See https://cloud.google.com/community/tutorials/managing-gcp-projects-with-terraform
First time:
gcloud alpha billing accounts list
Every time:
To shut down:
If anything hangs, you can delete the kubernetes module:
Make sure to delete any Compute Engine storage!!
First, an admin needs to create a new application with client id and secret in your oauth provider (eg Okta). Then, use the client id and secret to make a post request to get a token.
For Okta:
Base64 encode the client id and secret BASE_64AUTH=$(echo -n clientID:clientsecret | base64 -w 0)
Request a token (assuming you have created a custom scope called "testemail", see https://developer.okta.com/docs/guides/customize-authz-server/create-scopes/) TOKEN=$(curl --request POST \ --url https://dev-20490044.okta.com/oauth2/default/v1/token \ --header 'accept: application/json' \ --header "authorization: Basic $BASE_64AUTH" \ --header 'cache-control: no-cache' \ --header 'content-type: application/x-www-form-urlencoded' \ --data 'grant_type=client_credentials&scope=testemail' \ | python -c "import sys,json; print json.load(sys.stdin)['access_token']")
Finally, use the token to create a request to deploy curl -H "Content-Type: application/json" -H "Authorization: Bearer $TOKEN" -X POST -d "{\"pythoncode\":\"$(base64 -w 0 examples/process.py)\", \"inputs\": $(cat examples/sampleinputs.json), \"assertions\": $(cat examples/assertedoutputs.json), \"kafka\": {\"brokers\": \"[yourbrokers]\", \"confluent_api_key\": \"[yourapikey]\", \"confluent_secret\": \"[yoursecret]\"}, \"outputs\": {\"mode\": \"append\", \"processing_time\":\"2 seconds\"}, \"table\":{\"primary_keys\":[\"field1\"], \"output_schema\":[{\"name\":\"field1\", \"type\": \"string\"}]}, \"appname\":\"mytestapp\"}" https://testorg.streamstate.org/api/deploy -k
To replay:
curl -H "Content-Type: application/json" -H "Authorization: Bearer $TOKEN" -X POST -d "{\"inputs\": $(cat examples/sampleinputs.json), \"kafka\": {\"brokers\": \"broker1,broker2\"}, \"outputs\": {\"mode\": \"append\", \"processing_time\":\"2 seconds\"}, \"fileinfo\":{\"max_file_age\": \"2d\"}, \"table\":{\"primary_keys\":[\"field1\"], \"output_schema\":[{\"name\":\"field1\", \"type\": \"string\"}]}, \"appname\":\"mytestapp\", \"code_version\": 1}" https://testorg.streamstate.org/api/replay -k
To stop: curl -H "Authorization: Bearer $TOKEN" -X POST https://testorg.streamstate.org/api/mytestapp/stop -k
List active applications: curl -H "Authorization: Bearer $TOKEN" -X GET https://testorg.streamstate.org/api/applications -k
You may have to create a subfolder first (eg, /test)
gsutil cp ./mytest.json gs://streamstate-sparkstorage-testorg/mytestapp/topic1
echo {\"field1\": \"somevalue\"} > ./mytest1.json
gsutil cp ./mytest1.json gs://streamstate-sparkstorage-testorg/mytestapp/topic1
Read from the result firebase:
curl -H "Authorization: Bearer 7b1d331a-e67f-4ee8-b1f8-930320f18039" -X GET https://testorg.streamstate.org/api/mytestapp/features/1?filter="somevalue" -k
Grafana password:
kubectl run -it \ --image google/cloud-sdk:slim \ --serviceaccount cert-manager \ --namespace serviceplane-testorg \ workload-identity-test
gcloud projects get-iam-policy streamstatetest \ --flatten="bindings[].members" \ --format='table(bindings.role)' \ --filter="bindings.members:dns-testorg@streamstatetest.iam.gserviceaccount.com"