cloudevent-broker/

directory
v0.6.20 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 21, 2024 License: Apache-2.0

README

cloudevent-broker

flowchart LR
    subgraph "regional network"
    A(Ingress) -- publishes to --> B[[Pub/Sub topic]]
    end

This module provisions a regionalizied Broker abstraction akin to the Knative "Broker" concept. The dual "Trigger" concept is captured by the sibling cloudevent-trigger module. The intended usage of this module for publishing events is something like this:

// Create a network with several regional subnets
module "networking" {
  source = "chainguard-dev/common/infra//modules/networking"

  name       = "my-networking"
  project_id = var.project_id
  regions    = [...]
}

// Create the Broker abstraction.
module "cloudevent-broker" {
  source = "chainguard-dev/common/infra//modules/cloudevent-broker"

  name       = "my-broker"
  project_id = var.project_id
  regions    = module.networking.regional-networks
}

// Authorize the "foo" service account to publish events.
module "foo-emits-events" {
  for_each = module.networking.regional-networks

  source = "chainguard-dev/common/infra//modules/authorize-private-service"

  project_id = var.project_id
  region     = each.key
  name       = module.cloudevent-broker.ingress.name

  service-account = google_service_account.foo.email
}

// Run a cloud run service as the "foo" service account, and pass in the address
// of the regional ingress endpoint.
module "foo-service" {
  source = "chainguard-dev/common/infra//modules/regional-go-service"

  project_id = var.project_id
  name       = "foo"
  regions    = module.networking.regional-networks

  service_account = google_service_account.foo.email
  containers = {
    "foo" = {
      source = {
        working_dir = path.module
        importpath  = "./cmd/foo"
      }
      ports = [{ container_port = 8080 }]
      regional-env = [{
        name  = "EVENT_INGRESS_URI"
        value = { for k, v in module.foo-emits-events : k => v.uri }
      }]
    }
  }
}

Requirements

No requirements.

Providers

Name Version
google n/a

Modules

Name Source Version
http ../dashboard/sections/http n/a
layout ../dashboard/sections/layout n/a
logs ../dashboard/sections/logs n/a
resources ../dashboard/sections/resources n/a
this ../regional-go-service n/a
topic ../dashboard/sections/topic n/a
width ../dashboard/sections/width n/a

Resources

Name Type
google_monitoring_dashboard.dashboard resource
google_pubsub_topic.this resource
google_pubsub_topic_iam_binding.ingress-publishes-events resource
google_service_account.this resource

Inputs

Name Description Type Default Required
enable_profiler Enable cloud profiler. bool false no
limits Resource limits for the regional go service. 
object({
    cpu    = string
    memory = string
  })
 null no
name n/a string n/a yes
notification_channels List of notification channels to alert. list(string) n/a yes
project_id n/a string n/a yes
regions A map from region names to a network and subnetwork. A pub/sub topic and ingress service (publishing to the respective topic) will be created in each region, with the ingress service configured to egress all traffic via the specified subnetwork. 
map(object({
    network = string
    subnet  = string
  }))
 n/a yes

Outputs

Name Description
broker A map from each of the input region names to the name of the Broker topic in each region. These broker names are intended for use with the cloudevent-trigger module's broker input.
ingress An object holding the name of the ingress service, which can be used to authorize callers to publish cloud events.

Directories

Path Synopsis
cmd
ingress

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.