From d3c71f3239aa8091bcb5a097090314362d034596 Mon Sep 17 00:00:00 2001
From: Mark van Holsteijn <mark.van.holsteijn@gmail.com>
Date: Tue, 9 Nov 2021 20:53:16 +0100
Subject: [PATCH] add: sample terraform template to deploy cru as a service

---
 .gitignore           |  1 +
 terraform/.gitignore |  2 ++
 terraform/main.tf    | 48 ++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 51 insertions(+)
 create mode 100644 terraform/.gitignore
 create mode 100644 terraform/main.tf

diff --git a/.gitignore b/.gitignore
index 4bea1cd..7b55046 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,5 @@
 *.iml
+.terraform/
 .idea/
 cru
 x/
diff --git a/terraform/.gitignore b/terraform/.gitignore
new file mode 100644
index 0000000..5ba7075
--- /dev/null
+++ b/terraform/.gitignore
@@ -0,0 +1,2 @@
+terraform.tfstate*
+.terraform.lock.hcl
diff --git a/terraform/main.tf b/terraform/main.tf
new file mode 100644
index 0000000..707b93c
--- /dev/null
+++ b/terraform/main.tf
@@ -0,0 +1,48 @@
+resource "google_cloud_run_service" "container_reference_updater" {
+  name     = "container-reference-updater"
+  location = "us-central1"
+  project  = data.google_client_config.current.project
+
+  template {
+    spec {
+      container_concurrency = 1
+      service_account_name  = google_service_account.container_reference_updater.email
+      containers {
+        image = "gcr.io/binx-io-public/cru:0.9.0"
+        args = [
+          "serve",
+          "--repository",
+          "https://source.developers.google.com/p/speeltuin-mvanholsteijn/r/scratch",
+          "--branch",
+          "main",
+        ]
+      }
+    }
+  }
+  timeouts {
+    create = "10m"
+  }
+}
+
+resource "google_cloud_run_service_iam_binding" "container_reference_updater_invokers" {
+  service = google_cloud_run_service.container_reference_updater.name
+  location = google_cloud_run_service.container_reference_updater.location
+  project = google_cloud_run_service.container_reference_updater.project
+  role = "roles/run.invoker"
+  members = [
+    "allUsers"
+  ]
+}
+
+resource "google_service_account" "container_reference_updater" {
+  display_name = "Container image reference updater"
+  account_id   = "container-reference-updater"
+}
+
+resource "google_project_iam_member" "cru_source_code_repository_writer" {
+  member = format("serviceAccount:%s", google_service_account.container_reference_updater.email)
+  role   = "roles/source.writer"
+  project = data.google_client_config.current.project
+}
+
+data google_client_config current {}