DEV Community

Cover image for Quickly automate resources deployment on Google Cloud using an IaC and CI/CD Platform
David WOGLO
David WOGLO

Posted on • Updated on • Originally published at blog.davidwoglo.me

Quickly automate resources deployment on Google Cloud using an IaC and CI/CD Platform

In this article I will show you in a simple way, how to set up a CI/CD pipeline that automatically deploys your google cloud infrastructure resources using Terraform, Cloud Build and Github.

Objectives

Automatically deploy resources to Google Cloud from Terraform code hosted in the source control repository.

Image description

Requirements

To be able to realize all the steps of this article, you will need a functional google cloud account (You can use the free trial ), a Github account, and some basic knowledge in Google Cloud and Terraform.

Granting necessary permissions to Cloud Build

To be able to perform the necessary deployments on the infrastructure, Cloud Build will need proper permissions. In this lab I will go faster by giving the service account the project editor role. Get the Cloud Build service account and give it the necessary permissions so that it can make required changes to the resources.

Of course, in a production environment it is necessary to comply with the principle of least privilege.

To do so, run the following command in the cloud shell
gcloud projects add-iam-policy-binding $PROJECT_ID --member serviceAccount:theCloudBuidServiceAccount --role roles/editor

To get Cloud Build service account, click on Cloud Build then settings
Image description

And there you will find the email address of the service account
Image description

Setup the Github repo and connect Cloud Build to it

Login to Github and create a new repo , then upload Terraform files or edit new ones directly on Github. [Click here](https://Github.com/davWK/ci-cd-terraform-cloudbuild_basics to fork my example infrastructure files repository, or if you are comfortable with Terraform and want to deploy a custom infrastructure write ones from scratch. After that go to Cloud Build to set up automated deployment with a build trigger, you will use Cloud Build and its build triggers to deploy your ressources automatically every time you push a new git commit to the source repository.

  1. Go to Cloud Build

  2. And on the left select trigger

  3. click on create trigger

  4. Give it a name, and for the event choose push to the branch

  5. For the source , select** repository** and click connect new repository
    Here it is possible to link a Github repo to Cloud Build by mirroring a Github repository to Cloud Source Repositories or by using Google Cloud Build Github app. We will use the application in this case
    see how to configure the application . After configuring the app,

  6. Back to create trigger page, and click on repository and choose the newly created repository

  7. In branch set it to ^master$ or ^main$

  8. For the configuration type choose Cloud Build configuration file (yaml or json)
    and in your Github repo create a cloudbuid.yaml with the content below.

steps:
- id: 'tf init'
  name: 'hashicorp/terraform:1.0.0'
  entrypoint: 'sh'
  args: 
  - '-c'
  - |
      terraform init

- id: 'tf apply'
  name: 'hashicorp/terraform:1.0.0'
  entrypoint: 'sh'
  args: 
  - '-c'
  - |
      terraform apply -auto-approve
Enter fullscreen mode Exit fullscreen mode

Back yo trigger page, in the location, by selecting repository, put the path to the yaml file or choose inline (in this case you would not need to create the yaml file in the repo but rather paste the yaml content directly into code editor)
Leave the other values as default and click on create

Voila :) the deployment of your resources should start automatically if you make a push of the yaml file created previously, if not you can run it manually for the first time, for the next times as soon as you update your Terraform configuration the update of your resources should be done automatically

Top comments (0)