gcp.cloudbuildv2.Connection
Beta only: The Cloudbuildv2 Connection resource
Example Usage
Ghe
using System.Collections.Generic;
using System.IO;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var private_key_secret = new Gcp.SecretManager.Secret("private-key-secret", new()
{
SecretId = "ghe-pk-secret",
Replication = new Gcp.SecretManager.Inputs.SecretReplicationArgs
{
Automatic = true,
},
}, new CustomResourceOptions
{
Provider = google_beta,
});
var private_key_secret_version = new Gcp.SecretManager.SecretVersion("private-key-secret-version", new()
{
Secret = private_key_secret.Id,
SecretData = File.ReadAllText("private-key.pem"),
}, new CustomResourceOptions
{
Provider = google_beta,
});
var webhook_secret_secret = new Gcp.SecretManager.Secret("webhook-secret-secret", new()
{
SecretId = "github-token-secret",
Replication = new Gcp.SecretManager.Inputs.SecretReplicationArgs
{
Automatic = true,
},
}, new CustomResourceOptions
{
Provider = google_beta,
});
var webhook_secret_secret_version = new Gcp.SecretManager.SecretVersion("webhook-secret-secret-version", new()
{
Secret = webhook_secret_secret.Id,
SecretData = "<webhook-secret-data>",
}, new CustomResourceOptions
{
Provider = google_beta,
});
var p4sa_secretAccessor = Gcp.Organizations.GetIAMPolicy.Invoke(new()
{
Bindings = new[]
{
new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs
{
Role = "roles/secretmanager.secretAccessor",
Members = new[]
{
"serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com",
},
},
},
});
var policy_pk = new Gcp.SecretManager.SecretIamPolicy("policy-pk", new()
{
SecretId = private_key_secret.SecretId,
PolicyData = p4sa_secretAccessor.Apply(p4sa_secretAccessor => p4sa_secretAccessor.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData)),
}, new CustomResourceOptions
{
Provider = google_beta,
});
var policy_whs = new Gcp.SecretManager.SecretIamPolicy("policy-whs", new()
{
SecretId = webhook_secret_secret.SecretId,
PolicyData = p4sa_secretAccessor.Apply(p4sa_secretAccessor => p4sa_secretAccessor.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData)),
}, new CustomResourceOptions
{
Provider = google_beta,
});
var my_connection = new Gcp.CloudBuildV2.Connection("my-connection", new()
{
Location = "us-central1",
GithubEnterpriseConfig = new Gcp.CloudBuildV2.Inputs.ConnectionGithubEnterpriseConfigArgs
{
HostUri = "https://ghe.com",
PrivateKeySecretVersion = private_key_secret_version.Id,
WebhookSecretSecretVersion = webhook_secret_secret_version.Id,
AppId = 200,
AppSlug = "gcb-app",
AppInstallationId = 300,
},
}, new CustomResourceOptions
{
Provider = google_beta,
DependsOn = new[]
{
policy_pk,
policy_whs,
},
});
});
package main
import (
"os"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/cloudbuildv2"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func readFileOrPanic(path string) pulumi.StringPtrInput {
data, err := os.ReadFile(path)
if err != nil {
panic(err.Error())
}
return pulumi.String(string(data))
}
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := secretmanager.NewSecret(ctx, "private-key-secret", &secretmanager.SecretArgs{
SecretId: pulumi.String("ghe-pk-secret"),
Replication: &secretmanager.SecretReplicationArgs{
Automatic: pulumi.Bool(true),
},
}, pulumi.Provider(google_beta))
if err != nil {
return err
}
_, err = secretmanager.NewSecretVersion(ctx, "private-key-secret-version", &secretmanager.SecretVersionArgs{
Secret: private_key_secret.ID(),
SecretData: readFileOrPanic("private-key.pem"),
}, pulumi.Provider(google_beta))
if err != nil {
return err
}
_, err = secretmanager.NewSecret(ctx, "webhook-secret-secret", &secretmanager.SecretArgs{
SecretId: pulumi.String("github-token-secret"),
Replication: &secretmanager.SecretReplicationArgs{
Automatic: pulumi.Bool(true),
},
}, pulumi.Provider(google_beta))
if err != nil {
return err
}
_, err = secretmanager.NewSecretVersion(ctx, "webhook-secret-secret-version", &secretmanager.SecretVersionArgs{
Secret: webhook_secret_secret.ID(),
SecretData: pulumi.String("<webhook-secret-data>"),
}, pulumi.Provider(google_beta))
if err != nil {
return err
}
p4sa_secretAccessor, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
Bindings: []organizations.GetIAMPolicyBinding{
{
Role: "roles/secretmanager.secretAccessor",
Members: []string{
"serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com",
},
},
},
}, nil)
if err != nil {
return err
}
_, err = secretmanager.NewSecretIamPolicy(ctx, "policy-pk", &secretmanager.SecretIamPolicyArgs{
SecretId: private_key_secret.SecretId,
PolicyData: *pulumi.String(p4sa_secretAccessor.PolicyData),
}, pulumi.Provider(google_beta))
if err != nil {
return err
}
_, err = secretmanager.NewSecretIamPolicy(ctx, "policy-whs", &secretmanager.SecretIamPolicyArgs{
SecretId: webhook_secret_secret.SecretId,
PolicyData: *pulumi.String(p4sa_secretAccessor.PolicyData),
}, pulumi.Provider(google_beta))
if err != nil {
return err
}
_, err = cloudbuildv2.NewConnection(ctx, "my-connection", &cloudbuildv2.ConnectionArgs{
Location: pulumi.String("us-central1"),
GithubEnterpriseConfig: &cloudbuildv2.ConnectionGithubEnterpriseConfigArgs{
HostUri: pulumi.String("https://ghe.com"),
PrivateKeySecretVersion: private_key_secret_version.ID(),
WebhookSecretSecretVersion: webhook_secret_secret_version.ID(),
AppId: pulumi.Int(200),
AppSlug: pulumi.String("gcb-app"),
AppInstallationId: pulumi.Int(300),
},
}, pulumi.Provider(google_beta), pulumi.DependsOn([]pulumi.Resource{
policy_pk,
policy_whs,
}))
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.secretmanager.Secret;
import com.pulumi.gcp.secretmanager.SecretArgs;
import com.pulumi.gcp.secretmanager.inputs.SecretReplicationArgs;
import com.pulumi.gcp.secretmanager.SecretVersion;
import com.pulumi.gcp.secretmanager.SecretVersionArgs;
import com.pulumi.gcp.organizations.OrganizationsFunctions;
import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
import com.pulumi.gcp.secretmanager.SecretIamPolicy;
import com.pulumi.gcp.secretmanager.SecretIamPolicyArgs;
import com.pulumi.gcp.cloudbuildv2.Connection;
import com.pulumi.gcp.cloudbuildv2.ConnectionArgs;
import com.pulumi.gcp.cloudbuildv2.inputs.ConnectionGithubEnterpriseConfigArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var private_key_secret = new Secret("private-key-secret", SecretArgs.builder()
.secretId("ghe-pk-secret")
.replication(SecretReplicationArgs.builder()
.automatic(true)
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var private_key_secret_version = new SecretVersion("private-key-secret-version", SecretVersionArgs.builder()
.secret(private_key_secret.id())
.secretData(Files.readString(Paths.get("private-key.pem")))
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var webhook_secret_secret = new Secret("webhook-secret-secret", SecretArgs.builder()
.secretId("github-token-secret")
.replication(SecretReplicationArgs.builder()
.automatic(true)
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var webhook_secret_secret_version = new SecretVersion("webhook-secret-secret-version", SecretVersionArgs.builder()
.secret(webhook_secret_secret.id())
.secretData("<webhook-secret-data>")
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
final var p4sa-secretAccessor = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
.bindings(GetIAMPolicyBindingArgs.builder()
.role("roles/secretmanager.secretAccessor")
.members("serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com")
.build())
.build());
var policy_pk = new SecretIamPolicy("policy-pk", SecretIamPolicyArgs.builder()
.secretId(private_key_secret.secretId())
.policyData(p4sa_secretAccessor.policyData())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var policy_whs = new SecretIamPolicy("policy-whs", SecretIamPolicyArgs.builder()
.secretId(webhook_secret_secret.secretId())
.policyData(p4sa_secretAccessor.policyData())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var my_connection = new Connection("my-connection", ConnectionArgs.builder()
.location("us-central1")
.githubEnterpriseConfig(ConnectionGithubEnterpriseConfigArgs.builder()
.hostUri("https://ghe.com")
.privateKeySecretVersion(private_key_secret_version.id())
.webhookSecretSecretVersion(webhook_secret_secret_version.id())
.appId(200)
.appSlug("gcb-app")
.appInstallationId(300)
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.dependsOn(
policy_pk,
policy_whs)
.build());
}
}
import pulumi
import pulumi_gcp as gcp
private_key_secret = gcp.secretmanager.Secret("private-key-secret",
secret_id="ghe-pk-secret",
replication=gcp.secretmanager.SecretReplicationArgs(
automatic=True,
),
opts=pulumi.ResourceOptions(provider=google_beta))
private_key_secret_version = gcp.secretmanager.SecretVersion("private-key-secret-version",
secret=private_key_secret.id,
secret_data=(lambda path: open(path).read())("private-key.pem"),
opts=pulumi.ResourceOptions(provider=google_beta))
webhook_secret_secret = gcp.secretmanager.Secret("webhook-secret-secret",
secret_id="github-token-secret",
replication=gcp.secretmanager.SecretReplicationArgs(
automatic=True,
),
opts=pulumi.ResourceOptions(provider=google_beta))
webhook_secret_secret_version = gcp.secretmanager.SecretVersion("webhook-secret-secret-version",
secret=webhook_secret_secret.id,
secret_data="<webhook-secret-data>",
opts=pulumi.ResourceOptions(provider=google_beta))
p4sa_secret_accessor = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(
role="roles/secretmanager.secretAccessor",
members=["serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com"],
)])
policy_pk = gcp.secretmanager.SecretIamPolicy("policy-pk",
secret_id=private_key_secret.secret_id,
policy_data=p4sa_secret_accessor.policy_data,
opts=pulumi.ResourceOptions(provider=google_beta))
policy_whs = gcp.secretmanager.SecretIamPolicy("policy-whs",
secret_id=webhook_secret_secret.secret_id,
policy_data=p4sa_secret_accessor.policy_data,
opts=pulumi.ResourceOptions(provider=google_beta))
my_connection = gcp.cloudbuildv2.Connection("my-connection",
location="us-central1",
github_enterprise_config=gcp.cloudbuildv2.ConnectionGithubEnterpriseConfigArgs(
host_uri="https://ghe.com",
private_key_secret_version=private_key_secret_version.id,
webhook_secret_secret_version=webhook_secret_secret_version.id,
app_id=200,
app_slug="gcb-app",
app_installation_id=300,
),
opts=pulumi.ResourceOptions(provider=google_beta,
depends_on=[
policy_pk,
policy_whs,
]))
import * as pulumi from "@pulumi/pulumi";
import * as fs from "fs";
import * as gcp from "@pulumi/gcp";
const private_key_secret = new gcp.secretmanager.Secret("private-key-secret", {
secretId: "ghe-pk-secret",
replication: {
automatic: true,
},
}, {
provider: google_beta,
});
const private_key_secret_version = new gcp.secretmanager.SecretVersion("private-key-secret-version", {
secret: private_key_secret.id,
secretData: fs.readFileSync("private-key.pem"),
}, {
provider: google_beta,
});
const webhook_secret_secret = new gcp.secretmanager.Secret("webhook-secret-secret", {
secretId: "github-token-secret",
replication: {
automatic: true,
},
}, {
provider: google_beta,
});
const webhook_secret_secret_version = new gcp.secretmanager.SecretVersion("webhook-secret-secret-version", {
secret: webhook_secret_secret.id,
secretData: "<webhook-secret-data>",
}, {
provider: google_beta,
});
const p4sa-secretAccessor = gcp.organizations.getIAMPolicy({
bindings: [{
role: "roles/secretmanager.secretAccessor",
members: ["serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com"],
}],
});
const policy_pk = new gcp.secretmanager.SecretIamPolicy("policy-pk", {
secretId: private_key_secret.secretId,
policyData: p4sa_secretAccessor.then(p4sa_secretAccessor => p4sa_secretAccessor.policyData),
}, {
provider: google_beta,
});
const policy_whs = new gcp.secretmanager.SecretIamPolicy("policy-whs", {
secretId: webhook_secret_secret.secretId,
policyData: p4sa_secretAccessor.then(p4sa_secretAccessor => p4sa_secretAccessor.policyData),
}, {
provider: google_beta,
});
const my_connection = new gcp.cloudbuildv2.Connection("my-connection", {
location: "us-central1",
githubEnterpriseConfig: {
hostUri: "https://ghe.com",
privateKeySecretVersion: private_key_secret_version.id,
webhookSecretSecretVersion: webhook_secret_secret_version.id,
appId: 200,
appSlug: "gcb-app",
appInstallationId: 300,
},
}, {
provider: google_beta,
dependsOn: [
policy_pk,
policy_whs,
],
});
resources:
private-key-secret:
type: gcp:secretmanager:Secret
properties:
secretId: ghe-pk-secret
replication:
automatic: true
options:
provider: ${["google-beta"]}
private-key-secret-version:
type: gcp:secretmanager:SecretVersion
properties:
secret: ${["private-key-secret"].id}
secretData:
fn::readFile: private-key.pem
options:
provider: ${["google-beta"]}
webhook-secret-secret:
type: gcp:secretmanager:Secret
properties:
secretId: github-token-secret
replication:
automatic: true
options:
provider: ${["google-beta"]}
webhook-secret-secret-version:
type: gcp:secretmanager:SecretVersion
properties:
secret: ${["webhook-secret-secret"].id}
secretData: <webhook-secret-data>
options:
provider: ${["google-beta"]}
policy-pk:
type: gcp:secretmanager:SecretIamPolicy
properties:
secretId: ${["private-key-secret"].secretId}
policyData: ${["p4sa-secretAccessor"].policyData}
options:
provider: ${["google-beta"]}
policy-whs:
type: gcp:secretmanager:SecretIamPolicy
properties:
secretId: ${["webhook-secret-secret"].secretId}
policyData: ${["p4sa-secretAccessor"].policyData}
options:
provider: ${["google-beta"]}
my-connection:
type: gcp:cloudbuildv2:Connection
properties:
location: us-central1
githubEnterpriseConfig:
hostUri: https://ghe.com
privateKeySecretVersion: ${["private-key-secret-version"].id}
webhookSecretSecretVersion: ${["webhook-secret-secret-version"].id}
appId: 200
appSlug: gcb-app
appInstallationId: 300
options:
provider: ${["google-beta"]}
dependson:
- ${["policy-pk"]}
- ${["policy-whs"]}
variables:
p4sa-secretAccessor:
fn::invoke:
Function: gcp:organizations:getIAMPolicy
Arguments:
bindings:
- role: roles/secretmanager.secretAccessor
members:
- serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com
GitHub Connection
using System.Collections.Generic;
using System.IO;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var github_token_secret = new Gcp.SecretManager.Secret("github-token-secret", new()
{
SecretId = "github-token-secret",
Replication = new Gcp.SecretManager.Inputs.SecretReplicationArgs
{
Automatic = true,
},
}, new CustomResourceOptions
{
Provider = google_beta,
});
var github_token_secret_version = new Gcp.SecretManager.SecretVersion("github-token-secret-version", new()
{
Secret = github_token_secret.Id,
SecretData = File.ReadAllText("my-github-token.txt"),
}, new CustomResourceOptions
{
Provider = google_beta,
});
var p4sa_secretAccessor = Gcp.Organizations.GetIAMPolicy.Invoke(new()
{
Bindings = new[]
{
new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs
{
Role = "roles/secretmanager.secretAccessor",
Members = new[]
{
"serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com",
},
},
},
});
var policy = new Gcp.SecretManager.SecretIamPolicy("policy", new()
{
SecretId = github_token_secret.SecretId,
PolicyData = p4sa_secretAccessor.Apply(p4sa_secretAccessor => p4sa_secretAccessor.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData)),
}, new CustomResourceOptions
{
Provider = google_beta,
});
var my_connection = new Gcp.CloudBuildV2.Connection("my-connection", new()
{
Location = "us-west1",
GithubConfig = new Gcp.CloudBuildV2.Inputs.ConnectionGithubConfigArgs
{
AppInstallationId = 123123,
AuthorizerCredential = new Gcp.CloudBuildV2.Inputs.ConnectionGithubConfigAuthorizerCredentialArgs
{
OauthTokenSecretVersion = github_token_secret_version.Id,
},
},
}, new CustomResourceOptions
{
Provider = google_beta,
});
});
package main
import (
"os"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/cloudbuildv2"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func readFileOrPanic(path string) pulumi.StringPtrInput {
data, err := os.ReadFile(path)
if err != nil {
panic(err.Error())
}
return pulumi.String(string(data))
}
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := secretmanager.NewSecret(ctx, "github-token-secret", &secretmanager.SecretArgs{
SecretId: pulumi.String("github-token-secret"),
Replication: &secretmanager.SecretReplicationArgs{
Automatic: pulumi.Bool(true),
},
}, pulumi.Provider(google_beta))
if err != nil {
return err
}
_, err = secretmanager.NewSecretVersion(ctx, "github-token-secret-version", &secretmanager.SecretVersionArgs{
Secret: github_token_secret.ID(),
SecretData: readFileOrPanic("my-github-token.txt"),
}, pulumi.Provider(google_beta))
if err != nil {
return err
}
p4sa_secretAccessor, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
Bindings: []organizations.GetIAMPolicyBinding{
{
Role: "roles/secretmanager.secretAccessor",
Members: []string{
"serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com",
},
},
},
}, nil)
if err != nil {
return err
}
_, err = secretmanager.NewSecretIamPolicy(ctx, "policy", &secretmanager.SecretIamPolicyArgs{
SecretId: github_token_secret.SecretId,
PolicyData: *pulumi.String(p4sa_secretAccessor.PolicyData),
}, pulumi.Provider(google_beta))
if err != nil {
return err
}
_, err = cloudbuildv2.NewConnection(ctx, "my-connection", &cloudbuildv2.ConnectionArgs{
Location: pulumi.String("us-west1"),
GithubConfig: &cloudbuildv2.ConnectionGithubConfigArgs{
AppInstallationId: pulumi.Int(123123),
AuthorizerCredential: &cloudbuildv2.ConnectionGithubConfigAuthorizerCredentialArgs{
OauthTokenSecretVersion: github_token_secret_version.ID(),
},
},
}, pulumi.Provider(google_beta))
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.secretmanager.Secret;
import com.pulumi.gcp.secretmanager.SecretArgs;
import com.pulumi.gcp.secretmanager.inputs.SecretReplicationArgs;
import com.pulumi.gcp.secretmanager.SecretVersion;
import com.pulumi.gcp.secretmanager.SecretVersionArgs;
import com.pulumi.gcp.organizations.OrganizationsFunctions;
import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
import com.pulumi.gcp.secretmanager.SecretIamPolicy;
import com.pulumi.gcp.secretmanager.SecretIamPolicyArgs;
import com.pulumi.gcp.cloudbuildv2.Connection;
import com.pulumi.gcp.cloudbuildv2.ConnectionArgs;
import com.pulumi.gcp.cloudbuildv2.inputs.ConnectionGithubConfigArgs;
import com.pulumi.gcp.cloudbuildv2.inputs.ConnectionGithubConfigAuthorizerCredentialArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var github_token_secret = new Secret("github-token-secret", SecretArgs.builder()
.secretId("github-token-secret")
.replication(SecretReplicationArgs.builder()
.automatic(true)
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var github_token_secret_version = new SecretVersion("github-token-secret-version", SecretVersionArgs.builder()
.secret(github_token_secret.id())
.secretData(Files.readString(Paths.get("my-github-token.txt")))
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
final var p4sa-secretAccessor = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
.bindings(GetIAMPolicyBindingArgs.builder()
.role("roles/secretmanager.secretAccessor")
.members("serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com")
.build())
.build());
var policy = new SecretIamPolicy("policy", SecretIamPolicyArgs.builder()
.secretId(github_token_secret.secretId())
.policyData(p4sa_secretAccessor.policyData())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var my_connection = new Connection("my-connection", ConnectionArgs.builder()
.location("us-west1")
.githubConfig(ConnectionGithubConfigArgs.builder()
.appInstallationId(123123)
.authorizerCredential(ConnectionGithubConfigAuthorizerCredentialArgs.builder()
.oauthTokenSecretVersion(github_token_secret_version.id())
.build())
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}
import pulumi
import pulumi_gcp as gcp
github_token_secret = gcp.secretmanager.Secret("github-token-secret",
secret_id="github-token-secret",
replication=gcp.secretmanager.SecretReplicationArgs(
automatic=True,
),
opts=pulumi.ResourceOptions(provider=google_beta))
github_token_secret_version = gcp.secretmanager.SecretVersion("github-token-secret-version",
secret=github_token_secret.id,
secret_data=(lambda path: open(path).read())("my-github-token.txt"),
opts=pulumi.ResourceOptions(provider=google_beta))
p4sa_secret_accessor = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(
role="roles/secretmanager.secretAccessor",
members=["serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com"],
)])
policy = gcp.secretmanager.SecretIamPolicy("policy",
secret_id=github_token_secret.secret_id,
policy_data=p4sa_secret_accessor.policy_data,
opts=pulumi.ResourceOptions(provider=google_beta))
my_connection = gcp.cloudbuildv2.Connection("my-connection",
location="us-west1",
github_config=gcp.cloudbuildv2.ConnectionGithubConfigArgs(
app_installation_id=123123,
authorizer_credential=gcp.cloudbuildv2.ConnectionGithubConfigAuthorizerCredentialArgs(
oauth_token_secret_version=github_token_secret_version.id,
),
),
opts=pulumi.ResourceOptions(provider=google_beta))
import * as pulumi from "@pulumi/pulumi";
import * as fs from "fs";
import * as gcp from "@pulumi/gcp";
const github_token_secret = new gcp.secretmanager.Secret("github-token-secret", {
secretId: "github-token-secret",
replication: {
automatic: true,
},
}, {
provider: google_beta,
});
const github_token_secret_version = new gcp.secretmanager.SecretVersion("github-token-secret-version", {
secret: github_token_secret.id,
secretData: fs.readFileSync("my-github-token.txt"),
}, {
provider: google_beta,
});
const p4sa-secretAccessor = gcp.organizations.getIAMPolicy({
bindings: [{
role: "roles/secretmanager.secretAccessor",
members: ["serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com"],
}],
});
const policy = new gcp.secretmanager.SecretIamPolicy("policy", {
secretId: github_token_secret.secretId,
policyData: p4sa_secretAccessor.then(p4sa_secretAccessor => p4sa_secretAccessor.policyData),
}, {
provider: google_beta,
});
const my_connection = new gcp.cloudbuildv2.Connection("my-connection", {
location: "us-west1",
githubConfig: {
appInstallationId: 123123,
authorizerCredential: {
oauthTokenSecretVersion: github_token_secret_version.id,
},
},
}, {
provider: google_beta,
});
resources:
github-token-secret:
type: gcp:secretmanager:Secret
properties:
secretId: github-token-secret
replication:
automatic: true
options:
provider: ${["google-beta"]}
github-token-secret-version:
type: gcp:secretmanager:SecretVersion
properties:
secret: ${["github-token-secret"].id}
secretData:
fn::readFile: my-github-token.txt
options:
provider: ${["google-beta"]}
policy:
type: gcp:secretmanager:SecretIamPolicy
properties:
secretId: ${["github-token-secret"].secretId}
policyData: ${["p4sa-secretAccessor"].policyData}
options:
provider: ${["google-beta"]}
my-connection:
type: gcp:cloudbuildv2:Connection
properties:
location: us-west1
githubConfig:
appInstallationId: 123123
authorizerCredential:
oauthTokenSecretVersion: ${["github-token-secret-version"].id}
options:
provider: ${["google-beta"]}
variables:
p4sa-secretAccessor:
fn::invoke:
Function: gcp:organizations:getIAMPolicy
Arguments:
bindings:
- role: roles/secretmanager.secretAccessor
members:
- serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com
Create Connection Resource
new Connection(name: string, args: ConnectionArgs, opts?: CustomResourceOptions);@overload
def Connection(resource_name: str,
opts: Optional[ResourceOptions] = None,
annotations: Optional[Mapping[str, str]] = None,
disabled: Optional[bool] = None,
github_config: Optional[ConnectionGithubConfigArgs] = None,
github_enterprise_config: Optional[ConnectionGithubEnterpriseConfigArgs] = None,
location: Optional[str] = None,
name: Optional[str] = None,
project: Optional[str] = None)
@overload
def Connection(resource_name: str,
args: ConnectionArgs,
opts: Optional[ResourceOptions] = None)func NewConnection(ctx *Context, name string, args ConnectionArgs, opts ...ResourceOption) (*Connection, error)public Connection(string name, ConnectionArgs args, CustomResourceOptions? opts = null)
public Connection(String name, ConnectionArgs args)
public Connection(String name, ConnectionArgs args, CustomResourceOptions options)
type: gcp:cloudbuildv2:Connection
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ConnectionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ConnectionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ConnectionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ConnectionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ConnectionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Connection Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Connection resource accepts the following input properties:
- Location string
The location for the resource
- Annotations Dictionary<string, string>
Allows clients to store small amounts of arbitrary data.
- Disabled bool
If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.
- Github
Config ConnectionGithub Config Args Configuration for connections to github.com.
- Github
Enterprise ConnectionConfig Github Enterprise Config Args Configuration for connections to an instance of GitHub Enterprise.
- Name string
Immutable. The resource name of the connection, in the format
projects/{project}/locations/{location}/connections/{connection_id}.- Project string
The project for the resource
- Location string
The location for the resource
- Annotations map[string]string
Allows clients to store small amounts of arbitrary data.
- Disabled bool
If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.
- Github
Config ConnectionGithub Config Args Configuration for connections to github.com.
- Github
Enterprise ConnectionConfig Github Enterprise Config Args Configuration for connections to an instance of GitHub Enterprise.
- Name string
Immutable. The resource name of the connection, in the format
projects/{project}/locations/{location}/connections/{connection_id}.- Project string
The project for the resource
- location String
The location for the resource
- annotations Map<String,String>
Allows clients to store small amounts of arbitrary data.
- disabled Boolean
If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.
- github
Config ConnectionGithub Config Args Configuration for connections to github.com.
- github
Enterprise ConnectionConfig Github Enterprise Config Args Configuration for connections to an instance of GitHub Enterprise.
- name String
Immutable. The resource name of the connection, in the format
projects/{project}/locations/{location}/connections/{connection_id}.- project String
The project for the resource
- location string
The location for the resource
- annotations {[key: string]: string}
Allows clients to store small amounts of arbitrary data.
- disabled boolean
If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.
- github
Config ConnectionGithub Config Args Configuration for connections to github.com.
- github
Enterprise ConnectionConfig Github Enterprise Config Args Configuration for connections to an instance of GitHub Enterprise.
- name string
Immutable. The resource name of the connection, in the format
projects/{project}/locations/{location}/connections/{connection_id}.- project string
The project for the resource
- location str
The location for the resource
- annotations Mapping[str, str]
Allows clients to store small amounts of arbitrary data.
- disabled bool
If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.
- github_
config ConnectionGithub Config Args Configuration for connections to github.com.
- github_
enterprise_ Connectionconfig Github Enterprise Config Args Configuration for connections to an instance of GitHub Enterprise.
- name str
Immutable. The resource name of the connection, in the format
projects/{project}/locations/{location}/connections/{connection_id}.- project str
The project for the resource
- location String
The location for the resource
- annotations Map<String>
Allows clients to store small amounts of arbitrary data.
- disabled Boolean
If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.
- github
Config Property Map Configuration for connections to github.com.
- github
Enterprise Property MapConfig Configuration for connections to an instance of GitHub Enterprise.
- name String
Immutable. The resource name of the connection, in the format
projects/{project}/locations/{location}/connections/{connection_id}.- project String
The project for the resource
Outputs
All input properties are implicitly available as output properties. Additionally, the Connection resource produces the following output properties:
- Create
Time string Output only. Server assigned timestamp for when the connection was created.
- Etag string
This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- Id string
The provider-assigned unique ID for this managed resource.
- Installation
States List<ConnectionInstallation State> Output only. Installation state of the Connection.
- Reconciling bool
Output only. Set to true when the connection is being set up or updated in the background.
- Update
Time string Output only. Server assigned timestamp for when the connection was updated.
- Create
Time string Output only. Server assigned timestamp for when the connection was created.
- Etag string
This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- Id string
The provider-assigned unique ID for this managed resource.
- Installation
States []ConnectionInstallation State Output only. Installation state of the Connection.
- Reconciling bool
Output only. Set to true when the connection is being set up or updated in the background.
- Update
Time string Output only. Server assigned timestamp for when the connection was updated.
- create
Time String Output only. Server assigned timestamp for when the connection was created.
- etag String
This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- id String
The provider-assigned unique ID for this managed resource.
- installation
States List<ConnectionInstallation State> Output only. Installation state of the Connection.
- reconciling Boolean
Output only. Set to true when the connection is being set up or updated in the background.
- update
Time String Output only. Server assigned timestamp for when the connection was updated.
- create
Time string Output only. Server assigned timestamp for when the connection was created.
- etag string
This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- id string
The provider-assigned unique ID for this managed resource.
- installation
States ConnectionInstallation State[] Output only. Installation state of the Connection.
- reconciling boolean
Output only. Set to true when the connection is being set up or updated in the background.
- update
Time string Output only. Server assigned timestamp for when the connection was updated.
- create_
time str Output only. Server assigned timestamp for when the connection was created.
- etag str
This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- id str
The provider-assigned unique ID for this managed resource.
- installation_
states Sequence[ConnectionInstallation State] Output only. Installation state of the Connection.
- reconciling bool
Output only. Set to true when the connection is being set up or updated in the background.
- update_
time str Output only. Server assigned timestamp for when the connection was updated.
- create
Time String Output only. Server assigned timestamp for when the connection was created.
- etag String
This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- id String
The provider-assigned unique ID for this managed resource.
- installation
States List<Property Map> Output only. Installation state of the Connection.
- reconciling Boolean
Output only. Set to true when the connection is being set up or updated in the background.
- update
Time String Output only. Server assigned timestamp for when the connection was updated.
Look up Existing Connection Resource
Get an existing Connection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ConnectionState, opts?: CustomResourceOptions): Connection@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
annotations: Optional[Mapping[str, str]] = None,
create_time: Optional[str] = None,
disabled: Optional[bool] = None,
etag: Optional[str] = None,
github_config: Optional[ConnectionGithubConfigArgs] = None,
github_enterprise_config: Optional[ConnectionGithubEnterpriseConfigArgs] = None,
installation_states: Optional[Sequence[ConnectionInstallationStateArgs]] = None,
location: Optional[str] = None,
name: Optional[str] = None,
project: Optional[str] = None,
reconciling: Optional[bool] = None,
update_time: Optional[str] = None) -> Connectionfunc GetConnection(ctx *Context, name string, id IDInput, state *ConnectionState, opts ...ResourceOption) (*Connection, error)public static Connection Get(string name, Input<string> id, ConnectionState? state, CustomResourceOptions? opts = null)public static Connection get(String name, Output<String> id, ConnectionState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Annotations Dictionary<string, string>
Allows clients to store small amounts of arbitrary data.
- Create
Time string Output only. Server assigned timestamp for when the connection was created.
- Disabled bool
If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.
- Etag string
This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- Github
Config ConnectionGithub Config Args Configuration for connections to github.com.
- Github
Enterprise ConnectionConfig Github Enterprise Config Args Configuration for connections to an instance of GitHub Enterprise.
- Installation
States List<ConnectionInstallation State Args> Output only. Installation state of the Connection.
- Location string
The location for the resource
- Name string
Immutable. The resource name of the connection, in the format
projects/{project}/locations/{location}/connections/{connection_id}.- Project string
The project for the resource
- Reconciling bool
Output only. Set to true when the connection is being set up or updated in the background.
- Update
Time string Output only. Server assigned timestamp for when the connection was updated.
- Annotations map[string]string
Allows clients to store small amounts of arbitrary data.
- Create
Time string Output only. Server assigned timestamp for when the connection was created.
- Disabled bool
If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.
- Etag string
This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- Github
Config ConnectionGithub Config Args Configuration for connections to github.com.
- Github
Enterprise ConnectionConfig Github Enterprise Config Args Configuration for connections to an instance of GitHub Enterprise.
- Installation
States []ConnectionInstallation State Args Output only. Installation state of the Connection.
- Location string
The location for the resource
- Name string
Immutable. The resource name of the connection, in the format
projects/{project}/locations/{location}/connections/{connection_id}.- Project string
The project for the resource
- Reconciling bool
Output only. Set to true when the connection is being set up or updated in the background.
- Update
Time string Output only. Server assigned timestamp for when the connection was updated.
- annotations Map<String,String>
Allows clients to store small amounts of arbitrary data.
- create
Time String Output only. Server assigned timestamp for when the connection was created.
- disabled Boolean
If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.
- etag String
This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- github
Config ConnectionGithub Config Args Configuration for connections to github.com.
- github
Enterprise ConnectionConfig Github Enterprise Config Args Configuration for connections to an instance of GitHub Enterprise.
- installation
States List<ConnectionInstallation State Args> Output only. Installation state of the Connection.
- location String
The location for the resource
- name String
Immutable. The resource name of the connection, in the format
projects/{project}/locations/{location}/connections/{connection_id}.- project String
The project for the resource
- reconciling Boolean
Output only. Set to true when the connection is being set up or updated in the background.
- update
Time String Output only. Server assigned timestamp for when the connection was updated.
- annotations {[key: string]: string}
Allows clients to store small amounts of arbitrary data.
- create
Time string Output only. Server assigned timestamp for when the connection was created.
- disabled boolean
If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.
- etag string
This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- github
Config ConnectionGithub Config Args Configuration for connections to github.com.
- github
Enterprise ConnectionConfig Github Enterprise Config Args Configuration for connections to an instance of GitHub Enterprise.
- installation
States ConnectionInstallation State Args[] Output only. Installation state of the Connection.
- location string
The location for the resource
- name string
Immutable. The resource name of the connection, in the format
projects/{project}/locations/{location}/connections/{connection_id}.- project string
The project for the resource
- reconciling boolean
Output only. Set to true when the connection is being set up or updated in the background.
- update
Time string Output only. Server assigned timestamp for when the connection was updated.
- annotations Mapping[str, str]
Allows clients to store small amounts of arbitrary data.
- create_
time str Output only. Server assigned timestamp for when the connection was created.
- disabled bool
If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.
- etag str
This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- github_
config ConnectionGithub Config Args Configuration for connections to github.com.
- github_
enterprise_ Connectionconfig Github Enterprise Config Args Configuration for connections to an instance of GitHub Enterprise.
- installation_
states Sequence[ConnectionInstallation State Args] Output only. Installation state of the Connection.
- location str
The location for the resource
- name str
Immutable. The resource name of the connection, in the format
projects/{project}/locations/{location}/connections/{connection_id}.- project str
The project for the resource
- reconciling bool
Output only. Set to true when the connection is being set up or updated in the background.
- update_
time str Output only. Server assigned timestamp for when the connection was updated.
- annotations Map<String>
Allows clients to store small amounts of arbitrary data.
- create
Time String Output only. Server assigned timestamp for when the connection was created.
- disabled Boolean
If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.
- etag String
This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
- github
Config Property Map Configuration for connections to github.com.
- github
Enterprise Property MapConfig Configuration for connections to an instance of GitHub Enterprise.
- installation
States List<Property Map> Output only. Installation state of the Connection.
- location String
The location for the resource
- name String
Immutable. The resource name of the connection, in the format
projects/{project}/locations/{location}/connections/{connection_id}.- project String
The project for the resource
- reconciling Boolean
Output only. Set to true when the connection is being set up or updated in the background.
- update
Time String Output only. Server assigned timestamp for when the connection was updated.
Supporting Types
ConnectionGithubConfig
- App
Installation intId GitHub App installation id.
-
Connection
Github Config Authorizer Credential OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App.
- App
Installation intId GitHub App installation id.
-
Connection
Github Config Authorizer Credential OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App.
- app
Installation IntegerId GitHub App installation id.
-
Connection
Github Config Authorizer Credential OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App.
- app
Installation numberId GitHub App installation id.
-
Connection
Github Config Authorizer Credential OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App.
- app_
installation_ intid GitHub App installation id.
-
Connection
Github Config Authorizer Credential OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App.
- app
Installation NumberId GitHub App installation id.
- Property Map
OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App.
ConnectionGithubConfigAuthorizerCredential
- Oauth
Token stringSecret Version A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format:
projects/*/secrets/*/versions/*.- Username string
The username associated to this token.
- Oauth
Token stringSecret Version A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format:
projects/*/secrets/*/versions/*.- Username string
The username associated to this token.
- oauth
Token StringSecret Version A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format:
projects/*/secrets/*/versions/*.- username String
The username associated to this token.
- oauth
Token stringSecret Version A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format:
projects/*/secrets/*/versions/*.- username string
The username associated to this token.
- oauth_
token_ strsecret_ version A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format:
projects/*/secrets/*/versions/*.- username str
The username associated to this token.
- oauth
Token StringSecret Version A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format:
projects/*/secrets/*/versions/*.- username String
The username associated to this token.
ConnectionGithubEnterpriseConfig
- Host
Uri string Required. The URI of the GitHub Enterprise host this connection is for.
- App
Id int Id of the GitHub App created from the manifest.
- App
Installation intId ID of the installation of the GitHub App.
- App
Slug string The URL-friendly name of the GitHub App.
- Private
Key stringSecret Version SecretManager resource containing the private key of the GitHub App, formatted as
projects/*/secrets/*/versions/*.- Service
Directory ConnectionConfig Github Enterprise Config Service Directory Config Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet.
- Ssl
Ca string SSL certificate to use for requests to GitHub Enterprise.
- Webhook
Secret stringSecret Version SecretManager resource containing the webhook secret of the GitHub App, formatted as
projects/*/secrets/*/versions/*.
- Host
Uri string Required. The URI of the GitHub Enterprise host this connection is for.
- App
Id int Id of the GitHub App created from the manifest.
- App
Installation intId ID of the installation of the GitHub App.
- App
Slug string The URL-friendly name of the GitHub App.
- Private
Key stringSecret Version SecretManager resource containing the private key of the GitHub App, formatted as
projects/*/secrets/*/versions/*.- Service
Directory ConnectionConfig Github Enterprise Config Service Directory Config Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet.
- Ssl
Ca string SSL certificate to use for requests to GitHub Enterprise.
- Webhook
Secret stringSecret Version SecretManager resource containing the webhook secret of the GitHub App, formatted as
projects/*/secrets/*/versions/*.
- host
Uri String Required. The URI of the GitHub Enterprise host this connection is for.
- app
Id Integer Id of the GitHub App created from the manifest.
- app
Installation IntegerId ID of the installation of the GitHub App.
- app
Slug String The URL-friendly name of the GitHub App.
- private
Key StringSecret Version SecretManager resource containing the private key of the GitHub App, formatted as
projects/*/secrets/*/versions/*.- service
Directory ConnectionConfig Github Enterprise Config Service Directory Config Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet.
- ssl
Ca String SSL certificate to use for requests to GitHub Enterprise.
- webhook
Secret StringSecret Version SecretManager resource containing the webhook secret of the GitHub App, formatted as
projects/*/secrets/*/versions/*.
- host
Uri string Required. The URI of the GitHub Enterprise host this connection is for.
- app
Id number Id of the GitHub App created from the manifest.
- app
Installation numberId ID of the installation of the GitHub App.
- app
Slug string The URL-friendly name of the GitHub App.
- private
Key stringSecret Version SecretManager resource containing the private key of the GitHub App, formatted as
projects/*/secrets/*/versions/*.- service
Directory ConnectionConfig Github Enterprise Config Service Directory Config Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet.
- ssl
Ca string SSL certificate to use for requests to GitHub Enterprise.
- webhook
Secret stringSecret Version SecretManager resource containing the webhook secret of the GitHub App, formatted as
projects/*/secrets/*/versions/*.
- host_
uri str Required. The URI of the GitHub Enterprise host this connection is for.
- app_
id int Id of the GitHub App created from the manifest.
- app_
installation_ intid ID of the installation of the GitHub App.
- app_
slug str The URL-friendly name of the GitHub App.
- private_
key_ strsecret_ version SecretManager resource containing the private key of the GitHub App, formatted as
projects/*/secrets/*/versions/*.- service_
directory_ Connectionconfig Github Enterprise Config Service Directory Config Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet.
- ssl_
ca str SSL certificate to use for requests to GitHub Enterprise.
- webhook_
secret_ strsecret_ version SecretManager resource containing the webhook secret of the GitHub App, formatted as
projects/*/secrets/*/versions/*.
- host
Uri String Required. The URI of the GitHub Enterprise host this connection is for.
- app
Id Number Id of the GitHub App created from the manifest.
- app
Installation NumberId ID of the installation of the GitHub App.
- app
Slug String The URL-friendly name of the GitHub App.
- private
Key StringSecret Version SecretManager resource containing the private key of the GitHub App, formatted as
projects/*/secrets/*/versions/*.- service
Directory Property MapConfig Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet.
- ssl
Ca String SSL certificate to use for requests to GitHub Enterprise.
- webhook
Secret StringSecret Version SecretManager resource containing the webhook secret of the GitHub App, formatted as
projects/*/secrets/*/versions/*.
ConnectionGithubEnterpriseConfigServiceDirectoryConfig
- Service string
Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.
- Service string
Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.
- service String
Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.
- service string
Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.
- service str
Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.
- service String
Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.
ConnectionInstallationState
- action_
uri str - message str
- stage str
Import
Connection can be imported using any of these accepted formats
$ pulumi import gcp:cloudbuildv2/connection:Connection default projects/{{project}}/locations/{{location}}/connections/{{name}}
$ pulumi import gcp:cloudbuildv2/connection:Connection default {{project}}/{{location}}/{{name}}
$ pulumi import gcp:cloudbuildv2/connection:Connection default {{location}}/{{name}}
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
google-betaTerraform Provider.