You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
110 lines
3.1 KiB
HCL
110 lines
3.1 KiB
HCL
# Example message:
|
|
# curl -H "Content-Type: application/json" -d '{"time": "2021-07-20T05:05:47", "service": "foo", "log": "bar"}' -X POST 'https://us-central1-hip-wharf-319304.cloudfunctions.net/cf-to-pubsub'
|
|
|
|
variable "project" {
|
|
description = "Project ID."
|
|
type = string
|
|
}
|
|
|
|
variable "region" {
|
|
description = "Region."
|
|
type = string
|
|
}
|
|
|
|
variable "function_name" {
|
|
description = "Name for the cloud function. If unspecified, one will be generated."
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "function_description" {
|
|
description = "Description for the cloud function."
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "environment_variables" {
|
|
description = "Environment variables for the execution of the cloud function."
|
|
type = map(any)
|
|
default = {}
|
|
}
|
|
|
|
variable "source_bucket" {
|
|
description = "Google storage bucket where the source code will be stored."
|
|
}
|
|
|
|
variable "function_source_name" {
|
|
description = "Name of the folder containing the source code for the function."
|
|
type = string
|
|
}
|
|
|
|
variable "service_cloudbuild" {
|
|
description = "The cloudbuild google_project_service."
|
|
}
|
|
|
|
variable "allow_external" {
|
|
description = "Whether or not to allow outside traffic ingress."
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
output "https_trigger_url" {
|
|
description = "https endpoint for the cloud function."
|
|
value = google_cloudfunctions_function.function.https_trigger_url
|
|
}
|
|
|
|
locals {
|
|
function_name = var.function_name == "" ? "cf-${random_id.function_id.hex}" : var.function_name
|
|
}
|
|
|
|
resource "random_id" "function_id" {
|
|
byte_length = 4
|
|
}
|
|
|
|
resource "random_id" "cf_bucket_id" {
|
|
byte_length = 4
|
|
}
|
|
|
|
data "archive_file" "source_archive" {
|
|
type = "zip"
|
|
source_dir = "${path.module}/functions/${var.function_source_name}"
|
|
output_path = "${path.module}/built/${var.function_source_name}.zip"
|
|
excludes = [".python-version"]
|
|
}
|
|
|
|
resource "google_storage_bucket_object" "remote_archive" {
|
|
name = "${var.function_source_name}-${data.archive_file.source_archive.output_base64sha256}.zip"
|
|
bucket = var.source_bucket.name
|
|
source = data.archive_file.source_archive.output_path
|
|
}
|
|
|
|
resource "google_cloudfunctions_function" "function" {
|
|
name = local.function_name
|
|
description = var.function_description
|
|
runtime = "python39"
|
|
|
|
available_memory_mb = 128
|
|
source_archive_bucket = var.source_bucket.name
|
|
source_archive_object = google_storage_bucket_object.remote_archive.name
|
|
trigger_http = true
|
|
entry_point = "main"
|
|
max_instances = 4
|
|
ingress_settings = var.allow_external ? "ALLOW_ALL" : "ALLOW_INTERNAL_ONLY"
|
|
|
|
environment_variables = var.environment_variables
|
|
|
|
depends_on = [
|
|
var.service_cloudbuild
|
|
]
|
|
}
|
|
|
|
# Allow unauthenticated access over http
|
|
resource "google_cloudfunctions_function_iam_member" "invoker" {
|
|
project = google_cloudfunctions_function.function.project
|
|
region = google_cloudfunctions_function.function.region
|
|
cloud_function = google_cloudfunctions_function.function.name
|
|
|
|
role = "roles/cloudfunctions.invoker"
|
|
member = "allUsers"
|
|
}
|