feat: cleanup and docs

.kitchen.yml

@@ -0,0 +1,30 @@
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+---
+driver:
+  name: terraform
+  verify_version: false
+
+provisioner:
+  name: terraform
+
+verifier:
+  name: terraform
+
+platforms:
+  - name: default
+
+suites:
+  - name: default

Makefile

@@ -18,7 +18,7 @@
 # Make will use bash instead of sh
 SHELL := /usr/bin/env bash
 
-DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 1
+DOCKER_TAG_VERSION_DEVELOPER_TOOLS := 1.7
 DOCKER_IMAGE_DEVELOPER_TOOLS := cft/developer-tools
 REGISTRY_URL := gcr.io/cloud-foundation-cicd
 

README.md

@@ -25,8 +25,8 @@ module "cloud_functions2" {
   # Required variables
   function_name  = "<FUNCTION_NAME>"
   project_id     = "<PROJECT_ID>"
-  location       = "us-central1"
-  runtime        = "java11"
+  location       = "<LOCATION>"
+  runtime        = "<RUNTIME>"
   entrypoint     = "<ENTRYPOINT>"
   storage_source = {
     filepath    = "<sourcefilepath>"
@@ -57,7 +57,7 @@ Functional examples are included in the
 | repo\_source | Get the source from this location in a Cloud Source Repository | <pre>object({<br>    project_id   = string<br>    repo_name    = string<br>    branch_name  = string<br>    dir          = string<br>    tag_name     = string<br>    commit_sha   = string<br>    invert_regex = bool<br>  })</pre> | `null` | no |
 | runtime | The runtime in which to run the function. | `string` | n/a | yes |
 | service\_config | Details of the service | <pre>object({<br>    max_instance_count    = string<br>    min_instance_count    = string<br>    available_memory      = string<br>    timeout_seconds       = string<br>    runtime_env_variables = map(string)<br>    runtime_secret_env_variables = set(object({<br>      key_name   = string<br>      project_id = string<br>      secret     = string<br>      version    = string<br>    }))<br>    secret_volumes = set(object({<br>      mount_path = string<br>      project_id = string<br>      secret     = string<br>      versions = set(object({<br>        version = string<br>        path    = string<br>      }))<br>    }))<br>    vpc_connector                  = string<br>    vpc_connector_egress_settings  = string<br>    ingress_settings               = string<br>    service_account_email          = string<br>    all_traffic_on_latest_revision = bool<br>  })</pre> | <pre>{<br>  "all_traffic_on_latest_revision": true,<br>  "available_memory": "256M",<br>  "ingress_settings": null,<br>  "max_instance_count": "100",<br>  "min_instance_count": null,<br>  "runtime_env_variables": null,<br>  "runtime_secret_env_variables": null,<br>  "secret_volumes": null,<br>  "service_account_email": null,<br>  "timeout_seconds": "60",<br>  "vpc_connector": null,<br>  "vpc_connector_egress_settings": null<br>}</pre> | no |
-| storage\_source | Get the source from this location in Google Cloud Storage | <pre>object({<br>    bucketname = string<br>    #filepath    = string<br>    #filename    = string<br>    #source_path = string<br>    object     = string<br>    generation = string<br>  })</pre> | `null` | no |
+| storage\_source | Get the source from this location in Google Cloud Storage | <pre>object({<br>    bucket     = string<br>    object     = string<br>    generation = string<br>  })</pre> | `null` | no |
 | worker\_pool | Name of the Cloud Build Custom Worker Pool that should be used to build the function. | `string` | `null` | no |
 
 ## Outputs
@@ -86,6 +86,12 @@ A service account with the following roles must be used to provision
 the resources of this module:
 
 - Storage Admin: `roles/storage.admin`
+- Cloud Functions Admin: `roles/cloudfunctions.admin`
+- Cloud Run Admin: `roles/run.admin`
+- Pub/Sub Admin: `roles/pubsub.admin`
+- Artifact Registry Admin: `roles/artifactregistry.admin`
+- Cloud Build Editor: `roles/cloudbuild.builds.editor`
+- Secret Manager Admin: `roles/secretmanager.admin`
 
 The [Project Factory module][project-factory-module] and the
 [IAM module][iam-module] may be used in combination to provision a
@@ -97,6 +103,12 @@ A project with the following APIs enabled must be used to host the
 resources of this module:
 
 - Google Cloud Storage JSON API: `storage-api.googleapis.com`
+- Cloud Functions API: `cloudfunctions.googleapis.com`
+- Cloud Run Admin API: `run.googleapis.com`
+- Cloud Build API: `cloudbuild.googleapis.com`
+- Artifact Registry API: `artifactregistry.googleapis.com`
+- Pub/Sub API: `pubsub.googleapis.com`
+- Secret Manager API: `secretmanager.googleapis.com`
 
 The [Project Factory module][project-factory-module] can be used to
 provision a project with the necessary APIs enabled.

examples/cloud_function2_pubsub_trigger/README.md

@@ -7,8 +7,7 @@ This example illustrates how to use the `cloud-functions` module.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| project\_id | The ID of the project in which to provision resources. | `string` | n/a | yes |
-| pubsub\_topic | Name of the PubSub Topic | `string` | `"func-topic"` | no |
+| project\_id | The ID of the project in which to provision resources. | `string` | `"dc-in-lz-pr-poc-01"` | no |
 
 ## Outputs
 

metadata.yaml

@@ -0,0 +1,170 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: blueprints.cloud.google.com/v1alpha1
+kind: BlueprintMetadata
+metadata:
+  name: terraform-google-cloud-functions
+  annotations:
+    config.kubernetes.io/local-config: "true"
+spec:
+  title: Terraform Google Cloud Functions (Gen 2) module
+  source:
+    repo: sso://user/prabhuramasamy/terraform-google-cloud-functions
+    sourceType: git
+  version: 0.0.1
+  actuationTool:
+    type: Terraform
+    version: '>= 0.13'
+  examples:
+  - name: cloud_function2_gcs_source
+    location: examples/cloud_function2_gcs_source
+  - name: cloud_function2_pubsub_trigger
+    location: examples/cloud_function2_pubsub_trigger
+  variables:
+  - name: build_env_variables
+    description: User-provided build-time environment variables
+    type: map(string)
+    required: false
+  - name: description
+    description: Short description of the function
+    type: string
+    required: false
+  - name: docker_repository
+    description: User managed repository created in Artifact Registry optionally with a customer managed encryption key.
+    type: string
+    required: false
+  - name: entrypoint
+    description: The name of the function (as defined in source code) that will be executed. Defaults to the resource name suffix, if not specified
+    type: string
+    required: true
+  - name: event_trigger
+    description: Event triggers for the function
+    type: |-
+      object({
+          trigger_region        = string
+          event_type            = string
+          service_account_email = string
+          pubsub_topic          = string
+          retry_policy          = string
+          event_filters = set(object({
+            attribute       = string
+            attribute_value = string
+            operator        = string
+          }))
+        })
+    required: false
+  - name: function_location
+    description: The location of this cloud function
+    type: string
+    required: true
+  - name: function_name
+    description: A user-defined name of the function
+    type: string
+    required: true
+  - name: labels
+    description: A set of key/value label pairs associated with this Cloud Function
+    type: map(string)
+    required: false
+  - name: project_id
+    description: Project ID to create Cloud Function
+    type: string
+    required: true
+  - name: repo_source
+    description: Get the source from this location in a Cloud Source Repository
+    type: |-
+      object({
+          project_id   = string
+          repo_name    = string
+          branch_name  = string
+          dir          = string
+          tag_name     = string
+          commit_sha   = string
+          invert_regex = bool
+        })
+    required: false
+  - name: runtime
+    description: The runtime in which to run the function.
+    type: string
+    required: true
+  - name: service_config
+    description: Details of the service
+    type: |-
+      object({
+          max_instance_count    = string
+          min_instance_count    = string
+          available_memory      = string
+          timeout_seconds       = string
+          runtime_env_variables = map(string)
+          runtime_secret_env_variables = set(object({
+            key_name   = string
+            project_id = string
+            secret     = string
+            version    = string
+          }))
+          secret_volumes = set(object({
+            mount_path = string
+            project_id = string
+            secret     = string
+            versions = set(object({
+              version = string
+              path    = string
+            }))
+          }))
+          vpc_connector                  = string
+          vpc_connector_egress_settings  = string
+          ingress_settings               = string
+          service_account_email          = string
+          all_traffic_on_latest_revision = bool
+        })
+    default:
+      all_traffic_on_latest_revision: true
+      available_memory: 256M
+      ingress_settings: null
+      max_instance_count: "100"
+      min_instance_count: null
+      runtime_env_variables: null
+      runtime_secret_env_variables: null
+      secret_volumes: null
+      service_account_email: null
+      timeout_seconds: "60"
+      vpc_connector: null
+      vpc_connector_egress_settings: null
+    required: false
+  - name: storage_source
+    description: Get the source from this location in Google Cloud Storage
+    type: |-
+      object({
+          bucket     = string
+          object     = string
+          generation = string
+        })
+    required: false
+  - name: worker_pool
+    description: Name of the Cloud Build Custom Worker Pool that should be used to build the function.
+    type: string
+    required: false
+  outputs:
+  - name: function_name
+    description: Name of the Cloud Function (Gen 2)
+  - name: function_uri
+    description: URI of the Cloud Function (Gen 2)
+  roles:
+  - level: Project
+    roles:
+    - roles/owner
+  services:
+  - cloudresourcemanager.googleapis.com
+  - storage-api.googleapis.com
+  - serviceusage.googleapis.com

test/setup/main.tf

@@ -27,6 +27,11 @@ module "project" {
   activate_apis = [
     "cloudresourcemanager.googleapis.com",
     "storage-api.googleapis.com",
-    "serviceusage.googleapis.com"
+    "serviceusage.googleapis.com",
+    "cloudfunctions.googleapis.com",
+    "run.googleapis.com",
+    "cloudbuild.googleapis.com",
+    "artifactregistry.googleapis.com",
+    "pubsub.googleapis.com",
   ]
 }