This example shows how to deploy a custom Terraform Cloud agent image on Google Kubernetes Engine (GKE) using the tfc-agent-gke module.
It creates the Terraform Cloud agent pool, registers the agent to that pool and creates a project and an empty workspace with the agent attached.
The tools needed to build this example are available by default in Google Cloud Shell.
If running from your own system, you will need:
-
Create terraform.tfvars file with the necessary values.
The Terraform Cloud agent token you would like to use. NOTE: This is a secret and should be marked as sensitive in Terraform Cloud.
project_id = "your-project-id" tfc_org_name = "your-tfc-org-name"
-
Build the example Terraform Cloud agent image using Google Cloud Build. Alternatively, you can also use the tfc-agent-gke-simple for working with the default Terraform agent image.
# Export required variables export PROJECT_ID="your-project-id" export LOCATION="us-west1" export REPOSITORY="hashicorp" export IMAGE="tfc-agent" export VERSION="latest" # GCP commands to enable services gcloud config set project $PROJECT_ID gcloud services enable cloudbuild.googleapis.com gcloud services enable artifactregistry.googleapis.com gcloud components update # Create the Google Artifact Repository for storing the agent gcloud artifacts repositories create $REPOSITORY --location="$LOCATION" --repository-format="DOCKER" # Build the custom Terraform Cloud agent image using Cloud Build gcloud builds submit --config=cloudbuild.yaml \ --substitutions=_LOCATION="$LOCATION",_REPOSITORY="$REPOSITORY",_IMAGE="$IMAGE",_VERSION="$VERSION" .
-
Initialize the Terraform Cloud agent image for running Terraform.
export TF_VAR_tfc_agent_image=$LOCATION-docker.pkg.dev/$PROJECT_ID/$REPOSITORY/$IMAGE:$VERSION
-
Create the infrastructure.
terraform init terraform plan terraform apply
-
Your Terraform Cloud agents should become active at Organization Setting > Security > Agents.
-
Create additonal workspaces or use the existing workspace to run Terraform through the Terraform Cloud agent.Click here for more info on running the workspace.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| project_id | The Google Cloud Platform project ID to deploy Terraform Cloud agent cluster | string |
n/a | yes |
| tfc_agent_image | The custom Terraform Cloud agent image to use | string |
n/a | yes |
| tfc_agent_pool_name | Terraform Cloud agent pool name to be created | string |
"tfc-agent-gke-custom-pool" |
no |
| tfc_agent_pool_token_description | Terraform Cloud agent pool token description | string |
"tfc-agent-gke-custom-pool-token" |
no |
| tfc_org_name | Terraform Cloud org name where the agent pool will be created | string |
n/a | yes |
| tfc_project_name | Terraform Cloud project to use | string |
"GCP agents" |
no |
| tfc_workspace_name | Terraform Cloud workspace name to be created | string |
"tfc-agent-gke-custom" |
no |
| Name | Description |
|---|---|
| ca_certificate | The cluster CA certificate (base64 encoded) |
| cluster_name | GKE cluster name |
| kubernetes_endpoint | The cluster endpoint |
| location | GKE cluster location |
| network_name | Name of the VPC |
| project_id | The Google Cloud Platform project ID to deploy Terraform Cloud agent cluster |
| service_account | The default service account used for TFC agent nodes |
| subnet_name | Name of the subnet in the VPC |