HashiCorp Terraform is an infrastructure-as-code (IaC) tool that lets you provision and manage cloud infrastructure. Terraform provides plugins called providers that let you interact with cloud providers and other APIs. You can use the Terraform provider for Google Cloud to provision and manage Google Cloud resources, including Cloud Build.
This page introduces you to using Terraform with Cloud Build, including an introduction to how Terraform works and some resources to help you get started using Terraform with Google Cloud. You'll also find links to Terraform reference docs for Cloud Build, code examples, and guides for using Terraform to provision Cloud Build resources.
For instructions on how to get started with Terraform for Google Cloud, see Install and configure Terraform or the Terraform for Google Cloud quickstart.
How Terraform works
Terraform has a declarative and configuration-oriented syntax, which you can use to describe the infrastructure that you want to provision in your Google Cloud project. After you author this configuration in one or more Terraform configuration files, you can use the Terraform CLI to apply this configuration to your Cloud Build resources.
The following steps explain how Terraform works:
- You describe the infrastructure you want to provision in a Terraform configuration file. You don't need to write code describing how to provision the infrastructure. Terraform provisions the infrastructure for you.
- You run the
terraform plancommand, which evaluates your configuration and generates an execution plan. You can review the plan and make changes as needed. -
You run the
terraform applycommand, which performs the following actions:- It provisions your infrastructure based on your execution plan by invoking the corresponding Cloud Build APIs in the background.
- It creates a Terraform state file, which is a JSON file that maps the resources in your configuration file to the resources in the real-world infrastructure. Terraform uses this file to keep a record of the most recent state of your infrastructure, and to determine when to create, update, and destroy resources.
-
When you run
terraform apply, Terraform uses the mapping in the state file to compare the existing infrastructure to the code, and make updates as necessary:- If a resource object is defined in the configuration file, but doesn't exist in the state file, Terraform creates it.
- If a resource object exists in the state file, but has a different configuration from your configuration file, Terraform updates the resource to match your configuration file.
- If a resource object in the state file matches your configuration file, Terraform leaves the resource unchanged.
Terraform resources for Cloud Build
Resources are the fundamental elements in the Terraform language. Each resource block describes one or more infrastructure objects, such as virtual networks or compute instances.
The following table lists the Terraform resources available for Cloud Build:
| Cloud Build service | Terraform Resources | Data sources |
|---|---|---|
| Cloud Build v1 | google_cloudbuild_trigger
|
|
| Cloud Build v2 | google_cloudbuildv2_connection_iam_policy |
Terraform-based guides for Cloud Build
The following table lists Terraform-based how-to guides and tutorials for Cloud Build:
| Guide | Details |
|---|---|
| Connect to a GitHub repository | This guide explains how to connect a GitHub repository to Cloud Build using Terraform. |
| Connect to a GitHub Enterprise host | This guide explains how to connect a GitHub Enterprise host to Cloud Build using Terraform. |
| Connect to a GitHub Enterprise repository | This guide explains how to connect a GitHub Enterprise repository to Cloud Build using Terraform. |
| Connect to a GitLab Enterprise Edition host | This guide explains how to connect a GitLab Enterprise Edition host to Cloud Build using Terraform. |
| Connect to a GitLab Enterprise Edition repository | This guide explains how to connect a GitLab Enterprise Edition repository to Cloud Build using Terraform. |
| Connect to a Bitbucket Data Center host | This guide explains how to connect a Bitbucket Data Center host to Cloud Build using Terraform. |
| Connect to a Bitbucket Data Center repository | This guide explains how to connect a Bitbucket Data Center repository to Cloud Build using Terraform. |
| Connect to a Bitbucket Cloud host | This guide explains how to connect a Bitbucket Cloud host to Cloud Build using Terraform. |
| Connect to a Bitbucket Cloud repository | This guide explains how to connect a Bitbucket Cloud repository to Cloud Build using Terraform. |
| Deploy to Compute Engine | This guide explains how to perform zero-downtime blue-green deployments on Compute Engine Managed Instance Groups (MIGs) using Cloud Build and Terraform. |
Terraform modules and blueprints for Cloud Build
Modules and blueprints help you automate provisioning and managing of Google Cloud resources at scale. A module is a reusable set of Terraform configuration files that creates a logical abstraction of Terraform resources. A blueprint is a package of deployable and reusable modules, and a policy that implements and documents a specific solution.
The following table lists modules and blueprints related to Cloud Build:
| Module or blueprint | Details |
|---|---|
| Secure CI/CD pipeline | This module enables Google Cloud customers to quickly deploy a secure CI/CD pipeline, implementing many of the functions outlined in Shifting left on security. |
terraform-google-bootstrap |
This module helps bootstrap a Google Cloud organization, creating all the required resources and permissions to start using the Cloud Foundation Toolkit (CFT). For users who want to use Cloud Build and Cloud Source Repositories for foundations code, this module contains a submodule that bootstraps all the required resources. |
What's next
- Terraform code samples for Cloud Build
- Terraform on Google Cloud documentation
- Google Cloud provider documentation in HashiCorp
- Infrastructure as code for Google Cloud