Skip to content

Commit

Permalink
feat(pulumi): Add GCP resource classes for service account, IAM custo… (
Browse files Browse the repository at this point in the history 
#304)

…m role, Pub/Sub topic, IAM binding, DNS, and utility functions
  • Loading branch information
@TriPSs
TriPSs committed Aug 23, 2024
2 parents 8a9fab0 + f42462b commit 82ec066
Show file tree
Hide file tree
Showing 22 changed files with 2,996 additions and 1,653 deletions.
26 changes: 14 additions & 12 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,10 +33,10 @@
},
"dependencies": {
"@actions/core": "^1.10.1",
"@nx/devkit": "19.6.1",
"@nx/workspace": "19.6.1",
"@nx/devkit": "19.6.2",
"@nx/workspace": "19.6.2",
"@types/tar": "^6.1.13",
"axios": "^1.7.4",
"axios": "^1.7.5",
"crypto-js": "^4.2.0",
"deepmerge": "^4.3.1",
"rxjs-for-await": "^1.0.0",
Expand All @@ -49,13 +49,15 @@
"@google-cloud/storage": "^7.12.1",
"@jamesives/github-pages-deploy-action": "^4.6.3",
"@jscutlery/semver": "^5.3.1",
"@nx/eslint-plugin": "19.6.1",
"@nx/jest": "19.6.1",
"@nx/js": "19.6.1",
"@nx/node": "19.6.1",
"@nx/plugin": "19.6.1",
"@nx/react": "19.6.1",
"@nx/webpack": "19.6.1",
"@nx/eslint-plugin": "19.6.2",
"@nx/jest": "19.6.2",
"@nx/js": "19.6.2",
"@nx/node": "19.6.2",
"@nx/plugin": "19.6.2",
"@nx/react": "19.6.2",
"@nx/webpack": "19.6.2",
"@pulumi/gcp": "^7.37.0",
"@pulumi/pulumi": "^3.129.0",
"@swc-node/register": "1.10.9",
"@swc/core": "1.7.14",
"@types/jest": "29.5.12",
Expand All @@ -73,9 +75,9 @@
"husky": "^9.1.5",
"jest": "29.7.0",
"jest-environment-jsdom": "29.7.0",
"nx": "19.6.1",
"nx": "19.6.2",
"prettier": "3.3.3",
"ts-jest": "29.2.4",
"ts-jest": "29.2.5",
"ts-node": "10.9.2",
"tslint": "~6.1.3",
"typescript": "5.5.4"
Expand Down
11 changes: 3 additions & 8 deletions packages/gcp-functions/runner/index.ts
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { Logger } from '@nestjs/common'
import { INestApplication, Logger } from '@nestjs/common'
import { NestFactory } from '@nestjs/core'
import { ExpressAdapter } from '@nestjs/platform-express'
import { FsTree } from 'nx/src/generators/tree'
Expand All @@ -10,8 +10,6 @@ import type { DeployExecutorSchema } from '@nx-extend/gcp-functions/src/executor

import { createRunnerModule } from './__runner.module'

declare const module

export type NxEndpoint = {
endpoint: string
func: HttpFunction
Expand All @@ -24,7 +22,7 @@ export interface RunnerOptions {
port?: number
}

export async function bootstrapRunner(basicFunctionsMap: RunnerFunctionsMap, options: RunnerOptions = {}) {
export async function bootstrapRunner(basicFunctionsMap: RunnerFunctionsMap, options: RunnerOptions = {}): Promise<INestApplication> {
const nxTree = new FsTree(workspaceRoot, false)
const projects = getProjects(nxTree)

Expand Down Expand Up @@ -57,8 +55,5 @@ export async function bootstrapRunner(basicFunctionsMap: RunnerFunctionsMap, opt
Logger.log(`Functions running on http://localhost:${options.port || 8080}`)
})

if (module.hot) {
module.hot.accept();
module.hot.dispose(() => app.close());
}
return app
}
6 changes: 2 additions & 4 deletions packages/gcp-functions/src/utils/generate-package-json.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,13 +28,11 @@ export const generatePackageJson = (
readCachedProjectGraph(),
{
root: context.root,
isProduction: omitOptionalDependencies
isProduction: omitOptionalDependencies,
skipPackageManager: true
}
)

// Remove packageManager as this conflicts with yarn versions
delete packageJson.packageManager

if (!packageJson.main) {
packageJson.main = options.outputFileName || 'main.js'
}
Expand Down
10 changes: 10 additions & 0 deletions packages/pulumi/gcp/config.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
import * as pulumi from '@pulumi/pulumi'

export const config = new pulumi.Config('gcpR')
export const gcpConfig = new pulumi.Config('gcp')

export const GCP_PROJECT_ID = gcpConfig.require('project')
export const GCP_PROJECT_NUMBER = config.require('projectNumber')

export const GCP_DEFAULT_REGION = config.get('defaultRegion') || 'europe-west4'
export const GCP_DEFAULT_REGION_CRONS = config.get('defaultCronRegion') || 'europe-west1'
55 changes: 55 additions & 0 deletions packages/pulumi/gcp/default-service-accounts.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
import { GCP_PROJECT_NUMBER } from './index'

// Cloud Memorystore Redis Service Agent
export const saCloudMemorystoreRedisServiceAgent = `serviceAccount:service-${GCP_PROJECT_NUMBER}@cloud-redis.iam.gserviceaccount.com`

// Compute Engine Service Agent
export const saComputeEngineServiceAgent = `serviceAccount:service-${GCP_PROJECT_NUMBER}@compute-system.iam.gserviceaccount.com`

// Kubernetes Engine Service Agent
export const saKubernetesEngineServiceAgent = `serviceAccount:service-${GCP_PROJECT_NUMBER}@container-engine-robot.iam.gserviceaccount.com`

// Container Registry Service Agent
export const saContainerRegistryServiceAgent = `serviceAccount:service-${GCP_PROJECT_NUMBER}@containerregistry.iam.gserviceaccount.com`

// Firebase Rules System
export const saFirebaseRulesSystem = `serviceAccount:service-${GCP_PROJECT_NUMBER}@firebase-rules.iam.gserviceaccount.com`

// Cloud Functions Service Agent
export const saCloudFunctionsServiceAgent = `serviceAccount:service-${GCP_PROJECT_NUMBER}@gcf-admin-robot.iam.gserviceaccount.com`

// App Engine Standard Environment Service Agent
export const saAppEngineStandardEnvironmentServiceAgent = `serviceAccount:service-${GCP_PROJECT_NUMBER}@gcp-gae-service.iam.gserviceaccount.com`

// Artifact Registry Service Agent
export const saArtifactRegistryServiceAgent = `serviceAccount:service-${GCP_PROJECT_NUMBER}@gcp-sa-artifactregistry.iam.gserviceaccount.com`

// Cloud Asset Service Agent
export const saCloudAssetServiceAgent = `serviceAccount:service-${GCP_PROJECT_NUMBER}@gcp-sa-cloudasset.iam.gserviceaccount.com`

// Cloud Build Service Agent
export const saCloudBuildServiceAgent = `serviceAccount:service-${GCP_PROJECT_NUMBER}@gcp-sa-cloudbuild.iam.gserviceaccount.com`

// Cloud Scheduler Service Agent
export const saCloudSchedulerServiceAgent = `serviceAccount:service-${GCP_PROJECT_NUMBER}@gcp-sa-cloudscheduler.iam.gserviceaccount.com`

// Cloud Tasks Service Agent
export const saCloudTasksServiceAgent = `serviceAccount:service-${GCP_PROJECT_NUMBER}@gcp-sa-cloudtasks.iam.gserviceaccount.com`

// Eventarc Service Agent
export const saEventArcServiceAgent = `serviceAccount:service-${GCP_PROJECT_NUMBER}@gcp-sa-eventarc.iam.gserviceaccount.com`

// Firebase Service Management Service Agent
export const saFirebaseServiceManagementServiceAgent = `serviceAccount:service-${GCP_PROJECT_NUMBER}@gcp-sa-firebase.iam.gserviceaccount.com`

// Firebase Extensions API Service Agent
export const saFirebaseExtensionsAPIServiceAgent = `serviceAccount:service-${GCP_PROJECT_NUMBER}@gcp-sa-firebasemods.iam.gserviceaccount.com`

// Firestore Service Agent
export const saFirestoreServiceAgent = `serviceAccount:service-${GCP_PROJECT_NUMBER}@gcp-sa-firestore.iam.gserviceaccount.com`

// Monitoring Service Agent
export const saMonitoringServiceAgent = `serviceAccount:service-${GCP_PROJECT_NUMBER}@gcp-sa-monitoring-notification.iam.gserviceaccount.com`

// Cloud Pub/Sub Service Account
export const saCloudPubSubServiceAccount = `serviceAccount:service-${GCP_PROJECT_NUMBER}@gcp-sa-pubsub.iam.gserviceaccount.com`
Loading

0 comments on commit 82ec066

Please sign in to comment.