Hugging Face's logo

Spaces:
qywok
/
docpet_backend_service
Runtime error

App Files Community
docpet_backend_service
File size: 3,080 Bytes 
b6f0f70
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
 
# PostgreSQL Password Secret
module "postgres_password_secret" {
    source = "./modules/secrets"
    secret_project_id = var.project_id
    secret_id = "postgres-password-secret"
    secret_data = var.postgres_password
}

# JWT Public Key Secret
module "public_key_secret" {
    source = "./modules/secrets"
    secret_project_id = var.project_id
    secret_id = "public-key-secret"
    secret_data = var.jwt_public_key
}

# JWT Private Key Secret
module "private_key_secret" {
    source = "./modules/secrets"
    secret_project_id = var.project_id
    secret_id = "private-key-secret"
    secret_data = var.jwt_private_key
}

# Docpet Backend Service (Cloud Run)
module "docpet_service_cloud_run" {
    source = "./modules/cloud_run"
    cloud_run_name = var.service_name

    cloud_run_project = var.project_id

    cloud_run_description = <<-EOT
        Docpet Backend Service
    EOT

    cloud_run_location = var.region
    cloud_run_ingress  = "INGRESS_TRAFFIC_ALL"

    # cloud_run_revision = var.revision_name

    cloud_run_service_account = var.service_account
    
    cloud_run_image = var.service_container
    cloud_run_port  = 80

    cloud_run_cpu = "4.0"
    cloud_run_memory = "4Gi"
    cloud_run_cpu_idle = true
    cloud_run_cpu_boost = true

    cloud_run_startup_probe = {
        http_path = "/api/checker"
        http_port = 80

        period_seconds = 240
        timeout_seconds = 240
        failure_threshold = 20
        initial_delay_seconds = 240
    }

    cloud_run_liveness_probe = {
        http_path = "/api/checker"
        http_port = 80

        period_seconds = 240
        timeout_seconds = 5
        failure_threshold = 5
        initial_delay_seconds = 10
    }

    cloud_run_timeout = 800
    cloud_run_max_instance_concurrent = 80
    cloud_run_execution_environment = "EXECUTION_ENVIRONMENT_GEN1"

    cloud_run_min_instance = 0
    cloud_run_max_instance = 15

    cloud_run_traffic_percent = 100
    cloud_run_traffic_type = "TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST"

    cloud_run_vpc_access_connector = var.vpc_access_connector
    cloud_run_vpc_access_egress = "PRIVATE_RANGES_ONLY"

    cloud_run_envars = {
        DATABASE_PORT = var.postgres_port
        POSTGRES_USER = var.postgres_user
        POSTGRES_DB = var.postgres_db
        POSTGRES_HOST = var.postgres_host
        POSTGRES_HOSTNAME = var.postgres_hostname

        ACCESS_TOKEN_EXPIRES_IN = var.access_token_expires
        REFRESH_TOKEN_EXPIRES_IN = var.refresh_token_expires
        JWT_ALGORITHM = var.jwt_algorithm
        CLIENT_ORIGIN = "*"

        JWT_PUBLIC_KEY = module.public_key_secret.secret_id_output
        JWT_PRIVATE_KEY = module.private_key_secret.secret_id_output
        POSTGRES_PASSWORD = module.postgres_password_secret.secret_id_output
    }
}

# Cloud Run Service IAM
resource "google_cloud_run_service_iam_binding" "cloud_run_service_iam" {
    project = var.project_id
    location = var.region
    service = module.docpet_service_cloud_run.cloud_run_service_name_output
    role = "roles/run.invoker"
    members = ["allUsers"]
}