diff --git a/gemini/sample-apps/conversational-genai-app-template/deployment/README.md b/gemini/sample-apps/conversational-genai-app-template/deployment/README.md index 30e86f53f7d..efdad5f2f21 100644 --- a/gemini/sample-apps/conversational-genai-app-template/deployment/README.md +++ b/gemini/sample-apps/conversational-genai-app-template/deployment/README.md @@ -53,6 +53,7 @@ The application leverages [**Terraform**](http://terraform.io) to define and pro ![Alt text](../images/connection_cb.gif) 3. **Configure Terraform Variables** + - Edit [`deployment/terraform/vars/env.tfvars`](../terraform/vars/env.tfvars) with your Google Cloud settings. | Variable | Description | Required | @@ -67,6 +68,7 @@ The application leverages [**Terraform**](http://terraform.io) to define and pro Other optional variables include: telemetry and feedback BigQuery dataset IDs, log filters, sink names, service account names, bucket name suffixes, artifact registry repository name, and various role assignments for Cloud Run and CICD. 4. **Deploy Infrastructure with Terraform** + - Open a terminal and navigate to the Terraform directory: ```bash diff --git a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/apis.tf b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/apis.tf index 43bdb00e0d9..20cbd4e6bdc 100644 --- a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/apis.tf +++ b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/apis.tf @@ -7,7 +7,7 @@ locals { "bigquery.googleapis.com", "cloudresourcemanager.googleapis.com", ] - + shared_services = [ "aiplatform.googleapis.com", "run.googleapis.com", @@ -18,7 +18,7 @@ locals { "serviceusage.googleapis.com", "logging.googleapis.com" ] - + projects = { prod = var.prod_project_id staging = var.staging_project_id @@ -27,15 +27,15 @@ locals { } resource "google_project_service" "cicd_services" { - count = length(local.cicd_services) - project = var.cicd_runner_project_id - service = local.cicd_services[count.index] + count = length(local.cicd_services) + project = var.cicd_runner_project_id + service = local.cicd_services[count.index] disable_on_destroy = false } resource "google_project_service" "shared_services" { for_each = { - for pair in setproduct(keys(local.projects), local.shared_services) : + for pair in setproduct(keys(local.projects), local.shared_services) : "${pair[0]}_${replace(pair[1], ".", "_")}" => { project = local.projects[pair[0]] service = pair[1] diff --git a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/artifact_registry.tf b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/artifact_registry.tf index 028aa4f05b3..239b65e0213 100644 --- a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/artifact_registry.tf +++ b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/artifact_registry.tf @@ -3,6 +3,6 @@ resource "google_artifact_registry_repository" "my-repo" { repository_id = var.artifact_registry_repo_name description = "Repo for Generative AI applications" format = "DOCKER" - project = var.cicd_runner_project_id - depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] + project = var.cicd_runner_project_id + depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] } \ No newline at end of file diff --git a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/build_triggers.tf b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/build_triggers.tf index 7f5d004153c..a0fc872c679 100644 --- a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/build_triggers.tf +++ b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/build_triggers.tf @@ -1,13 +1,13 @@ # a. Create PR checks trigger resource "google_cloudbuild_trigger" "pr_checks" { - name = "pr-checks" - project = var.cicd_runner_project_id - location = var.region - description = "Trigger for PR checks" + name = "pr-checks" + project = var.cicd_runner_project_id + location = var.region + description = "Trigger for PR checks" service_account = resource.google_service_account.cicd_runner_sa.id repository_event_config { - repository = "projects/${var.cicd_runner_project_id}/locations/${var.region}/connections/${var.host_connection_name}/repositories/${var.repository_name}" + repository = "projects/${var.cicd_runner_project_id}/locations/${var.region}/connections/${var.host_connection_name}/repositories/${var.repository_name}" pull_request { branch = "main" } @@ -21,20 +21,20 @@ resource "google_cloudbuild_trigger" "pr_checks" { "poetry.lock" ] - include_build_logs = "INCLUDE_BUILD_LOGS_WITH_STATUS" - depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] + include_build_logs = "INCLUDE_BUILD_LOGS_WITH_STATUS" + depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] } # b. Create CD pipeline trigger resource "google_cloudbuild_trigger" "cd_pipeline" { - name = "cd-pipeline" - project = var.cicd_runner_project_id - location = var.region + name = "cd-pipeline" + project = var.cicd_runner_project_id + location = var.region service_account = resource.google_service_account.cicd_runner_sa.id - description = "Trigger for CD pipeline" + description = "Trigger for CD pipeline" repository_event_config { - repository = "projects/${var.cicd_runner_project_id}/locations/${var.region}/connections/${var.host_connection_name}/repositories/${var.repository_name}" + repository = "projects/${var.cicd_runner_project_id}/locations/${var.region}/connections/${var.host_connection_name}/repositories/${var.repository_name}" push { branch = "main" } @@ -48,33 +48,33 @@ resource "google_cloudbuild_trigger" "cd_pipeline" { "poetry.lock" ] substitutions = { - _STAGING_PROJECT_ID = var.staging_project_id - _PROD_PROJECT_ID = var.prod_project_id + _STAGING_PROJECT_ID = var.staging_project_id + _PROD_PROJECT_ID = var.prod_project_id _BUCKET_NAME_LOAD_TEST_RESULTS = resource.google_storage_bucket.bucket_load_test_results.name - _ARTIFACT_REGISTRY_REPO_NAME = var.artifact_registry_repo_name - _CLOUD_RUN_APP_SA_NAME = var.cloud_run_app_sa_name + _ARTIFACT_REGISTRY_REPO_NAME = var.artifact_registry_repo_name + _CLOUD_RUN_APP_SA_NAME = var.cloud_run_app_sa_name } - include_build_logs = "INCLUDE_BUILD_LOGS_WITH_STATUS" - depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] + include_build_logs = "INCLUDE_BUILD_LOGS_WITH_STATUS" + depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] } # c. Create Deploy to production trigger resource "google_cloudbuild_trigger" "deploy_to_prod_pipeline" { - name = "deploy-to-prod-pipeline" - project = var.cicd_runner_project_id - location = var.region - description = "Trigger for deployment to production" + name = "deploy-to-prod-pipeline" + project = var.cicd_runner_project_id + location = var.region + description = "Trigger for deployment to production" service_account = resource.google_service_account.cicd_runner_sa.id repository_event_config { - repository = "projects/${var.cicd_runner_project_id}/locations/${var.region}/connections/${var.host_connection_name}/repositories/${var.repository_name}" + repository = "projects/${var.cicd_runner_project_id}/locations/${var.region}/connections/${var.host_connection_name}/repositories/${var.repository_name}" } - filename = "deployment/cd/deploy-to-prod.yaml" - include_build_logs = "INCLUDE_BUILD_LOGS_WITH_STATUS" + filename = "deployment/cd/deploy-to-prod.yaml" + include_build_logs = "INCLUDE_BUILD_LOGS_WITH_STATUS" approval_config { approval_required = true } - depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] + depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] } diff --git a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/dev/iam.tf b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/dev/iam.tf index 9b17722d1cd..a4986533282 100644 --- a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/dev/iam.tf +++ b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/dev/iam.tf @@ -1,13 +1,13 @@ locals { project_ids = { - dev = var.dev_project_id + dev = var.dev_project_id } } # 4. Grant Cloud Run SA the required permissions to run the application resource "google_project_iam_member" "cloud_run_app_sa_roles" { for_each = { - for pair in setproduct(keys(local.project_ids), var.cloud_run_app_roles) : + for pair in setproduct(keys(local.project_ids), var.cloud_run_app_roles) : join(",", pair) => { project = local.project_ids[pair[0]] role = pair[1] @@ -17,4 +17,4 @@ resource "google_project_iam_member" "cloud_run_app_sa_roles" { project = each.value.project role = each.value.role member = "serviceAccount:${google_service_account.cloud_run_app_sa.email}" - } +} diff --git a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/dev/log_sinks.tf b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/dev/log_sinks.tf index abe3bb9fc34..80fa73e42da 100644 --- a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/dev/log_sinks.tf +++ b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/dev/log_sinks.tf @@ -11,18 +11,18 @@ module "log_export_to_bigquery" { source = "terraform-google-modules/log-export/google" version = "8.1.0" - log_sink_name = var.telemetry_sink_name - parent_resource_type = "project" - parent_resource_id = var.dev_project_id - destination_uri = "bigquery.googleapis.com/projects/${var.dev_project_id}/datasets/${var.telemetry_bigquery_dataset_id}" - filter = var.telemetry_logs_filter - bigquery_options = { use_partitioned_tables = true } + log_sink_name = var.telemetry_sink_name + parent_resource_type = "project" + parent_resource_id = var.dev_project_id + destination_uri = "bigquery.googleapis.com/projects/${var.dev_project_id}/datasets/${var.telemetry_bigquery_dataset_id}" + filter = var.telemetry_logs_filter + bigquery_options = { use_partitioned_tables = true } unique_writer_identity = true } resource "google_bigquery_dataset" "feedback_dataset" { - project = var.dev_project_id + project = var.dev_project_id dataset_id = var.feedback_bigquery_dataset_id friendly_name = var.feedback_bigquery_dataset_id location = var.region @@ -30,19 +30,19 @@ resource "google_bigquery_dataset" "feedback_dataset" { } module "feedback_export_to_bigquery" { - source = "terraform-google-modules/log-export/google" - version = "8.1.0" - log_sink_name = var.feedback_sink_name - parent_resource_type = "project" - parent_resource_id = var.dev_project_id - destination_uri = "bigquery.googleapis.com/projects/${var.dev_project_id}/datasets/${var.feedback_bigquery_dataset_id}" - filter = var.feedback_logs_filter - bigquery_options = { use_partitioned_tables = true } + source = "terraform-google-modules/log-export/google" + version = "8.1.0" + log_sink_name = var.feedback_sink_name + parent_resource_type = "project" + parent_resource_id = var.dev_project_id + destination_uri = "bigquery.googleapis.com/projects/${var.dev_project_id}/datasets/${var.feedback_bigquery_dataset_id}" + filter = var.feedback_logs_filter + bigquery_options = { use_partitioned_tables = true } unique_writer_identity = true } resource "google_bigquery_dataset" "telemetry_logs_dataset" { - project = var.dev_project_id + project = var.dev_project_id dataset_id = var.telemetry_bigquery_dataset_id friendly_name = var.telemetry_bigquery_dataset_id location = var.region diff --git a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/dev/storage.tf b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/dev/storage.tf index 5aa56e17dc8..520ccd355f5 100644 --- a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/dev/storage.tf +++ b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/dev/storage.tf @@ -1,3 +1,12 @@ +terraform { + required_providers { + google = { + source = "hashicorp/google" + version = "~> 6.3.0" + } + } +} + resource "google_storage_bucket" "logs_data_bucket" { name = "${var.dev_project_id}-logs-data" location = var.region @@ -13,6 +22,7 @@ resource "google_storage_bucket" "logs_data_bucket" { count = length(data.google_storage_bucket.existing_bucket) > 0 ? 0 : 1 } + data "google_storage_bucket" "existing_bucket" { name = "${var.dev_project_id}-logs-data" } diff --git a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/dev/variables.tf b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/dev/variables.tf index 60bbc35c081..eddb5d9f607 100644 --- a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/dev/variables.tf +++ b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/dev/variables.tf @@ -54,7 +54,7 @@ variable "cloud_run_app_sa_name" { variable "cloud_run_app_roles" { description = "List of roles to assign to the Cloud Run app service account" type = list(string) - default = [ + default = [ "roles/aiplatform.user", "roles/discoveryengine.editor", "roles/logging.logWriter", diff --git a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/iam.tf b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/iam.tf index b94c1f6017d..ddd3587294f 100644 --- a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/iam.tf +++ b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/iam.tf @@ -7,7 +7,7 @@ locals { # Data source to get project numbers data "google_project" "projects" { - for_each = local.project_ids + for_each = local.project_ids project_id = each.value } @@ -15,9 +15,9 @@ data "google_project" "projects" { resource "google_project_iam_member" "cicd_project_roles" { for_each = toset(var.cicd_roles) - project = var.cicd_runner_project_id - role = each.value - member = "serviceAccount:${resource.google_service_account.cicd_runner_sa.email}" + project = var.cicd_runner_project_id + role = each.value + member = "serviceAccount:${resource.google_service_account.cicd_runner_sa.email}" depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] } @@ -25,26 +25,26 @@ resource "google_project_iam_member" "cicd_project_roles" { # 2. Assign roles for the other two projects (prod and staging) resource "google_project_iam_member" "other_projects_roles" { for_each = { - for pair in setproduct(keys(local.project_ids), var.cicd_sa_deployment_required_roles) : + for pair in setproduct(keys(local.project_ids), var.cicd_sa_deployment_required_roles) : "${pair[0]}-${pair[1]}" => { project_id = local.project_ids[pair[0]] role = pair[1] } } - project = each.value.project_id - role = each.value.role - member = "serviceAccount:${resource.google_service_account.cicd_runner_sa.email}" - depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] + project = each.value.project_id + role = each.value.role + member = "serviceAccount:${resource.google_service_account.cicd_runner_sa.email}" + depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] } # 3. Allow Cloud Run service SA to pull containers stored in the CICD project resource "google_project_iam_member" "cicd_run_invoker_artifact_registry_reader" { for_each = local.project_ids - project = var.cicd_runner_project_id + project = var.cicd_runner_project_id - role = "roles/artifactregistry.reader" - member = "serviceAccount:service-${data.google_project.projects[each.key].number}@serverless-robot-prod.iam.gserviceaccount.com" + role = "roles/artifactregistry.reader" + member = "serviceAccount:service-${data.google_project.projects[each.key].number}@serverless-robot-prod.iam.gserviceaccount.com" depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] } @@ -52,16 +52,16 @@ resource "google_project_iam_member" "cicd_run_invoker_artifact_registry_reader" # 4. Grant Cloud Run SA the required permissions to run the application resource "google_project_iam_member" "cloud_run_app_sa_roles" { for_each = { - for pair in setproduct(keys(local.project_ids), var.cloud_run_app_roles) : + for pair in setproduct(keys(local.project_ids), var.cloud_run_app_roles) : join(",", pair) => { project = local.project_ids[pair[0]] role = pair[1] } } - project = each.value.project - role = each.value.role - member = "serviceAccount:${google_service_account.cloud_run_app_sa[split(",", each.key)[0]].email}" + project = each.value.project + role = each.value.role + member = "serviceAccount:${google_service_account.cloud_run_app_sa[split(",", each.key)[0]].email}" depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] } @@ -70,12 +70,12 @@ resource "google_service_account_iam_member" "cicd_run_invoker_token_creator" { service_account_id = google_service_account.cicd_runner_sa.name role = "roles/iam.serviceAccountTokenCreator" member = "serviceAccount:${resource.google_service_account.cicd_runner_sa.email}" - depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] + depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] } # Special assignment: Allow the CICD SA to impersonate himself for trigger creation resource "google_service_account_iam_member" "cicd_run_invoker_account_user" { service_account_id = google_service_account.cicd_runner_sa.name role = "roles/iam.serviceAccountUser" member = "serviceAccount:${resource.google_service_account.cicd_runner_sa.email}" - depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] -} \ No newline at end of file + depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] +} diff --git a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/log_sinks.tf b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/log_sinks.tf index 8a512d7f05b..676d68215cb 100644 --- a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/log_sinks.tf +++ b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/log_sinks.tf @@ -12,46 +12,46 @@ module "log_export_to_bigquery" { source = "terraform-google-modules/log-export/google" version = "8.1.0" - log_sink_name = var.telemetry_sink_name - parent_resource_type = "project" - parent_resource_id = each.value - destination_uri = "bigquery.googleapis.com/projects/${each.value}/datasets/${var.telemetry_bigquery_dataset_id}" - filter = var.telemetry_logs_filter - bigquery_options = { use_partitioned_tables = true } + log_sink_name = var.telemetry_sink_name + parent_resource_type = "project" + parent_resource_id = each.value + destination_uri = "bigquery.googleapis.com/projects/${each.value}/datasets/${var.telemetry_bigquery_dataset_id}" + filter = var.telemetry_logs_filter + bigquery_options = { use_partitioned_tables = true } unique_writer_identity = true - depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] + depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] } resource "google_bigquery_dataset" "feedback_dataset" { - for_each = local.project_ids - project = each.value + for_each = local.project_ids + project = each.value dataset_id = var.feedback_bigquery_dataset_id friendly_name = var.feedback_bigquery_dataset_id location = var.region - depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] + depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] } module "feedback_export_to_bigquery" { for_each = local.project_ids - source = "terraform-google-modules/log-export/google" - version = "8.1.0" - log_sink_name = var.feedback_sink_name - parent_resource_type = "project" - parent_resource_id = each.value - destination_uri = "bigquery.googleapis.com/projects/${each.value}/datasets/${var.feedback_bigquery_dataset_id}" - filter = var.feedback_logs_filter - bigquery_options = { use_partitioned_tables = true } + source = "terraform-google-modules/log-export/google" + version = "8.1.0" + log_sink_name = var.feedback_sink_name + parent_resource_type = "project" + parent_resource_id = each.value + destination_uri = "bigquery.googleapis.com/projects/${each.value}/datasets/${var.feedback_bigquery_dataset_id}" + filter = var.feedback_logs_filter + bigquery_options = { use_partitioned_tables = true } unique_writer_identity = true - depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services, google_bigquery_dataset.feedback_dataset] + depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services, google_bigquery_dataset.feedback_dataset] } resource "google_bigquery_dataset" "telemetry_logs_dataset" { - depends_on = [ module.log_export_to_bigquery, module.feedback_export_to_bigquery, resource.google_project_service.shared_services ] - for_each = local.project_ids - project = each.value + depends_on = [module.log_export_to_bigquery, module.feedback_export_to_bigquery, resource.google_project_service.shared_services] + for_each = local.project_ids + project = each.value dataset_id = var.telemetry_bigquery_dataset_id friendly_name = var.telemetry_bigquery_dataset_id location = var.region diff --git a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/service_accounts.tf b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/service_accounts.tf index b8eec7d7474..d158071bab8 100644 --- a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/service_accounts.tf +++ b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/service_accounts.tf @@ -2,7 +2,7 @@ resource "google_service_account" "cicd_runner_sa" { account_id = var.cicd_runner_sa_name display_name = "CICD Runner SA" project = var.cicd_runner_project_id - depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] + depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] } resource "google_service_account" "cloud_run_app_sa" { @@ -11,5 +11,5 @@ resource "google_service_account" "cloud_run_app_sa" { account_id = var.cloud_run_app_sa_name display_name = "Cloud Run Generative AI app SA" project = each.value - depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] + depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] } diff --git a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/storage.tf b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/storage.tf index 63cbbb541ab..a1ebb0b8cf9 100644 --- a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/storage.tf +++ b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/storage.tf @@ -7,21 +7,21 @@ locals { } resource "google_storage_bucket" "bucket_load_test_results" { - name = "${var.cicd_runner_project_id}-${var.suffix_bucket_name_load_test_results}" - location = var.region - project = var.cicd_runner_project_id + name = "${var.cicd_runner_project_id}-${var.suffix_bucket_name_load_test_results}" + location = var.region + project = var.cicd_runner_project_id uniform_bucket_level_access = true - force_destroy = true - depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] + force_destroy = true + depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] } resource "google_storage_bucket" "logs_data_bucket" { - for_each = toset(local.all_projects) - name = "${each.value}-logs-data" - location = var.region - project = each.value + for_each = toset(local.all_projects) + name = "${each.value}-logs-data" + location = var.region + project = each.value uniform_bucket_level_access = true - force_destroy = true + force_destroy = true - depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] + depends_on = [resource.google_project_service.cicd_services, resource.google_project_service.shared_services] } diff --git a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/variables.tf b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/variables.tf index ca0f8bdc7dd..b9bbe0703bb 100644 --- a/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/variables.tf +++ b/gemini/sample-apps/conversational-genai-app-template/deployment/terraform/variables.tf @@ -122,4 +122,4 @@ variable "cicd_sa_deployment_required_roles" { description = "List of roles to assign to the CICD runner service account for the Staging and Prod projects." type = list(string) default = ["roles/run.developer", "roles/iam.serviceAccountUser"] -} \ No newline at end of file +}