Spaces:

qywok
/

docpet_backend_service

Runtime error

App Files Files Community

docpet_backend_service / modules.tf

tebakaja

migrate: GCP to Hugging Face

b6f0f70 5 months ago

raw

history blame contribute delete

3.08 kB

	# PostgreSQL Password Secret
	module "postgres_password_secret" {
	source = "./modules/secrets"
	secret_project_id = var.project_id
	secret_id = "postgres-password-secret"
	secret_data = var.postgres_password
	}

	# JWT Public Key Secret
	module "public_key_secret" {
	source = "./modules/secrets"
	secret_project_id = var.project_id
	secret_id = "public-key-secret"
	secret_data = var.jwt_public_key
	}

	# JWT Private Key Secret
	module "private_key_secret" {
	source = "./modules/secrets"
	secret_project_id = var.project_id
	secret_id = "private-key-secret"
	secret_data = var.jwt_private_key
	}

	# Docpet Backend Service (Cloud Run)
	module "docpet_service_cloud_run" {
	source = "./modules/cloud_run"
	cloud_run_name = var.service_name

	cloud_run_project = var.project_id

	cloud_run_description = <<-EOT
	Docpet Backend Service
	EOT

	cloud_run_location = var.region
	cloud_run_ingress = "INGRESS_TRAFFIC_ALL"

	# cloud_run_revision = var.revision_name

	cloud_run_service_account = var.service_account

	cloud_run_image = var.service_container
	cloud_run_port = 80

	cloud_run_cpu = "4.0"
	cloud_run_memory = "4Gi"
	cloud_run_cpu_idle = true
	cloud_run_cpu_boost = true

	cloud_run_startup_probe = {
	http_path = "/api/checker"
	http_port = 80

	period_seconds = 240
	timeout_seconds = 240
	failure_threshold = 20
	initial_delay_seconds = 240
	}

	cloud_run_liveness_probe = {
	http_path = "/api/checker"
	http_port = 80

	period_seconds = 240
	timeout_seconds = 5
	failure_threshold = 5
	initial_delay_seconds = 10
	}

	cloud_run_timeout = 800
	cloud_run_max_instance_concurrent = 80
	cloud_run_execution_environment = "EXECUTION_ENVIRONMENT_GEN1"

	cloud_run_min_instance = 0
	cloud_run_max_instance = 15

	cloud_run_traffic_percent = 100
	cloud_run_traffic_type = "TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST"

	cloud_run_vpc_access_connector = var.vpc_access_connector
	cloud_run_vpc_access_egress = "PRIVATE_RANGES_ONLY"

	cloud_run_envars = {
	DATABASE_PORT = var.postgres_port
	POSTGRES_USER = var.postgres_user
	POSTGRES_DB = var.postgres_db
	POSTGRES_HOST = var.postgres_host
	POSTGRES_HOSTNAME = var.postgres_hostname

	ACCESS_TOKEN_EXPIRES_IN = var.access_token_expires
	REFRESH_TOKEN_EXPIRES_IN = var.refresh_token_expires
	JWT_ALGORITHM = var.jwt_algorithm
	CLIENT_ORIGIN = "*"

	JWT_PUBLIC_KEY = module.public_key_secret.secret_id_output
	JWT_PRIVATE_KEY = module.private_key_secret.secret_id_output
	POSTGRES_PASSWORD = module.postgres_password_secret.secret_id_output
	}
	}

	# Cloud Run Service IAM
	resource "google_cloud_run_service_iam_binding" "cloud_run_service_iam" {
	project = var.project_id
	location = var.region
	service = module.docpet_service_cloud_run.cloud_run_service_name_output
	role = "roles/run.invoker"
	members = ["allUsers"]
	}