infrastructure/base/modules/gcp/gcr/main.tf
resource "google_project_service" "artifact_registry_api" {
service = "artifactregistry.googleapis.com"
disable_on_destroy = false
}
resource "google_artifact_registry_repository" "repository" {
location = var.region
project = var.project_id
repository_id = var.name
description = "Docker image repository for ${var.name}"
format = "DOCKER"
}
resource "google_artifact_registry_repository_iam_binding" "binding" {
project = google_artifact_registry_repository.repository.project
location = google_artifact_registry_repository.repository.location
repository = google_artifact_registry_repository.repository.name
role = "roles/artifactregistry.writer"
members = [
"serviceAccount:${var.service_account.email}",
]
}