Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: consume pulumi environment #99

Merged
merged 11 commits into from
Jan 10, 2024
Merged

feat: consume pulumi environment #99

merged 11 commits into from
Jan 10, 2024

Conversation

braaar
Copy link
Member

@braaar braaar commented Jan 8, 2024
edited
Loading

  • stop using stack reference to bjerk bot for retrieving github token
  • use pulumi environment secrets to retrieve github token

@bjerk-bot
Copy link

bjerk-bot commented Jan 8, 2024
edited
Loading

🍹 preview on bjerk-io-infra/bjerk/prod

Pulumi report 
Previewing update (bjerk/prod)

View Live: https://app.pulumi.com/bjerk/bjerk-io-infra/prod/previews/0700104a-08ac-4241-b221-854b8e906648

@ Previewing update....

@ Previewing update....
pulumi:pulumi:Stack bjerk-io-infra-prod running 
@ Previewing update.....
~  pulumi:providers:github gh-provider update 
@ Previewing update.....
gcp:dns:ManagedZone bjerk-dev-zone  
gcp:dns:ManagedZone bjerk-io-zone  
gcp:serviceAccount:Account deploy-sa  
gcp:dns:RecordSet bjerk-dev-ml-newsletter  
gcp:dns:RecordSet bjerk-io-a  
gcp:dns:RecordSet bjerk-io-gate  
gcp:dns:RecordSet bjerk-io-mx  
gcp:dns:RecordSet bjerk-io-vault  
gcp:dns:RecordSet bjerk-io-domainkey  
gcp:dns:RecordSet bjerk-io-www  
gcp:dns:RecordSet bjerk-io-dmarc  
gcp:dns:RecordSet bjerk-io-txt  
gcp:dns:RecordSet bjerk-io-github  
gcp:dns:RecordSet bjerk-io-studio  
gcp:dns:RecordSet bjerk-io-reporting  
gcp:serviceAccount:Key sa-key  
gcp:projects:IAMMember deploy-firebase-iam  
github:index:ActionsSecret deploy-url  
pulumi:pulumi:Stack bjerk-io-infra-prod  
Resources:
~ 1 to update
19 unchanged

@braaar braaar marked this pull request as ready for review January 8, 2024 14:21
@braaar braaar mentioned this pull request Jan 9, 2024
Open
@bjerk-bot
Copy link

bjerk-bot commented Jan 9, 2024
edited
Loading

🍹 preview on bjerk-core-infra/bjerk/prod

Pulumi report 
Previewing update (bjerk/prod)

View Live: https://app.pulumi.com/bjerk/bjerk-core-infra/prod/previews/d63d9140-57c3-4cae-840c-f5d96bcf1978

@ Previewing update.........

@ Previewing update.....
pulumi:pulumi:Stack bjerk-core-infra-prod running 
@ Previewing update.......
bjerk:project abax-vwfs  
pulumi:providers:gcp bjerk-core-google  
~  pulumi:providers:github flexi-soft-provider update 
~  pulumi:providers:github branches-provider update 
~  pulumi:providers:github bjerkio-provider update 
@ Previewing update....
gcp:iam:WorkloadIdentityPool core-github  
gcp:serviceAccount:Account conf-deployer  
gcp:organizations:Folder branches-folder  
bjerk:project flexisoft  
bjerkio:github:IdentityPoolGithub conf  
bjerk:project tripletex-time-agent  
github:index:ActionsSecret bot-pulumi  
bjerk:project bjerk-io  
bjerk:project bjerk-gaming  
bjerk:project timely-agent  
gcp:iam:WorkloadIdentityPoolProvider core-github  
gcp:folder:IAMMember branches-owner  
gcp:folder:IAMMember branches-project-creator  
@ Previewing update....
gcp:projects:Service compute.googleapis.com  
bjerkio:github:GithubIdentityPoolIamMember conf  
github:index:ActionsSecret conf-google-service-accuont  
bjerkio:github:IdentityPoolGithub conf-flexisoft-gh-identity-pool  
github:index:ActionsSecret conf-google-projects  
bjerkio:github:IdentityPoolGithub timely-app-timely-agent-gh-identity-pool  
github:index:ActionsSecret conf-flexisoft-pulumi  
bjerkio:github:IdentityPoolGithub timely-agent-timely-agent-gh-identity-pool  
bjerkio:github:IdentityPoolGithub gaming-bjerk-gaming-gh-identity-pool  
bjerkio:github:IdentityPoolGithub tripletex-time-agent-tripletex-time-agent-gh-identity-pool  
github:index:ActionsSecret conf-identity-provider  
gcp:projects:Service container.googleapis.com  
gcp:projects:Service cloudresourcemanager.googleapis.com  
gcp:projects:Service bjerk-gaming-iam.googleapis.com  
gcp:projects:Service bjerk-gaming-compute.googleapis.com  
gcp:projects:Service bjerk-gaming-dns.googleapis.com  
gcp:projects:Service bjerk-gaming-cloudtrace.googleapis.com  
gcp:projects:Service cloudkms.googleapis.com  
gcp:projects:Service logging.googleapis.com  
gcp:serviceAccount:IAMMember iam-infra-token-conf  
gcp:serviceAccount:IAMMember iam-workload-conf  
bjerkio:github:GithubIdentityPoolIamMember conf-flexisoft-gh-identity-pool  
gcp:projects:Service bjerk-gaming-servicecontrol.googleapis.com  
bjerkio:github:GithubIdentityPoolIamMember tripletex-time-agent-tripletex-time-agent-gh-identity-pool  
github:index:ActionsSecret conf-flexisoft-gh-identity-pool-identity-provider  
bjerkio:github:GithubIdentityPoolIamMember timely-app-timely-agent-gh-identity-pool  
github:index:ActionsSecret tripletex-time-agent-tripletex-time-agent-gh-identity-pool-identity-provider  
github:index:ActionsSecret timely-app-timely-agent-gh-identity-pool-identity-provider  
bjerkio:github:GithubIdentityPoolIamMember timely-agent-timely-agent-gh-identity-pool  
bjerkio:github:GithubIdentityPoolIamMember gaming-bjerk-gaming-gh-identity-pool  
github:index:ActionsSecret timely-agent-timely-agent-gh-identity-pool-identity-provider  
github:index:ActionsSecret gaming-bjerk-gaming-gh-identity-pool-identity-provider  
gcp:projects:Service bjerk-gaming-clouderrorreporting.googleapis.com  
gcp:projects:Service bjerk-gaming-cloudresourcemanager.googleapis.com  
gcp:projects:Service cloudfunctions.googleapis.com  
gcp:projects:Service stackdriver.googleapis.com  
gcp:projects:Service bjerk-gaming-container.googleapis.com  
gcp:projects:Service run.googleapis.com  
@ Previewing update....
gcp:projects:Service monitoring.googleapis.com  
gcp:projects:Service bjerk-gaming-cloudprofiler.googleapis.com  
gcp:projects:Service bjerk-gaming-logging.googleapis.com  
gcp:projects:Service cloudbuild.googleapis.com  
gcp:projects:Service cloudtrace.googleapis.com  
gcp:projects:Service bjerk-gaming-sqladmin.googleapis.com  
gcp:projects:Service iam.googleapis.com  
gcp:projects:Service bjerk-gaming-stackdriver.googleapis.com  
gcp:projects:Service bjerk-gaming-cloudkms.googleapis.com  
gcp:projects:Service clouderrorreporting.googleapis.com  
gcp:projects:Service cloudbilling.googleapis.com  
gcp:organizations:Folder internal-folder  
gcp:projects:Service bjerk-gaming-cloudfunctions.googleapis.com  
@ Previewing update....
gcp:projects:Service cloudprofiler.googleapis.com  
gcp:projects:Service dns.googleapis.com  
gcp:organizations:Folder customer-folder  
gcp:projects:Service bjerk-gaming-run.googleapis.com  
gcp:projects:Service bjerk-gaming-monitoring.googleapis.com  
gcp:projects:Service bjerk-gaming-cloudbuild.googleapis.com  
gcp:projects:Service sqladmin.googleapis.com  
gcp:projects:Service servicemanagement.googleapis.com  
gcp:projects:Service servicecontrol.googleapis.com  
gcp:projects:Service bjerk-gaming-servicemanagement.googleapis.com  
gcp:projects:Service bjerk-gaming-cloudbilling.googleapis.com  
gcp:organizations:Project veltno  
@ Previewing update....
gcp:organizations:Project tomba-domains  
gcp:folder:IAMMember group:developers@bjerk.io-viewer  
gcp:folder:IAMMember group:developers@bjerk.io-folderViewer  
gcp:organizations:Project tripletex-time-agent  
github:index:ActionsSecret tripletex-time-agent-tripletex-time-agent-gh-identity-pool-google-projects  
pulumi:providers:gcp tripletex-time-agent  
gcp:serviceAccount:Account tripletex-time-agent  
github:index:ActionsSecret tripletex-time-agent-tripletex-time-agent-gh-identity-pool-google-service-accuont  
gcp:serviceAccount:IAMMember iam-infra-token-tripletex-time-agent-tripletex-time-agent-gh-identity-pool  
gcp:serviceAccount:IAMMember iam-workload-tripletex-time-agent-tripletex-time-agent-gh-identity-pool  
@ Previewing update....
gcp:projects:IAMMember tripletex-time-agent-service-account  
gcp:folder:IAMMember group:gcp-organization-viewers@bjerk.io-internal-developer-browser  
gcp:organizations:Project timely-agent  
gcp:organizations:Project bjerk-io  
gcp:folder:IAMMember group:gcp-organization-viewers@bjerk.io-internal-developer-logging-viewier  
gcp:organizations:Project bjerk-gaming  
gcp:organizations:Project abax-vwfs  
gcp:folder:IAMMember group:gcp-organization-viewers@bjerk.io-customer-developer-browser  
gcp:organizations:Project flexisoft  
pulumi:providers:gcp timely-agent  
github:index:ActionsSecret timely-agent-timely-agent-gh-identity-pool-google-projects  
gcp:serviceAccount:Account timely-agent  
github:index:ActionsSecret timely-app-timely-agent-gh-identity-pool-google-projects  
pulumi:providers:gcp bjerk-io  
gcp:serviceAccount:Account bjerk-io  
pulumi:providers:gcp bjerk-gaming  
gcp:serviceAccount:Account bjerk-gaming  
github:index:ActionsSecret gaming-bjerk-gaming-gh-identity-pool-google-projects  
pulumi:providers:gcp abax-vwfs  
gcp:serviceAccount:Account abax-vwfs  
gcp:serviceAccount:Account flexisoft  
pulumi:providers:gcp flexisoft  
bjerk:project-slack-logger timely-agent  
github:index:ActionsSecret conf-flexisoft-gh-identity-pool-google-projects  
gcp:projects:IAMMember timely-agent-group:developers@bjerk.io-cloud-run-viewer  
gcp:projects:IAMMember timely-agent-group:developers@bjerk.io-private-logs-viewer  
gcp:projects:Service tta-monitoring.googleapis.com  
gcp:serviceAccount:IAMMember iam-infra-token-timely-agent-timely-agent-gh-identity-pool  
github:index:ActionsSecret timely-app-timely-agent-gh-identity-pool-google-service-accuont  
gcp:serviceAccount:IAMMember iam-workload-timely-app-timely-agent-gh-identity-pool  
gcp:projects:IAMMember timely-agent-service-account  
gcp:serviceAccount:IAMMember iam-infra-token-timely-app-timely-agent-gh-identity-pool  
gcp:serviceAccount:IAMMember iam-workload-timely-agent-timely-agent-gh-identity-pool  
github:index:ActionsSecret timely-agent-timely-agent-gh-identity-pool-google-service-accuont  
gcp:projects:IAMMember bjerk-io-group:developers@bjerk.io-firebase-viewer  
gcp:projects:IAMMember bjerk-io-group:developers@bjerk.io-logger-admin  
gcp:projects:IAMMember bjerk-io-group:developers@bjerk.io-dns-admin  
gcp:projects:IAMMember bjerk-io-service-account  
github:index:ActionsSecret gaming-bjerk-gaming-gh-identity-pool-google-service-accuont  
@ Previewing update....
gcp:projects:IAMMember bjerk-gaming-service-account  
gcp:serviceAccount:IAMMember iam-workload-gaming-bjerk-gaming-gh-identity-pool  
gcp:serviceAccount:IAMMember iam-infra-token-gaming-bjerk-gaming-gh-identity-pool  
gcp:projects:IAMMember abax-vwfs-service-account  
gcp:serviceAccount:IAMMember iam-infra-token-conf-flexisoft-gh-identity-pool  
github:index:ActionsSecret conf-flexisoft-gh-identity-pool-google-service-accuont  
gcp:serviceAccount:IAMMember iam-workload-conf-flexisoft-gh-identity-pool  
gcp:projects:IAMMember flexisoft-service-account  
gcp:serviceAccount:Account timely-agent  
gcp:pubsub:Topic timely-agent  
gcp:projects:Service tta-container.googleapis.com  
gcp:projects:Service tta-compute.googleapis.com  
gcp:projects:Service tta-dns.googleapis.com  
gcp:projects:Service tta-servicecontrol.googleapis.com  
gcp:projects:Service tta-logging.googleapis.com  
gcp:projects:Service tta-eventarc.googleapis.com  
gcp:projects:Service tta-cloudbilling.googleapis.com  
gcp:cloudrunv2:Service timely-agent  
gcp:projects:IAMMember timely-agent  
gcp:logging:ProjectSink timely-agent  
gcp:projects:Service tta-servicemanagement.googleapis.com  
gcp:eventarc:Trigger timely-agent  
gcp:cloudrunv2:ServiceIamMember timely-agent  [diff: ~name]
gcp:pubsub:TopicIAMMember timely-agent  [diff: ~topic]
gcp:projects:Service tta-iam.googleapis.com  
gcp:projects:Service tta-stackdriver.googleapis.com  
gcp:projects:Service tta-sqladmin.googleapis.com  
gcp:projects:Service tta-cloudresourcemanager.googleapis.com  
gcp:projects:Service tta-clouderrorreporting.googleapis.com  
gcp:projects:Service tta-cloudtrace.googleapis.com  
gcp:projects:Service tta-cloudprofiler.googleapis.com  
gcp:projects:Service tta-run.googleapis.com  
gcp:projects:Service tta-cloudkms.googleapis.com  
gcp:projects:Service tta-cloudbuild.googleapis.com  
@ Previewing update....
gcp:projects:Service tta-cloudfunctions.googleapis.com  
bjerk:project-slack-logger tripletex-time-agent  
gcp:serviceAccount:Account tripletex-time-agent  
gcp:pubsub:Topic tripletex-time-agent  
gcp:cloudrunv2:Service tripletex-time-agent  
gcp:projects:IAMMember tripletex-time-agent  
gcp:logging:ProjectSink tripletex-time-agent  
gcp:eventarc:Trigger tripletex-time-agent  
gcp:cloudrunv2:ServiceIamMember tripletex-time-agent  [diff: ~name]
gcp:pubsub:TopicIAMMember tripletex-time-agent  [diff: ~topic]
pulumi:pulumi:Stack bjerk-core-infra-prod  
Resources:
~ 3 to update
172 unchanged

@braaar braaar merged commit 424b66d into main Jan 10, 2024
2 checks passed
@delete-merged-branch delete-merged-branch bot deleted the pulumi-environment branch January 10, 2024 09:51
braaar added a commit that referenced this pull request Jan 11, 2024
@braaar
Merge branch 'main' into fix-linter
c5c1767 
* main:
  feat: add provider suffix to github provider names (#107)
  fix: don't refresh on push (#106)
  fix: remove unused github token (#105)
  fix: resolve github providers correctly (#104)
  feat: refresh on push to main (#103)
  feat: consume pulumi environment (#99)
  Fix IAMMember creation in bjerk-io.ts
  chore(deps): lock file maintenance
  chore(deps): lock file maintenance
  chore(deps): lock file maintenance
  chore(deps): update actions/checkout action to v4 (#88)
  chore(deps): lock file maintenance
  feat: add cloud run viewer role to develoers (#86)
  feat: add logs viewer role to developers (#85)
  chore(deps): lock file maintenance
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@braaar @bjerk-bot