GCP 云函数配置文件
[英]GCP Cloud Functions config file
问题描述
Let's say I want to create a simple cloud function to run a python script, where the main.py is in a github repository mirrored via Cloud Source Repositories.
假设我想创建一个简单的云函数来运行python脚本,其中main.py位于通过 Cloud Source Repositories 镜像的 github 存储库中。 My questions is, if I need to reference information that I don't want to add to the repository - is there another way to access that information?我的问题是,如果我需要引用不想添加到存储库中的信息 - 是否有其他方法可以访问该信息? For example, let's say I want to have a config.py which I reference in main.py .例如,假设我想要一个在main.py引用的config.py 。 Is it possible to save and reference config.py somewhere in GCP instead?是否可以在 GCP 中的某处保存和引用config.py ? (eg Storage)? (例如存储)?
Thanks!谢谢!
4 个解决方案
解决方案1
3 2020-09-07 10:13:27
Another answer that came to mind is the use of GCP's Runtime Configurator .想到的另一个答案是使用 GCP 的Runtime Configurator 。 This is an API within the Google Cloud Platform that lets you store information to use within GCE resources, eg cloud functions.这是 Google Cloud Platform 中的一个 API,可让您存储信息以在 GCE 资源(例如云函数)中使用。 Note that as we speak, this feature is still in Beta!请注意,正如我们所说,此功能仍处于测试阶段! Here is a small demo:这是一个小演示:
Create your project config:创建您的项目配置:
gcloud beta runtime-config configs create my-project-config
Set a variable in your project config:在您的项目配置中设置一个变量:
gcloud beta runtime-config configs variables set --config-name my-project-config --is-text my-variable "hello world"
The service account running the cloud function needs the following permissions:运行云功能的服务帐号需要以下权限:
runtimeconfig.configs.get
runtimeconfig.variables.list
Use that variable in a cloud function (Python):在云函数 (Python) 中使用该变量:
from google.cloud import runtimeconfig
client = runtimeconfig.Client()
config = client.config('my-config')
print(config.get_variable('variable-name'))
# <Variable: my-config, variable-name>
print(config.get_variable('does-not-exist'))
# None
解决方案2
1 2020-03-05 16:49:22
Look into variable substitution in Cloud Build where a 'build trigger' would contain non-repository values that would be inserted in 'build steps' into your Cloud Function as environment variables.查看 Cloud Build 中的变量替换,其中“构建触发器”将包含非存储库值,这些值将在“构建步骤”中作为环境变量插入到您的 Cloud Function 中。
解决方案3
1 已采纳 2020-03-05 20:56:51
It seems like what you might want is Environment Variables for Cloud Functions or possibly even Secrets in Cloud Functions .看起来您可能想要的是Cloud Functions 的 Environment Variables甚至Cloud Functions 中的 Secrets 。
Other than that, Cloud Functions are completely stateless, so you'd need to connect to some external datastore like a database to load private configuration.除此之外,Cloud Functions 是完全无状态的,因此您需要连接到一些外部数据存储(如数据库)以加载私有配置。
解决方案4
1 2020-09-07 09:44:25
In addition to the other answers, we use a somewhat different approach.除了其他答案之外,我们还使用了一种稍微不同的方法。 It boils down in having a public repo which contains all the cloud function Python code.归结为拥有一个包含所有云函数 Python 代码的公共存储库。 We have another private repository which only contains configuration, like config.py.我们有另一个只包含配置的私有仓库,比如 config.py。 Let's describe this as an example:让我们以此为例进行描述:
Create 2 repositories, for example:
创建2个存储库,例如:github.com/organization/cloud-function (public) github.com/organization/config (private)Set a cloudbuild trigger on the
configrepository, and set a cloudbuild trigger on thecloud-functionrepository to trigger the build on the config repository.在config库上设置一个cloudbuild触发器,在cloud-function库上设置一个cloudbuild触发器来触发配置库上的构建。 Here is some documentation about creating cloudbuild triggers.这里有一些关于创建 cloudbuild 触发器的文档。
In the last step everything comes together.
在最后一步,一切都在一起了。 Remember, your configuration is private, so not accessible to anyone else.请记住,您的配置是私有的,因此其他人无法访问。 Everytime someone pushes changes to one of the repositories, it should trigger the cloudbuild.yaml in your private repo.每次有人将更改推送到其中一个存储库时,它应该触发您的私有存储库中的 cloudbuild.yaml。 That cloudbuild.yaml looks something like this:那个 cloudbuild.yaml 看起来像这样:--- timeout: 1800s steps: # Clone public repo - name: 'gcr.io/cloud-builders/git' args: - 'clone' - 'https://github.com/organization/cloud-function.git' # Copy config - name: 'gcr.io/cloud-builders/gcloud' entrypoint: 'bash' args: - '-c' - | cp config.py cloud-function/ # Deploy cloud-function - name: 'gcr.io/cloud-builders/gcloud' dir: 'cloud-function' entrypoint: 'bash' args: - '-c' - | gcloud functions deploy ...In addition, you can put references (secret_id) to Google Secret Manager secrets in your config.py.
此外,您可以在 config.py 中放置对 Google Secret Manager 机密的引用 (secret_id)。 You could also use --env-vars-filefor which the actual file is stored in the private repository.您还可以使用--env-vars-file将实际文件存储在私有存储库中。 Another bonus is that you can have directories in your private repo which represent a $BRANCH_NAME or $PROJECT_ID, which makes it easy to create multiple environments (test, development, production etc.).另一个好处是你可以在你的私有仓库中拥有代表 $BRANCH_NAME 或 $PROJECT_ID 的目录,这使得创建多个环境(测试、开发、生产等)变得容易。 This way you are sure the correct configuration for the environment is injected in the cloud function.通过这种方式,您可以确保在云函数中注入了正确的环境配置。 We use this as follows:我们使用它如下:my-dev-gcp-project > build trigger on development branch my-prd-gcp-project > build trigger on production branchIn the cloudbuild.yaml we clone the public repo with
${BRANCH_NAME}and copy the config from a source directory called${PROJECT_ID}/config.py.在 cloudbuild.yaml 中,我们使用${BRANCH_NAME}克隆公共存储库,并从名为${PROJECT_ID}/config.py的源目录复制配置。 With this setup you have clear separation between development and production config and code.通过此设置,您可以明确区分开发和生产配置和代码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.