This repo contains the most basic provisioning of IBM Cloud resources to standup a Code Engine service instance (called a "project") and build a custom image from a Code Engine (ce) Build Configuration. This can absolutely be done using DevOps pipelines, but for showcasing basic ce functionality, the image build pipeline has been omitted. Pipelines should absolutely be used for enterprise-grade image builds.
There are a few IBM Cloud resources that have to exist prior to running this Terraform. Issuing a terraform destroy will NOT tear down the resources listed below.
Example: name-rg An existing Resource Group where all provisioned resources will belong.
Example: "devel" You can substitute or name an existing Namespace, but one has to exist prior to running this Terraform. This is where your build-image (output) will be pushed.
Example: "icr-devel-image-push-service-id" An IAM Service ID should be created with an API Key (be sure to save the API Key password in a secret/password manager). The Terraform will place this Service ID (and it's associated API Key) in an IAM Access Group with the proper policies.
Custom variable values should be specified in a terraform.tfvars file
| Name | Description |
|---|---|
ibmcloud_api_key |
API key value to run this Terraform. API Key must have permission to create Code Engine projects and create IAM Access Groups with Access Policies |
icr_push_api_key |
API key value used by Code Engine to execute builds and push images to IBM Container Registry |
icr_repo |
IBM Container Registry (ICR) namespace |
build-image |
name of the image to be saved in ICR |
build_source_repo_url |
URL of the GitHub repo where your build source lives (i.e. DockerFile) |
source_context_dir |
directory in build_source_repo_url where build source is located |
terraform init
terraform plan
terraform apply
terraform destroy