mirror of
https://github.com/hasura/graphql-engine.git
synced 2025-01-08 08:44:24 +03:00
a0dc296ede
We sometimes need to test against cloud databases. Here, we add a Terraform module to start a new AlloyDB cluster and instance, which we can then use for testing purposes. PR-URL: https://github.com/hasura/graphql-engine-mono/pull/7002 GitOrigin-RevId: 2d661b5cc6d60e47485ea68b781e13426ed4f097
55 lines
1.4 KiB
HCL
55 lines
1.4 KiB
HCL
# The bastion instance, which runs the AlloyDB auth proxy.
|
|
|
|
# This grabs the name of the latest Debian image.
|
|
data "google_compute_image" "bastion_image" {
|
|
family = "debian-11"
|
|
project = "debian-cloud"
|
|
}
|
|
|
|
resource "google_compute_instance" "bastion" {
|
|
name = "${var.name}-testing-alloydb-bastion"
|
|
machine_type = "e2-small"
|
|
zone = "us-central1-a"
|
|
tags = [
|
|
# "ssh", # uncomment and re-apply to SSH in
|
|
"postgres",
|
|
]
|
|
|
|
network_interface {
|
|
network = google_compute_network.default.id
|
|
|
|
# Runs on an ephemeral public IP address.
|
|
access_config {}
|
|
}
|
|
|
|
boot_disk {
|
|
initialize_params {
|
|
image = data.google_compute_image.bastion_image.self_link
|
|
}
|
|
}
|
|
|
|
# This service account has client access to AlloyDB.
|
|
service_account {
|
|
email = google_service_account.service_account.email
|
|
scopes = ["cloud-platform"]
|
|
}
|
|
|
|
# On startup, download the AlloyDB auth proxy and run it.
|
|
# Logs are written to /alloydb-auth-proxy.log. You can SSH in and view them if necessary.
|
|
metadata_startup_script = <<-EOT
|
|
#!/usr/bin/env bash
|
|
|
|
set -e
|
|
set -u
|
|
set -o pipefail
|
|
|
|
curl -fsSL https://storage.googleapis.com/alloydb-auth-proxy/v0.6.1/alloydb-auth-proxy.linux.amd64 -o alloydb-auth-proxy
|
|
chmod +x alloydb-auth-proxy
|
|
|
|
nohup ./alloydb-auth-proxy \
|
|
'${google_alloydb_instance.primary.id}' \
|
|
--address "0.0.0.0" \
|
|
>& alloydb-auth-proxy.log &
|
|
EOT
|
|
}
|