[GitHub] [beam] volatilemolotov commented on a diff in pull request #26513: Playground deployment triggers

["volatilemolotov (via GitHub)" <gi...@apache.org>]

volatilemolotov commented on code in PR #26513:
URL: https://github.com/apache/beam/pull/26513#discussion_r1188587187


##########
playground/terraform/infrastructure/cloudbuild-manual-setup/README.md:
##########
@@ -31,18 +31,50 @@ Cloud Build triggers created by terraform scripts from this directory automate s
     - Cloud Build Editor
     - Security Admin
     - Service Account User
+    - Secret Manager Admin
 - [gcloud CLI](https://cloud.google.com/sdk/docs/install-sdk)
-- An existing GCP Bucket to save Terraform state - `state-bucket`
+- An existing GCS Bucket to save Terraform state - `state-bucket`
+- An existing GCS Bucket to store CI privae logs - `private-logs-bucket`
 - DNS name for your Playground deployment instance
 - [Terraform](https://www.terraform.io/)
+- [GitHub Personal Access Token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)
 - [Apache Beam GitHub](https://github.com/apache/beam) repository cloned locally
 
 ## 1. Set up the Google Cloud Build for your GCP project
 
-The `playground/terraform/infrastructure/cloudbuild-manual-setup/01.setup` provisions dependencies required to set up Cloud Build for Playground:
+First provide the variables by creating a `common.tfvars` file in the environment folder 
+```
+$BEAM_GIT/playground/terraform/environment/$ENVIRONMENT_NAME/common.tfvars 
+```
+And put the following:
+```
+playground_deploy_sa = "DEPLOY_SA_NAME"
+playground_update_sa = "UPDATE_SA_NAME"
+playground_ci_sa = "CI_SA_NAME"
+playground_cd_sa = "CD_SA_NAME"
+project_id = "PROJECT_ID"
+playground_environment_name = "ENVIRONMENT_NAME"

Review Comment:
   What do you mean by environment specific?



##########
playground/terraform/infrastructure/cloudbuild-manual-setup/README.md:
##########
@@ -48,34 +48,25 @@ $BEAM_GIT/playground/terraform/environment/$ENVIRONMENT_NAME/common.tfvars
 ```
 And put the following:
 ```
-playground_deploy_sa = "playground-deploy"
-playground_update_sa = "playground-helm"
-playground_ci_sa = "playground_ci"
-playground_cd_sa = "playground_cd"
-playground_environment_name = "playground-xxx"
-playground_dns_name = "playground.dev"
-playground_network_name = "playground-xxx"
-playground_subnetwork_name = "playground-xxx"
-playground_gke_name = "playground-xxx"
-image_tag = "playground-xxx"
-docker_repository_name = "playground-xxx"
-playground_region = "europe-west3"
-playground_zone = "europe-west3-c"
+playground_deploy_sa = "DEPLOY_SA_NAME"
+playground_update_sa = "UPDATE_SA_NAME"
+playground_ci_sa = "CI_SA_NAME"
+playground_cd_sa = "CD_SA_NAME"
+project_id = "PROJECT_ID"
+playground_environment_name = "ENVIRONMENT_NAME"
+playground_dns_name = "DNS"
+image_tag = "TAG"
+playground_region = "REGION"
+playground_zone = "ZONE"
 skip_appengine_deploy = false
-ipaddress_name = "playground-xxx"
-redis_name = "playground-xxx"
-playground_service_account = "playground-xxx-sa"
-datastore_namespace = "playground-xxx"
-webhook_trigger_secret_id = "playground-xxx-wb"
-gh_pat_secret = "playground-xxx"
-data_for_github_pat_secret = "GH_SECRET"
-data_for_cicd_webhook_secret = "RANDOM DATA" # will be automated
-private_logs_bucket = "playground-xxx"
+playground_service_account = "SA_NAME"
+webhook_trigger_secret_id = "SECRET_ID"
+gh_pat_secret = "PAT_SECRET_ID"
+data_for_github_pat_secret = "PAT"
 trigger_source_repo = "https://github.com/apache/beam"
-project_id = "playground-xxx"
 terraform_source_repo = "https://github.com/apache/beam"
 terraform_source_branch = "master"
-state_bucket = "playground-xxx-terraform"
+state_bucket = "BUCKET_NAME"
 ```
 
 Please make sure you change the values. 

Review Comment:
   Did we agree on where the common var file should be? 



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: github-unsubscribe@beam.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org