Hi All Please provide the documentation and steps to perform Pulumi Community #google-cloud

Hi All, Please provide the documentation and steps...

handsome-secretary-30352

05/08/2024, 6:56 AM

Hi All, Please provide the documentation and steps to perform the below task: Use GITHub Action to deploy Kubernetes cluster in GCP using Pulumi with GO USe GitHub Action to deploy sample docerized Reac application in above created K8 cluster using Pulumi with GO

early-lunch-81292

05/10/2024, 8:56 PM

@bitter-cat-65329 Yes, I have AppEngine working with domain mapping. No, I have not done the AlertPolicy one you’re having issues with

early-lunch-81292

05/10/2024, 8:57 PM

What are you stuck with in regards to AppEngine?

bitter-cat-65329

05/14/2024, 11:21 PM

@early-lunch-81292 do you have any sample code i can reference?

early-lunch-81292

05/15/2024, 4:14 AM

@bitter-cat-65329 here is what I used. Some of the IAM policies may not be necessary but I didn’t remove them after I got the process working. Please note, I am using TypeScript/Node not Go so the syntax will be a little different for you in Go. Hopefully, you can easily convert it.

Copy code

const myWebInstance = new gcp.appengine.Application(`myapp-${config.env}`, {
    project: config.project.id,
    locationId: config.location,
    authDomain: config.www.domain
});

/**
 * Cloud Build user requires proper permissions as well
 */


const svcAccountIamBindingappEngine = new gcp.projects.IAMBinding(`svcAcct-iamBinding-appEngine-${config.env}`, {
    role: "roles/appengine.deployer",
    project: config.project.id,
    members: [pulumi.interpolate`serviceAccount:${config.appEngine.deployUser}`]
});

const svcAccountIamBindingServiceAdmin = new gcp.projects.IAMBinding(`svcAcct-iamBinding-serviceAdmin-${config.env}`, {
    role: "roles/appengine.serviceAdmin",
    project: config.project.id,
    members: [pulumi.interpolate`serviceAccount:${config.appEngine.deployUser}`]
});

const svcAccountIamBindingStorageAdmin = new gcp.projects.IAMBinding(`svcAcct-iamBinding-storageAdmin-${config.env}`, {
    role: "roles/compute.storageAdmin",
    project: config.project.id,
    members: [pulumi.interpolate`serviceAccount:${config.appEngine.deployUser}`]
});

const svcAccountIamBindingsCloudBuild = new gcp.projects.IAMBinding(`svcAcct-iamBinding-cloudBuild-${config.env}`, {
    role: "roles/cloudbuild.builds.builder",
    project: config.project.id,
    members: [pulumi.interpolate`serviceAccount:${config.appEngine.deployUser}`]
});


const cbIAMPolicyBindingStorage = new gcp.projects.IAMBinding(`svcCloudBuild-storage-binding-${config.env}`, {
    role: "roles/storage.objectUser",
    project: config.project.id,
    members: [pulumi.interpolate`serviceAccount:${config.appEngine.deployUser}`]
});


// Add a custom domain mapping to the App Engine application.
const AE_domainMapping = new gcp.appengine.DomainMapping(`appengine-domain-mapping-${config.env}`, {
    domainName: config.www.domain, // your custom domain
    project: gcp.config.project, // your GCP project ID
    // SSL configurations if necessary, otherwise App Engine will provide a managed certificate
    sslSettings: {
=        sslManagementType: "AUTOMATIC"
    }
}, {dependsOn: myWebInstance});

Open in Slack

Previous Next