Add dummy Issue Editor service and package

cloud

@@ -288,6 +288,12 @@ function execute_command() {
     declare -r cost_upd_service_account
     # Grafana Cloud Run service name (must match [a-z0-9-]{0,62}[a-z0-9])
     declare -r grafana_service="${dashed_prefix}grafana"
+    # Issue editor Cloud Run service name
+    declare -r iss_ed_service="${dashed_prefix}iss-ed"
+    # Issue editor docker image
+    declare iss_ed_image="${ARTIFACTS_REGION}-docker.pkg.dev/"
+    iss_ed_image+="$project/$docker_repo/iss-ed"
+    declare -r iss_ed_image
 
     declare -r -a env_args=(
         --project="$project"
@@ -360,13 +366,13 @@ function execute_command() {
     if [ "$command" == "deploy" ]; then
         sections_run "$sections" iam_deploy \
             "$project" "$grafana_service" \
-            "$cost_upd" "$cost_mon_service"
+            "$cost_upd" "$cost_mon_service" "$iss_ed_service"
         sections_run "$sections" secrets_deploy "$project" \
             "$psql_pgpass_secret" "$psql_editor" "$grafana_service"
         sections_run "$sections" bigquery_deploy "${bigquery_args[@]}"
         sections_run "$sections" psql_deploy "${psql_args[@]}"
         sections_run "$sections" artifacts_deploy "$project" \
-            "$docker_repo" "$cost_mon_image"
+            "$docker_repo" "$cost_mon_image" "$iss_ed_image"
         sections_run "$sections" run_deploy \
             --project="$project" \
             --grafana-service="$grafana_service" \
@@ -379,7 +385,9 @@ function execute_command() {
             --cost-thresholds="$cost_thresholds" \
             --cost-mon-service="$cost_mon_service" \
             --cost-mon-image="$cost_mon_image" \
-            --cost-upd-service-account="$cost_upd_service_account"
+            --cost-upd-service-account="$cost_upd_service_account" \
+            --iss-ed-service="$iss_ed_service" \
+            --iss-ed-image="$iss_ed_image"
         sections_run "$sections" pubsub_deploy \
             --project="$project" \
             --load-queue-trigger-topic="$load_queue_trigger_topic" \
@@ -396,7 +404,8 @@ function execute_command() {
             --smtp-subscription="$smtp_subscription" \
             --cost-topic="$cost_topic" \
             --cost-upd-service-account="$cost_upd_service_account" \
-            --cost-mon-service="$cost_mon_service"
+            --cost-mon-service="$cost_mon_service" \
+            --iss-ed-service="$iss_ed_service"
         sections_run "$sections" firestore_deploy "$project"
         sections_run "$sections" storage_deploy "$project" "$cache_bucket_name"
         functions_deploy \
@@ -467,15 +476,16 @@ function execute_command() {
             --project="$project" \
             --grafana-service="$grafana_service" \
             --cost-mon-service="$cost_mon_service" \
-            --cost-upd-service-account="$cost_upd_service_account"
+            --cost-upd-service-account="$cost_upd_service_account" \
+            --iss-ed-service="$iss_ed_service"
         sections_run "$sections" artifacts_withdraw "$project" "$docker_repo"
         sections_run "$sections" psql_withdraw "${psql_args[@]}"
         sections_run "$sections" bigquery_withdraw "${bigquery_args[@]}"
         sections_run "$sections" secrets_withdraw "$project" \
             "$psql_pgpass_secret"
         sections_run "$sections" iam_withdraw \
             "$project" "$grafana_service" \
-            "$cost_upd" "$cost_mon_service"
+            "$cost_upd" "$cost_mon_service" "$iss_ed_service"
     fi
 }
 

kcidb/cloud/artifacts.sh

@@ -56,11 +56,12 @@ function artifacts_repo_withdraw() {
 }
 
 # Deploy all artifacts.
-# Args: project repo cost_mon_image
+# Args: project repo cost_mon_image iss_ed_image
 function artifacts_deploy() {
     declare -r project="$1"; shift
     declare -r docker_repo="$1"; shift
     declare -r cost_mon_image="$1"; shift
+    declare -r iss_ed_image="$1"; shift
 
     # Deploy the Docker repository
     artifacts_repo_deploy "$project" "$docker_repo" --repository-format=docker
@@ -82,6 +83,25 @@ function artifacts_deploy() {
         images:
           - '$cost_mon_image'
 YAML_END
+
+    # Deploy the issue editor docker image
+    mute gcloud builds submit --project="$project" \
+                              --region="$ARTIFACTS_REGION" \
+                              --config /dev/stdin \
+                              . <<YAML_END
+        # Prevent de-indent of the first line
+        steps:
+          - name: 'gcr.io/cloud-builders/docker'
+            args:
+              - 'build'
+              - '-t'
+              - '$iss_ed_image'
+              - '-f'
+              - 'kcidb/cloud/iss-ed.Dockerfile'
+              - '.'
+        images:
+          - '$iss_ed_image'
+YAML_END
 }
 
 # Withdraw all artifacts.

kcidb/cloud/iam.sh

@@ -213,12 +213,13 @@ function iam_role_withdraw() {
 }
 
 # Deploy IAM
-# Args: project grafana_service cost_upd cost_mon
+# Args: project grafana_service cost_upd cost_mon iss_ed
 function iam_deploy() {
     declare -r project="$1"; shift
     declare -r grafana_service="$1"; shift
     declare -r cost_upd="$1"; shift
     declare -r cost_mon="$1"; shift
+    declare -r iss_ed="$1"; shift
     declare -r cost_mon_role="${cost_mon//-/_}"
     iam_service_account_deploy "$project" "$grafana_service"
     # Give Grafana access to Cloud SQL
@@ -251,16 +252,21 @@ YAML_END
         --role "projects/$project/roles/$cost_mon_role" \
         --member \
         "serviceAccount:$cost_mon@$project.iam.gserviceaccount.com"
+
+    # Deploy the Issue Editor service account
+    iam_service_account_deploy "$project" "$iss_ed"
 }
 
 # Withdraw IAM
-# Args: project grafana_service cost_upd cost_mon
+# Args: project grafana_service cost_upd cost_mon iss_ed
 function iam_withdraw() {
     declare -r project="$1"; shift
     declare -r grafana_service="$1"; shift
     declare -r cost_upd="$1"; shift
     declare -r cost_mon="$1"; shift
+    declare -r iss_ed="$1"; shift
     declare -r cost_mon_role="${cost_mon//-/_}"
+    iam_service_account_withdraw "$project" "$iss_ed"
     iam_service_account_withdraw "$project" "$cost_mon"
     iam_role_withdraw "$project" "$cost_mon_role"
     iam_service_account_withdraw "$project" "$cost_upd"

kcidb/cloud/iss-ed

@@ -0,0 +1,19 @@
+#!/usr/bin/env python3
+"""Handle Issue Editor WebUI requests"""
+# It's OK, pylint: disable=invalid-name
+
+import os
+from flask import Flask
+#import kcidb.issue_editor
+
+app = Flask(__name__)
+
+
+@app.route("/")
+def hello_world():
+    """Example Hello World route."""
+    return "Hello, World!"
+
+
+if __name__ == "__main__":
+    app.run(host="0.0.0.0", port=int(os.environ.get("PORT", 8080)))

kcidb/cloud/iss-ed.Dockerfile

@@ -0,0 +1,7 @@
+FROM python:3.9
+WORKDIR /app
+COPY . ./
+RUN pip3 install --break-system-packages .
+ENV PYTHONUNBUFFERED True
+ENTRYPOINT ["kcidb/cloud/iss-ed"]
+CMD ["[]"]

kcidb/cloud/pubsub.sh

@@ -142,6 +142,7 @@ function pubsub_subscription_withdraw() {
 #       --cost-topic=NAME
 #       --cost-upd-service-account=NAME
 #       --cost-mon-service=NAME
+#       --iss-ed-service=NAME
 function pubsub_deploy() {
     declare params
     params="$(getopt_vars project \
@@ -158,11 +159,16 @@ function pubsub_deploy() {
                           cost_topic \
                           cost_upd_service_account \
                           cost_mon_service \
+                          iss_ed_service \
                           -- "$@")"
     eval "$params"
     declare project_number
     project_number=$(gcloud projects describe "$project" \
                                               --format='value(projectNumber)')
+    # Issue Editor service account
+    declare iss_ed_service_account="$iss_ed_service"
+    iss_ed_service_account+="@$project.iam.gserviceaccount.com"
+
     # Pub/Sub service account
     declare service_account="service-$project_number"
     service_account+="@gcp-sa-pubsub.iam.gserviceaccount.com"
@@ -180,6 +186,12 @@ function pubsub_deploy() {
                                "${new_debug_subscription}" \
                                --message-retention-duration=12h
 
+    # Permit issue editor to submit new data
+    mute gcloud pubsub topics add-iam-policy-binding \
+        --project="$project" "$new_topic" --quiet \
+        --member="serviceAccount:$iss_ed_service_account" \
+        --role="roles/pubsub.publisher"
+
     pubsub_topic_deploy "$project" "${updated_topic}"
     pubsub_subscription_deploy "$project" "${updated_topic}" \
                                "${updated_debug_subscription}" \

kcidb/cloud/run.sh

@@ -86,6 +86,8 @@ function run_service_withdraw() {
 #       --cost-mon-service=NAME
 #       --cost-mon-image=URL
 #       --cost-upd-service-account=EMAIL
+#       --iss-ed-service=NAME
+#       --iss-ed-image=URL
 function run_deploy() {
     declare params
     params="$(getopt_vars project \
@@ -100,6 +102,8 @@ function run_deploy() {
                           cost_mon_service \
                           cost_mon_image \
                           cost_upd_service_account \
+                          iss_ed_service \
+                          iss_ed_image \
                           -- "$@")"
     eval "$params"
     declare iam_command
@@ -228,6 +232,38 @@ YAML_END
         "$project" "$cost_mon_service" \
         "serviceAccount:$cost_upd_service_account" \
         roles/run.invoker
+
+    # Deploy Issue Editor
+    run_service_deploy "$project" <<YAML_END
+        # Prevent de-indent of the first line
+        apiVersion: serving.knative.dev/v1
+        kind: Service
+        metadata:
+          name: $(yaml_quote "$iss_ed_service")
+          labels:
+            cloud.googleapis.com/location: $(yaml_quote "$RUN_REGION")
+        spec:
+          template:
+            metadata:
+              annotations:
+                autoscaling.knative.dev/minScale: "0"
+                autoscaling.knative.dev/maxScale: "4"
+            spec:
+              serviceAccountName:
+                $(yaml_quote \
+                  "$iss_ed_service@$project.iam.gserviceaccount.com")
+              containerConcurrency: 1
+              timeoutSeconds: 30
+              containers:
+                - image: $(yaml_quote "$iss_ed_image:latest")
+                  name: server
+                  ports:
+                    - containerPort: 8080
+                  resources:
+                    limits:
+                      cpu: "0.25"
+                      memory: "256M"
+YAML_END
 }
 
 # Shutdown Run services.
@@ -249,14 +285,18 @@ function run_shutdown() {
 #       --grafana-service=NAME
 #       --cost-mon-service=NAME
 #       --cost-upd-service-account=EMAIL
+#       --iss-ed-service=NAME
 function run_withdraw() {
     declare params
     params="$(getopt_vars project \
                           grafana_service \
                           cost_mon_service \
                           cost_upd_service_account \
+                          iss_ed_service \
                           -- "$@")"
     eval "$params"
+    # Withdraw Issue Editor
+    run_service_withdraw "$project" "$iss_ed_service"
     # Withdraw Cost updater
     run_iam_policy_binding_withdraw \
         "$project" "$cost_mon_service" \

kcidb/issue_editor/__init__.py

@@ -0,0 +1 @@
+"""Kernel CI reporting - issue editor"""

requirements.txt

@@ -6,6 +6,7 @@ google-cloud-firestore
 google-cloud-storage
 google-cloud-secret-manager
 google-cloud-logging
+flask
 psycopg2
 functions-framework
 jsonschema[format]

setup.py

@@ -50,6 +50,7 @@
         "google-cloud-firestore",
         "google-cloud-secret-manager",
         "google-cloud-logging",
+        "flask",
         "psycopg2",
         "jsonschema[format]",
         "requests",