Add volumes support to Cron (#145)

Mostly copy/pasta from regional_go_service.

Tested with my dev env.

---------

Signed-off-by: Nghia Tran <[email protected]>

Author: tcnghia

modules/cron/README.md

@@ -101,6 +101,8 @@ No modules.
 | <a name="input_secret_env"></a> [secret\_env](#input\_secret\_env) | A map of secrets to mount as environment variables from Google Secrets Manager (e.g. secret\_key=secret\_name) | `map` | `{}` | no |
 | <a name="input_service_account"></a> [service\_account](#input\_service\_account) | The email address of the service account to run the service as, and to invoke the job as. | `string` | n/a | yes |
 | <a name="input_timeout"></a> [timeout](#input\_timeout) | The maximum amount of time in seconds to allow the job to run. | `string` | `"600s"` | no |
+| <a name="input_volume_mounts"></a> [volume\_mounts](#input\_volume\_mounts) | The volume mounts to mount the volumes to the container in the job. | <pre>list(object({<br>    name       = string<br>    mount_path = string<br>  }))</pre> | `[]` | no |
+| <a name="input_volumes"></a> [volumes](#input\_volumes) | The volumes to make available to the container in the job for mounting. | <pre>list(object({<br>    name = string<br>    secret = optional(object({<br>      secret = string<br>      items = list(object({<br>        version = string<br>        path    = string<br>      }))<br>    }))<br>  }))</pre> | `[]` | no |
 | <a name="input_vpc_access"></a> [vpc\_access](#input\_vpc\_access) | The VPC to send egress to. For more information, visit https://cloud.google.com/run/docs/configuring/vpc-direct-vpc | <pre>object({<br>    # Currently, only one network interface is supported.<br>    network_interfaces = list(object({<br>      network    = string<br>      subnetwork = string<br>      tags       = optional(list(string))<br>    }))<br>    # Egress is one of "PRIVATE_RANGES_ONLY", "ALL_TRAFFIC", or "ALL_PRIVATE_RANGES"<br>    egress = string<br>  })</pre> | `null` | no |
 | <a name="input_working_dir"></a> [working\_dir](#input\_working\_dir) | The working directory that contains the importpath. | `string` | n/a | yes |
 

modules/cron/main.tf

@@ -46,6 +46,26 @@ resource "google_cloud_run_v2_job" "job" {
       service_account       = var.service_account
       max_retries           = var.max_retries
       timeout               = var.timeout
+      dynamic "volumes" {
+        for_each = var.volumes
+        content {
+          name = volumes.value.name
+
+          dynamic "secret" {
+            for_each = volumes.value.secret != null ? { "" : volumes.value.secret } : {}
+            content {
+              secret = secret.value.secret
+              dynamic "items" {
+                for_each = secret.value.items
+                content {
+                  version = items.value.version
+                  path    = items.value.path
+                }
+              }
+            }
+          }
+        }
+      }
       containers {
         image = ko_build.image.image_ref
 
@@ -76,6 +96,14 @@ resource "google_cloud_run_v2_job" "job" {
             }
           }
         }
+
+        dynamic "volume_mounts" {
+          for_each = var.volume_mounts
+          content {
+            name       = volume_mounts.value.name
+            mount_path = volume_mounts.value.mount_path
+          }
+        }
       }
 
       dynamic "vpc_access" {

modules/cron/variables.tf

@@ -97,3 +97,27 @@ variable "vpc_access" {
   })
   description = "The VPC to send egress to. For more information, visit https://cloud.google.com/run/docs/configuring/vpc-direct-vpc"
 }
+
+variable "volumes" {
+  description = "The volumes to make available to the container in the job for mounting."
+  type = list(object({
+    name = string
+    secret = optional(object({
+      secret = string
+      items = list(object({
+        version = string
+        path    = string
+      }))
+    }))
+  }))
+  default = []
+}
+
+variable "volume_mounts" {
+  description = "The volume mounts to mount the volumes to the container in the job."
+  type = list(object({
+    name       = string
+    mount_path = string
+  }))
+  default = []
+}