updated terraform for intermediate functions repo clone

2024-11-25 17:31:32 +01:00 · 2024-11-25 17:31:32 +01:00 · dc8765490f
parent e1b0a5668e
commit dc8765490f
7 changed files with 135 additions and 36 deletions
--- a/infrastructure/.terraform.lock.hcl
+++ b/infrastructure/.terraform.lock.hcl
@ -20,3 +20,22 @@ provider "registry.terraform.io/hashicorp/google" {
    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
  ]
 }
+
+provider "registry.terraform.io/hashicorp/null" {
+  version = "3.2.3"
+  hashes = [
+    "h1:+AnORRgFbRO6qqcfaQyeX80W0eX3VmjadjnUFUJTiXo=",
+    "zh:22d062e5278d872fe7aed834f5577ba0a5afe34a3bdac2b81f828d8d3e6706d2",
+    "zh:23dead00493ad863729495dc212fd6c29b8293e707b055ce5ba21ee453ce552d",
+    "zh:28299accf21763ca1ca144d8f660688d7c2ad0b105b7202554ca60b02a3856d3",
+    "zh:55c9e8a9ac25a7652df8c51a8a9a422bd67d784061b1de2dc9fe6c3cb4e77f2f",
+    "zh:756586535d11698a216291c06b9ed8a5cc6a4ec43eee1ee09ecd5c6a9e297ac1",
+    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
+    "zh:9d5eea62fdb587eeb96a8c4d782459f4e6b73baeece4d04b4a40e44faaee9301",
+    "zh:a6355f596a3fb8fc85c2fb054ab14e722991533f87f928e7169a486462c74670",
+    "zh:b5a65a789cff4ada58a5baffc76cb9767dc26ec6b45c00d2ec8b1b027f6db4ed",
+    "zh:db5ab669cf11d0e9f81dc380a6fdfcac437aea3d69109c7aef1a5426639d2d65",
+    "zh:de655d251c470197bcbb5ac45d289595295acb8f829f6c781d4a75c8c8b7c7dd",
+    "zh:f5c68199f2e6076bce92a12230434782bf768103a427e9bb9abee99b116af7b5",
+  ]
+}
--- a/infrastructure/main.py
+++ b/infrastructure/main.py
@ -0,0 +1,26 @@
+import os
+
+def handle_webhook(request):
+    request_json = request.get_json()
+    request_json.get_json('repository').get('clone_url')
+    repo_url = request_json.get('repo_url')
+
+    if not repo_url:
+        return "Repository URL not provided", 400
+
+    # Clone the repository
+    os.system(f"git clone {repo_url} /tmp/repo")
+
+    # Upload to Google Cloud Storage
+    bucket_name = os.environ.get('BUCKET_NAME')
+    client = storage.Client()
+    bucket = client.bucket(bucket_name)
+
+    for root, dirs, files in os.walk('/tmp/repo'):
+        for file_name in files:
+            local_path = os.path.join(root, file_name)
+            remote_path = os.path.relpath(local_path, '/tmp/repo')
+            blob = bucket.blob(remote_path)
+            blob.upload_from_filename(local_path)
+
+    return "Repository uploaded", 200
--- a/infrastructure/main.tf
+++ b/infrastructure/main.tf
@ -25,33 +25,88 @@ resource "google_project_service" "container_registry" {
  service = "containerregistry.googleapis.com"
 }

-# IAM Role for Cloud Build service account
-resource "google_project_iam_member" "cloudbuild_permissions" {
-  for_each = toset([
-    "roles/cloudbuild.builds.builder",
-    "roles/storage.admin"
-  ])
-  project = var.project_id
-  role    = each.key
-  member  = "user:2121321@stud.hs-mannheim.de"
+resource "google_storage_bucket" "source_code_bucket" {
+  name     = "${var.project_id}${var.bucket_name}"
+  location = var.region
+  uniform_bucket_level_access = true
+  force_destroy = true
 }

-# Cloud Build Trigger
-resource "google_cloudbuild_trigger" "cmg_trigger" {
-  name        = "cmg-pipeline-trigger"
-  location     = var.region
-  service_account = "projects/test-442316/serviceAccounts/test-442316@appspot.gserviceaccount.com"
+resource "google_pubsub_topic" "build_trigger" {
+  name = "build-trigger-topic"
+}

-  source_to_build {
-    uri       = "https://gitty.informatik.hs-mannheim.de/2121321/cmg-ws2024525-demo.git"
-    repo_type = "UNKNOWN"
-    ref       = "refs/heads/main"
-  }
+# resource "google_cloudbuild_trigger" "build_trigger" {
+#   name = var.cloud_build_trigger_name
+#
+#   description = "Trigger build when code is updated in the GCS bucket"
+#
+#   # Triggered by a Pub/Sub event when a file is uploaded to the bucket
+#   included_files = ["**"]
+#
+#   pubsub_config {
+#     topic = google_pubsub_topic.build_trigger.id
+#
+#     # Using the App Engine service account for authentication
+#     service_account_email = "${var.project_id}@appspot.gserviceaccount.com"
+#   }
+#
+#   build {
+#     step {
+#       name = "gcr.io/cloud-builders/gsutil"
+#       args = ["cp", "gs://${google_storage_bucket.source_code_bucket.name}/*", "/workspace/"]
+#     }
+#
+#     step {
+#       name = "gcr.io/cloud-builders/docker"
+#       args = ["build", "-t", "gcr.io/${var.project_id}/my-service", "."]
+#     }
+#
+#     images = ["gcr.io/${var.project_id}/my-service"]
+#   }
+#   depends_on = [null_resource.upload_function_code]
+#
+# }

-  git_file_source {
-    path      = "cloudbuild.yaml"
-    uri       = "https://gitty.informatik.hs-mannheim.de/2121321/cmg-ws2024525-demo.git"
-    repo_type = "UNKNOWN"
-    revision  = "refs/heads/main"
+
+resource "google_storage_bucket_iam_binding" "allow_function_to_write" {
+  bucket = google_storage_bucket.source_code_bucket.name
+
+  role = "roles/storage.objectAdmin"
+
+  members = [
+    "serviceAccount:${google_cloudfunctions_function.webhook_handler.service_account_email}",
+  ]
+  depends_on = [null_resource.upload_function_code]
+}
+
+# this .... does not work, idk
+resource "null_resource" "upload_function_code" {
+  provisioner "local-exec" {
+    command = "zip -r webhook-function.zip main.py requirements.txt && gsutil cp webhook-function.zip gs://${google_storage_bucket.source_code_bucket.name}/webhook-function.zip && echo uploaded function code"
  }
-}
+  depends_on = [google_storage_bucket.source_code_bucket]
+
+}
+
+
+
+resource "google_cloudfunctions_function" "webhook_handler" {
+  name        = "webhook-handler"
+  description = "Handles incoming webhooks and uploads the code to GCS."
+  runtime     = "python311"
+  region      = var.region
+
+  entry_point = "handle_webhook"
+
+  source_archive_bucket = google_storage_bucket.source_code_bucket.name
+  source_archive_object = "webhook-function.zip"
+
+  trigger_http = true
+
+
+  environment_variables = {
+    BUCKET_NAME = google_storage_bucket.source_code_bucket.name
+  }
+  depends_on = [null_resource.upload_function_code]
+}
--- a/infrastructure/outputs.tf
+++ b/infrastructure/outputs.tf
@ -1,4 +1,4 @@
 output "cloudbuild_trigger_url" {
  description = "Cloud Build Trigger URL"
-  value       = google_cloudbuild_trigger.cmg_trigger.id
+  value       = google_cloudfunctions_function.webhook_handler.https_trigger_url
 }
--- a/infrastructure/requirements.txt
+++ b/infrastructure/requirements.txt
--- a/infrastructure/terraform.tfvars
+++ b/infrastructure/terraform.tfvars
@ -1,4 +1,3 @@
 project_id   = "test-442316"
-region       = "europe-north1"
-git_owner = "2121321"
-git_repo  = "cmg-ws2024525-demo"
+region       = "europe-west3"
+
--- a/infrastructure/variables.tf
+++ b/infrastructure/variables.tf
@ -7,17 +7,17 @@ variable "project_id" {
 variable "region" {
  description = "Google Cloud region"
  type        = string
-  default     = "europe-north1"
+  default     = "europe-west3"
 }

-variable "git_owner" {
-  description = "Gitea repository owner"
+variable "bucket_name" {
+  description = "The name of the GCS bucket."
  type        = string
-  default = "2121321"
+  default = "cmg-bucket"
 }

-variable "git_repo" {
-  description = "GitHub or Gitea repository name"
+variable "cloud_build_trigger_name" {
+  description = "Name of the Cloud Build trigger."
  type        = string
-  default = "cmg-ws2024525-demo"
+  default     = "build-services-trigger"
 }