mapswipe · thenav56 · Oct 15, 2025 · Oct 14, 2025
diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml
@@ -14,8 +14,7 @@ jobs:
           submodules: true
 
       - name: Generate fake ./terraform/live/secrets.auto.tfvars
-        run: |
-          echo "project_id_map = { stage = \"mapswipe-stage\", prod = \"mapswipe-prod\" }" > ./terraform/live/secrets.auto.tfvars
+        run: cp terraform/live/secrets-sample.auto.tfvars terraform/live/secrets.auto.tfvars
 
       # TODO: Cache plugins?
       - uses: terraform-linters/setup-tflint@v5

diff --git a/terraform/.gitignore b/terraform/.gitignore
@@ -1,3 +1,4 @@
 .terragrunt-cache
 .terraform
 *.tfvars
+!secrets-sample.auto.tfvars
diff --git a/terraform/README.md b/terraform/README.md
@@ -1,18 +1,26 @@
 ## Project ID
 
 **live/secrets.auto.tfvars**
-```hcl
-project_id_map = {
-    stage = "project-id-not-number"
-    prod  = "project-id-not-number"
-}
-```
+> NOTE: Sample is available here (./live/secrets-sample.auto.tfvars)[./live/secrets-sample.auto.tfvars]
 
 ## Apply changes
 
 ### Stage
 
 ```bash
+# Google auth
+gcloud auth application-default login
+
+# Enable some api if not already
+gcloud services enable storage.googleapis.com --project=YOUR_PROJECT_ID
+gcloud services enable cloudresourcemanager.googleapis.com --project=YOUR_PROJECT_ID
+gcloud services enable billingbudgets.googleapis.com --project=YOUR_PROJECT_ID
+gcloud services enable iam.googleapis.com --project=YOUR_PROJECT_ID
+
+# List all enabled apis
+gcloud services list --enabled --project=YOUR_PROJECT_ID
+
+# Terragrunt
 cd live/stage
 
 terragrunt plan

diff --git a/terraform/live/prod/terragrunt.hcl b/terraform/live/prod/terragrunt.hcl
@@ -7,4 +7,5 @@ terraform {
 }
 
 inputs = {
+  budget_amount = 50
 }
diff --git a/terraform/live/secrets-sample.auto.tfvars b/terraform/live/secrets-sample.auto.tfvars
@@ -0,0 +1,8 @@
+project_id_map = {
+  stage = "project-id-not-number"
+  prod  = "project-id-not-number"
+}
+
+gcs_billing_account_id = "XXXXXX-YYYYYY-ZZZZZZ"
+
+togglecorp_dev_email_address = "xxxxxxxxxxxx@yyyyyyyyyy.zzz"
diff --git a/terraform/live/stage/terragrunt.hcl b/terraform/live/stage/terragrunt.hcl
@@ -7,4 +7,5 @@ terraform {
 }
 
 inputs = {
+  budget_amount = 3
 }
diff --git a/terraform/live/terragrunt.root.hcl b/terraform/live/terragrunt.root.hcl
@@ -19,7 +19,9 @@ remote_state {
 }
 
 inputs = {
-  env_name       = local.env_name
-  gcs_project_id = local.secrets_config.project_id_map[local.env_name]
-  gcs_region     = "EU"
+  env_name                     = local.env_name
+  gcs_billing_account_id       = local.secrets_config.gcs_billing_account_id
+  gcs_project_id               = local.secrets_config.project_id_map[local.env_name]
+  gcs_region                   = "EU"
+  togglecorp_dev_email_address = local.secrets_config.togglecorp_dev_email_address
 }
diff --git a/terraform/resources/budget.tf b/terraform/resources/budget.tf
@@ -0,0 +1,53 @@
+resource "google_monitoring_notification_channel" "toggle_dev" {
+  display_name = "Toggle dev"
+  type         = "email"
+
+  labels = {
+    email_address = var.togglecorp_dev_email_address
+  }
+}
+
+
+resource "google_billing_budget" "gcp_budget" {
+  billing_account = var.gcs_billing_account_id
+
+  display_name = "Monthly Budget [${var.env_name}]"
+
+  budget_filter {
+    projects = ["projects/${data.google_project.mapswipe.number}"]
+  }
+
+  amount {
+    specified_amount {
+      currency_code = "GBP" # £
+      units         = var.budget_amount
+    }
+  }
+
+  threshold_rules {
+    spend_basis       = "CURRENT_SPEND"
+    threshold_percent = 0.9
+  }
+
+  threshold_rules {
+    spend_basis       = "CURRENT_SPEND"
+    threshold_percent = 1.2
+  }
+
+  threshold_rules {
+    spend_basis       = "CURRENT_SPEND"
+    threshold_percent = 1.4
+  }
+
+  threshold_rules {
+    spend_basis       = "CURRENT_SPEND"
+    threshold_percent = 1.6
+  }
+
+  all_updates_rule {
+    monitoring_notification_channels = [
+      google_monitoring_notification_channel.toggle_dev.id,
+    ]
+    disable_default_iam_recipients = true
+  }
+}
diff --git a/terraform/resources/main.tf b/terraform/resources/main.tf
@@ -0,0 +1,3 @@
+data "google_project" "mapswipe" {
+  project_id = var.gcs_project_id
+}
diff --git a/terraform/resources/providers.tf b/terraform/resources/providers.tf
@@ -1,4 +1,6 @@
 provider "google" {
-  project = var.gcs_project_id
-  region  = var.gcs_region
+  project               = var.gcs_project_id
+  region                = var.gcs_region
+  billing_project       = var.gcs_project_id
+  user_project_override = true
 }
diff --git a/terraform/resources/variables.tf b/terraform/resources/variables.tf
@@ -14,3 +14,19 @@ variable "gcs_region" {
   description = "GCS region"
   type        = string
 }
+
+variable "gcs_billing_account_id" {
+  description = "GCS billing account id"
+  type        = string
+  sensitive   = true
+}
+
+variable "budget_amount" {
+  description = "Budget amount in GBP (£)"
+  type        = number
+}
+
+variable "togglecorp_dev_email_address" {
+  description = "Togglecorp dev email address"
+  type        = string
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -7,4 +7,5 @@ terraform { @@
     }
     inputs = {
+      budget_amount = 50
     }