This article describes how to finish configuring and submit your VM image for deployment using Terraform.
Specify whether to use the default or a custom Terraform module
You can choose whether you want your customers to use the default or a custom Terraform module when they deploy your product.
If you choose to use the default Terraform module, Google Cloud provides your customers with autogenerated Terraform code that they can use to deploy your product.
If you choose to use a custom Terraform module, you must provide your own Terraform templates to your customer. You can choose to provide these templates in a form that customers can deploy by using the command-line interface (CLI), or with additional metadata that lets customers deploy modules directly from Cloud Marketplace.
To specify whether your customers should use the default or a custom Terraform module, and, for custom Terraform modules, how you want your customers to deploy the module, complete the following steps:
In Producer Portal, go to the Deployment package section.
Under Terraform configuration, under Type, select Default, Custom (CLI deployment), or Custom (UI deployment).
Requirements for custom Terraform modules
If you select to use custom Terraform modules, your custom module must meet the following requirements:
Your custom module must have a module which Cloud Marketplace can use to verify that it meets the requirements. For more information, see Test that your module passes verification.
Your module must have a variable named
project_id
, which stores the project ID that your customers use to deploy the module.You must specify references to the names of your images as Terraform variables, with the format
projects/PROJECT_NAME/global/images/IMAGE_NAME
. The value ofdefault
must be set to the name of your VM image, so that the Cloud Marketplace-owned copy of the image can be substituted into the module when your VM product is published.Your module must not depend on outside modules that aren't packaged with it.
Your module must use only the following approved providers:
archive
cloud-init
dns
google
google-beta
http
null
random
time
tls
For an example of a custom module that conforms to these requirements, visit the sample custom Terraform module.
Additional requirements for custom Terraform modules for UI deployment
If your custom module supports UI deployment, it must meet the following additional requirements:
Your module must contain a variable called
goog_cm_deployment_name
. Cloud Marketplace uses this variable to name your customers' deployments in their deployment page. You should use this variable to avoid resource naming collisions between multiple deployments in one project. For an example, seegoog_cm_deployment_name
in the sample custom Terraform module.In the file
metadata.display.yaml
, you must specifyET_GCE_DISK_IMAGE
as thexGoogleProperty
type for all image variables. For an example, seemetadata.display.yaml
in the sample custom Terraform module.If your product contains multi-VM images or images that support multiple CPU architectures, you must add
enumValueLabels
so that your customers can select the VM image they want to use. For an example, see the sample custom Terraform module.Your module must not depend on support for Terraform provisioners.
Additional steps for custom Terraform modules
If you selected to use custom Terraform modules, you must complete the following additional steps to configure your VM image for deployment:
In Producer Portal, go to the Deployment package section.
Under Terraform configuration, under Image Variables, click Add variable.
To enable Terraform deployment of your product, you must have turned on usage of Marketplace owned images. Cloud Marketplace uses the variable you add here to swap in the Marketplace owned version of your VM image when a customer deploys your product.
In the Image Variable text field, enter a name for your variable, such as "image".
In your custom Terraform module, set the default value of the variable that you created in the previous step to the name of the VM image for your product, in the format
projects/YOUR_PROJECT/global/images/YOUR_IMAGE
.Under Specify your GCS object location, click Browse.
If you've already created a Cloud Storage bucket, select it here.
If you don't have a Cloud Storage bucket, click the icon labeled Create new bucket. When you create a new bucket, you:
Select a name for the bucket.
Specify what region or regions the bucket stores data in.
Specify the storage class for your data.
Determine what level of granularity to apply to the Identity and Access Management (IAM) permissions for the bucket's data.
Configure optional advanced settings, such as encryption or data retention policies.
Ensure that Object Versioning is enabled for your Cloud Storage bucket.
To save your bucket settings and continue configuring your deployment package, click Configure.
Under Required roles, specify the IAM roles your customers must have to deploy your product.
(UI deployment only) Create metadata for your custom Terraform module
For your custom module to support UI deployment, you must create and add metadata that Cloud Marketplace uses to correctly parse your module and render it in the UI for your customer.
To create and add this metadata, you can use the open source CFT CLI tool. To use CFT to create and add metadata to your custom modules, complete the following steps:
Install the CFT CLI tool. For more information, visit the CFT CLI documentation. We recommend that you specify the value of
VERSION
to belatest
, and setPLATFORM
to one of the following values:linux
windows
darwin
Run the following command:
cft blueprint metadata -p TF_PACKAGE_PATH -q -d --nested=false
In the previous command, the
-p
flag provides a path for the Terraform package, the-q
flag generates metadata without needing information for a remote repository, the-d
flag generates themetadata.display.yaml
file, and the--nested=false
flag generates metadata for the root module, skipping any modules in themodules/
folder.
After you complete the previous steps, the CFT CLI tool generates two new files:
metadata.yaml
and metadata.display.yaml
.
Customize your custom Terraform module's metadata
Cloud Marketplace uses the file metadata.display.yaml
to customize the
form that customers use to deploy your product through the UI. If you want to
customize this form, after you create your metadata, you can alter the values of
the fields in metadata.display.yaml
. For details of the available
customization options, visit the open source
BlueprintUI documentation,
or see the
BlueprintUI schema.
We recommend that you use the extension
GooglePropertyExtensions
to alter your metadata. GooglePropertyExtensions
lets you use
Google Cloud-specific validations, such as enforcing that customers can
only select Virtual Private Cloud (VPC) networks that already exist in their
project. For an example, see the
sample custom Terraform module.
Validate your custom module's metadata
To validate your custom module's metadata, run the following command:
cft blueprint metadata -p TF_PACKAGE_PATH -v
In the previous command, the -p
flag provides a path for the Terraform
package, and the -v
flag validates all metadata files under the provided path
based on the
BlueprintMetadata
schema.
Test that your module passes verification
Your custom module passes the verification if the following command runs successfully:
terraform plan -var project_id=YOUR_PROJECT -var-file marketplace_test.tfvars
In the previous command, marketplace_test.tfvars
is a Terraform variables file
that only Cloud Marketplace uses, solely for this verification of the
module. If your template declares any variables that don't have a default value,
and you don't set a value for those variables, then the command doesn't run
successfully. To ensure that the command runs successfully, you can create a
marketplace_test.tfvars
file to set values for the variables that your
template declares. For an example marketplace_test.tfvars
file, see the
sample custom Terraform module.
(Optional) (CLI deployment only) Include a test module
Optionally, if your custom module supports CLI deployment, you can choose to
include a folder named examples/marketplace_test
. You might want to do this if
your product needs to include a separate test module for verifying its
functionality. If you include this folder, then for your module to pass the
verification, the following command must run successfully:
terraform -chdir=examples/marketplace_test plan -var project_id=YOUR_PROJECT
Submit your deployment package for review
After you've created and configured your deployment package, you must submit the package to Producer Portal so that the Cloud Marketplace team can review and approve the package.
In Producer Portal, go to the Deployment package section.
Click Validate. The validation process can take up to two hours to complete, and you can exit the screen while it's completing.
After the validation has completed successfully, to submit the deployment package for review, click Submit. After you submit the package, it might take up to two weeks for Google to review and approve the package.