Cloud Function v2 - modul (#119)

Vi har slitt med at den foregående modulen har feilet hver gang et nytt produktteam onboardes DASK. Har derfor laget en oppdatert versjon som skal brukes i monorepo-oppsettet vårt. --------- Co-authored-by: augustdahl <[email protected]>
kartverket · Jan 3, 2025 · 99af7d0 · 99af7d0
1 parent d3bc5f2
commit 99af7d0
Show file tree

Hide file tree

Showing 3 changed files with 109 additions and 0 deletions.
diff --git a/terraform/modules/cloud_function_v2/backend.tf b/terraform/modules/cloud_function_v2/backend.tf
@@ -0,0 +1,12 @@
+terraform {
+  required_providers {
+    archive = {
+      source  = "hashicorp/archive"
+      version = "~> 2.7.0"
+    }
+    google = {
+      source  = "hashicorp/google"
+      version = "~> 6.14.0"
+    }
+  }
+}
diff --git a/terraform/modules/cloud_function_v2/main.tf b/terraform/modules/cloud_function_v2/main.tf
@@ -0,0 +1,65 @@
+########## Google Storage Bucket and bucket object for the Cloud Function source code
+resource "google_storage_bucket" "source_bucket" {
+  name                        = "gcf-${var.name}-${var.project_id}"
+  location                    = var.region
+  storage_class               = "STANDARD"
+  uniform_bucket_level_access = true
+}
+
+data "archive_file" "function_source_zip" {
+  type        = "zip"
+  source_dir  = var.source_dir
+  output_path = "${path.module}/${var.name}.zip"
+}
+
+resource "google_storage_bucket_object" "function_source" {
+  name   = "${var.name}-source#${data.archive_file.function_source_zip.output_md5}.zip"
+  bucket = google_storage_bucket.source_bucket.name
+  source = data.archive_file.function_source_zip.output_path
+}
+##########
+
+########## Cloud Function and necessary permissions
+resource "google_cloudfunctions2_function" "function" {
+  name     = "${var.name}-function"
+  location = var.region
+  build_config {
+    entry_point = "main"
+    runtime     = var.runtime
+    source {
+      storage_source {
+        bucket = google_storage_bucket.source_bucket.name
+        object = google_storage_bucket_object.function_source.name
+      }
+    }
+  }
+  service_config {
+    environment_variables = var.environment_variables
+    service_account_email = var.service_account_email
+  }
+}
+
+resource "google_cloud_run_service_iam_member" "scheduler_invoker" {
+  project  = var.project_id
+  location = google_cloudfunctions2_function.function.location
+  service  = google_cloudfunctions2_function.function.name
+  role     = "roles/run.invoker"
+  member   = "serviceAccount:${var.service_account_email}"
+}
+##########
+
+########## Cloud Scheduler Job
+resource "google_cloud_scheduler_job" "job" {
+  name        = "${var.name}-scheduler-job"
+  schedule    = var.schedule
+  time_zone   = "Europe/Oslo"
+  description = "Scheduler for the ${var.name} Cloud Function"
+  http_target {
+    uri         = google_cloudfunctions2_function.function.service_config[0].uri
+    http_method = "POST"
+    oidc_token {
+      service_account_email = var.service_account_email
+    }
+  }
+}
+##########
diff --git a/terraform/modules/cloud_function_v2/variables.tf b/terraform/modules/cloud_function_v2/variables.tf
@@ -0,0 +1,32 @@
+variable "project_id" {
+  description = "The project ID to deploy the Cloud Function to"
+}
+
+variable "name" {
+  description = "The name of the Cloud Function"
+}
+
+variable "source_dir" {
+  description = "The directory containing the source code for the Cloud Function"
+}
+
+variable "region" {
+  description = "The region to deploy the GCS bucket and Cloud Function to"
+}
+
+variable "environment_variables" {
+  description = "Runtime environment variables to set on the Cloud Function"
+  type        = map(string)
+}
+
+variable "schedule" {
+  description = "The cron schedule for the Cloud Scheduler job"
+}
+
+variable "service_account_email" {
+  description = "The email of the service account to use for the Cloud Function"
+}
+
+variable "runtime" {
+  description = "The runtime to use for the Cloud Function"
+}