This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
provider "google" { | |
project = var.project | |
} | |
data "google_project" "current" {} | |
# Build the service agent email using the format: | |
# service-PROJECT_NUMBER@serverless-robot-prod.iam.gserviceaccount.com | |
locals { | |
project_number = data.google_project.current.number |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# create secret as file | |
export SECRET_ID="example-secret" | |
export SECRET_FILE=".env" | |
# create env file | |
cat > $SECRET_FILE << EOF | |
# Node environment | |
NODE_ENV=production | |
# Logging configuration |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Create a script to load environment variables from mounted secrets | |
RUN echo '#!/bin/sh' > /app/entrypoint.sh && \ | |
echo 'if [ -d "/secrets" ] && [ -f "/secrets/.env" ]; then' >> /app/entrypoint.sh && \ | |
echo ' cp /secrets/.env /app/.env' >> /app/entrypoint.sh && \ | |
echo ' echo "Loaded environment from mounted secret"' >> /app/entrypoint.sh && \ | |
echo 'fi' >> /app/entrypoint.sh && \ | |
echo 'exec node src/server.js' >> /app/entrypoint.sh && \ | |
chmod +x /app/entrypoint.sh && \ | |
chown nodeapp:nodeapp /app/entrypoint.sh |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
BILLING="YOUR-BILLING-ACCT" | |
ORGANIZATION="<ORG-ID-NUMBER>" | |
FOLDER="<FOLDER-ID-NUMBER>" | |
CUSTOMER="<CUSTOMER-ID>" | |
# user groups | |
export ORG_ADMIN_GROUP="[email protected]" | |
export BILLING_ADMIN_GROUP="[email protected]" | |
export SECURITY_ADMIN_GROUP="[email protected]" | |
export NETWORK_ADMIN_GROUP="[email protected]" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/env bash | |
##################################################################### | |
# REMOVE DOCKER DESKTOP FOR MAC (OPTIONAL: IF INSTALLED) | |
##################################################################### | |
echo "" | |
echo "Removing Docker Desktop for Mac..." | |
# 1. make sure docker running | |
sudo launchctl start com.docker.docker |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
##################################################################### | |
# REFERENCES | |
# - https://cloud.google.com/kubernetes-engine/docs/how-to/creating-an-autopilot-cluster | |
# - https://cloud.google.com/storage/docs/creating-buckets | |
# - https://cloud.google.com/storage/docs/access-control/using-iam-permissions | |
# - https://cloud.google.com/storage/docs/authentication/managing-hmackeys#command-line | |
# - https://github.com/Altinity/clickhouse-operator/blob/master/docs/quick_start.md | |
# - https://clickhouse.com/docs/en/getting-started/quick-start |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
##################################################################### | |
# REFERENCES | |
# - https://cloud.google.com/asset-inventory/docs/monitoring-asset-changes#organizations | |
# - https://cloud.google.com/asset-inventory/docs/reference/rest/v1/TopLevel/batchGetAssetsHistory#temporalasset | |
# - https://cloud.google.com/iam/docs/creating-custom-roles#creating | |
# - https://cloud.google.com/sdk/gcloud/reference/organizations/add-iam-policy-binding | |
# - https://gist.github.com/mikesparr/38260f9d457fc2f9452f1910213b4a71 | |
# - https://aravind-ramaiahk.medium.com/streamlining-cloud-asset-management-automating-the-export-of-google-cloud-organization-asset-46cc8b428038 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
##################################################################### | |
# REFERENCES | |
# - https://cloud.google.com/sdk/gcloud/reference/compute/networks/create | |
# - https://cloud.google.com/sdk/gcloud/reference/compute/networks/subnets/create | |
# - https://cloud.google.com/vpc/docs/configure-private-google-access | |
# - https://cloud.google.com/network-connectivity/docs/router/how-to/create-router-vpc-network#gcloud | |
# - https://cloud.google.com/nat/docs/set-up-manage-network-address-translation | |
# - https://cloud.google.com/nat/docs/using-nat-rules |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
##################################################################### | |
# REFERENCES | |
# - https://cloud.google.com/kubernetes-engine/docs/concepts/gateway-api | |
# - https://cloud.google.com/kubernetes-engine/docs/how-to/container-native-load-balancing | |
# - https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/ | |
# - https://cloud.google.com/gemini/docs/quickstart | |
# - https://cloud.google.com/kubernetes-engine/docs/best-practices/rbac | |
# - https://cloud.google.com/kubernetes-engine/docs/how-to/hardening-your-cluster#group_authentication |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
##################################################################### | |
# REFERENCES | |
# - https://cloud.google.com/secure-web-proxy/docs/initial-setup-steps | |
# - https://cloud.google.com/certificate-manager/docs/deploy-google-managed-regional | |
# - https://cloud.google.com/secure-web-proxy/docs/quickstart | |
# - https://cloud.google.com/secure-web-proxy/docs/enable-tls-inspection (OPTIONAL) | |
##################################################################### |
NewerOlder