Déclencher des services Cloud Run de manière planifiée

Utilisation de Cloud Scheduler pour déclencher un service Cloud Run de manière planifiée et sécurisée Cette méthode revient à utiliser des tâches Cron.

Exemple de code

Terraform

Pour savoir comment appliquer ou supprimer une configuration Terraform, consultez Commandes Terraform de base. Pour en savoir plus, lisez la documentation de référence du fournisseur Terraform. 

data "google_project" "project" {
}

# Enable Cloud Run API
resource "google_project_service" "cloudrun_api" {
  service            = "run.googleapis.com"
  disable_on_destroy = false
  project            = data.google_project.project.project_id
}

# Enable Compute Engine API
resource "google_project_service" "computeengine_api" {
  service            = "compute.googleapis.com"
  disable_on_destroy = false
  project            = data.google_project.project.project_id
}

# Enable Cloud Scheduler API
resource "google_project_service" "cloudscheduler_api" {
  service            = "cloudscheduler.googleapis.com"
  disable_on_destroy = false
  project            = data.google_project.project.project_id
}

# Cloud Run Invoker Service Account
resource "google_service_account" "cloud_run_invoker_sa" {
  account_id   = "cloud-run-invoker"
  display_name = "Cloud Run Invoker"
  project      = data.google_project.project.project_id
}

# Gives service account necessary privs to start job
resource "google_project_iam_binding" "run_invoker_binding" {
  project = data.google_project.project.project_id
  role    = "roles/run.developer"
  members = ["serviceAccount:${google_service_account.cloud_run_invoker_sa.email}"]
}

resource "google_project_iam_binding" "token_creator_binding" {
  project = data.google_project.project.project_id
  role    = "roles/iam.serviceAccountTokenCreator"
  members = ["serviceAccount:${google_service_account.cloud_run_invoker_sa.email}"]
}

# Cloud Run Job
resource "google_cloud_run_v2_job" "default" {
  name     = "cloud-run-job"
  location = "us-central1"

  deletion_protection = false # set to "true" in production

  template {
    template {
      containers {
        image = "us-docker.pkg.dev/cloudrun/container/job:latest"
      }
    }
  }

  depends_on = [resource.google_project_service.cloudrun_api]
}

# Cloud Run Job IAM binding
resource "google_cloud_run_v2_job_iam_binding" "binding" {
  project    = data.google_project.project.project_id
  location   = google_cloud_run_v2_job.default.location
  name       = google_cloud_run_v2_job.default.name
  role       = "roles/viewer"
  members    = ["serviceAccount:${google_service_account.cloud_run_invoker_sa.email}"]
  depends_on = [resource.google_cloud_run_v2_job.default]
}

resource "google_cloud_scheduler_job" "job" {
  name             = "schedule-job"
  description      = "test http job"
  schedule         = "*/8 * * * *"
  attempt_deadline = "320s"
  region           = "us-central1"
  project          = data.google_project.project.project_id

  retry_config {
    retry_count = 3
  }

  http_target {
    http_method = "POST"
    uri         = "https://run.googleapis.com/v2/projects/${data.google_project.project.project_id}/locations/${google_cloud_run_v2_job.default.location}/jobs/${google_cloud_run_v2_job.default.name}:run"
    body        = base64encode("{}")

    headers = {
      "Content-Type" = "application/json"
    }

    oauth_token {
      service_account_email = google_service_account.cloud_run_invoker_sa.email
    }
  }

  depends_on = [resource.google_project_service.cloudscheduler_api, resource.google_cloud_run_v2_job.default, resource.google_cloud_run_v2_job_iam_binding.binding]
}

Étape suivante

Pour rechercher et filtrer des exemples de code pour d'autres produits Google Cloud , consultez l'explorateur d'exemplesGoogle Cloud .