gcp logo
Google Cloud Classic v6.52.0, Mar 22 23

gcp.cloudbuildv2.Connection

Beta only: The Cloudbuildv2 Connection resource

Example Usage

Ghe

using System.Collections.Generic;
using System.IO;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var private_key_secret = new Gcp.SecretManager.Secret("private-key-secret", new()
    {
        SecretId = "ghe-pk-secret",
        Replication = new Gcp.SecretManager.Inputs.SecretReplicationArgs
        {
            Automatic = true,
        },
    }, new CustomResourceOptions
    {
        Provider = google_beta,
    });

    var private_key_secret_version = new Gcp.SecretManager.SecretVersion("private-key-secret-version", new()
    {
        Secret = private_key_secret.Id,
        SecretData = File.ReadAllText("private-key.pem"),
    }, new CustomResourceOptions
    {
        Provider = google_beta,
    });

    var webhook_secret_secret = new Gcp.SecretManager.Secret("webhook-secret-secret", new()
    {
        SecretId = "github-token-secret",
        Replication = new Gcp.SecretManager.Inputs.SecretReplicationArgs
        {
            Automatic = true,
        },
    }, new CustomResourceOptions
    {
        Provider = google_beta,
    });

    var webhook_secret_secret_version = new Gcp.SecretManager.SecretVersion("webhook-secret-secret-version", new()
    {
        Secret = webhook_secret_secret.Id,
        SecretData = "<webhook-secret-data>",
    }, new CustomResourceOptions
    {
        Provider = google_beta,
    });

    var p4sa_secretAccessor = Gcp.Organizations.GetIAMPolicy.Invoke(new()
    {
        Bindings = new[]
        {
            new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs
            {
                Role = "roles/secretmanager.secretAccessor",
                Members = new[]
                {
                    "serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com",
                },
            },
        },
    });

    var policy_pk = new Gcp.SecretManager.SecretIamPolicy("policy-pk", new()
    {
        SecretId = private_key_secret.SecretId,
        PolicyData = p4sa_secretAccessor.Apply(p4sa_secretAccessor => p4sa_secretAccessor.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData)),
    }, new CustomResourceOptions
    {
        Provider = google_beta,
    });

    var policy_whs = new Gcp.SecretManager.SecretIamPolicy("policy-whs", new()
    {
        SecretId = webhook_secret_secret.SecretId,
        PolicyData = p4sa_secretAccessor.Apply(p4sa_secretAccessor => p4sa_secretAccessor.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData)),
    }, new CustomResourceOptions
    {
        Provider = google_beta,
    });

    var my_connection = new Gcp.CloudBuildV2.Connection("my-connection", new()
    {
        Location = "us-central1",
        GithubEnterpriseConfig = new Gcp.CloudBuildV2.Inputs.ConnectionGithubEnterpriseConfigArgs
        {
            HostUri = "https://ghe.com",
            PrivateKeySecretVersion = private_key_secret_version.Id,
            WebhookSecretSecretVersion = webhook_secret_secret_version.Id,
            AppId = 200,
            AppSlug = "gcb-app",
            AppInstallationId = 300,
        },
    }, new CustomResourceOptions
    {
        Provider = google_beta,
        DependsOn = new[]
        {
            policy_pk,
            policy_whs,
        },
    });

});
package main

import (
	"os"

	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/cloudbuildv2"
	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := os.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecret(ctx, "private-key-secret", &secretmanager.SecretArgs{
			SecretId: pulumi.String("ghe-pk-secret"),
			Replication: &secretmanager.SecretReplicationArgs{
				Automatic: pulumi.Bool(true),
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretVersion(ctx, "private-key-secret-version", &secretmanager.SecretVersionArgs{
			Secret:     private_key_secret.ID(),
			SecretData: readFileOrPanic("private-key.pem"),
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecret(ctx, "webhook-secret-secret", &secretmanager.SecretArgs{
			SecretId: pulumi.String("github-token-secret"),
			Replication: &secretmanager.SecretReplicationArgs{
				Automatic: pulumi.Bool(true),
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretVersion(ctx, "webhook-secret-secret-version", &secretmanager.SecretVersionArgs{
			Secret:     webhook_secret_secret.ID(),
			SecretData: pulumi.String("<webhook-secret-data>"),
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		p4sa_secretAccessor, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy-pk", &secretmanager.SecretIamPolicyArgs{
			SecretId:   private_key_secret.SecretId,
			PolicyData: *pulumi.String(p4sa_secretAccessor.PolicyData),
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy-whs", &secretmanager.SecretIamPolicyArgs{
			SecretId:   webhook_secret_secret.SecretId,
			PolicyData: *pulumi.String(p4sa_secretAccessor.PolicyData),
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		_, err = cloudbuildv2.NewConnection(ctx, "my-connection", &cloudbuildv2.ConnectionArgs{
			Location: pulumi.String("us-central1"),
			GithubEnterpriseConfig: &cloudbuildv2.ConnectionGithubEnterpriseConfigArgs{
				HostUri:                    pulumi.String("https://ghe.com"),
				PrivateKeySecretVersion:    private_key_secret_version.ID(),
				WebhookSecretSecretVersion: webhook_secret_secret_version.ID(),
				AppId:                      pulumi.Int(200),
				AppSlug:                    pulumi.String("gcb-app"),
				AppInstallationId:          pulumi.Int(300),
			},
		}, pulumi.Provider(google_beta), pulumi.DependsOn([]pulumi.Resource{
			policy_pk,
			policy_whs,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.secretmanager.Secret;
import com.pulumi.gcp.secretmanager.SecretArgs;
import com.pulumi.gcp.secretmanager.inputs.SecretReplicationArgs;
import com.pulumi.gcp.secretmanager.SecretVersion;
import com.pulumi.gcp.secretmanager.SecretVersionArgs;
import com.pulumi.gcp.organizations.OrganizationsFunctions;
import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
import com.pulumi.gcp.secretmanager.SecretIamPolicy;
import com.pulumi.gcp.secretmanager.SecretIamPolicyArgs;
import com.pulumi.gcp.cloudbuildv2.Connection;
import com.pulumi.gcp.cloudbuildv2.ConnectionArgs;
import com.pulumi.gcp.cloudbuildv2.inputs.ConnectionGithubEnterpriseConfigArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var private_key_secret = new Secret("private-key-secret", SecretArgs.builder()        
            .secretId("ghe-pk-secret")
            .replication(SecretReplicationArgs.builder()
                .automatic(true)
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());

        var private_key_secret_version = new SecretVersion("private-key-secret-version", SecretVersionArgs.builder()        
            .secret(private_key_secret.id())
            .secretData(Files.readString(Paths.get("private-key.pem")))
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());

        var webhook_secret_secret = new Secret("webhook-secret-secret", SecretArgs.builder()        
            .secretId("github-token-secret")
            .replication(SecretReplicationArgs.builder()
                .automatic(true)
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());

        var webhook_secret_secret_version = new SecretVersion("webhook-secret-secret-version", SecretVersionArgs.builder()        
            .secret(webhook_secret_secret.id())
            .secretData("<webhook-secret-data>")
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());

        final var p4sa-secretAccessor = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
            .bindings(GetIAMPolicyBindingArgs.builder()
                .role("roles/secretmanager.secretAccessor")
                .members("serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com")
                .build())
            .build());

        var policy_pk = new SecretIamPolicy("policy-pk", SecretIamPolicyArgs.builder()        
            .secretId(private_key_secret.secretId())
            .policyData(p4sa_secretAccessor.policyData())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());

        var policy_whs = new SecretIamPolicy("policy-whs", SecretIamPolicyArgs.builder()        
            .secretId(webhook_secret_secret.secretId())
            .policyData(p4sa_secretAccessor.policyData())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());

        var my_connection = new Connection("my-connection", ConnectionArgs.builder()        
            .location("us-central1")
            .githubEnterpriseConfig(ConnectionGithubEnterpriseConfigArgs.builder()
                .hostUri("https://ghe.com")
                .privateKeySecretVersion(private_key_secret_version.id())
                .webhookSecretSecretVersion(webhook_secret_secret_version.id())
                .appId(200)
                .appSlug("gcb-app")
                .appInstallationId(300)
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .dependsOn(                
                    policy_pk,
                    policy_whs)
                .build());

    }
}
import pulumi
import pulumi_gcp as gcp

private_key_secret = gcp.secretmanager.Secret("private-key-secret",
    secret_id="ghe-pk-secret",
    replication=gcp.secretmanager.SecretReplicationArgs(
        automatic=True,
    ),
    opts=pulumi.ResourceOptions(provider=google_beta))
private_key_secret_version = gcp.secretmanager.SecretVersion("private-key-secret-version",
    secret=private_key_secret.id,
    secret_data=(lambda path: open(path).read())("private-key.pem"),
    opts=pulumi.ResourceOptions(provider=google_beta))
webhook_secret_secret = gcp.secretmanager.Secret("webhook-secret-secret",
    secret_id="github-token-secret",
    replication=gcp.secretmanager.SecretReplicationArgs(
        automatic=True,
    ),
    opts=pulumi.ResourceOptions(provider=google_beta))
webhook_secret_secret_version = gcp.secretmanager.SecretVersion("webhook-secret-secret-version",
    secret=webhook_secret_secret.id,
    secret_data="<webhook-secret-data>",
    opts=pulumi.ResourceOptions(provider=google_beta))
p4sa_secret_accessor = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(
    role="roles/secretmanager.secretAccessor",
    members=["serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com"],
)])
policy_pk = gcp.secretmanager.SecretIamPolicy("policy-pk",
    secret_id=private_key_secret.secret_id,
    policy_data=p4sa_secret_accessor.policy_data,
    opts=pulumi.ResourceOptions(provider=google_beta))
policy_whs = gcp.secretmanager.SecretIamPolicy("policy-whs",
    secret_id=webhook_secret_secret.secret_id,
    policy_data=p4sa_secret_accessor.policy_data,
    opts=pulumi.ResourceOptions(provider=google_beta))
my_connection = gcp.cloudbuildv2.Connection("my-connection",
    location="us-central1",
    github_enterprise_config=gcp.cloudbuildv2.ConnectionGithubEnterpriseConfigArgs(
        host_uri="https://ghe.com",
        private_key_secret_version=private_key_secret_version.id,
        webhook_secret_secret_version=webhook_secret_secret_version.id,
        app_id=200,
        app_slug="gcb-app",
        app_installation_id=300,
    ),
    opts=pulumi.ResourceOptions(provider=google_beta,
        depends_on=[
            policy_pk,
            policy_whs,
        ]))
import * as pulumi from "@pulumi/pulumi";
import * as fs from "fs";
import * as gcp from "@pulumi/gcp";

const private_key_secret = new gcp.secretmanager.Secret("private-key-secret", {
    secretId: "ghe-pk-secret",
    replication: {
        automatic: true,
    },
}, {
    provider: google_beta,
});
const private_key_secret_version = new gcp.secretmanager.SecretVersion("private-key-secret-version", {
    secret: private_key_secret.id,
    secretData: fs.readFileSync("private-key.pem"),
}, {
    provider: google_beta,
});
const webhook_secret_secret = new gcp.secretmanager.Secret("webhook-secret-secret", {
    secretId: "github-token-secret",
    replication: {
        automatic: true,
    },
}, {
    provider: google_beta,
});
const webhook_secret_secret_version = new gcp.secretmanager.SecretVersion("webhook-secret-secret-version", {
    secret: webhook_secret_secret.id,
    secretData: "<webhook-secret-data>",
}, {
    provider: google_beta,
});
const p4sa-secretAccessor = gcp.organizations.getIAMPolicy({
    bindings: [{
        role: "roles/secretmanager.secretAccessor",
        members: ["serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com"],
    }],
});
const policy_pk = new gcp.secretmanager.SecretIamPolicy("policy-pk", {
    secretId: private_key_secret.secretId,
    policyData: p4sa_secretAccessor.then(p4sa_secretAccessor => p4sa_secretAccessor.policyData),
}, {
    provider: google_beta,
});
const policy_whs = new gcp.secretmanager.SecretIamPolicy("policy-whs", {
    secretId: webhook_secret_secret.secretId,
    policyData: p4sa_secretAccessor.then(p4sa_secretAccessor => p4sa_secretAccessor.policyData),
}, {
    provider: google_beta,
});
const my_connection = new gcp.cloudbuildv2.Connection("my-connection", {
    location: "us-central1",
    githubEnterpriseConfig: {
        hostUri: "https://ghe.com",
        privateKeySecretVersion: private_key_secret_version.id,
        webhookSecretSecretVersion: webhook_secret_secret_version.id,
        appId: 200,
        appSlug: "gcb-app",
        appInstallationId: 300,
    },
}, {
    provider: google_beta,
    dependsOn: [
        policy_pk,
        policy_whs,
    ],
});
resources:
  private-key-secret:
    type: gcp:secretmanager:Secret
    properties:
      secretId: ghe-pk-secret
      replication:
        automatic: true
    options:
      provider: ${["google-beta"]}
  private-key-secret-version:
    type: gcp:secretmanager:SecretVersion
    properties:
      secret: ${["private-key-secret"].id}
      secretData:
        fn::readFile: private-key.pem
    options:
      provider: ${["google-beta"]}
  webhook-secret-secret:
    type: gcp:secretmanager:Secret
    properties:
      secretId: github-token-secret
      replication:
        automatic: true
    options:
      provider: ${["google-beta"]}
  webhook-secret-secret-version:
    type: gcp:secretmanager:SecretVersion
    properties:
      secret: ${["webhook-secret-secret"].id}
      secretData: <webhook-secret-data>
    options:
      provider: ${["google-beta"]}
  policy-pk:
    type: gcp:secretmanager:SecretIamPolicy
    properties:
      secretId: ${["private-key-secret"].secretId}
      policyData: ${["p4sa-secretAccessor"].policyData}
    options:
      provider: ${["google-beta"]}
  policy-whs:
    type: gcp:secretmanager:SecretIamPolicy
    properties:
      secretId: ${["webhook-secret-secret"].secretId}
      policyData: ${["p4sa-secretAccessor"].policyData}
    options:
      provider: ${["google-beta"]}
  my-connection:
    type: gcp:cloudbuildv2:Connection
    properties:
      location: us-central1
      githubEnterpriseConfig:
        hostUri: https://ghe.com
        privateKeySecretVersion: ${["private-key-secret-version"].id}
        webhookSecretSecretVersion: ${["webhook-secret-secret-version"].id}
        appId: 200
        appSlug: gcb-app
        appInstallationId: 300
    options:
      provider: ${["google-beta"]}
      dependson:
        - ${["policy-pk"]}
        - ${["policy-whs"]}
variables:
  p4sa-secretAccessor:
    fn::invoke:
      Function: gcp:organizations:getIAMPolicy
      Arguments:
        bindings:
          - role: roles/secretmanager.secretAccessor
            members:
              - serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com

GitHub Connection

using System.Collections.Generic;
using System.IO;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var github_token_secret = new Gcp.SecretManager.Secret("github-token-secret", new()
    {
        SecretId = "github-token-secret",
        Replication = new Gcp.SecretManager.Inputs.SecretReplicationArgs
        {
            Automatic = true,
        },
    }, new CustomResourceOptions
    {
        Provider = google_beta,
    });

    var github_token_secret_version = new Gcp.SecretManager.SecretVersion("github-token-secret-version", new()
    {
        Secret = github_token_secret.Id,
        SecretData = File.ReadAllText("my-github-token.txt"),
    }, new CustomResourceOptions
    {
        Provider = google_beta,
    });

    var p4sa_secretAccessor = Gcp.Organizations.GetIAMPolicy.Invoke(new()
    {
        Bindings = new[]
        {
            new Gcp.Organizations.Inputs.GetIAMPolicyBindingInputArgs
            {
                Role = "roles/secretmanager.secretAccessor",
                Members = new[]
                {
                    "serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com",
                },
            },
        },
    });

    var policy = new Gcp.SecretManager.SecretIamPolicy("policy", new()
    {
        SecretId = github_token_secret.SecretId,
        PolicyData = p4sa_secretAccessor.Apply(p4sa_secretAccessor => p4sa_secretAccessor.Apply(getIAMPolicyResult => getIAMPolicyResult.PolicyData)),
    }, new CustomResourceOptions
    {
        Provider = google_beta,
    });

    var my_connection = new Gcp.CloudBuildV2.Connection("my-connection", new()
    {
        Location = "us-west1",
        GithubConfig = new Gcp.CloudBuildV2.Inputs.ConnectionGithubConfigArgs
        {
            AppInstallationId = 123123,
            AuthorizerCredential = new Gcp.CloudBuildV2.Inputs.ConnectionGithubConfigAuthorizerCredentialArgs
            {
                OauthTokenSecretVersion = github_token_secret_version.Id,
            },
        },
    }, new CustomResourceOptions
    {
        Provider = google_beta,
    });

});
package main

import (
	"os"

	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/cloudbuildv2"
	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/organizations"
	"github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/secretmanager"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func readFileOrPanic(path string) pulumi.StringPtrInput {
	data, err := os.ReadFile(path)
	if err != nil {
		panic(err.Error())
	}
	return pulumi.String(string(data))
}

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := secretmanager.NewSecret(ctx, "github-token-secret", &secretmanager.SecretArgs{
			SecretId: pulumi.String("github-token-secret"),
			Replication: &secretmanager.SecretReplicationArgs{
				Automatic: pulumi.Bool(true),
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretVersion(ctx, "github-token-secret-version", &secretmanager.SecretVersionArgs{
			Secret:     github_token_secret.ID(),
			SecretData: readFileOrPanic("my-github-token.txt"),
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		p4sa_secretAccessor, err := organizations.LookupIAMPolicy(ctx, &organizations.LookupIAMPolicyArgs{
			Bindings: []organizations.GetIAMPolicyBinding{
				{
					Role: "roles/secretmanager.secretAccessor",
					Members: []string{
						"serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com",
					},
				},
			},
		}, nil)
		if err != nil {
			return err
		}
		_, err = secretmanager.NewSecretIamPolicy(ctx, "policy", &secretmanager.SecretIamPolicyArgs{
			SecretId:   github_token_secret.SecretId,
			PolicyData: *pulumi.String(p4sa_secretAccessor.PolicyData),
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		_, err = cloudbuildv2.NewConnection(ctx, "my-connection", &cloudbuildv2.ConnectionArgs{
			Location: pulumi.String("us-west1"),
			GithubConfig: &cloudbuildv2.ConnectionGithubConfigArgs{
				AppInstallationId: pulumi.Int(123123),
				AuthorizerCredential: &cloudbuildv2.ConnectionGithubConfigAuthorizerCredentialArgs{
					OauthTokenSecretVersion: github_token_secret_version.ID(),
				},
			},
		}, pulumi.Provider(google_beta))
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.secretmanager.Secret;
import com.pulumi.gcp.secretmanager.SecretArgs;
import com.pulumi.gcp.secretmanager.inputs.SecretReplicationArgs;
import com.pulumi.gcp.secretmanager.SecretVersion;
import com.pulumi.gcp.secretmanager.SecretVersionArgs;
import com.pulumi.gcp.organizations.OrganizationsFunctions;
import com.pulumi.gcp.organizations.inputs.GetIAMPolicyArgs;
import com.pulumi.gcp.secretmanager.SecretIamPolicy;
import com.pulumi.gcp.secretmanager.SecretIamPolicyArgs;
import com.pulumi.gcp.cloudbuildv2.Connection;
import com.pulumi.gcp.cloudbuildv2.ConnectionArgs;
import com.pulumi.gcp.cloudbuildv2.inputs.ConnectionGithubConfigArgs;
import com.pulumi.gcp.cloudbuildv2.inputs.ConnectionGithubConfigAuthorizerCredentialArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var github_token_secret = new Secret("github-token-secret", SecretArgs.builder()        
            .secretId("github-token-secret")
            .replication(SecretReplicationArgs.builder()
                .automatic(true)
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());

        var github_token_secret_version = new SecretVersion("github-token-secret-version", SecretVersionArgs.builder()        
            .secret(github_token_secret.id())
            .secretData(Files.readString(Paths.get("my-github-token.txt")))
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());

        final var p4sa-secretAccessor = OrganizationsFunctions.getIAMPolicy(GetIAMPolicyArgs.builder()
            .bindings(GetIAMPolicyBindingArgs.builder()
                .role("roles/secretmanager.secretAccessor")
                .members("serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com")
                .build())
            .build());

        var policy = new SecretIamPolicy("policy", SecretIamPolicyArgs.builder()        
            .secretId(github_token_secret.secretId())
            .policyData(p4sa_secretAccessor.policyData())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());

        var my_connection = new Connection("my-connection", ConnectionArgs.builder()        
            .location("us-west1")
            .githubConfig(ConnectionGithubConfigArgs.builder()
                .appInstallationId(123123)
                .authorizerCredential(ConnectionGithubConfigAuthorizerCredentialArgs.builder()
                    .oauthTokenSecretVersion(github_token_secret_version.id())
                    .build())
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());

    }
}
import pulumi
import pulumi_gcp as gcp

github_token_secret = gcp.secretmanager.Secret("github-token-secret",
    secret_id="github-token-secret",
    replication=gcp.secretmanager.SecretReplicationArgs(
        automatic=True,
    ),
    opts=pulumi.ResourceOptions(provider=google_beta))
github_token_secret_version = gcp.secretmanager.SecretVersion("github-token-secret-version",
    secret=github_token_secret.id,
    secret_data=(lambda path: open(path).read())("my-github-token.txt"),
    opts=pulumi.ResourceOptions(provider=google_beta))
p4sa_secret_accessor = gcp.organizations.get_iam_policy(bindings=[gcp.organizations.GetIAMPolicyBindingArgs(
    role="roles/secretmanager.secretAccessor",
    members=["serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com"],
)])
policy = gcp.secretmanager.SecretIamPolicy("policy",
    secret_id=github_token_secret.secret_id,
    policy_data=p4sa_secret_accessor.policy_data,
    opts=pulumi.ResourceOptions(provider=google_beta))
my_connection = gcp.cloudbuildv2.Connection("my-connection",
    location="us-west1",
    github_config=gcp.cloudbuildv2.ConnectionGithubConfigArgs(
        app_installation_id=123123,
        authorizer_credential=gcp.cloudbuildv2.ConnectionGithubConfigAuthorizerCredentialArgs(
            oauth_token_secret_version=github_token_secret_version.id,
        ),
    ),
    opts=pulumi.ResourceOptions(provider=google_beta))
import * as pulumi from "@pulumi/pulumi";
import * as fs from "fs";
import * as gcp from "@pulumi/gcp";

const github_token_secret = new gcp.secretmanager.Secret("github-token-secret", {
    secretId: "github-token-secret",
    replication: {
        automatic: true,
    },
}, {
    provider: google_beta,
});
const github_token_secret_version = new gcp.secretmanager.SecretVersion("github-token-secret-version", {
    secret: github_token_secret.id,
    secretData: fs.readFileSync("my-github-token.txt"),
}, {
    provider: google_beta,
});
const p4sa-secretAccessor = gcp.organizations.getIAMPolicy({
    bindings: [{
        role: "roles/secretmanager.secretAccessor",
        members: ["serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com"],
    }],
});
const policy = new gcp.secretmanager.SecretIamPolicy("policy", {
    secretId: github_token_secret.secretId,
    policyData: p4sa_secretAccessor.then(p4sa_secretAccessor => p4sa_secretAccessor.policyData),
}, {
    provider: google_beta,
});
const my_connection = new gcp.cloudbuildv2.Connection("my-connection", {
    location: "us-west1",
    githubConfig: {
        appInstallationId: 123123,
        authorizerCredential: {
            oauthTokenSecretVersion: github_token_secret_version.id,
        },
    },
}, {
    provider: google_beta,
});
resources:
  github-token-secret:
    type: gcp:secretmanager:Secret
    properties:
      secretId: github-token-secret
      replication:
        automatic: true
    options:
      provider: ${["google-beta"]}
  github-token-secret-version:
    type: gcp:secretmanager:SecretVersion
    properties:
      secret: ${["github-token-secret"].id}
      secretData:
        fn::readFile: my-github-token.txt
    options:
      provider: ${["google-beta"]}
  policy:
    type: gcp:secretmanager:SecretIamPolicy
    properties:
      secretId: ${["github-token-secret"].secretId}
      policyData: ${["p4sa-secretAccessor"].policyData}
    options:
      provider: ${["google-beta"]}
  my-connection:
    type: gcp:cloudbuildv2:Connection
    properties:
      location: us-west1
      githubConfig:
        appInstallationId: 123123
        authorizerCredential:
          oauthTokenSecretVersion: ${["github-token-secret-version"].id}
    options:
      provider: ${["google-beta"]}
variables:
  p4sa-secretAccessor:
    fn::invoke:
      Function: gcp:organizations:getIAMPolicy
      Arguments:
        bindings:
          - role: roles/secretmanager.secretAccessor
            members:
              - serviceAccount:service-123456789@gcp-sa-cloudbuild.iam.gserviceaccount.com

Create Connection Resource

new Connection(name: string, args: ConnectionArgs, opts?: CustomResourceOptions);
@overload
def Connection(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               annotations: Optional[Mapping[str, str]] = None,
               disabled: Optional[bool] = None,
               github_config: Optional[ConnectionGithubConfigArgs] = None,
               github_enterprise_config: Optional[ConnectionGithubEnterpriseConfigArgs] = None,
               location: Optional[str] = None,
               name: Optional[str] = None,
               project: Optional[str] = None)
@overload
def Connection(resource_name: str,
               args: ConnectionArgs,
               opts: Optional[ResourceOptions] = None)
func NewConnection(ctx *Context, name string, args ConnectionArgs, opts ...ResourceOption) (*Connection, error)
public Connection(string name, ConnectionArgs args, CustomResourceOptions? opts = null)
public Connection(String name, ConnectionArgs args)
public Connection(String name, ConnectionArgs args, CustomResourceOptions options)
type: gcp:cloudbuildv2:Connection
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args ConnectionArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args ConnectionArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args ConnectionArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args ConnectionArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args ConnectionArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Connection Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Connection resource accepts the following input properties:

Location string

The location for the resource

Annotations Dictionary<string, string>

Allows clients to store small amounts of arbitrary data.

Disabled bool

If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.

GithubConfig ConnectionGithubConfigArgs

Configuration for connections to github.com.

GithubEnterpriseConfig ConnectionGithubEnterpriseConfigArgs

Configuration for connections to an instance of GitHub Enterprise.

Name string

Immutable. The resource name of the connection, in the format projects/{project}/locations/{location}/connections/{connection_id}.

Project string

The project for the resource

Location string

The location for the resource

Annotations map[string]string

Allows clients to store small amounts of arbitrary data.

Disabled bool

If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.

GithubConfig ConnectionGithubConfigArgs

Configuration for connections to github.com.

GithubEnterpriseConfig ConnectionGithubEnterpriseConfigArgs

Configuration for connections to an instance of GitHub Enterprise.

Name string

Immutable. The resource name of the connection, in the format projects/{project}/locations/{location}/connections/{connection_id}.

Project string

The project for the resource

location String

The location for the resource

annotations Map<String,String>

Allows clients to store small amounts of arbitrary data.

disabled Boolean

If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.

githubConfig ConnectionGithubConfigArgs

Configuration for connections to github.com.

githubEnterpriseConfig ConnectionGithubEnterpriseConfigArgs

Configuration for connections to an instance of GitHub Enterprise.

name String

Immutable. The resource name of the connection, in the format projects/{project}/locations/{location}/connections/{connection_id}.

project String

The project for the resource

location string

The location for the resource

annotations {[key: string]: string}

Allows clients to store small amounts of arbitrary data.

disabled boolean

If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.

githubConfig ConnectionGithubConfigArgs

Configuration for connections to github.com.

githubEnterpriseConfig ConnectionGithubEnterpriseConfigArgs

Configuration for connections to an instance of GitHub Enterprise.

name string

Immutable. The resource name of the connection, in the format projects/{project}/locations/{location}/connections/{connection_id}.

project string

The project for the resource

location str

The location for the resource

annotations Mapping[str, str]

Allows clients to store small amounts of arbitrary data.

disabled bool

If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.

github_config ConnectionGithubConfigArgs

Configuration for connections to github.com.

github_enterprise_config ConnectionGithubEnterpriseConfigArgs

Configuration for connections to an instance of GitHub Enterprise.

name str

Immutable. The resource name of the connection, in the format projects/{project}/locations/{location}/connections/{connection_id}.

project str

The project for the resource

location String

The location for the resource

annotations Map<String>

Allows clients to store small amounts of arbitrary data.

disabled Boolean

If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.

githubConfig Property Map

Configuration for connections to github.com.

githubEnterpriseConfig Property Map

Configuration for connections to an instance of GitHub Enterprise.

name String

Immutable. The resource name of the connection, in the format projects/{project}/locations/{location}/connections/{connection_id}.

project String

The project for the resource

Outputs

All input properties are implicitly available as output properties. Additionally, the Connection resource produces the following output properties:

CreateTime string

Output only. Server assigned timestamp for when the connection was created.

Etag string

This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

Id string

The provider-assigned unique ID for this managed resource.

InstallationStates List<ConnectionInstallationState>

Output only. Installation state of the Connection.

Reconciling bool

Output only. Set to true when the connection is being set up or updated in the background.

UpdateTime string

Output only. Server assigned timestamp for when the connection was updated.

CreateTime string

Output only. Server assigned timestamp for when the connection was created.

Etag string

This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

Id string

The provider-assigned unique ID for this managed resource.

InstallationStates []ConnectionInstallationState

Output only. Installation state of the Connection.

Reconciling bool

Output only. Set to true when the connection is being set up or updated in the background.

UpdateTime string

Output only. Server assigned timestamp for when the connection was updated.

createTime String

Output only. Server assigned timestamp for when the connection was created.

etag String

This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

id String

The provider-assigned unique ID for this managed resource.

installationStates List<ConnectionInstallationState>

Output only. Installation state of the Connection.

reconciling Boolean

Output only. Set to true when the connection is being set up or updated in the background.

updateTime String

Output only. Server assigned timestamp for when the connection was updated.

createTime string

Output only. Server assigned timestamp for when the connection was created.

etag string

This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

id string

The provider-assigned unique ID for this managed resource.

installationStates ConnectionInstallationState[]

Output only. Installation state of the Connection.

reconciling boolean

Output only. Set to true when the connection is being set up or updated in the background.

updateTime string

Output only. Server assigned timestamp for when the connection was updated.

create_time str

Output only. Server assigned timestamp for when the connection was created.

etag str

This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

id str

The provider-assigned unique ID for this managed resource.

installation_states Sequence[ConnectionInstallationState]

Output only. Installation state of the Connection.

reconciling bool

Output only. Set to true when the connection is being set up or updated in the background.

update_time str

Output only. Server assigned timestamp for when the connection was updated.

createTime String

Output only. Server assigned timestamp for when the connection was created.

etag String

This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

id String

The provider-assigned unique ID for this managed resource.

installationStates List<Property Map>

Output only. Installation state of the Connection.

reconciling Boolean

Output only. Set to true when the connection is being set up or updated in the background.

updateTime String

Output only. Server assigned timestamp for when the connection was updated.

Look up Existing Connection Resource

Get an existing Connection resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ConnectionState, opts?: CustomResourceOptions): Connection
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        annotations: Optional[Mapping[str, str]] = None,
        create_time: Optional[str] = None,
        disabled: Optional[bool] = None,
        etag: Optional[str] = None,
        github_config: Optional[ConnectionGithubConfigArgs] = None,
        github_enterprise_config: Optional[ConnectionGithubEnterpriseConfigArgs] = None,
        installation_states: Optional[Sequence[ConnectionInstallationStateArgs]] = None,
        location: Optional[str] = None,
        name: Optional[str] = None,
        project: Optional[str] = None,
        reconciling: Optional[bool] = None,
        update_time: Optional[str] = None) -> Connection
func GetConnection(ctx *Context, name string, id IDInput, state *ConnectionState, opts ...ResourceOption) (*Connection, error)
public static Connection Get(string name, Input<string> id, ConnectionState? state, CustomResourceOptions? opts = null)
public static Connection get(String name, Output<String> id, ConnectionState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
Annotations Dictionary<string, string>

Allows clients to store small amounts of arbitrary data.

CreateTime string

Output only. Server assigned timestamp for when the connection was created.

Disabled bool

If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.

Etag string

This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

GithubConfig ConnectionGithubConfigArgs

Configuration for connections to github.com.

GithubEnterpriseConfig ConnectionGithubEnterpriseConfigArgs

Configuration for connections to an instance of GitHub Enterprise.

InstallationStates List<ConnectionInstallationStateArgs>

Output only. Installation state of the Connection.

Location string

The location for the resource

Name string

Immutable. The resource name of the connection, in the format projects/{project}/locations/{location}/connections/{connection_id}.

Project string

The project for the resource

Reconciling bool

Output only. Set to true when the connection is being set up or updated in the background.

UpdateTime string

Output only. Server assigned timestamp for when the connection was updated.

Annotations map[string]string

Allows clients to store small amounts of arbitrary data.

CreateTime string

Output only. Server assigned timestamp for when the connection was created.

Disabled bool

If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.

Etag string

This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

GithubConfig ConnectionGithubConfigArgs

Configuration for connections to github.com.

GithubEnterpriseConfig ConnectionGithubEnterpriseConfigArgs

Configuration for connections to an instance of GitHub Enterprise.

InstallationStates []ConnectionInstallationStateArgs

Output only. Installation state of the Connection.

Location string

The location for the resource

Name string

Immutable. The resource name of the connection, in the format projects/{project}/locations/{location}/connections/{connection_id}.

Project string

The project for the resource

Reconciling bool

Output only. Set to true when the connection is being set up or updated in the background.

UpdateTime string

Output only. Server assigned timestamp for when the connection was updated.

annotations Map<String,String>

Allows clients to store small amounts of arbitrary data.

createTime String

Output only. Server assigned timestamp for when the connection was created.

disabled Boolean

If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.

etag String

This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

githubConfig ConnectionGithubConfigArgs

Configuration for connections to github.com.

githubEnterpriseConfig ConnectionGithubEnterpriseConfigArgs

Configuration for connections to an instance of GitHub Enterprise.

installationStates List<ConnectionInstallationStateArgs>

Output only. Installation state of the Connection.

location String

The location for the resource

name String

Immutable. The resource name of the connection, in the format projects/{project}/locations/{location}/connections/{connection_id}.

project String

The project for the resource

reconciling Boolean

Output only. Set to true when the connection is being set up or updated in the background.

updateTime String

Output only. Server assigned timestamp for when the connection was updated.

annotations {[key: string]: string}

Allows clients to store small amounts of arbitrary data.

createTime string

Output only. Server assigned timestamp for when the connection was created.

disabled boolean

If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.

etag string

This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

githubConfig ConnectionGithubConfigArgs

Configuration for connections to github.com.

githubEnterpriseConfig ConnectionGithubEnterpriseConfigArgs

Configuration for connections to an instance of GitHub Enterprise.

installationStates ConnectionInstallationStateArgs[]

Output only. Installation state of the Connection.

location string

The location for the resource

name string

Immutable. The resource name of the connection, in the format projects/{project}/locations/{location}/connections/{connection_id}.

project string

The project for the resource

reconciling boolean

Output only. Set to true when the connection is being set up or updated in the background.

updateTime string

Output only. Server assigned timestamp for when the connection was updated.

annotations Mapping[str, str]

Allows clients to store small amounts of arbitrary data.

create_time str

Output only. Server assigned timestamp for when the connection was created.

disabled bool

If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.

etag str

This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

github_config ConnectionGithubConfigArgs

Configuration for connections to github.com.

github_enterprise_config ConnectionGithubEnterpriseConfigArgs

Configuration for connections to an instance of GitHub Enterprise.

installation_states Sequence[ConnectionInstallationStateArgs]

Output only. Installation state of the Connection.

location str

The location for the resource

name str

Immutable. The resource name of the connection, in the format projects/{project}/locations/{location}/connections/{connection_id}.

project str

The project for the resource

reconciling bool

Output only. Set to true when the connection is being set up or updated in the background.

update_time str

Output only. Server assigned timestamp for when the connection was updated.

annotations Map<String>

Allows clients to store small amounts of arbitrary data.

createTime String

Output only. Server assigned timestamp for when the connection was created.

disabled Boolean

If disabled is set to true, functionality is disabled for this connection. Repository based API methods and webhooks processing for repositories in this connection will be disabled.

etag String

This checksum is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.

githubConfig Property Map

Configuration for connections to github.com.

githubEnterpriseConfig Property Map

Configuration for connections to an instance of GitHub Enterprise.

installationStates List<Property Map>

Output only. Installation state of the Connection.

location String

The location for the resource

name String

Immutable. The resource name of the connection, in the format projects/{project}/locations/{location}/connections/{connection_id}.

project String

The project for the resource

reconciling Boolean

Output only. Set to true when the connection is being set up or updated in the background.

updateTime String

Output only. Server assigned timestamp for when the connection was updated.

Supporting Types

ConnectionGithubConfig

AppInstallationId int

GitHub App installation id.

AuthorizerCredential ConnectionGithubConfigAuthorizerCredential

OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App.

AppInstallationId int

GitHub App installation id.

AuthorizerCredential ConnectionGithubConfigAuthorizerCredential

OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App.

appInstallationId Integer

GitHub App installation id.

authorizerCredential ConnectionGithubConfigAuthorizerCredential

OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App.

appInstallationId number

GitHub App installation id.

authorizerCredential ConnectionGithubConfigAuthorizerCredential

OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App.

app_installation_id int

GitHub App installation id.

authorizer_credential ConnectionGithubConfigAuthorizerCredential

OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App.

appInstallationId Number

GitHub App installation id.

authorizerCredential Property Map

OAuth credential of the account that authorized the Cloud Build GitHub App. It is recommended to use a robot account instead of a human user account. The OAuth token must be tied to the Cloud Build GitHub App.

ConnectionGithubConfigAuthorizerCredential

OauthTokenSecretVersion string

A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format: projects/*/secrets/*/versions/*.

Username string

The username associated to this token.

OauthTokenSecretVersion string

A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format: projects/*/secrets/*/versions/*.

Username string

The username associated to this token.

oauthTokenSecretVersion String

A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format: projects/*/secrets/*/versions/*.

username String

The username associated to this token.

oauthTokenSecretVersion string

A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format: projects/*/secrets/*/versions/*.

username string

The username associated to this token.

oauth_token_secret_version str

A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format: projects/*/secrets/*/versions/*.

username str

The username associated to this token.

oauthTokenSecretVersion String

A SecretManager resource containing the OAuth token that authorizes the Cloud Build connection. Format: projects/*/secrets/*/versions/*.

username String

The username associated to this token.

ConnectionGithubEnterpriseConfig

HostUri string

Required. The URI of the GitHub Enterprise host this connection is for.

AppId int

Id of the GitHub App created from the manifest.

AppInstallationId int

ID of the installation of the GitHub App.

AppSlug string

The URL-friendly name of the GitHub App.

PrivateKeySecretVersion string

SecretManager resource containing the private key of the GitHub App, formatted as projects/*/secrets/*/versions/*.

ServiceDirectoryConfig ConnectionGithubEnterpriseConfigServiceDirectoryConfig

Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet.

SslCa string

SSL certificate to use for requests to GitHub Enterprise.

WebhookSecretSecretVersion string

SecretManager resource containing the webhook secret of the GitHub App, formatted as projects/*/secrets/*/versions/*.

HostUri string

Required. The URI of the GitHub Enterprise host this connection is for.

AppId int

Id of the GitHub App created from the manifest.

AppInstallationId int

ID of the installation of the GitHub App.

AppSlug string

The URL-friendly name of the GitHub App.

PrivateKeySecretVersion string

SecretManager resource containing the private key of the GitHub App, formatted as projects/*/secrets/*/versions/*.

ServiceDirectoryConfig ConnectionGithubEnterpriseConfigServiceDirectoryConfig

Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet.

SslCa string

SSL certificate to use for requests to GitHub Enterprise.

WebhookSecretSecretVersion string

SecretManager resource containing the webhook secret of the GitHub App, formatted as projects/*/secrets/*/versions/*.

hostUri String

Required. The URI of the GitHub Enterprise host this connection is for.

appId Integer

Id of the GitHub App created from the manifest.

appInstallationId Integer

ID of the installation of the GitHub App.

appSlug String

The URL-friendly name of the GitHub App.

privateKeySecretVersion String

SecretManager resource containing the private key of the GitHub App, formatted as projects/*/secrets/*/versions/*.

serviceDirectoryConfig ConnectionGithubEnterpriseConfigServiceDirectoryConfig

Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet.

sslCa String

SSL certificate to use for requests to GitHub Enterprise.

webhookSecretSecretVersion String

SecretManager resource containing the webhook secret of the GitHub App, formatted as projects/*/secrets/*/versions/*.

hostUri string

Required. The URI of the GitHub Enterprise host this connection is for.

appId number

Id of the GitHub App created from the manifest.

appInstallationId number

ID of the installation of the GitHub App.

appSlug string

The URL-friendly name of the GitHub App.

privateKeySecretVersion string

SecretManager resource containing the private key of the GitHub App, formatted as projects/*/secrets/*/versions/*.

serviceDirectoryConfig ConnectionGithubEnterpriseConfigServiceDirectoryConfig

Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet.

sslCa string

SSL certificate to use for requests to GitHub Enterprise.

webhookSecretSecretVersion string

SecretManager resource containing the webhook secret of the GitHub App, formatted as projects/*/secrets/*/versions/*.

host_uri str

Required. The URI of the GitHub Enterprise host this connection is for.

app_id int

Id of the GitHub App created from the manifest.

app_installation_id int

ID of the installation of the GitHub App.

app_slug str

The URL-friendly name of the GitHub App.

private_key_secret_version str

SecretManager resource containing the private key of the GitHub App, formatted as projects/*/secrets/*/versions/*.

service_directory_config ConnectionGithubEnterpriseConfigServiceDirectoryConfig

Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet.

ssl_ca str

SSL certificate to use for requests to GitHub Enterprise.

webhook_secret_secret_version str

SecretManager resource containing the webhook secret of the GitHub App, formatted as projects/*/secrets/*/versions/*.

hostUri String

Required. The URI of the GitHub Enterprise host this connection is for.

appId Number

Id of the GitHub App created from the manifest.

appInstallationId Number

ID of the installation of the GitHub App.

appSlug String

The URL-friendly name of the GitHub App.

privateKeySecretVersion String

SecretManager resource containing the private key of the GitHub App, formatted as projects/*/secrets/*/versions/*.

serviceDirectoryConfig Property Map

Configuration for using Service Directory to privately connect to a GitHub Enterprise server. This should only be set if the GitHub Enterprise server is hosted on-premises and not reachable by public internet. If this field is left empty, calls to the GitHub Enterprise server will be made over the public internet.

sslCa String

SSL certificate to use for requests to GitHub Enterprise.

webhookSecretSecretVersion String

SecretManager resource containing the webhook secret of the GitHub App, formatted as projects/*/secrets/*/versions/*.

ConnectionGithubEnterpriseConfigServiceDirectoryConfig

Service string

Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.

Service string

Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.

service String

Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.

service string

Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.

service str

Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.

service String

Required. The Service Directory service name. Format: projects/{project}/locations/{location}/namespaces/{namespace}/services/{service}.

ConnectionInstallationState

ActionUri string
Message string
Stage string
ActionUri string
Message string
Stage string
actionUri String
message String
stage String
actionUri string
message string
stage string
actionUri String
message String
stage String

Import

Connection can be imported using any of these accepted formats

 $ pulumi import gcp:cloudbuildv2/connection:Connection default projects/{{project}}/locations/{{location}}/connections/{{name}}
 $ pulumi import gcp:cloudbuildv2/connection:Connection default {{project}}/{{location}}/{{name}}
 $ pulumi import gcp:cloudbuildv2/connection:Connection default {{location}}/{{name}}

Package Details

Repository
Google Cloud (GCP) Classic pulumi/pulumi-gcp
License
Apache-2.0
Notes

This Pulumi package is based on the google-beta Terraform Provider.