{"id":48473,"date":"2023-06-14T11:21:30","date_gmt":"2023-11-04T18:01:07","guid":{"rendered":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%b0%9d%e8%af%95%e4%bd%bf%e7%94%a8github-actions%e5%92%8cterraform%e5%ae%9e%e7%8e%b0%e5%af%b9gcp%e7%9a%84iac%e3%80%82\/"},"modified":"2024-04-30T08:49:57","modified_gmt":"2024-04-30T00:49:57","slug":"%e5%b0%9d%e8%af%95%e4%bd%bf%e7%94%a8github-actions%e5%92%8cterraform%e5%ae%9e%e7%8e%b0%e5%af%b9gcp%e7%9a%84iac%e3%80%82","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%b0%9d%e8%af%95%e4%bd%bf%e7%94%a8github-actions%e5%92%8cterraform%e5%ae%9e%e7%8e%b0%e5%af%b9gcp%e7%9a%84iac%e3%80%82\/","title":{"rendered":"\u5c1d\u8bd5\u4f7f\u7528Github Actions\u548cTerraform\u5b9e\u73b0\u5bf9GCP\u7684IaC"},"content":{"rendered":"<h1>\u8fd9\u7bc7\u6587\u7ae0\u662f\u5173\u4e8e\u4ec0\u4e48\u7684\uff1f<\/h1>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u3053\u306e\u8a18\u4e8b\u306f\u300cGoogle Cloud Platform Advent Calendar 2020\u300d5\u65e5\u76ee\u306e\u8a18\u4e8b\u3067\u3059\u3002<\/ul>\n<\/li>\n<\/ul>\n<p>Terraform\u521d\u5fc3\u8005\u304cGithuActions\u3068Terraform\u3092\u5229\u7528\u3057\u3066\u3001GCE\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u306e\u4f5c\u6210\u3092\u76ee\u6307\u3057\u307e\u3059\u3002<\/p>\n<p>\u8d85\u9577\u6587\u3067\u3054\u3081\u3093\u306a\u3055\u3044\u3002<br \/>\nGCP\u3082Terraform\u3082\u77e5\u3063\u3066\u308b\u3088\uff01\uff01\u3063\u3066\u65b9\u306f\u3001Github Actions\u306e\u8a2d\u5b9a\u4ee5\u964d\u304b\u3089\u8aad\u3093\u3067\u3044\u305f\u3060\u3051\u308c\u3070\u3068\u601d\u3044\u307e\u3059\u3002<br \/>\nGithubActions\u306e\u30b5\u30f3\u30d7\u30eb\u30b3\u30fc\u30c9<\/p>\n<p>https:\/\/github.com\/koitatu\/github-actions-sample-template-for-gcp-terraform<\/p>\n<h1>\u89e6\u53d1<\/h1>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u4f1a\u793e\u3067CircleCI\u3068Terraform\u3092\u5229\u7528\u3057\u3066AWS\/GCP\u306e\u69cb\u7bc9\u3001\u7ba1\u7406\u3092\u3057\u3066\u3044\u307e\u3059\u3002<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u500b\u4eba\u74b0\u5883\u3067\u4f7f\u3046\u306a\u3089\u3001CircleCI\u90e8\u5206\u3092Github Actions\u3078\u7f6e\u304d\u63db\u3048\u3066\u3057\u307e\u304a\u3046\u3002<\/ul>\n<\/li>\n<\/ul>\n<p>CircleCI\u3082\u7121\u6599\u67a0\u3042\u308b\u3051\u308c\u3069\u3001Github\u3060\u3051\u3067\u5b8c\u7d50\u3067\u304d\u308b\u3057\u3002<\/p>\n<h1>\u8bbe\u5b9a\u76ee\u6807 (She ding mu biao)<\/h1>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d85e5913a08637a6ba809\/5-0.png\" alt=\"gcp.png\" \/><\/div>\n<h1>\u7a81\u7136\u603b\u7ed3<\/h1>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">GitHubActions\u306e\u8a2d\u5b9a\u81ea\u4f53\u306f\u601d\u3063\u3066\u3044\u305f\u3088\u308a\u7c21\u5358\u3067\u3057\u305f\u3002<\/ul>\n<\/li>\n<\/ul>\n<p>Terraform\u306e\u5b9f\u884c\u7528\u306b\u3001GOOGLE_CREDENTIALS\u3068\u3044\u3046Secret\uff53\u306e\u540d\u79f0\u3092\u6307\u5b9a\u3059\u308b\u5fc5\u8981\u304c\u3042\u308b\u3001\u3063\u3066\u3044\u3046\u3042\u305f\u308a\u304c\u4e00\u756a\u30cf\u30de\u308a\u307e\u3057\u305f\u3002<\/p>\n<p>GitHubActions\u306e\u767a\u706b\u2192\u5b9f\u884c\u307e\u3067(Queue\u306e\u6642\u9593)\u304c\u610f\u5916\u3068\u9577\u3044\uff1f<\/p>\n<p>\u7121\u6599\u67a0\u3060\u304b\u3089\uff1f<br \/>\nPush\u5f8c\u3001\u4e00\u670d\u3057\u3066\u3082\u826f\u3055\u3052\u3002<\/p>\n<p>Terraform\u30d5\u30a1\u30a4\u30eb\u306e\u7de8\u96c6\u3068GitHub\u3078\u306e\u30d7\u30c3\u30b7\u30e5\u3001\u30de\u30fc\u30b8\u3060\u3051\u3067GCP\u30ea\u30bd\u30fc\u30b9\u4f5c\u6210\u304c\u3067\u304d\u308b\u306e\u306f\u3084\u3063\u3071\u308a\u697d\u3067\u3059\u306d\uff01<\/p>\n<p>Slack\u901a\u77e5\u3057\u3066\u3044\u308c\u3070\u3001\u30c1\u30fc\u30e0\u30e1\u30f3\u30d0\u30fc\u3078\u306e\u5171\u6709\u3084\u30ec\u30d3\u30e5\u30fc\u3082\u697d\u3067\u3059\u3002<\/p>\n<p>GitHub\u3060\u3051\u3067\u5b8c\u7d50\u3067\u304d\u308b\u306e\u306f\u3001\u6709\u308a\u96e3\u3044\u9650\u308a\u3067\u3059\u3002<\/p>\n<h1>\u786e\u8ba4\u52a8\u4f5c\u73af\u5883<\/h1>\n<ul class=\"post-ul\">macOS Catalina 10.15.7\uff0819H2\uff09<\/ul>\n<h1>\u9700\u8981\u505a\u7684\u4e8b\u60c5\/\u6240\u9700\u4e4b\u7269<\/h1>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">GitHub\u30a2\u30ab\u30a6\u30f3\u30c8<\/ul>\n<\/li>\n<\/ul>\n<p>\u500b\u4eba\u958b\u767a\/\u691c\u8a3c\u306a\u3089Free\u3067\u5341\u5206\u304b\u3068\u601d\u3044\u307e\u3059\u3002<\/p>\n<p>GCP\u30a2\u30ab\u30a6\u30f3\u30c8\u958b\u8a2d<\/p>\n<p>Billing\u8a2d\u5b9a\u3068\u304b\u6e08\u3093\u3067\u3044\u3066\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u30aa\u30fc\u30ca\u6a29\u9650\u306b\u8fd1\u3057\u3044\u6a29\u9650\u304c\u3042\u308b\u3053\u3068\u3002(\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u7de8\u96c6\u8005\u3067\u3082\u3044\u3051\u305d\u3046\u3002)<\/p>\n<p>Google Cloud SDK<\/p>\n<p>\u52d5\u4f5c\u78ba\u8a8d\u7528\u306b\u3002<\/p>\n<p>GCS\u306e\u6a29\u9650\u8db3\u308a\u306a\u3044\u2026\uff1f\u3068\u304b\u8af8\u3005\u306e\u78ba\u8a8d\u306b\u4f7f\u7528\u3057\u307e\u3059\u3002<\/p>\n<p>\u672c\u8a18\u4e8b\u3067\u306f\u3001API\u306e\u6709\u52b9\u5316\u3068\u3001\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u4f5c\u6210\u306b\u3082\u5229\u7528\u3057\u307e\u3059\u3002<\/p>\n<p>\u5fc5\u8981\u306aGCP\u30b5\u30fc\u30d3\u30b9\u306eAPI\u306e\u6709\u52b9\u5316<br \/>\nGCP\u306e\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u4f5c\u6210\u3068\u30ad\u30fc\u30d5\u30a1\u30a4\u30eb\u306e\u751f\u6210<br \/>\nterraform(tfenv)\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/p>\n<p>\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3068\u52d5\u4f5c\u78ba\u8a8d<\/p>\n<p>\u5f8c\u3067terraform.tfstate\u3092\u7f6e\u304f\u305f\u3081\u306e\u30d0\u30b1\u30c3\u30c8\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/p>\n<p>\u6700\u7d42\u7684\u306b\u306fGithub Actions\u7d4c\u7531\u3067terraform\u3092\u5b9f\u884c\u3057\u307e\u3059\u304c\u3001\u4e0d\u5177\u5408\u5207\u308a\u5206\u3051\u7b49\u3067\u4e00\u65e6\u30ed\u30fc\u30ab\u30eb\u3067\u52d5\u304b\u3059\u3053\u3068\u3082\u3042\u308b\u3068\u601d\u3046\u306e\u3067\u3001\u5165\u308c\u3066\u304a\u3044\u3066\u640d\u306f\u3042\u308a\u307e\u305b\u3093\u3002<\/p>\n<p>terraform\u306e\u30b3\u30f3\u30c6\u30ca\u306e\u30d0\u30fc\u30b8\u30e7\u30f3\u4e0a\u304c\u3063\u305f\u5834\u5408\u3068\u304b\u3002<\/p>\n<p>\u3068\u3044\u3046\u304b\u3088\u304f\u4e0a\u304c\u308a\u307e\u3059\u3002<\/p>\n<p>terraform.tfstate\u306e\u914d\u7f6e\/\u53c2\u7167\u5148\u3092\u30ed\u30fc\u30ab\u30eb\u304b\u3089\u3001GCS\u3078\u5909\u66f4\u3002<br \/>\nGitHubActions\u306e\u8a2d\u5b9a\u3002<br \/>\nGitHubActions\u7d4c\u7531\u3067\u306eterraform\u5b9f\u884c\u3002<\/p>\n<h1>\u4f5c\u4e1a\u8be6\u7ec6<\/h1>\n<h2>\u521b\u5efa Github \u8d26\u53f7<\/h2>\n<ul class=\"post-ul\">\u3053\u3053\u3067\u306f\u5272\u611b\u3057\u307e\u3059\u3002<\/ul>\n<h2>\u521b\u5efaGCP\u8d26\u6237<\/h2>\n<ul class=\"post-ul\">\u3053\u3053\u3067\u306f\u5272\u611b\u3057\u307e\u3059\u3002<\/ul>\n<h2>\u5b89\u88c5 Google Cloud SDK\u3002<\/h2>\n<h3>\u6b63\u9053<\/h3>\n<ul class=\"post-ul\">Google\u516c\u5f0f\u30ea\u30d5\u30a1\u30ec\u30f3\u30b9<\/ul>\n<h3>\u9002\u7528\u4e8e\u60f3\u81ea\u5236\u5564\u9152\u7684\u4eba<\/h3>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u3053\u3061\u3089\u306e\u65b9\u306e\u8a18\u4e8b\u304c\u308f\u304b\u308a\u6613\u3044\u3067\u3059\u3002<\/ul>\n<\/li>\n<\/ul>\n<p>Google Cloud SDK \u3092 Homebrew \u3067 macOS \u306b\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b<\/p>\n<h3>\u8c37\u6b4c\u4e91SDK\u8bbe\u7f6e<\/h3>\n<h4>\u516c\u5f0f\u6d41\u7a0b<\/h4>\n<ul class=\"post-ul\">Cloud SDK \u306e\u521d\u671f\u5316(\u516c\u5f0f)<\/ul>\n<h4>\u7b80\u6613\u6b65\u9aa4<\/h4>\n<ul class=\"post-ul\">1. GCP\u306bSDK(CLI)\u3067\u30ed\u30b0\u30a4\u30f3\u3057\u307e\u3059\u3002<\/ul>\n<pre class=\"post-pre\"><code>gcloud auth login\r\n<\/code><\/pre>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d85e5913a08637a6ba809\/28-0.png\" alt=\"image.png\" \/><\/div>\n<h2>\u6fc0\u6d3b\u6240\u9700\u7684GCP\u670d\u52a1API\u3002<\/h2>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u52d5\u4f5c\u78ba\u8a8d\u3064\u3044\u3067\u306b\u5fc5\u8981\u306a\u30b5\u30fc\u30d3\u30b9\u306eAPI\u3092\u6709\u52b9\u5316\u3057\u3066\u304a\u304d\u307e\u3057\u3087\u3046\u3002<\/ul>\n<\/li>\n<\/ul>\n<p>\u3053\u3053\u3067\u306fIAM\u3068\u3001GCS\u3068GCE\u306eAPI\u3092\u6709\u52b9\u5316\u3057\u3066\u3044\u307e\u3059\u3002<\/p>\n<pre class=\"post-pre\"><code>$ gcloud services enable iam.googleapis.com\r\n$ gcloud services enable storage-component.googleapis.com\r\n$ gcloud services enable compute.googleapis.com\r\n<\/code><\/pre>\n<h2>\u521b\u5efaGCP\u670d\u52a1\u5e10\u6237\u5e76\u751f\u6210\u5bc6\u94a5\u6587\u4ef6\u3002<\/h2>\n<p>\u516c\u5f0f\u624b\u9806<\/p>\n<p>\u30b5\u30fc\u30d3\u30b9 \u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u4f5c\u6210<\/p>\n<p>\u30b3\u30f3\u30bd\u30fc\u30eb\u304b\u3089\u4f5c\u6210\u3059\u308b\u5834\u5408\u306f\u4e0a\u8a18\u3092\u53c2\u7167\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<p>\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30f3\u30c8\u3068\u306f<\/p>\n<p>GCP \u306e IAM \u3092\u304a\u3055\u3089\u3044\u3057\u3088\u3046\u3088\u308a\u5f15\u7528\u3002<\/p>\n<p>\u4eba\u4ee5\u5916\u304c\u4f7f\u3046\u30a2\u30ab\u30a6\u30f3\u30c8\u3068\u3057\u3066\u3001\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30f3\u30c8\u304c\u3042\u308a\u307e\u3059\u3002\u3053\u3061\u3089\u306f\u4f8b\u3048\u3070 GCP \u306eAPI \u3092 VM instance \u306a\u3069\u304b\u3089\u5229\u7528\u3059\u308b\u5834\u5408\u306b\u5fc5\u8981\u306b\u306a\u3063\u3066\u304d\u307e\u3059\u3002<\/p>\n<p>\u3068\u3044\u3046\u308f\u3051\u3067\u3001\u30d7\u30ed\u30b0\u30e9\u30e0\u7b49\u304b\u3089API\u3092\u53e9\u304f\u5834\u5408\u306b\u5229\u7528\u3059\u308b\u5c02\u7528\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u3088\u3046\u3067\u3059\u306d\u3002\u5927\u5909\u5206\u304b\u308a\u3084\u3059\u3044\u8a18\u4e8b\u3067\u3057\u305f\uff01<\/p>\n<h3>\u4f7f\u7528CLI\u6267\u884c\u7684\u60c5\u51b5\u5982\u4e0b\u3002<\/h3>\n<p>\u306f\u3054\u81ea\u8eab\u3067\u5229\u7528\u3059\u308bGCP\u306ePROJECT_ID\u3078\u7f6e\u304d\u63db\u3048\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<pre class=\"post-pre\"><code># \u30b5\u30fc\u30d3\u30b9 \u30a2\u30ab\u30a6\u30f3\u30c8\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002\u3053\u3053\u3067\u306f\u3001`terraform-serviceaccount`\u3068\u3044\u3046\u540d\u79f0\u3067\u4f5c\u6210\u3057\u3066\u3044\u307e\u3059\u3002\r\n$ gcloud iam service-accounts create terraform-serviceaccount --display-name \"for terraform\"\r\n\r\n# \u30b5\u30fc\u30d3\u30b9 \u30a2\u30ab\u30a6\u30f3\u30c8\u306b\u6a29\u9650\u3092\u4ed8\u4e0e\u3057\u307e\u3059\u3002\r\n$ gcloud projects add-iam-policy-binding &lt;PROJECT_ID&gt; --member serviceAccount:terraform-serviceaccount@&lt;PROJECT_ID&gt;.iam.gserviceaccount.com --role roles\/editor\r\n\r\n# \u30ad\u30fc\u30d5\u30a1\u30a4\u30eb\u306e\u751f\u6210\u3092\u884c\u3044\u307e\u3059\u3002FILE_NAME \u306f\u30ad\u30fc\u30d5\u30a1\u30a4\u30eb\u306e\u540d\u524d\u306b\u7f6e\u304d\u63db\u3048\u3066\u304f\u3060\u3055\u3044\u3002\r\n## \u3053\u3053\u3067\u306f\u3001\u30e6\u30fc\u30b6\u30db\u30fc\u30e0\u76f4\u4e0b\u306bgcp_terraform_account.json\u3068\u3044\u3046\u30d5\u30a1\u30a4\u30eb\u540d\u3067\u4f5c\u6210\u3057\u3066\u3044\u307e\u3059\u3002\r\n$ gcloud iam service-accounts keys create ~\/gcp_terraform_account.json --iam-account terraform-serviceaccount@&lt;PROJECT_ID&gt;.iam.gserviceaccount.com\r\n\r\n<\/code><\/pre>\n<h2>\u5b89\u88c5Terraform<\/h2>\n<p>\u516c\u5f0f\u624b\u9806\u304c\u7c21\u6f54\u4e14\u3064\u3001\u5206\u304b\u308a\u3084\u3059\u3044\u306e\u3067\u3001\u3053\u3061\u3089\u3092\u53c2\u7167\u304f\u3060\u3055\u3044\u3002(Linux\u3084Windows\u306e\u65b9\u306f\u7279\u306b\u3002)<\/p>\n<p>Mac\u5411\u3051\u306e\u629c\u7c8b\u3002<br \/>\n\u3053\u308c\u3060\u3051\u3067\u3059\u3002<\/p>\n<p>$ brew tap hashicorp\/tap<br \/>\n$ brew install hashicorp\/tap\/terraform<\/p>\n<p>Version\u5207\u308a\u66ff\u3048\u56f0\u308b\u306e\u3067tfenv\u3067\u30d0\u30fc\u30b8\u30e7\u30f3\u5207\u308a\u66ff\u3048\u305f\u3044\u4eba\u306f\u3053\u3061\u3089\u3002(\u304a\u3059\u3059\u3081)<\/p>\n<p>$ brew install tfenv<br \/>\n$ tfenv install latest<\/p>\n<h3>\u5bf9 Terraform \u8fdb\u884c\u64cd\u4f5c\u786e\u8ba4\u3002<\/h3>\n<h4>\u521b\u5efatf\u6587\u4ef6<\/h4>\n<p>\u5728\u8fd9\u91cc\uff0c\u6211\u4eec\u5c06\u521b\u5efa\u4e00\u4e2a\u7528\u4e8e\u8fdb\u884c\u64cd\u4f5c\u786e\u8ba4\u7684GCS\u5b58\u50a8\u6876\uff0c\u7528\u4e8etfstatfile\u7684\u521b\u5efa\u3002<br \/>\n\uff08\u7a0d\u540e\u5c06\u628atfstatfile\u7684\u7ba1\u7406\u4ece\u672c\u5730\u66f4\u6539\u4e3a\u5728GCS\u4e0a\u8fdb\u884c\u7ba1\u7406\u3002\uff09<\/p>\n<ul class=\"post-ul\">1.\u52d5\u4f5c\u78ba\u8a8d\u7528\u306e\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u3092\u4f5c\u6210\u3057\u3066\u79fb\u52d5\u3057\u307e\u3059\u3002<\/ul>\n<pre class=\"post-pre\"><code>$ mkdir ~\/terraform-test\r\n$ cd ~\/terraform-test\r\n<\/code><\/pre>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">2.\u74b0\u5883\u5909\u6570\u306bCredential\u30d5\u30a1\u30a4\u30eb\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/ul>\n<\/li>\n<\/ul>\n<p>\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u4f5c\u6210\u3068\u30ad\u30fc\u30d5\u30a1\u30a4\u30eb\u306e\u751f\u6210\u306e\u7b87\u6240\u3067\u4f5c\u6210\u3057\u305fjosn\u30d5\u30a1\u30a4\u30eb\u3092\u5229\u7528\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"post-pre\"><code>$ export GOOGLE_CLOUD_KEYFILE_JSON=~\/gcp_terraform_account.json\r\n$ export GOOGLE_APPLICATION_CREDENTIALS=$GOOGLE_CLOUD_KEYFILE_JSON\r\n<\/code><\/pre>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">3.vim\u7b49\u3067tf\u30d5\u30a1\u30a4\u30eb\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/ul>\n<\/li>\n<\/ul>\n<p>\u4f8b\u306b\u3088\u3063\u3066\u306f\u3054\u5229\u7528\u306e\u3082\u306e\u306b\u7f6e\u304d\u63db\u3048\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<pre class=\"post-pre\"><code><span class=\"nx\">terraform<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">required_version<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"&gt;=0.12.14\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"c1\">## project ##<\/span>\r\n<span class=\"nx\">provider<\/span> <span class=\"s2\">\"google\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">project<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"&lt;PROJECT_ID&gt;\"<\/span>\r\n  <span class=\"nx\">region<\/span>  <span class=\"p\">=<\/span> <span class=\"s2\">\"asia-northeast1\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"nx\">variable<\/span> <span class=\"s2\">\"location\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">type<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"string\"<\/span>\r\n  <span class=\"nx\">default<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"asia-northeast1\"<\/span>\r\n<span class=\"p\">}<\/span>\r\n\r\n<span class=\"c1\">## GCS for terraform.tfstate  ##<\/span>\r\n<span class=\"nx\">resource<\/span> <span class=\"s2\">\"google_storage_bucket\"<\/span> <span class=\"s2\">\"tfstate-bucket\"<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">name<\/span>          <span class=\"p\">=<\/span> <span class=\"s2\">\"terraform-tfstate-&lt;PROJECT_ID&gt;\"<\/span> <span class=\"c1\">#GCS\u306e\u30d0\u30b1\u30c3\u30c8\u540d\u306f\u5168\u4e16\u754c\u3067\u30e6\u30cb\u30fc\u30af\u3067\u3042\u308b\u5fc5\u8981\u304c\u3042\u308b\u306e\u3067\u3001\u3053\u3053\u3067\u306f\u9069\u5f53\u306bPROJECT_ID\u3092Suffix\u3068\u3057\u3066\u4ed8\u4e0e\u3057\u307e\u3059\u3002<\/span>\r\n  <span class=\"nx\">location<\/span>      <span class=\"p\">=<\/span> <span class=\"s2\">\"asia-northeast1\"<\/span>\r\n  <span class=\"nx\">storage_class<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"REGIONAL\"<\/span>\r\n\r\n  <span class=\"nx\">labels<\/span> <span class=\"p\">=<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">terraform<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"true\"<\/span>\r\n    <span class=\"nx\">app<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"terraform\"<\/span>\r\n    <span class=\"nx\">env<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"test\"<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<ul class=\"post-ul\">4. terraform fmt\u3092\u5b9f\u884c\u3057\u3066\u3001\u30d5\u30a1\u30a4\u30eb\u3092tf\u5f62\u5f0f\u3068\u3057\u3066\u30d5\u30a9\u30fc\u30de\u30c3\u30c8\u3057\u307e\u3059\u3002<\/ul>\n<pre class=\"post-pre\"><code># terraform-setting.tf\u304ctf\u5f62\u5f0f\u3068\u3057\u3066\u8a8d\u8b58\u3055\u308c\u305f\u3088\u3046\u3067\u3059\u3002\r\n$ terraform fmt\r\nterraform-setting.tf\r\n$\r\n<\/code><\/pre>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">5.terraform init\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002<\/ul>\n<\/li>\n<\/ul>\n<p>\u521d\u56de\u306e\u307f\u5fc5\u8981\u306a\u30d7\u30e9\u30b0\u30a4\u30f3\u304c\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u307e\u3059\u3002<\/p>\n<pre class=\"post-pre\"><code>Initializing the backend...\r\n\r\nInitializing provider plugins...\r\n- Finding latest version of hashicorp\/google...\r\n- Installing hashicorp\/google v3.49.0...\r\n- Installed hashicorp\/google v3.49.0 (signed by HashiCorp)\r\n\r\nThe following providers do not have any version constraints in configuration,\r\nso the latest version was installed.\r\n\r\nTo prevent automatic upgrades to new major versions that may contain breaking\r\nchanges, we recommend adding version constraints in a required_providers block\r\nin your configuration, with the constraint strings suggested below.\r\n\r\n* hashicorp\/google: version = \"~&gt; 3.49.0\"\r\n\r\nTerraform has been successfully initialized!\r\n\r\nYou may now begin working with Terraform. Try running \"terraform plan\" to see\r\nany changes that are required for your infrastructure. All Terraform commands\r\nshould now work.\r\n\r\nIf you ever set or change modules or backend configuration for Terraform,\r\nrerun this command to reinitialize your working directory. If you forget, other\r\ncommands will detect it and remind you to do so if necessary.\r\n<\/code><\/pre>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">6.terraform plan\u3092\u5b9f\u884c\u3057\u307e\u3059\u3002<\/ul>\n<\/li>\n<\/ul>\n<p>terraform apply\u306e\u5b9f\u884c\u524d\u306b\u4f55\u304c\u8d77\u304d\u308b\u304b(\u4f55\u304c\u4f5c\u6210\u3055\u308c\u308b\u306e\u304b\u3001\u5909\u66f4\u3055\u308c\u308b\u306e\u304b\u3001\u524a\u9664\u3055\u308c\u308b\u306e\u304b)\u78ba\u8a8d\u3057\u307e\u3059\u3002<br \/>\n\u4eca\u56de\u306f\u66f4\u5730\u306eGCP\u30d7\u30ed\u30b8\u30a7\u30af\u30c8\u306bGCS\u3092\u65b0\u898f\u4f5c\u6210\u306a\u306e\u3067\u30b5\u30e9\u30c3\u3068\u78ba\u8a8d\u3057\u3066\u3001\u6b21\u3078\u9032\u307f\u307e\u3059\u3002<\/p>\n<pre class=\"post-pre\"><code>$ terraform init\r\n\r\nInitializing the backend...\r\nDo you want to copy existing state to the new backend?\r\n  Pre-existing state was found while migrating the previous \"local\" backend to the\r\n  newly configured \"gcs\" backend. No existing state was found in the newly\r\n  configured \"gcs\" backend. Do you want to copy this state to the new \"gcs\"\r\n  backend? Enter \"yes\" to copy and \"no\" to start with an empty state.\r\n\r\n  Enter a value: yes\r\n\r\n\r\nSuccessfully configured the backend \"gcs\"! Terraform will automatically\r\nuse this backend unless the backend configuration changes.\r\n\r\nInitializing provider plugins...\r\n- Using previously-installed hashicorp\/google v3.49.0\r\n\r\nThe following providers do not have any version constraints in configuration,\r\nso the latest version was installed.\r\n\r\nTo prevent automatic upgrades to new major versions that may contain breaking\r\nchanges, we recommend adding version constraints in a required_providers block\r\nin your configuration, with the constraint strings suggested below.\r\n\r\n* hashicorp\/google: version = \"~&gt; 3.49.0\"\r\n\r\nTerraform has been successfully initialized!\r\n\r\nYou may now begin working with Terraform. Try running \"terraform plan\" to see\r\nany changes that are required for your infrastructure. All Terraform commands\r\nshould now work.\r\n\r\nIf you ever set or change modules or backend configuration for Terraform,\r\nrerun this command to reinitialize your working directory. If you forget, other\r\ncommands will detect it and remind you to do so if necessary.\r\nkoizumitatsuyanoMacBook-Pro:terraform-gcp koizumitatsuya$\r\nkoizumitatsuyanoMacBook-Pro:terraform-test koizumitatsuya$ terraform plan\r\nRefreshing Terraform state in-memory prior to plan...\r\nThe refreshed state will be used to calculate this plan, but will not be\r\npersisted to local or remote state storage.\r\n\r\n\r\n------------------------------------------------------------------------\r\n\r\nAn execution plan has been generated and is shown below.\r\nResource actions are indicated with the following symbols:\r\n  + create\r\n\r\nTerraform will perform the following actions:\r\n\r\n  # google_storage_bucket.tfstate-bucket will be created\r\n  + resource \"google_storage_bucket\" \"tfstate-bucket\" {\r\n      + bucket_policy_only          = (known after apply)\r\n      + force_destroy               = false\r\n      + id                          = (known after apply)\r\n      + labels                      = {\r\n          + \"app\"       = \"terraform\"\r\n          + \"env\"       = \"test\"\r\n          + \"terraform\" = \"true\"\r\n        }\r\n      + location                    = \"ASIA-NORTHEAST1\"\r\n      + name                        = \"terraform-tfstate-&lt;PROJECT_ID&gt;-test\" #\u79c1\u306e\u5834\u5408\u65e2\u306b\u540c\u540d\u306e\u30d0\u30b1\u30c3\u30c8\u304c\u3042\u3063\u305f\u306e\u3067\u3001\u672b\u5c3e\u306b-test\u3068\u3064\u3051\u3066\u3044\u307e\u3059\u3002\r\n      + project                     = (known after apply)\r\n      + self_link                   = (known after apply)\r\n      + storage_class               = \"REGIONAL\"\r\n      + uniform_bucket_level_access = (known after apply)\r\n      + url                         = (known after apply)\r\n    }\r\n\r\nPlan: 1 to add, 0 to change, 0 to destroy.\r\n\r\nWarning: Quoted type constraints are deprecated\r\n\r\n  on terraform-setting.tf line 12, in variable \"location\":\r\n  12:   type    = \"string\"\r\n\r\nTerraform 0.11 and earlier required type constraints to be given in quotes,\r\nbut that form is now deprecated and will be removed in a future version of\r\nTerraform. To silence this warning, remove the quotes around \"string\".\r\n\r\n\r\n------------------------------------------------------------------------\r\n\r\nNote: You didn't specify an \"-out\" parameter to save this plan, so Terraform\r\ncan't guarantee that exactly these actions will be performed if\r\n\"terraform apply\" is subsequently run.\r\n\r\nkoizumitatsuyanoMacBook-Pro:terraform-test koizumitatsuya$\r\n<\/code><\/pre>\n<ul class=\"post-ul\">7. terraform apply -auto-approve\u3092\u5b9f\u884c\u3057\u3001GCS\u30ea\u30bd\u30fc\u30b9\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/ul>\n<pre class=\"post-pre\"><code>$ terraform apply -auto-approve\r\ngoogle_storage_bucket.tfstate-bucket: Creating...\r\ngoogle_storage_bucket.tfstate-bucket: Creation complete after 2s [id=terraform-tfstate-t2-koizumi-test]\r\n\r\nWarning: Quoted type constraints are deprecated\r\n\r\n  on terraform-setting.tf line 12, in variable \"location\":\r\n  12:   type    = \"string\"\r\n\r\nTerraform 0.11 and earlier required type constraints to be given in quotes,\r\nbut that form is now deprecated and will be removed in a future version of\r\nTerraform. To silence this warning, remove the quotes around \"string\".\r\n\r\n\r\nApply complete! Resources: 1 added, 0 changed, 0 destroyed.\r\n$ \r\n<\/code><\/pre>\n<ul class=\"post-ul\">8.gsutil ls\u3067\u30d0\u30b1\u30c3\u30c8\u304c\u4f5c\u6210\u3055\u308c\u305f\u3053\u3068\u3092\u78ba\u8a8d\u3067\u304d\u308c\u3070\u3001terraform\u306e\u52d5\u4f5c\u78ba\u8a8d\u306f\u5b8c\u4e86\u3067\u3059\u3002<\/ul>\n<pre class=\"post-pre\"><code>$ gsutil ls |egrep test\r\ngs:\/\/terraform-tfstate-&lt;PROJECT_ID&gt;-test\/\r\n$ \r\n<\/code><\/pre>\n<h2>\u5c06terraform.tfstate\u7684\u4f4d\u7f6e\/\u5f15\u7528\u4ece\u672c\u5730\u66f4\u6539\u4e3aGCS\u3002<\/h2>\n<ul class=\"post-ul\">1. \u5148\u7a0b\u4f5c\u6210\u3057\u305f\u3001terraform-setting.tf\u306b\u4e00\u90e8\u8ffd\u8a18\u3057\u3001terraform.tfstate\u306e\u914d\u7f6e\/\u53c2\u7167\u5148\u3092\u30ed\u30fc\u30ab\u30eb\u304b\u3089\u3001GCS\u3078\u5909\u66f4\u3057\u307e\u3059\u3002<\/ul>\n<pre class=\"post-pre\"><code><span class=\"nx\">terraform<\/span> <span class=\"p\">{<\/span>\r\n  <span class=\"nx\">required_version<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"&gt;=0.12.14\"<\/span>\r\n  <span class=\"c1\"># \u8ffd\u8a18\u3053\u3053\u304b\u3089 #<\/span>\r\n  <span class=\"nx\">backend<\/span> <span class=\"s2\">\"gcs\"<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">bucket<\/span>  <span class=\"p\">=<\/span> <span class=\"s2\">\"terraform-tfstate-&lt;PROJECT_ID&gt;\"<\/span> <span class=\"c1\">#\u5148\u7a0bterraform apply\u3067\u4f5c\u6210\u3057\u305fGCS\u30d0\u30b1\u30c3\u30c8\u540d\u3092\u8a18\u8f09\u3057\u307e\u3059\u3002<\/span>\r\n  <span class=\"p\">}<\/span>\r\n  <span class=\"c1\"># \u8ffd\u8a18\u3053\u3053\u307e\u3067 #  <\/span>\r\n<span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">2.backend &#8220;gcs&#8221; &#8230;\u3092\u8ffd\u8a18\u5f8c\u3001terraform init\u3092\u884c\u3044\u307e\u3059\u3002<\/ul>\n<\/li>\n<\/ul>\n<p>\u9014\u4e2d\u306e\u8cea\u554f\u306byes\u3068\u7b54\u3048\u308b\u3068\u3001\u81ea\u52d5\u3067terraform.tfstate\u3092GCS\u306e\u30d0\u30b1\u30c3\u30c8\u306b\u79fb\u884c\u3057\u3066\u304f\u308c\u307e\u3059\u3002<\/p>\n<p>\u3053\u308c\u3084\u3089\u306a\u3044\u3068\u5dee\u5206\u304c\u51fa\u3066\u7d50\u69cb\u30cf\u30de\u308a\u307e\u3059\u3002<\/p>\n<pre class=\"post-pre\"><code>$ mv terraform.tfstate \/var\/tmp\/\r\n$ terraform init\r\nInitializing the backend...\r\nDo you want to migrate all workspaces to \"gcs\"?\r\n  Both the existing \"local\" backend and the newly configured \"gcs\" backend\r\n  support workspaces. When migrating between backends, Terraform will copy\r\n  all workspaces (with the same names). THIS WILL OVERWRITE any conflicting\r\n  states in the destination.\r\n\r\n  Terraform initialization doesn't currently migrate only select workspaces.\r\n  If you want to migrate a select number of workspaces, you must manually\r\n  pull and push those states.\r\n\r\n  If you answer \"yes\", Terraform will migrate all states. If you answer\r\n  \"no\", Terraform will abort.\r\n\r\n  Enter a value: yes #\u3053\u3053\u3067yes\u3068\u7b54\u3048\u308b\u3068\u3001GCS\u4e0a\u306b\r\n\r\nSuccessfully configured the backend \"gcs\"! Terraform will automatically\r\nuse this backend unless the backend configuration changes.\r\n<\/code><\/pre>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">terraform plan\u3092\u5b9f\u884c\u3057\u3066\u554f\u984c\u306a\u3044\u3053\u3068\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/ul>\n<\/li>\n<\/ul>\n<p>\u3053\u3053\u307e\u3067\u6765\u3066\u3088\u3046\u3084\u304f\u3001GitHubActions\u7d4c\u7531\u3067terraform\u3092\u5b9f\u884c\u3059\u308b\u4e0b\u6e96\u5099\u304c\u6574\u3044\u307e\u3057\u305f\u3002<\/p>\n<pre class=\"post-pre\"><code>$ terraform plan\r\nRefreshing Terraform state in-memory prior to plan...\r\nThe refreshed state will be used to calculate this plan, but will not be\r\npersisted to local or remote state storage.\r\n\r\ngoogle_storage_bucket.tfstate-bucket: Refreshing state... [id=terraform-tfstate-&lt;PROJECT_ID&gt;]\r\n\r\n------------------------------------------------------------------------\r\n\r\nNo changes. Infrastructure is up-to-date.\r\n\r\nThis means that Terraform did not detect any differences between your\r\nconfiguration and real physical resources that exist. As a result, no\r\nactions need to be performed.\r\n(\u4e2d\u7565)\r\n$\r\n<\/code><\/pre>\n<h2>GitHubActions\u7684\u8bbe\u7f6e<\/h2>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">\u4ee5\u4e0b\u306b\u30b5\u30f3\u30d7\u30eb\u30b3\u30fc\u30c9\u3092\u7f6e\u3044\u3066\u304a\u304d\u307e\u3059\u3002<\/ul>\n<\/li>\n<\/ul>\n<p>https:\/\/github.com\/koitatu\/github-actions-sample-template-for-gcp-terraform<br \/>\n\u57fa\u672cREADME.md\u306e\u901a\u308a\u3001\u4ee5\u4e0b3\u3064\u306e\u5bfe\u5fdc\u3067\u884c\u3051\u308b\u306f\u305a\u3067\u3059\u3002<\/p>\n<p>1. ..github\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u3092.github\u3078\u30ea\u30cd\u30fc\u30e0\u3057\u3066\u914d\u7f6e<br \/>\n2. GitHub\u306e\u30ea\u30dd\u30b8\u30c8\u30ea\u5074\u3067\u3001Secrets\u30922\u3064\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p>GOOGLE_CREDENTIALS<\/p>\n<p>GCP\u306e\u30b5\u30fc\u30d3\u30b9\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u30ad\u30fc\u30d5\u30a1\u30a4\u30eb\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p>\u3053\u306e\u8a18\u4e8b\u306e\u4f8b\u3067\u306fgcp_terraform_account.json\u306e\u4e2d\u8eab\u3092\u8cbc\u308a\u4ed8\u3051\u3066\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p>SLACK_WEBHOOK_URL<\/p>\n<p>Slack\u306eIncommingWebHook\u306eURL\u3092\u8cbc\u308a\u4ed8\u3051\u3066\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<p>\u306a\u305cTerraform Cloud\u3092\u5229\u7528\u3057\u3066\u3044\u306a\u3044\u306e\u304b\u3002<\/p>\n<p>\u30b3\u30fc\u30c9\u8aad\u3093\u3067\u3044\u305f\u3060\u304f\u3068\u308f\u304b\u308b\u306e\u3067\u3059\u304c\u3001DockerHub\u306b\u3042\u308b\u3001hashicorp\/terraform:light\u306e\u30a4\u30e1\u30fc\u30b8\u3092\u5229\u7528\u3057\u3066\u3044\u307e\u3059\u3002<br \/>\n\u3053\u308c\u4ee5\u4e0aSaaS\u306e\u30a2\u30ab\u30a6\u30f3\u30c8\u3092\u5897\u3084\u3057\u305f\u304f\u306a\u3044\u304b\u3089\u3068\u3044\u3046\u3001\u3069\u3046\u3057\u3088\u3046\u3082\u306a\u3044\u7406\u7531\u3067\u3059\u3002<\/p>\n<p>\u4eca\u56de\u306f\u9762\u5012\u306a\u306e\u3067\u3001\u5148\u7a0b\u4f5c\u6210\u3057\u305fterraform-setting.tf\u3068\u540c\u3058\u30ea\u30dd\u30b8\u30c8\u30ea\u306b\u7f6e\u3044\u3066\u3044\u307e\u3059\u3002<\/p>\n<h2>\u901a\u8fc7GitHubActions\u6267\u884cTerraform\u3002<\/h2>\n<ul class=\"post-ul\">\n<li style=\"list-style-type: none;\">\n<ul class=\"post-ul\">1.Terraform\u516c\u5f0f\u3092\u53c2\u8003\u306bTF\u30d5\u30a1\u30a4\u30eb\u3092\u4f5c\u6210\u3057\u307e\u3059\u3002<\/ul>\n<\/li>\n<\/ul>\n<p>\u4eca\u56de\u306f\u5148\u7a0b\u4f5c\u6210\u3057\u305fterraform-setting.tf\u3068\u540c\u3058\u30ea\u30dd\u30b8\u30c8\u30ea\u306b\u7f6e\u3044\u3066\u3044\u307e\u3059\u3002<\/p>\n<pre class=\"post-pre\"><code>  <span class=\"nx\">resource<\/span> <span class=\"s2\">\"google_compute_instance\"<\/span> <span class=\"s2\">\"create-by-terraform\"<\/span> <span class=\"p\">{<\/span>\r\n    <span class=\"nx\">name<\/span>         <span class=\"p\">=<\/span> <span class=\"s2\">\"create-by-terraform\"<\/span>\r\n    <span class=\"nx\">machine_type<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"e2-micro\"<\/span>\r\n    <span class=\"nx\">zone<\/span>         <span class=\"p\">=<\/span> <span class=\"s2\">\"asia-northeast1-a\"<\/span>\r\n    <span class=\"nx\">tags<\/span> <span class=\"p\">=<\/span> <span class=\"p\">[<\/span><span class=\"s2\">\"terraform-test\"<\/span><span class=\"p\">]<\/span>\r\n\r\n    <span class=\"nx\">boot_disk<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"nx\">initialize_params<\/span> <span class=\"p\">{<\/span>\r\n        <span class=\"nx\">size<\/span>  <span class=\"p\">=<\/span> <span class=\"mi\">10<\/span>\r\n        <span class=\"nx\">type<\/span>  <span class=\"p\">=<\/span> <span class=\"s2\">\"pd-standard\"<\/span>\r\n        <span class=\"nx\">image<\/span> <span class=\"p\">=<\/span> <span class=\"s2\">\"debian-cloud\/debian-10\"<\/span>\r\n      <span class=\"p\">}<\/span>\r\n    <span class=\"p\">}<\/span>\r\n\r\n    <span class=\"nx\">network_interface<\/span> <span class=\"p\">{<\/span>\r\n      <span class=\"nx\">network<\/span>       <span class=\"p\">=<\/span> <span class=\"s2\">\"default\"<\/span>\r\n          <span class=\"nx\">access_config<\/span> <span class=\"p\">{<\/span>\r\n        <span class=\"c1\">\/\/ Ephemeral IP<\/span>\r\n        <span class=\"p\">}<\/span>\r\n    <span class=\"p\">}<\/span>\r\n\r\n    <span class=\"nx\">service_account<\/span>  <span class=\"p\">{<\/span>\r\n      <span class=\"nx\">scopes<\/span> <span class=\"p\">=<\/span> <span class=\"p\">[<\/span><span class=\"s2\">\"logging-write\"<\/span><span class=\"p\">,<\/span> <span class=\"s2\">\"monitoring-write\"<\/span><span class=\"p\">]<\/span>\r\n    <span class=\"p\">}<\/span>\r\n  <span class=\"p\">}<\/span>\r\n<\/code><\/pre>\n<div><img decoding=\"async\" class=\"post-images\" title=\"\" src=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d85e5913a08637a6ba809\/70-5.png\" alt=\"image.png\" \/><\/div>\n<p>\u901a\u8fc7\u7f16\u8f91Terraform\u6587\u4ef6\u3001\u5c06\u5176\u63a8\u9001\u5230GitHub\u5e76\u5408\u5e76\uff0c\u53ea\u9700\u8fd9\u6837\u4e00\u6b65\uff0c\u5c31\u80fd\u591f\u8f7b\u677e\u521b\u5efaGCP\u8d44\u6e90\u3002\u975e\u5e38\u65b9\u4fbf\uff01<\/p>\n<p>\u7531\u4e8e\u6587\u7ae0\u5f88\u957f\uff0c\u6240\u4ee5\u5c06\u5728\u4e4b\u540e\u8fdb\u884c\u5206\u5272\u91cd\u65b0\u53d1\u5e03\u3002<br \/>\n\u611f\u8c22\u60a8\u4e00\u76f4\u9605\u8bfb\u5230\u8fd9\u91cc\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u8fd9\u7bc7\u6587\u7ae0\u662f\u5173\u4e8e\u4ec0\u4e48\u7684\uff1f \u3053\u306e\u8a18\u4e8b\u306f\u300cGoogle Cloud Platform Advent Calendar [&hellip;]<\/p>\n","protected":false},"author":10,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-48473","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v21.5 (Yoast SEO v21.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>\u5c1d\u8bd5\u4f7f\u7528Github Actions\u548cTerraform\u5b9e\u73b0\u5bf9GCP\u7684IaC - Blog - Silicon Cloud<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/\u5c1d\u8bd5\u4f7f\u7528github-actions\u548cterraform\u5b9e\u73b0\u5bf9gcp\u7684iac\u3002\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u5c1d\u8bd5\u4f7f\u7528Github Actions\u548cTerraform\u5b9e\u73b0\u5bf9GCP\u7684IaC\" \/>\n<meta property=\"og:description\" content=\"\u8fd9\u7bc7\u6587\u7ae0\u662f\u5173\u4e8e\u4ec0\u4e48\u7684\uff1f \u3053\u306e\u8a18\u4e8b\u306f\u300cGoogle Cloud Platform Advent Calendar [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/\u5c1d\u8bd5\u4f7f\u7528github-actions\u548cterraform\u5b9e\u73b0\u5bf9gcp\u7684iac\u3002\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-11-04T18:01:07+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-30T00:49:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d85e5913a08637a6ba809\/5-0.png\" \/>\n<meta name=\"author\" content=\"\u5b87, \u534e\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u5b87, \u534e\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%b0%9d%e8%af%95%e4%bd%bf%e7%94%a8github-actions%e5%92%8cterraform%e5%ae%9e%e7%8e%b0%e5%af%b9gcp%e7%9a%84iac%e3%80%82\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%b0%9d%e8%af%95%e4%bd%bf%e7%94%a8github-actions%e5%92%8cterraform%e5%ae%9e%e7%8e%b0%e5%af%b9gcp%e7%9a%84iac%e3%80%82\/\",\"name\":\"\u5c1d\u8bd5\u4f7f\u7528Github Actions\u548cTerraform\u5b9e\u73b0\u5bf9GCP\u7684IaC - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2023-11-04T18:01:07+00:00\",\"dateModified\":\"2024-04-30T00:49:57+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/513018e4e121d3add1b7c5de8be21458\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%b0%9d%e8%af%95%e4%bd%bf%e7%94%a8github-actions%e5%92%8cterraform%e5%ae%9e%e7%8e%b0%e5%af%b9gcp%e7%9a%84iac%e3%80%82\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%b0%9d%e8%af%95%e4%bd%bf%e7%94%a8github-actions%e5%92%8cterraform%e5%ae%9e%e7%8e%b0%e5%af%b9gcp%e7%9a%84iac%e3%80%82\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%b0%9d%e8%af%95%e4%bd%bf%e7%94%a8github-actions%e5%92%8cterraform%e5%ae%9e%e7%8e%b0%e5%af%b9gcp%e7%9a%84iac%e3%80%82\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u5c1d\u8bd5\u4f7f\u7528Github Actions\u548cTerraform\u5b9e\u73b0\u5bf9GCP\u7684IaC\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/513018e4e121d3add1b7c5de8be21458\",\"name\":\"\u5b87, \u534e\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63cd45cbc05a35fc4ff7637a163c83c4962ef58d27472726c3a3e0c9c5194f0f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63cd45cbc05a35fc4ff7637a163c83c4962ef58d27472726c3a3e0c9c5194f0f?s=96&d=mm&r=g\",\"caption\":\"\u5b87, \u534e\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/yuhua\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e5%b0%9d%e8%af%95%e4%bd%bf%e7%94%a8github-actions%e5%92%8cterraform%e5%ae%9e%e7%8e%b0%e5%af%b9gcp%e7%9a%84iac%e3%80%82\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u5c1d\u8bd5\u4f7f\u7528Github Actions\u548cTerraform\u5b9e\u73b0\u5bf9GCP\u7684IaC - Blog - Silicon Cloud","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/\u5c1d\u8bd5\u4f7f\u7528github-actions\u548cterraform\u5b9e\u73b0\u5bf9gcp\u7684iac\u3002\/","og_locale":"zh_CN","og_type":"article","og_title":"\u5c1d\u8bd5\u4f7f\u7528Github Actions\u548cTerraform\u5b9e\u73b0\u5bf9GCP\u7684IaC","og_description":"\u8fd9\u7bc7\u6587\u7ae0\u662f\u5173\u4e8e\u4ec0\u4e48\u7684\uff1f \u3053\u306e\u8a18\u4e8b\u306f\u300cGoogle Cloud Platform Advent Calendar [&hellip;]","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/\u5c1d\u8bd5\u4f7f\u7528github-actions\u548cterraform\u5b9e\u73b0\u5bf9gcp\u7684iac\u3002\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2023-11-04T18:01:07+00:00","article_modified_time":"2024-04-30T00:49:57+00:00","og_image":[{"url":"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d85e5913a08637a6ba809\/5-0.png"}],"author":"\u5b87, \u534e","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u5b87, \u534e","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"6 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%b0%9d%e8%af%95%e4%bd%bf%e7%94%a8github-actions%e5%92%8cterraform%e5%ae%9e%e7%8e%b0%e5%af%b9gcp%e7%9a%84iac%e3%80%82\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%b0%9d%e8%af%95%e4%bd%bf%e7%94%a8github-actions%e5%92%8cterraform%e5%ae%9e%e7%8e%b0%e5%af%b9gcp%e7%9a%84iac%e3%80%82\/","name":"\u5c1d\u8bd5\u4f7f\u7528Github Actions\u548cTerraform\u5b9e\u73b0\u5bf9GCP\u7684IaC - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2023-11-04T18:01:07+00:00","dateModified":"2024-04-30T00:49:57+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/513018e4e121d3add1b7c5de8be21458"},"breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%b0%9d%e8%af%95%e4%bd%bf%e7%94%a8github-actions%e5%92%8cterraform%e5%ae%9e%e7%8e%b0%e5%af%b9gcp%e7%9a%84iac%e3%80%82\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/%e5%b0%9d%e8%af%95%e4%bd%bf%e7%94%a8github-actions%e5%92%8cterraform%e5%ae%9e%e7%8e%b0%e5%af%b9gcp%e7%9a%84iac%e3%80%82\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%b0%9d%e8%af%95%e4%bd%bf%e7%94%a8github-actions%e5%92%8cterraform%e5%ae%9e%e7%8e%b0%e5%af%b9gcp%e7%9a%84iac%e3%80%82\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"\u5c1d\u8bd5\u4f7f\u7528Github Actions\u548cTerraform\u5b9e\u73b0\u5bf9GCP\u7684IaC"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/513018e4e121d3add1b7c5de8be21458","name":"\u5b87, \u534e","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63cd45cbc05a35fc4ff7637a163c83c4962ef58d27472726c3a3e0c9c5194f0f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63cd45cbc05a35fc4ff7637a163c83c4962ef58d27472726c3a3e0c9c5194f0f?s=96&d=mm&r=g","caption":"\u5b87, \u534e"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/yuhua\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e5%b0%9d%e8%af%95%e4%bd%bf%e7%94%a8github-actions%e5%92%8cterraform%e5%ae%9e%e7%8e%b0%e5%af%b9gcp%e7%9a%84iac%e3%80%82\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48473","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=48473"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48473\/revisions"}],"predecessor-version":[{"id":90908,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/48473\/revisions\/90908"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=48473"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=48473"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=48473"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}