jlarrow/.gcloudignore

## .gcloudignore
.gcloudignore
.git
.gitignore
.flake8
*.hcl
*.json
*.svg
*.log
*.json
deploy.*
Makefile
node_modules
README.md
requirements.in

## deploy.sh
# variables
prj='lab-b28c3b02'
sa_name='sa-functions'
sa="$sa_name@$prj.iam.gserviceaccount.com"
usr="jlarrow@devad.ford.com"  # who am i?
loc='us-central1'
fun_name='hello_http'
connector_name='fun-con'
network='net'

# defaults
gcloud config set project $prj
gcloud config set disable_prompts true

# APIs
gcloud services enable \
    cloudfunctions.googleapis.com \
    run.googleapis.com \
    vpcaccess.googleapis.com \
    logging.googleapis.com

# Networking
gcloud compute networks subnets create "sn-$connector_name" \
    --network=$network \
    --range="10.8.0.0/28" \
    --region=$loc
gcloud compute networks vpc-access connectors create $connector_name \
    --region $loc \
    --subnet "sn-$connector_name"

# IAM
gcloud iam service-accounts create $sa_name
gcloud iam service-accounts keys create key.json --iam-account=$sa
gcloud iam service-accounts add-iam-policy-binding $sa --member="user:$usr" --role="roles/iam.serviceAccountTokenCreator"
gcloud projects add-iam-policy-binding $prj --member="serviceAccount:$sa" --role="roles/cloudfunctions.invoker"
gcloud projects add-iam-policy-binding $prj --member="serviceAccount:$sa" --role="roles/run.invoker"
gcloud projects add-iam-policy-binding $prj --member="user:$usr" --role="roles/cloudfunctions.admin"
gcloud projects add-iam-policy-binding $prj --member="user:$usr" --role="roles/cloudfunctions.developer"

# FINIALLY, deploy it
gcloud functions deploy $fun_name \
    --entry-point=$fun_name \
    --region=$loc \
    --service-account=$sa \
    --gen2 \
    --runtime=python311 \
    --timeout=300 \
    --source=. \
    --vpc-connector="projects/$prj/locations/$loc/connectors/$connector_name" \
    --egress-settings=all \
    --ingress-settings=all \
    --trigger-http

# Test it
uri=$(gcloud functions describe $fun_name --gen2 --region=$loc --format="value(serviceConfig.uri)")
token=$(gcloud auth print-identity-token --impersonate-service-account=$sa)
curl -H "Authorization: bearer $token" -H "Content-Type: application/json" "$uri/?name=Superman"

## main.py
import functions_framework

@functions_framework.http
def hello_http(request):
    """HTTP Cloud Function.
    Args:
        request (flask.Request): The request object.
        <https://flask.palletsprojects.com/en/1.1.x/api/#incoming-request-data>
    Returns:
        The response text, or any set of values that can be turned into a
        Response object using `make_response`
        <https://flask.palletsprojects.com/en/1.1.x/api/#flask.make_response>.
    """
    request_json = request.get_json(silent=True)
    request_args = request.args

    if request_json and 'name' in request_json:
        name = request_json['name']
    elif request_args and 'name' in request_args:
        name = request_args['name']
    else:
        name = 'World'
    return 'Hello {}!'.format(name)

## requirements.txt
functions-framework==3.*
	.gcloudignore
	.git
	.gitignore
	.flake8
	*.hcl
	*.json
	*.svg
	*.log
	*.json
	deploy.*
	Makefile
	node_modules
	README.md
	requirements.in
	# variables
	prj='lab-b28c3b02'
	sa_name='sa-functions'
	sa="$sa_name@$prj.iam.gserviceaccount.com"
	usr="jlarrow@devad.ford.com" # who am i?
	loc='us-central1'
	fun_name='hello_http'
	connector_name='fun-con'
	network='net'

	# defaults
	gcloud config set project $prj
	gcloud config set disable_prompts true

	# APIs
	gcloud services enable \
	cloudfunctions.googleapis.com \
	run.googleapis.com \
	vpcaccess.googleapis.com \
	logging.googleapis.com

	# Networking
	gcloud compute networks subnets create "sn-$connector_name" \
	--network=$network \
	--range="10.8.0.0/28" \
	--region=$loc
	gcloud compute networks vpc-access connectors create $connector_name \
	--region $loc \
	--subnet "sn-$connector_name"

	# IAM
	gcloud iam service-accounts create $sa_name
	gcloud iam service-accounts keys create key.json --iam-account=$sa
	gcloud iam service-accounts add-iam-policy-binding $sa --member="user:$usr" --role="roles/iam.serviceAccountTokenCreator"
	gcloud projects add-iam-policy-binding $prj --member="serviceAccount:$sa" --role="roles/cloudfunctions.invoker"
	gcloud projects add-iam-policy-binding $prj --member="serviceAccount:$sa" --role="roles/run.invoker"
	gcloud projects add-iam-policy-binding $prj --member="user:$usr" --role="roles/cloudfunctions.admin"
	gcloud projects add-iam-policy-binding $prj --member="user:$usr" --role="roles/cloudfunctions.developer"

	# FINIALLY, deploy it
	gcloud functions deploy $fun_name \
	--entry-point=$fun_name \
	--region=$loc \
	--service-account=$sa \
	--gen2 \
	--runtime=python311 \
	--timeout=300 \
	--source=. \
	--vpc-connector="projects/$prj/locations/$loc/connectors/$connector_name" \
	--egress-settings=all \
	--ingress-settings=all \
	--trigger-http

	# Test it
	uri=$(gcloud functions describe $fun_name --gen2 --region=$loc --format="value(serviceConfig.uri)")
	token=$(gcloud auth print-identity-token --impersonate-service-account=$sa)
	curl -H "Authorization: bearer $token" -H "Content-Type: application/json" "$uri/?name=Superman"
	import functions_framework

	@functions_framework.http
	def hello_http(request):
	"""HTTP Cloud Function.
	Args:
	request (flask.Request): The request object.
	<https://flask.palletsprojects.com/en/1.1.x/api/#incoming-request-data>
	Returns:
	The response text, or any set of values that can be turned into a
	Response object using `make_response`
	<https://flask.palletsprojects.com/en/1.1.x/api/#flask.make_response>.
	"""
	request_json = request.get_json(silent=True)
	request_args = request.args

	if request_json and 'name' in request_json:
	name = request_json['name']
	elif request_args and 'name' in request_args:
	name = request_args['name']
	else:
	name = 'World'
	return 'Hello {}!'.format(name)