Skip to content

Commit 13ca545

Browse files
joecoralljoecorall
committed
Gate docker rebuild
1 parent 54f85d6 commit 13ca545

1 file changed

Lines changed: 21 additions & 6 deletions

File tree

main.tf

Lines changed: 21 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,10 @@ locals {
2323
vault_proxy = "libops/vault-proxy:1.0.0"
2424
account_id = trimspace(var.gsa_account_id) != "" ? trimspace(var.gsa_account_id) : substr(local.service_name, 0, 30)
2525
gsa = "${local.account_id}@${var.project}.iam.gserviceaccount.com"
26+
vault_image_context_sha = sha1(join("", [
27+
filesha1("${path.module}/Dockerfile"),
28+
filesha1("${path.module}/vault-server.hcl.tmpl"),
29+
]))
2630
data_bucket_name = trimspace(var.data_bucket_name) != "" ? trimspace(var.data_bucket_name) : lower(
2731
replace(replace(replace("${var.project}-${local.service_name}-data", "_", "-"), ".", "-"), " ", "-")
2832
)
@@ -91,24 +95,35 @@ resource "google_artifact_registry_repository" "private" {
9195
# docker build vault server image
9296
resource "docker_image" "vault" {
9397
name = local.image_name
98+
9499
build {
95-
context = path.module
100+
context = path.module
101+
dockerfile = "Dockerfile"
96102
build_args = {
97103
KMS_KEY_RING = var.kms_key_ring_name
98104
KMS_CRYPTO_KEY = var.kms_key_name
99105
}
100106
}
107+
108+
keep_locally = false
109+
101110
triggers = {
102-
dir_sha1 = sha1(join("", [for f in toset(["${path.module}/Dockerfile", "${path.module}/vault-server.hcl.tmpl"]) : filesha1(f)]))
111+
dir_sha = local.vault_image_context_sha
112+
ring = var.kms_key_ring_name
113+
key = var.kms_key_name
103114
}
104115
}
105116

106117
# docker push to Artifact Registry
107118
resource "docker_registry_image" "vault" {
108-
name = local.image_name
109-
depends_on = [docker_image.vault, google_artifact_registry_repository.private]
119+
name = docker_image.vault.name
120+
keep_remotely = true
121+
depends_on = [docker_image.vault, google_artifact_registry_repository.private]
122+
110123
triggers = {
111-
dir_sha1 = sha1(join("", [for f in toset(["${path.module}/Dockerfile", "${path.module}/vault-server.hcl.tmpl"]) : filesha1(f)]))
124+
dir_sha = local.vault_image_context_sha
125+
ring = var.kms_key_ring_name
126+
key = var.kms_key_name
112127
}
113128
}
114129

@@ -155,7 +170,7 @@ resource "google_kms_crypto_key_iam_member" "vault" {
155170
}
156171

157172
module "vault" {
158-
source = "git::https://github.com/libops/terraform-cloudrun-v2?ref=0.5.1"
173+
source = "git::https://github.com/libops/terraform-cloudrun-v2?ref=0.5.2"
159174

160175
name = local.service_name
161176
project = var.project

0 commit comments

Comments
 (0)