terraform-provider-google
terraform-provider-google copied to clipboard
hashicorp
Support Request for Cloud Run Job
Community Note
- Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
- Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment. If the issue is assigned to the "modular-magician" user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If the issue is assigned to a user, that user is claiming responsibility for the issue. If the issue is assigned to "hashibot", a community member has claimed the issue already.
Description
The provider must support cloud run jobs
New or Affected Resource(s)
- google_XXXXX
Potential Terraform Configuration
# Propose what you think the configuration to take advantage of this feature should look like.
# We may not use it verbatim, but it's helpful in understanding your intent.
same as cloud run definition with a schedule property
References
- #0000
I am sure you guys will be on top of it, but please ensure the attributes are all present so that a job can be interpolated with the unique url format https://${var.region}-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/${var.project_id}/jobs/${var.environment_name}-${var.app_name}:run so we can connect up the likely connected resources like cloud scheduler, alerting policies etc 🙏🏻
Frontend UI is there already now along with gcloud parts - just missing the terraform resource!
Is there any way to help implement this feature? It would be a breeze to have the opportunity to create those cloud run jobs with terraform. We've got three projects that would use this feature and I don't want to use older workarounds like API endpoints ;-)
Although not yet included in the beta, google_cloud_run_job seems to be implemented (https://github.com/GoogleCloudPlatform/magic-modules/pull/5924).
What would it take to get this done? Since the resource is already in magic modules, does that mean a PR similar to https://github.com/GoogleCloudPlatform/magic-modules/pull/6083 -> https://github.com/hashicorp/terraform-provider-google-beta/pull/4389 ?
Did a bit more research - it appears that the schema hasn't been updated, so the bulk of this work would mean adding the following resources to mmv1/products/cloudrun/api.yaml + mmv1/products/cloudrun/terraform.yaml:
Is that correct @rileykarson / @slevenick ?
I would imagine only jobs is necessary (the others don't seem to be CRUD resources, and don't make as much sense as Terraform resources), but otherwise yes!
Do folks happen to have any idea what a successful API request should look like for namespaces.jobs? It doesn't seem to be documented. https://cloud.google.com/run/docs/create-jobs
@melinath it may be possible to create a Job using the Console and GET that? Assuming there's not significant skew between the create and read calls.
@solumos not quite - I need an example of what a successful basic create request to that API would look like.
Somewhat tedious to un-nest (and maybe this info isn't helpful), but it looks like it's the same as a Service but with a Job instance as the request body (not sure if that approach is better or worse than introspecting the Console call).
@melinath
The successful gcloud command to create Cloud Run Job:
gcloud beta run jobs create gke-policy-automation --image europe-west2-docker.pkg.dev/xyz/gke-policy-automation/gke-policy-automation:latest --command=/gke-policy,check --args=-c,/etc/secrets/config.yaml --set-secrets /etc/secrets/config.yaml=gke-policy-automation:latest --service-account=gke-policy-automation@xyz.iam.gserviceaccount.com --set-env-vars=GKE_POLICY_LOG=INFO --region=europe-west2 --project=xyz
results in HTTP POST on https://europe-west2-run.googleapis.com/apis/run.googleapis.com/v1/namespaces/xyz/jobs?alt=json with the blow body.
{"apiVersion": "run.googleapis.com/v1", "kind": "Job", "metadata": {"annotations": {"client.knative.dev/user-image": "europe-west2-docker.pkg.dev/xyz/gke-policy-automation/gke-policy-automation:latest", "run.googleapis.com/client-name": "gcloud", "run.googleapis.com/client-version": "397.0.0", "run.googleapis.com/launch-stage": "BETA"}, "labels": {}, "name": "gke-policy-automation", "namespace": "xyz"}, "spec": {"template": {"metadata": {"annotations": {"client.knative.dev/user-image": "europe-west2-docker.pkg.dev/xyz/gke-policy-automation/gke-policy-automation:latest", "run.googleapis.com/client-name": "gcloud", "run.googleapis.com/client-version": "397.0.0"}, "labels": {"client.knative.dev/nonce": "moy_zuz_rep"}}, "spec": {"template": {"spec": {"containers": [{"args": ["-c", "/etc/secrets/config.yaml"], "command": ["/gke-policy", "check"], "env": [{"name": "GKE_POLICY_LOG", "value": "INFO"}], "image": "europe-west2-docker.pkg.dev/xyz/gke-policy-automation/gke-policy-automation:latest", "volumeMounts": [{"mountPath": "/etc/secrets", "name": "gke-policy-automation-lar-hef-fad", "readOnly": true}]}], "serviceAccountName": "[email protected]", "volumes": [{"name": "gke-policy-automation-lar-hef-fad", "secret": {"items": [{"key": "latest", "path": "config.yaml"}], "secretName": "gke-policy-automation"}}]}}}}}, "status": {"latestCreatedExecution": {}}}
@melinath I do not see any API call examples they typically provide but this documentation exists https://cloud.google.com/run/docs/reference/rest/v1/namespaces.jobs
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}