2254d",
+    "zh:a4ba2b745d35a7e09d318f30f0057c3b06d4443b5e08abd20041e17be3981c7d",
+    "zh:a5a49279474ddb12c8902f33ee9a714800cf0860c10599984a5145e63aec3e8c",
+    "zh:abbcc76e8ea53a92f701ddb15eb5771306ae19273e5b199b2cb1370723b16d1d",
+    "zh:ac942c462a313861146df88d0d1223e5b59d7c9acd83066dc0b8f2565067e558",
+    "zh:c9b00cc290736b956fb2d7f1c478671c8ef25d8a07526c791c9cf218580de1b9",
     "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
   ]
 }
diff --git a/terraform/artifact_registry.tf b/terraform/artifact_registry.tf
new file mode 100644
index 0000000..a5cf750
--- /dev/null
+++ b/terraform/artifact_registry.tf
@@ -0,0 +1,17 @@
+# Cloud run requires that the docker image URL points to either the official docker repos or a google-hosted one. This sets up artifact registry to use my self-hosted harbor instance so I don't have to script out building the docker image in google cloud.
+resource "google_artifact_registry_repository" "docker_repo" {
+  project       = google_project.project.project_id
+  location      = var.region
+  repository_id = "docker-repo"
+  description   = "Docker image repository"
+  format        = "DOCKER"
+  mode          = "REMOTE_REPOSITORY"
+  remote_repository_config {
+    description = "My Harbor"
+    docker_repository {
+      custom_repository {
+        uri = "https://harbor.fizz.buzz"
+      }
+    }
+  }
+}
diff --git a/terraform/cloud_run_service.tf b/terraform/cloud_run_service.tf
new file mode 100644
index 0000000..728b41e
--- /dev/null
+++ b/terraform/cloud_run_service.tf
@@ -0,0 +1,18 @@
+resource "google_cloud_run_v2_service" "api_server" {
+  project             = google_project.project.project_id
+  name                = "api-server"
+  location            = var.region
+  deletion_protection = false
+  ingress             = "INGRESS_TRAFFIC_ALL"
+
+  template {
+    containers {
+      image = "${google_artifact_registry_repository.docker_repo.location}-docker.pkg.dev/${google_artifact_registry_repository.docker_repo.project}/${google_artifact_registry_repository.docker_repo.repository_id}/library/gateway-test"
+      ports {
+        container_port = 8080
+      }
+    }
+  }
+
+  depends_on = [google_project_service.service["run"], ]
+}
diff --git a/terraform/main.tf b/terraform/main.tf
index 429fb90..178b87f 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -7,11 +7,11 @@ terraform {
   required_providers {
     google = {
       source  = "hashicorp/google"
-      version = "5.36.0"
+      version = "6.7.0"
     }
     google-beta = {
       source  = "hashicorp/google-beta"
-      version = "5.36.0"
+      version = "6.7.0"
     }
     random = {
       source  = "hashicorp/random"
@@ -69,11 +69,12 @@ resource "google_project" "project" {
   name            = "Api Gateway Test"
   project_id      = "api-gateway-test-${random_id.project.hex}"
   billing_account = data.google_billing_account.acct.id
+  deletion_policy = "DELETE"
 }
 
 resource "google_project_service" "service" {
   project                    = google_project.project.project_id
-  for_each                   = toset(["discoveryengine", "dialogflow"])
+  for_each                   = toset(["run"])
   service                    = "${each.key}.googleapis.com"
   disable_dependent_services = true
 }