Skip to content

fix: permit optional ports for sidecars so we can run sidecars #450

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
bdashrad wants to merge 6 commits into
base: main
Choose a base branch
from
+19 −10
Open

fix: permit optional ports for sidecars so we can run sidecars #450

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
1e0521c
fix[sidecars]: Permit optional ports for sidecars.
atrull Jun 30, 2025
4556628
Merge pull request #1 from atrull/optional_ports
bdashrad Mar 5, 2026
58fa623
Merge branch 'GoogleCloudPlatform:main' into fix/sidecar-ports
bdashrad Mar 19, 2026
f1da448
run make generate_docs
bdashrad Mar 19, 2026
3cdced4
Merge branch 'main' into fix/sidecar-ports
bdashrad Apr 6, 2026
08cb52c
Merge branch 'main' into fix/sidecar-ports
bdashrad May 19, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions metadata.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -323,13 +323,13 @@ spec:
roles:
- level: Project
roles:
- roles/cloudkms.admin
- roles/resourcemanager.projectIamAdmin
- roles/run.admin
- roles/iam.serviceAccountAdmin
- roles/artifactregistry.admin
- roles/iam.serviceAccountUser
- roles/serviceusage.serviceUsageViewer
- roles/cloudkms.admin
- roles/resourcemanager.projectIamAdmin
services:
- accesscontextmanager.googleapis.com
- cloudbilling.googleapis.com
Expand Down
2 changes: 1 addition & 1 deletion modules/v2/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ Functional examples are included in the
| binary\_authorization | Settings for the Binary Authorization feature. | <pre>object({<br> breakglass_justification = optional(bool) # If present, indicates to use Breakglass using this justification. If useDefault is False, then it must be empty. For more information on breakglass, [see](https://cloud.google.com/binary-authorization/docs/using-breakglass)<br> use_default = optional(bool) #If True, indicates to use the default project's binary authorization policy. If False, binary authorization will be disabled.<br> })</pre> | `null` | no |
| client | Arbitrary identifier for the API client and version identifier | <pre>object({<br> name = optional(string, null)<br> version = optional(string, null)<br> })</pre> | `{}` | no |
| cloud\_run\_deletion\_protection | This field prevents Terraform from destroying or recreating the Cloud Run jobs and services | `bool` | `true` | no |
| containers | Container images for the service | <pre>list(object({<br> container_name = optional(string, null)<br> container_image = string<br> working_dir = optional(string, null)<br> depends_on_container = optional(list(string), null)<br> container_args = optional(list(string), null)<br> container_command = optional(list(string), null)<br> env_vars = optional(map(string), {})<br> env_secret_vars = optional(map(object({<br> secret = string<br> version = string<br> })), {})<br> volume_mounts = optional(list(object({<br> name = string<br> mount_path = string<br> })), [])<br> ports = optional(object({<br> name = optional(string, "http1")<br> container_port = optional(number, 8080)<br> }), {})<br> resources = optional(object({<br> limits = optional(object({<br> cpu = optional(string)<br> memory = optional(string)<br> nvidia_gpu = optional(string)<br> }))<br> cpu_idle = optional(bool, true)<br> startup_cpu_boost = optional(bool, false)<br> }), {})<br> startup_probe = optional(object({<br> failure_threshold = optional(number, null)<br> initial_delay_seconds = optional(number, null)<br> timeout_seconds = optional(number, null)<br> period_seconds = optional(number, null)<br> http_get = optional(object({<br> path = optional(string)<br> port = optional(string)<br> http_headers = optional(list(object({<br> name = string<br> value = string<br> })), [])<br> }), null)<br> tcp_socket = optional(object({<br> port = optional(number)<br> }), null)<br> grpc = optional(object({<br> port = optional(number)<br> service = optional(string)<br> }), null)<br> }), null)<br> liveness_probe = optional(object({<br> failure_threshold = optional(number, null)<br> initial_delay_seconds = optional(number, null)<br> timeout_seconds = optional(number, null)<br> period_seconds = optional(number, null)<br> http_get = optional(object({<br> path = optional(string)<br> port = optional(string)<br> http_headers = optional(list(object({<br> name = string<br> value = string<br> })), [])<br> }), null)<br> tcp_socket = optional(object({<br> port = optional(number)<br> }), null)<br> grpc = optional(object({<br> port = optional(number)<br> service = optional(string)<br> }), null)<br> }), null)<br> }))</pre> | n/a | yes |
| containers | Container images for the service | <pre>list(object({<br> container_name = optional(string, null)<br> container_image = string<br> working_dir = optional(string, null)<br> depends_on_container = optional(list(string), null)<br> container_args = optional(list(string), null)<br> container_command = optional(list(string), null)<br> env_vars = optional(map(string), {})<br> env_secret_vars = optional(map(object({<br> secret = string<br> version = string<br> })), {})<br> volume_mounts = optional(list(object({<br> name = string<br> mount_path = string<br> })), [])<br> ports = optional(object({<br> name = optional(string)<br> container_port = optional(number)<br> }), {})<br> resources = optional(object({<br> limits = optional(object({<br> cpu = optional(string)<br> memory = optional(string)<br> nvidia_gpu = optional(string)<br> }))<br> cpu_idle = optional(bool, true)<br> startup_cpu_boost = optional(bool, false)<br> }), {})<br> startup_probe = optional(object({<br> failure_threshold = optional(number, null)<br> initial_delay_seconds = optional(number, null)<br> timeout_seconds = optional(number, null)<br> period_seconds = optional(number, null)<br> http_get = optional(object({<br> path = optional(string)<br> port = optional(string)<br> http_headers = optional(list(object({<br> name = string<br> value = string<br> })), [])<br> }), null)<br> tcp_socket = optional(object({<br> port = optional(number)<br> }), null)<br> grpc = optional(object({<br> port = optional(number)<br> service = optional(string)<br> }), null)<br> }), null)<br> liveness_probe = optional(object({<br> failure_threshold = optional(number, null)<br> initial_delay_seconds = optional(number, null)<br> timeout_seconds = optional(number, null)<br> period_seconds = optional(number, null)<br> http_get = optional(object({<br> path = optional(string)<br> port = optional(string)<br> http_headers = optional(list(object({<br> name = string<br> value = string<br> })), [])<br> }), null)<br> tcp_socket = optional(object({<br> port = optional(number)<br> }), null)<br> grpc = optional(object({<br> port = optional(number)<br> service = optional(string)<br> }), null)<br> }), null)<br> }))</pre> | n/a | yes |
| create\_service\_account | Create a new service account for cloud run service | `bool` | `true` | no |
| custom\_audiences | One or more custom audiences that you want this service to support. Specify each custom audience as the full URL in a string. [Refer](https://cloud.google.com/run/docs/configuring/custom-audiences) | `list(string)` | `null` | no |
| description | Cloud Run service description. This field currently has a 512-character limit. | `string` | `null` | no |
Expand Down
15 changes: 12 additions & 3 deletions modules/v2/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -158,11 +158,20 @@ resource "google_cloud_run_v2_service" "main" {
args = containers.value.container_args
working_dir = containers.value.working_dir
depends_on = containers.value.depends_on_container

dynamic "ports" {
for_each = lookup(containers.value, "ports", {}) != {} ? [containers.value.ports] : []
for_each = try(
(
containers.value.ports != null &&
containers.value.ports.container_port != null &&
containers.value.ports.container_port > 0 &&
containers.value.ports.container_port < 65536
) ? [containers.value.ports] : [],
[]
)
content {
name = ports.value["name"]
container_port = ports.value["container_port"]
name = try(ports.value.name, null)
container_port = ports.value.container_port
}
}

Expand Down
4 changes: 2 additions & 2 deletions modules/v2/metadata.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,8 +91,8 @@ spec:
mount_path = string
})), [])
ports = optional(object({
name = optional(string, "http1")
container_port = optional(number, 8080)
name = optional(string)
container_port = optional(number)
}), {})
resources = optional(object({
limits = optional(object({
Expand Down
4 changes: 2 additions & 2 deletions modules/v2/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,8 +55,8 @@ variable "containers" {
mount_path = string
})), [])
ports = optional(object({
name = optional(string, "http1")
container_port = optional(number, 8080)
name = optional(string)
container_port = optional(number)
}), {})
resources = optional(object({
limits = optional(object({
Expand Down