Created
November 29, 2021 21:42
-
-
Save lucasjellema/614040063b66a11c303b5f8a4da8e938 to your computer and use it in GitHub Desktop.
terraform composite for function on OCI
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Repository in the Container Image Registry for the container images underpinning the function | |
resource "oci_artifacts_container_repository" "container_repository_for_function" { | |
# note: repository = store for all images versions of a specific container image - so it included the function name | |
compartment_id = var.compartment_ocid | |
display_name = "${local.ocir_repo_name}/${var.function_name}" | |
is_immutable = false | |
is_public = false | |
} | |
resource "null_resource" "Login2OCIR" { | |
depends_on = [ oci_artifacts_container_repository.container_repository_for_function] | |
provisioner "local-exec" { | |
command = "echo '${var.ocir_user_password}' | docker login ${local.ocir_docker_repository} --username ${local.ocir_namespace}/${var.ocir_user_name} --password-stdin" | |
} | |
} | |
### build the function into a container image and push that image to the repository in the OCI Container Image Registry | |
resource "null_resource" "FnPush2OCIR" { | |
depends_on = [null_resource.Login2OCIR, oci_artifacts_container_repository.container_repository_for_function] | |
# remove function image (if it exists) from local container registry | |
provisioner "local-exec" { | |
command = "image=$(docker images | grep ${local.app_name_lower} | awk -F ' ' '{print $3}') ; docker rmi -f $image &> /dev/null ; echo $image" | |
working_dir = "functions/fake-fun" | |
} | |
# remove fake-fun image (if it exists) from local container registry | |
provisioner "local-exec" { | |
command = "image=$(docker images | grep fake-fun | awk -F ' ' '{print $3}') ; docker rmi -f $image &> /dev/null ; echo $image" | |
working_dir = "functions/fake-fun" | |
} | |
# build the function; this results in an image called fake-fun (because of the name attribnute in the func.yaml file) | |
provisioner "local-exec" { | |
command = "fn build --verbose" | |
working_dir = "functions/fake-fun" | |
} | |
# tag the container image with the proper name - based on the actual name of the function | |
provisioner "local-exec" { | |
command = "image=$(docker images | grep fake-fun | awk -F ' ' '{print $3}') ; docker tag $image ${local.ocir_docker_repository}/${local.ocir_namespace}/${local.ocir_repo_name}/${var.function_name}:0.0.1" | |
working_dir = "functions/fake-fun" | |
} | |
# create a container image based on fake-fun (hello world), tagged for the designated function name | |
provisioner "local-exec" { | |
command = "docker push ${local.ocir_docker_repository}/${local.ocir_namespace}/${local.ocir_repo_name}/${var.function_name}:0.0.1" | |
working_dir = "functions/fake-fun" | |
} | |
} | |
resource "oci_functions_function" "new_function" { | |
depends_on = [null_resource.FnPush2OCIR] | |
application_id = "${local.application_id}" | |
display_name = "${var.function_name}" | |
image = "${local.ocir_docker_repository}/${local.ocir_namespace}/${local.ocir_repo_name}/${var.function_name}:0.0.1" | |
memory_in_mbs = "128" | |
config = tomap({ | |
DUMMY_CONFIG_PARAM = "no value required" | |
}) | |
} | |
### wait a little while before the function is ready to be invoked | |
## I got the following errors without this wait introduced into the plan | |
## Error: 404-NotAuthorizedOrNotFound | |
## Error Message: Authorization failed or requested resource not found | |
##│Suggestion: Either the resource has been deleted or service Functions Invoke Function need policy to access this resource. | |
resource "time_sleep" "wait_for_function_to_be_ready" { | |
depends_on = [oci_functions_function.new_function] | |
create_duration = "10s" | |
} | |
resource "oci_functions_invoke_function" "test_invoke_new_function" { | |
depends_on = [time_sleep.wait_for_function_to_be_ready] | |
#Required | |
function_id = oci_functions_function.new_function.id | |
#Optional | |
invoke_function_body = var.test_invoke_function_body | |
fn_intent = "httprequest" | |
fn_invoke_type = "sync" | |
base64_encode_content = false | |
} | |
output "function_response" { | |
value = oci_functions_invoke_function.test_invoke_new_function.content | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment