šŸ’¦ Symlinked: Setting a ā¬£ Cloud Build trigger with šŸ§¹Pulumi in šŸ Python

The Original article here: https://medium.com/google-cloud/setting-cloudbuild-with-pulumi-in-python-330e8b54b2cf

A couple of weeks ago, I fell in love with Pulumi. it has everything I wanted from Terraform: easy to set up, easy config management, a nice UI for free, and most importantlyā€¦ language Support! Pulumi is the best invention after Buffalo Pizza and has only a problem.. no Ruby support :/

Anyway, Iā€™m so in love with ā¬£ GCP (which happens to pay my salary, I got to admit), Cloud Build, Cloud Deploy, and in general CI/CD pipelines on Google Cloud that I wanted to give it a try. Googling ā€œCloud Build Pulumiā€ I got to this nice article for JavaScript, which is not in my chords.

The code

My code is here: https://github.com/palladius/pulumi/tree/main/examples/python-gcp-cloudbuild-auto-trigger

Note: šŸ‘ Code is finally building correctly. Yay!

cb-trigger-list

What is so special about the code?

The code allows any Pulumi project you might have on GCP (in Python šŸ) to set up a trigger to self-update. A push to the git repo will trigger a build job which ā€” if successful ā€” will login as yourself to Pulumi and issue an update with the new code.

So if, for instance, you commit a change that adds a GCS bucket to the code, in a couple of minutes that GCS bucket will be created and the README.md will be updated with builder parameters:

cb-trigger-list In bold you can see 3 parameters updated by Cloud Build itself!

My code supports Github (as is) and Bitbucket (code 99% there as it was working first!) for the moment.

Iā€™ve also customized the message as per Laura article, prepending a ā€œ[built with Cloud Build]ā€ to the git message (ā€slash N fixā€, in this case):

View on Pulumi website

What does Pulumi mean?

Iā€™ve been trying google Translate, it looks like it might mean broomstick (šŸ§¹) in hawaiaan or Burma (šŸ‡²šŸ‡², now Myanmar). Until then, Iā€™ll use the first emoji, until someone proves me wrong.

Edit: my friend Aaron from Pulumi confirms broom and points to this article.

Next steps

My šŸ“ for the future includes:

  • Having proper password/state setting on GCP via HSM or GCS.
  • Transform into a module so whichever pulumi project you might have you can just invoke this code with 4ā€“5 variables (github user, github repo, pulumi buidl directory, credentials, ..). I still need to see if this is viable also cross-language (nonšŸ).

References

Original code (Cloud Build + Node.js): https://www.pulumi.com/docs/guides/continuous-delivery/google-cloud-build/

My code (python): https://github.com/palladius/pulumi/tree/main/examples/python-gcp-cloudbuild-auto-trigger