add cloud scheduler work

hironow · hironow · commit 0d12ec3c0819 · 2025-02-03T03:45:02.000+09:00
diff --git a/backend/genai/src/main.py b/backend/genai/src/main.py
@@ -287,14 +287,22 @@ async def question(request: Request):
         logger.info(f"{event_id}: finished generating content")
 
         answer_ref.update(
-            {"content": response_model.text, "loading": False, "status": "success"}
+            {
+                "content": response_model.text,
+                "loading": False,
+                "status": "success",
+            }
         )
         message_ref.update({"loading": False, "status": "success"})
         logger.info(f"{event_id}: finished generating an answer: {messageId}")
     except Exception as err:
         message_ref.update({"loading": False, "status": "failed"})
         answer_ref.update(
-            {"content": QUESTION_FAILED_MESSAGE, "loading": False, "status": "failed"}
+            {
+                "content": QUESTION_FAILED_MESSAGE,
+                "loading": False,
+                "status": "failed",
+            }
         )
         logger.info(
             f"{event_id}: failed generating an answer: err={err}, type(err)={type(err)}"
@@ -365,6 +373,12 @@ async def summarize(request: Request):
     return Response(content="finished", status_code=204)
 
 
+@app.post("/hcheck")
+async def hcheck():
+    """ヘルスチェック用エンドポイント"""
+    return Response(content="finished", status_code=200)
+
+
 if __name__ == "__main__":
     # see: https://github.com/googleapis/google-auth-library-python/blob/main/google/auth/_default.py#L577-L595
     _, project_id = gauth.default()
diff --git a/scripts/bind-schedule-invoke.sh b/scripts/bind-schedule-invoke.sh
@@ -0,0 +1,42 @@
+#!/bin/bash
+set -euo pipefail
+
+# Schedule Invoke to Cloud Run for Cloud Scheduler
+export PROJECT_ID="advena-dev"
+export REGION="us-central1"
+export GRANT_CLOUD_RUN_SERVICE="backend-advena"
+export USER_SA_OF_SCHEDULER="schedule-invoke-cloud-run"
+export USER_SA_OF_SCHEDULER_EMAIL="${USER_SA_OF_SCHEDULER}@${PROJECT_ID}.iam.gserviceaccount.com"
+
+echo "=== Settings ==="
+echo "PROJECT_ID:  $PROJECT_ID"
+echo "REGION:  $REGION"
+echo "GRANT_CLOUD_RUN_SERVICE:  $GRANT_CLOUD_RUN_SERVICE"
+echo "USER_SA_OF_SCHEDULER:  $USER_SA_OF_SCHEDULER"
+echo "USER_SA_OF_SCHEDULER_EMAIL:  $USER_SA_OF_SCHEDULER_EMAIL"
+echo "================"
+
+# Enable the Cloud Scheduler API
+gcloud services enable cloudscheduler.googleapis.com --project "${PROJECT_ID}"
+
+# サービスアカウントの存在チェックと作成
+if ! gcloud iam service-accounts list \
+    --filter="email:${USER_SA_OF_SCHEDULER_EMAIL}" \
+    --format="value(email)" | grep -q "${USER_SA_OF_SCHEDULER_EMAIL}"; then
+  echo "Creating service account: ${USER_SA_OF_SCHEDULER_EMAIL}"
+  gcloud iam service-accounts create "${USER_SA_OF_SCHEDULER}" \
+    --project="${PROJECT_ID}" \
+    --description="Cloud Scheduler Service Account for Cloud Run Invoker"
+else
+  echo "Service account ${USER_SA_OF_SCHEDULER_EMAIL} already exists. Skipping creation."
+fi
+
+# Grant role
+echo "Granting Cloud Run Invoker role to Service Account for Cloud Scheduler"
+gcloud run services add-iam-policy-binding "${GRANT_CLOUD_RUN_SERVICE}" \
+  --member="serviceAccount:${USER_SA_OF_SCHEDULER_EMAIL}" \
+  --role="roles/run.invoker" \
+  --region="${REGION}" \
+  --project="${PROJECT_ID}"
+
+echo "⭐️ All done!"
