Terraform corrections 2

Author: jcpitre

functions-python/batch_process_dataset/README.md

@@ -32,7 +32,7 @@ The function expects a Pub/Sub message with the following format:
 
 # Function configuration
 The function is configured using the following environment variables:
-- `DATASETS_BUCKET_NANE`: The name of the bucket where the datasets are stored.
+- `DATASETS_BUCKET_NAME`: The name of the bucket where the datasets are stored.
 - `FEEDS_DATABASE_URL`: The URL of the feeds database.
 - `MAXIMUM_EXECUTIONS`: [Optional] The maximum number of executions per datasets. This controls the number of times a dataset can be processed per execution id. By default, is 1.
 

functions-python/batch_process_dataset/src/main.py

@@ -308,8 +308,7 @@ def process_dataset(cloud_event: CloudEvent):
     Logger.init_logger()
     logging.info("Function Started")
     stable_id = "UNKNOWN"
-    execution_id = "UNKNOWN"
-    bucket_name = os.getenv("DATASETS_BUCKET_NANE")
+    bucket_name = os.getenv("DATASETS_BUCKET_NAME")
 
     try:
         #  Extract data from message

functions-python/export_csv/src/main.py

@@ -324,6 +324,7 @@ def upload_file_to_storage(source_file_path, target_path):
     Uploads a file to the GCP bucket
     """
     bucket_name = os.getenv("DATASETS_BUCKET_NAME")
+    print(f"Uploading file to bucket {bucket_name} at path {target_path}")
     bucket = storage.Client().get_bucket(bucket_name)
     blob = bucket.blob(target_path)
     with open(source_file_path, "rb") as file:

infra/batch/main.tf

@@ -249,7 +249,7 @@ resource "google_cloudfunctions2_function" "pubsub_function" {
     vpc_connector_egress_settings = "PRIVATE_RANGES_ONLY"
 
     environment_variables = {
-      DATASETS_BUCKET_NANE = google_storage_bucket.datasets_bucket.name
+      DATASETS_BUCKET_NAME = google_storage_bucket.datasets_bucket.name
       # prevents multiline logs from being truncated on GCP console
       PYTHONNODEBUGRANGES = 0
       DB_REUSE_SESSION    = "True"

infra/functions-python/main.tf

@@ -108,6 +108,18 @@ resource "google_storage_bucket" "gbfs_snapshots_bucket" {
   name     = "${var.gbfs_bucket_name}-${var.environment}"
 }
 
+resource "google_storage_bucket_iam_member" "datasets_bucket_functions_service_account" {
+  bucket = google_storage_bucket.datasets_bucket.name
+  role   = "roles/storage.admin"
+  member = "serviceAccount:${google_service_account.functions_service_account.email}"
+}
+
+resource "google_project_iam_member" "datasets_bucket_functions_service_account" {
+  project = var.project_id
+  member  = "serviceAccount:${google_service_account.functions_service_account.email}"
+  role    = "roles/storage.admin"
+}
+
 # Cloud function source code zip files:
 # 1. Tokens
 resource "google_storage_bucket_object" "function_token_zip" {
@@ -856,8 +868,7 @@ resource "google_cloudfunctions2_function" "export_csv" {
   }
   service_config {
     environment_variables = {
-      DATASETS_BUCKET_NANE = var.datasets_bucket_name
-      QAZ = "${var.datasets_bucket_name}-${var.environment}"
+      DATASETS_BUCKET_NAME = "${var.datasets_bucket_name}-${var.environment}"
       PROJECT_ID  = var.project_id
       ENVIRONMENT = var.environment
     }
@@ -933,15 +944,6 @@ resource "google_project_iam_member" "event-receiving" {
   depends_on = [google_project_iam_member.invoking]
 }
 
-# Grant read access to the datasets bucket for the service account
-resource "google_storage_bucket_iam_binding" "bucket_object_viewer" {
-  bucket = "${var.datasets_bucket_name}-${var.environment}"
-  role   = "roles/storage.objectViewer"
-  members = [
-    "serviceAccount:${google_service_account.functions_service_account.email}"
-  ]
-}
-
 # Grant write access to the gbfs bucket for the service account
 resource "google_storage_bucket_iam_binding" "gbfs_bucket_object_creator" {
   bucket = google_storage_bucket.gbfs_snapshots_bucket.name