1# Copyright 2022 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15apiVersion: core.cnrm.cloud.google.com/v1alpha1
16kind: ServiceMapping
17metadata:
18 name: cloudbuild.cnrm.cloud.google.com
19 namespace: cnrm-system
20spec:
21 name: CloudBuild
22 version: v1beta1
23 serviceHostName: "cloudbuild.googleapis.com"
24 resources:
25 - name: google_cloudbuild_trigger
26 kind: CloudBuildTrigger
27 metadataMapping:
28 name: name
29 idTemplate: "projects/{{project}}/triggers/{{name}}"
30 # doesn't import properly
31 idTemplateCanBeUsedToMatchResourceName: false
32 resourceAvailableInAssetInventory: false
33 containers:
34 - type: project
35 tfField: project
36 resourceReferences:
37 - tfField: trigger_template.repo_name
38 description: |-
39 The Cloud Source Repository to build. If omitted, the repo with
40 name "default" is assumed.
41 key: repoRef
42 gvk:
43 kind: SourceRepoRepository
44 version: v1beta1
45 group: sourcerepo.cnrm.cloud.google.com
46 - tfField: build.logs_bucket
47 key: logsBucketRef
48 description: |-
49 Google Cloud Storage bucket where logs should be written. Logs file
50 names will be of the format ${logsBucket}/log-${build_id}.txt.
51 gvk:
52 group: storage.cnrm.cloud.google.com
53 version: v1beta1
54 kind: StorageBucket
55 targetField: url
56 - tfField: build.secret.kms_key_name
57 key: kmsKeyRef
58 description: |-
59 KMS crypto key to use to decrypt these envs.
60 gvk:
61 group: kms.cnrm.cloud.google.com
62 version: v1beta1
63 kind: KMSCryptoKey
64 targetField: self_link
65 - tfField: build.source.storage_source.bucket
66 key: bucketRef
67 description: |-
68 Google Cloud Storage bucket containing the source.
69 gvk:
70 group: storage.cnrm.cloud.google.com
71 version: v1beta1
72 kind: StorageBucket
73 - tfField: build.source.repo_source.repo_name
74 key: repoRef
75 description: |-
76 The desired Cloud Source Repository. If omitted, "default" is
77 assumed.
78 gvk:
79 group: sourcerepo.cnrm.cloud.google.com
80 version: v1beta1
81 kind: SourceRepoRepository
82 - tfField: pubsub_config.topic
83 key: topicRef
84 description: |-
85 The name of the topic from which this subscription
86 is receiving messages.
87 gvk:
88 group: pubsub.cnrm.cloud.google.com
89 version: v1beta1
90 kind: PubSubTopic
91 valueTemplate: "projects/{{project}}/topics/{{value}}"
92 - tfField: pubsub_config.service_account_email
93 key: serviceAccountRef
94 description: Service account that will make the push request.
95 gvk:
96 kind: IAMServiceAccount
97 version: v1beta1
98 group: iam.cnrm.cloud.google.com
99 targetField: email
100 - tfField: webhook_config.secret
101 description: The secret required
102 key: secretRef
103 gvk:
104 kind: SecretManagerSecret
105 version: v1beta1
106 group: secretmanager.cnrm.cloud.google.com
107 targetField: name
108 - tfField: service_account
109 key: serviceAccountRef
110 description: |-
111 The service account used for all user-controlled operations including
112 triggers.patch, triggers.run, builds.create, and builds.cancel.
113
114 If no service account is set, then the standard Cloud Build service account
115 ([PROJECT_NUM]@system.gserviceaccount.com) will be used instead.
116
117 When populating via the external field, the following format is supported:
118 projects/{PROJECT_ID}/serviceAccounts/{SERVICE_ACCOUNT_EMAIL}
119 gvk:
120 kind: IAMServiceAccount
121 version: v1beta1
122 group: iam.cnrm.cloud.google.com
123 targetField: email
124 valueTemplate: "projects/{{project}}/serviceAccounts/{{value}}"
125 - tfField: build.available_secrets.secret_manager.version_name
126 key: versionRef
127 gvk:
128 kind: SecretManagerSecretVersion
129 version: v1beta1
130 group: secretmanager.cnrm.cloud.google.com
131 targetField: name
132 - tfField: git_file_source.github_enterprise_config
133 key: githubEnterpriseConfigRef
134 description: |-
135 Only `external` field is supported to configure the reference.
136
137 The full resource name of the github enterprise config. Format:
138 projects/{project}/locations/{location}/githubEnterpriseConfigs/{id}.
139 gvk:
140 kind: CloudBuildGithubEnterpriseConfig
141 version: v1beta1
142 group: cloudbuild.cnrm.cloud.google.com
143 targetField: name
144 - tfField: source_to_build.github_enterprise_config
145 key: githubEnterpriseConfigRef
146 description: |-
147 Only `external` field is supported to configure the reference.
148
149 The full resource name of the github enterprise config. Format:
150 projects/{project}/locations/{location}/githubEnterpriseConfigs/{id}.
151 gvk:
152 kind: CloudBuildGithubEnterpriseConfig
153 version: v1beta1
154 group: cloudbuild.cnrm.cloud.google.com
155 targetField: name
156 - tfField: bitbucket_server_trigger_config.bitbucket_server_config_resource
157 key: bitbucketServerConfigResourceRef
158 description: |-
159 Only `external` field is supported to configure the reference.
160
161 The full resource name of the bitbucket server config. Format:
162 projects/{project}/locations/{location}/bitbucketServerConfigs/{id}.
163 gvk:
164 kind: CloudBuildBitbucketServerConfig
165 version: v1beta1
166 group: cloudbuild.cnrm.cloud.google.com
167 targetField: name
168 - tfField: github.enterprise_config_resource_name
169 key: enterpriseConfigResourceNameRef
170 description: |-
171 Only `external` field is supported to configure the reference.
172
173 The full resource name of the github enterprise config. Format:
174 projects/{project}/locations/{location}/githubEnterpriseConfigs/{id}.
175 gvk:
176 kind: CloudBuildGithubEnterpriseConfig
177 version: v1beta1
178 group: cloudbuild.cnrm.cloud.google.com
179 targetField: name
180 - tfField: source_to_build.repository
181 key: repositoryRef
182 description: |-
183 Only `external` field is supported to configure the reference.
184
185 The qualified resource name of the Repo API repository.
186 Either uri or repository can be specified and is required.
187 gvk:
188 kind: CloudBuildV2Repository
189 version: v1beta1
190 group: cloudbuild.cnrm.cloud.google.com
191 targetField: name
192 - tfField: git_file_source.repository
193 key: repositoryRef
194 description: |-
195 Only `external` field is supported to configure the reference.
196
197 The fully qualified resource name of the Repo API repository. The fully qualified resource name of the Repo API repository.
198 If unspecified, the repo from which the trigger invocation originated is assumed to be the repo from which to read the specified path.
199 gvk:
200 kind: CloudBuildV2Repository
201 version: v1beta1
202 group: cloudbuild.cnrm.cloud.google.com
203 targetField: name
204 ignoredFields:
205 - trigger_template.project_id
View as plain text