From 313db40948adf5592729f37067e325094691601d Mon Sep 17 00:00:00 2001
From: Martin Hutchinson <mhutchinson@gmail.com>
Date: Tue, 6 Feb 2024 17:23:39 +0000
Subject: [PATCH] Cloud build pushes new images to non-prod envs (#89)

This means that the ci and dev environments will be kept up to date with new images that are deployed.
This does not modify the prod environment.
---
 deployment/live/cloudbuild/dev/terragrunt.hcl |  3 ++-
 .../live/cloudbuild/prod/terragrunt.hcl       |  3 ++-
 deployment/modules/cloudbuild/main.tf         | 20 +++++++++++++++++++
 deployment/modules/cloudbuild/variables.tf    |  6 ++++++
 4 files changed, 30 insertions(+), 2 deletions(-)

diff --git a/deployment/live/cloudbuild/dev/terragrunt.hcl b/deployment/live/cloudbuild/dev/terragrunt.hcl
index 655ccdb..dd299b4 100644
--- a/deployment/live/cloudbuild/dev/terragrunt.hcl
+++ b/deployment/live/cloudbuild/dev/terragrunt.hcl
@@ -13,7 +13,8 @@ locals {
 inputs = merge(
   local.common_vars.locals,
   {
-    env = "dev"
+    env               = "dev"
+    cloud_run_service = "distributor-service-dev"
   }
 )
 
diff --git a/deployment/live/cloudbuild/prod/terragrunt.hcl b/deployment/live/cloudbuild/prod/terragrunt.hcl
index 370877d..bb8c32a 100644
--- a/deployment/live/cloudbuild/prod/terragrunt.hcl
+++ b/deployment/live/cloudbuild/prod/terragrunt.hcl
@@ -13,7 +13,8 @@ locals {
 inputs = merge(
   local.common_vars.locals,
   {
-    env = "prod"
+    env               = "prod"
+    cloud_run_service = "distributor-service-ci"
   }
 )
 
diff --git a/deployment/modules/cloudbuild/main.tf b/deployment/modules/cloudbuild/main.tf
index 775fcb8..ad4fb7f 100644
--- a/deployment/modules/cloudbuild/main.tf
+++ b/deployment/modules/cloudbuild/main.tf
@@ -60,6 +60,20 @@ resource "google_cloudbuild_trigger" "distributor_docker" {
         local.docker_address
       ]
     }
+    # Deploy container image to Cloud Run
+    step {
+      name       = "gcr.io/google.com/cloudsdktool/cloud-sdk"
+      entrypoint = "gcloud"
+      args       = [
+        "run",
+        "deploy",
+        var.cloud_run_service,
+        "--image",
+        local.docker_address,
+        "--region",
+        var.region
+      ]
+    }
     options {
       logging = "CLOUD_LOGGING_ONLY"
     }
@@ -89,3 +103,9 @@ resource "google_project_iam_member" "artifact_registry_writer" {
   member  = "serviceAccount:${google_service_account.cloudbuild_service_account.email}"
 }
 
+resource "google_project_iam_member" "cloudrun_deployer" {
+  project = var.project_id
+  role    = "roles/run.developer"
+  member  = "serviceAccount:${google_service_account.cloudbuild_service_account.email}"
+}
+
diff --git a/deployment/modules/cloudbuild/variables.tf b/deployment/modules/cloudbuild/variables.tf
index 66ac3c3..382e562 100644
--- a/deployment/modules/cloudbuild/variables.tf
+++ b/deployment/modules/cloudbuild/variables.tf
@@ -28,3 +28,9 @@ variable "env" {
   description = "Unique identifier for the env, e.g. ci or prod"
   type        = string
 }
+
+variable "cloud_run_service" {
+  description = "The name of the cloud run service that new images should be pushed to"
+  type        = string
+}
+