2020-09-09 15:13:36 -07:00
|
|
|
/**
|
2023-02-10 05:24:10 -08:00
|
|
|
* Copyright 2023 Google LLC
|
2020-09-09 15:13:36 -07:00
|
|
|
*
|
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
|
*
|
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
*
|
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
|
* limitations under the License.
|
|
|
|
|
*/
|
|
|
|
|
|
2021-12-23 06:07:14 -08:00
|
|
|
|
|
|
|
|
|
2020-09-10 06:18:32 -07:00
|
|
|
###############################################################################
|
|
|
|
|
# Projects #
|
|
|
|
|
###############################################################################
|
2020-11-05 23:37:44 -08:00
|
|
|
|
2020-09-09 15:13:36 -07:00
|
|
|
module "project" {
|
2022-01-10 06:09:38 -08:00
|
|
|
source = "../../../modules/project"
|
2020-09-09 15:13:36 -07:00
|
|
|
name = var.project_id
|
2020-09-24 08:16:43 -07:00
|
|
|
parent = var.root_node
|
2021-09-01 02:17:06 -07:00
|
|
|
billing_account = try(var.billing_account, null)
|
2020-09-09 15:13:36 -07:00
|
|
|
project_create = var.project_create
|
|
|
|
|
services = [
|
|
|
|
|
"bigquery.googleapis.com",
|
|
|
|
|
"cloudasset.googleapis.com",
|
|
|
|
|
"compute.googleapis.com",
|
|
|
|
|
"cloudfunctions.googleapis.com",
|
|
|
|
|
"cloudbuild.googleapis.com",
|
|
|
|
|
"cloudscheduler.googleapis.com",
|
|
|
|
|
"pubsub.googleapis.com"
|
|
|
|
|
]
|
2021-09-01 02:17:06 -07:00
|
|
|
iam = {
|
2021-09-02 00:38:33 -07:00
|
|
|
"roles/resourcemanager.projectIamAdmin" = ["serviceAccount:${module.project.service_accounts.robots.cloudasset}"]
|
|
|
|
|
"roles/bigquery.dataEditor" = ["serviceAccount:${module.project.service_accounts.robots.cloudasset}"]
|
|
|
|
|
"roles/bigquery.user" = ["serviceAccount:${module.project.service_accounts.robots.cloudasset}"]
|
2021-09-01 02:17:06 -07:00
|
|
|
}
|
2020-09-09 15:13:36 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
module "service-account" {
|
2022-01-10 06:09:38 -08:00
|
|
|
source = "../../../modules/iam-service-account"
|
2020-09-09 15:13:36 -07:00
|
|
|
project_id = module.project.project_id
|
2020-10-20 14:25:50 -07:00
|
|
|
name = "${var.name}-cf"
|
2020-09-09 15:13:36 -07:00
|
|
|
iam_project_roles = {
|
2021-09-01 02:17:06 -07:00
|
|
|
(var.project_id) = [
|
|
|
|
|
"roles/cloudasset.owner",
|
2021-12-16 04:27:26 -08:00
|
|
|
"roles/bigquery.jobUser"
|
2021-09-01 02:17:06 -07:00
|
|
|
]
|
2020-09-09 15:13:36 -07:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-09-10 06:18:32 -07:00
|
|
|
###############################################################################
|
|
|
|
|
# Pub/Sub #
|
|
|
|
|
###############################################################################
|
2020-11-05 23:37:44 -08:00
|
|
|
|
2020-09-09 15:13:36 -07:00
|
|
|
module "pubsub" {
|
2022-01-10 06:09:38 -08:00
|
|
|
source = "../../../modules/pubsub"
|
2020-09-09 15:13:36 -07:00
|
|
|
project_id = module.project.project_id
|
|
|
|
|
name = var.name
|
|
|
|
|
subscriptions = {
|
|
|
|
|
"${var.name}-default" = null
|
|
|
|
|
}
|
|
|
|
|
# the Cloud Scheduler robot service account already has pubsub.topics.publish
|
|
|
|
|
# at the project level via roles/cloudscheduler.serviceAgent
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-16 01:54:38 -08:00
|
|
|
module "pubsub_file" {
|
2022-01-10 06:09:38 -08:00
|
|
|
source = "../../../modules/pubsub"
|
2021-12-16 01:54:38 -08:00
|
|
|
project_id = module.project.project_id
|
|
|
|
|
name = var.name_cffile
|
|
|
|
|
subscriptions = {
|
|
|
|
|
"${var.name_cffile}-default" = null
|
|
|
|
|
}
|
|
|
|
|
# the Cloud Scheduler robot service account already has pubsub.topics.publish
|
|
|
|
|
# at the project level via roles/cloudscheduler.serviceAgent
|
|
|
|
|
}
|
|
|
|
|
|
2020-09-10 06:18:32 -07:00
|
|
|
###############################################################################
|
|
|
|
|
# Cloud Function #
|
|
|
|
|
###############################################################################
|
2020-11-05 23:37:44 -08:00
|
|
|
|
2020-09-09 15:13:36 -07:00
|
|
|
module "cf" {
|
2023-06-19 03:50:36 -07:00
|
|
|
source = "../../../modules/cloud-function-v1"
|
2020-09-09 15:13:36 -07:00
|
|
|
project_id = module.project.project_id
|
2021-12-15 05:07:48 -08:00
|
|
|
region = var.region
|
2020-09-09 15:13:36 -07:00
|
|
|
name = var.name
|
|
|
|
|
bucket_name = "${var.name}-${random_pet.random.id}"
|
|
|
|
|
bucket_config = {
|
2022-11-12 03:34:09 -08:00
|
|
|
location = var.region
|
2020-09-09 15:13:36 -07:00
|
|
|
}
|
|
|
|
|
bundle_config = {
|
2023-02-10 05:24:10 -08:00
|
|
|
source_dir = "${path.module}/cf"
|
2021-11-07 01:46:22 -08:00
|
|
|
output_path = var.bundle_path
|
2020-09-09 15:13:36 -07:00
|
|
|
}
|
|
|
|
|
service_account = module.service-account.email
|
|
|
|
|
trigger_config = {
|
2023-06-19 03:50:36 -07:00
|
|
|
event = "google.pubsub.topic.publish"
|
|
|
|
|
resource = module.pubsub.topic.id
|
2020-09-09 15:13:36 -07:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-16 01:54:38 -08:00
|
|
|
module "cffile" {
|
2021-12-23 06:07:14 -08:00
|
|
|
count = var.cai_gcs_export ? 1 : 0
|
2023-06-19 03:50:36 -07:00
|
|
|
source = "../../../modules/cloud-function-v1"
|
2021-12-16 01:54:38 -08:00
|
|
|
project_id = module.project.project_id
|
|
|
|
|
region = var.region
|
|
|
|
|
name = var.name_cffile
|
|
|
|
|
bucket_name = "${var.name_cffile}-${random_pet.random.id}"
|
|
|
|
|
bucket_config = {
|
2022-11-16 00:31:43 -08:00
|
|
|
location = var.region
|
|
|
|
|
lifecycle_delete_age_days = null
|
2021-12-16 01:54:38 -08:00
|
|
|
}
|
|
|
|
|
bundle_config = {
|
2023-02-10 05:24:10 -08:00
|
|
|
source_dir = "${path.module}/cffile"
|
2021-12-16 01:54:38 -08:00
|
|
|
output_path = var.bundle_path_cffile
|
|
|
|
|
excludes = null
|
|
|
|
|
}
|
|
|
|
|
service_account = module.service-account.email
|
|
|
|
|
trigger_config = {
|
2023-06-19 03:50:36 -07:00
|
|
|
event = "google.pubsub.topic.publish"
|
|
|
|
|
resource = module.pubsub_file.topic.id
|
|
|
|
|
retry = null
|
2021-12-16 01:54:38 -08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-09-10 06:18:32 -07:00
|
|
|
resource "random_pet" "random" {
|
|
|
|
|
length = 1
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
###############################################################################
|
|
|
|
|
# Cloud Scheduler #
|
|
|
|
|
###############################################################################
|
2020-11-05 23:37:44 -08:00
|
|
|
|
2020-09-09 15:13:36 -07:00
|
|
|
resource "google_app_engine_application" "app" {
|
|
|
|
|
project = module.project.project_id
|
2020-09-24 08:16:43 -07:00
|
|
|
location_id = var.location
|
2020-09-09 15:13:36 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
resource "google_cloud_scheduler_job" "job" {
|
2020-09-24 09:49:16 -07:00
|
|
|
project = google_app_engine_application.app.project
|
|
|
|
|
region = var.region
|
2021-12-15 05:07:48 -08:00
|
|
|
name = "cai-export-job"
|
2022-01-31 01:45:34 -08:00
|
|
|
description = "CAI Export Job."
|
2020-09-24 09:49:16 -07:00
|
|
|
schedule = "* 9 * * 1"
|
|
|
|
|
time_zone = "Etc/UTC"
|
2020-09-09 15:13:36 -07:00
|
|
|
|
|
|
|
|
pubsub_target {
|
|
|
|
|
attributes = {}
|
|
|
|
|
topic_name = module.pubsub.topic.id
|
|
|
|
|
data = base64encode(jsonencode({
|
2021-12-15 23:39:49 -08:00
|
|
|
project = module.project.project_id
|
|
|
|
|
bq_project = module.project.project_id
|
|
|
|
|
bq_dataset = var.cai_config.bq_dataset
|
|
|
|
|
bq_table = var.cai_config.bq_table
|
|
|
|
|
bq_table_overwrite = var.cai_config.bq_table_overwrite
|
|
|
|
|
target_node = var.cai_config.target_node
|
2020-09-09 15:13:36 -07:00
|
|
|
}))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-16 01:54:38 -08:00
|
|
|
resource "google_cloud_scheduler_job" "job_file" {
|
2021-12-23 06:07:14 -08:00
|
|
|
count = var.cai_gcs_export ? 1 : 0
|
2021-12-16 01:54:38 -08:00
|
|
|
project = google_app_engine_application.app.project
|
|
|
|
|
region = var.region
|
|
|
|
|
name = "file-export-job"
|
2022-01-31 01:45:34 -08:00
|
|
|
description = "File export from BQ Job."
|
2021-12-16 01:54:38 -08:00
|
|
|
schedule = "* 9 * * 1"
|
|
|
|
|
time_zone = "Etc/UTC"
|
|
|
|
|
|
|
|
|
|
pubsub_target {
|
|
|
|
|
attributes = {}
|
|
|
|
|
topic_name = module.pubsub_file.topic.id
|
|
|
|
|
data = base64encode(jsonencode({
|
|
|
|
|
bucket = var.file_config.bucket
|
|
|
|
|
filename = var.file_config.filename
|
|
|
|
|
format = var.file_config.format
|
|
|
|
|
bq_dataset = var.file_config.bq_dataset
|
|
|
|
|
bq_table = var.file_config.bq_table
|
|
|
|
|
}))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2020-09-10 06:18:32 -07:00
|
|
|
###############################################################################
|
|
|
|
|
# Bigquery #
|
|
|
|
|
###############################################################################
|
2020-11-05 23:37:44 -08:00
|
|
|
|
2020-09-24 08:16:43 -07:00
|
|
|
module "bq" {
|
2022-01-10 06:09:38 -08:00
|
|
|
source = "../../../modules/bigquery-dataset"
|
2020-09-09 15:13:36 -07:00
|
|
|
project_id = module.project.project_id
|
|
|
|
|
id = var.cai_config.bq_dataset
|
2021-12-15 05:07:48 -08:00
|
|
|
location = var.region
|
2020-11-21 00:45:56 -08:00
|
|
|
access = {
|
|
|
|
|
owner = { role = "OWNER", type = "user" }
|
2020-09-09 15:13:36 -07:00
|
|
|
}
|
|
|
|
|
access_identities = {
|
|
|
|
|
owner = module.service-account.email
|
|
|
|
|
}
|
2020-09-24 08:16:43 -07:00
|
|
|
options = {
|
|
|
|
|
default_table_expiration_ms = null
|
|
|
|
|
default_partition_expiration_ms = null
|
|
|
|
|
delete_contents_on_destroy = true
|
|
|
|
|
}
|
2020-09-09 15:13:36 -07:00
|
|
|
}
|
