Terraform Blueprint to deploy the Humanitec resources based on 5 different Terraform Modules:
- Google Cloud
- Humanitec
TOC:
- Assumptions
- Deploy the Terraform Blueprint
- Test connectivity
- Update Developers's CD pipelines
- Terraform Blueprint documentation
- Available resource types for the Developers in their Score files
- GKE cluster provisioned in GCP as an input for the
clusterTerraform Module. - "Project" == "Humanitec App"
- 1 GKE cluster per Env Type
- 1 Humanitec Service User/Token per {App, Env Type}
- People as:
Memberat the Org levelViewerat the App Level
- Service User:
Artefact Contributorfor Development andMemberfor other Environments at the Org levelDeveloperat the App LevelDeployerat the Env Type
export HUMANITEC_ORG=FIXME
export HUMANITEC_TOKEN=FIXME
terraform workspace select -or-create=true ${HUMANITEC_ORG}
terraform init -upgrade
terraform plan \
-var org_id=${HUMANITEC_ORG} \
-var token=${HUMANITEC_TOKEN} \
-var 'clusters=[{name="mabenoit-demo", region="northamerica-northeast1", project_id="mabenoit-demo-458522"}]' \
-var humanitec_crds_already_installed=true \
-out out.tfplan
terraform apply out.tfplanHere are the default (Humanitec managed) resource definition not used anymore that we can explicitly disable now:
humctl api PUT /orgs/${HUMANITEC_ORG}/resources/defs/default-humanitec-base-env/criteria --data '[]'
humctl api PUT /orgs/${HUMANITEC_ORG}/resources/defs/default-humanitec-namespace/criteria --data '[]'
humctl api PUT /orgs/${HUMANITEC_ORG}/resources/defs/default-humanitec-workload-res/criteria --data '[]'
humctl api PUT /orgs/${HUMANITEC_ORG}/resources/defs/default-humanitec-dns/criteria --data '[]'
humctl api PUT /orgs/${HUMANITEC_ORG}/resources/defs/default-humanitec-ingress/criteria --data '[]'
humctl api PUT /orgs/${HUMANITEC_ORG}/resources/defs/default-humanitec-tls-cert/criteria --data '[]'humctl get resource-account
ACCOUNT_ID=FIXME
humctl resources check-account ${ACCOUNT_ID}
APP_ID=sail-sharp
ENV_ID=development
ENV_TYPE=development
humctl resources check-connectivity \
--app ${APP_ID} \
--env ${ENV_ID} \
--env-type ${ENV_TYPE}Update Developer's CD pipelines based on outputs:
terraform output service_users_tokensYou can also use this token locally (HUMANITEC_TOKEN) and run humctl score deploy --app --env
To get the available resource types for the Developers in their Score files
humctl score available-resource-typesName Type Category Class
Environment environment score default
Service service score default
Persistent Volume volume datastore default
Redis redis datastore default
Route route ingress default
Google Cloud Storage Bucket gcs datastore default
Google Cloud Pub/Sub Topic gcp-pubsub-topic messaging default
Postgres postgres datastore default
Google Cloud Pub/Sub Subscription gcp-pubsub-subscription messaging default
DNS dns dns default
Google Cloud Vertex AI gcp-vertex-ai default
| Name | Version |
|---|---|
| terraform | >= 1.3.0 |
| ~> 5.1 | |
| humanitec | ~> 1.0 |
| Name | Source | Version |
|---|---|---|
| apps | ./modules/htc-app | n/a |
| gcp_app | ./modules/gcp-app | n/a |
| gcp_cluster | ./modules/gcp-cluster | n/a |
| htc_cluster | ./modules/htc-cluster | n/a |
| org | ./modules/htc-org | n/a |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| apps | n/a | list(object({ |
n/a | yes |
| clusters | n/a | list(object({ |
n/a | yes |
| org_id | ID of the Humanitec Organization | string |
n/a | yes |
| token | Token to provision objects in Humanitec Organization | string |
n/a | yes |
| env_types | n/a | list(object({ |
[ |
no |
| humanitec_crds_already_installed | Custom resource definitions must be applied before custom resources. | bool |
false |
no |
| Name | Description |
|---|---|
| service_users_tokens | n/a |