0

I have written a small cloud function in GCP which is subscribed to Pub/Sub event. When any cloud builds triggered function post message into the slack channel over webook.

In response, we get lots of details to trigger name, branch name, variables details but i am more interested in Build logs URL.

Currently getting build logs URL in response is like : logUrl: https://console.cloud.google.com/cloud-build/builds/899-08sdf-4412b-e3-bd52872?project=125205252525252

which requires GCP console access to check logs.

While in the console there an option View Raw. Is it possible to get that direct URL in the event response? so that i can directly sent it to slack and anyone can access direct logs without having GCP console access.

Saigeetha Sundar
  • 144
  • 5
chagan
  • 179
  • 4
  • 15
  • post the code of the function, so we can help – NeatNerd Jan 08 '21 at 12:27
  • @NeatNerd there is nothing in code it's not related to code actually, in code just printing data generated due to cloud trigger event. in data i am getting cosole URL for logs but i am looking for way to add View Raw URL. – chagan Jan 08 '21 at 12:36

2 Answers2

2

In your Cloud Build event message, you need to extract 2 values from the JSON message:

  • logsBucket
  • id

The raw file is stored here

<logsBucket>/log-<id>.txt

So, you can get it easily in your function with Cloud Storage client library (preferred solution) or with a simple HTTP Get call to the storage API.

If you need more guidance, let me know your dev language, I will send you a piece of code.

guillaume blaquiere
  • 66,369
  • 2
  • 47
  • 76
  • 1
    Thanks a lot @guillaume-blaquiere. your this answer also helpful. https://stackoverflow.com/questions/58235945/google-cloud-build-conditional-step You made my day. Thanks once again. – chagan Jan 11 '21 at 18:41
  • i got both logs bucket and txt but cant access bucket from GCS console it's _Default bucket. Do i have to change and update bucket ? – chagan Jan 11 '21 at 20:36
  • Also, the default bucket is `not public` however i am looking forward to sharing logs to anyone who has link. So is there any way we can mark that bucket as PUBLIC READ or any better approach do you suggest ? – chagan Jan 11 '21 at 20:38
  • Example url i am trying : https://storage.googleapis.com/5252428796321111111.cloudbuild-logs.googleusercontent.com/id-dsf5151131-sdfsdf-64f3d5d20936.txt or should i share singed URL using GCS client ? – chagan Jan 11 '21 at 20:41
  • 1
    I though you would like to post the raw logs to Slack. I think you can post files on slack channel, it's one of the solutions (download the file in your function and post it to the channel). The other solution is to make the bucket (or only the file with ACL) public and to share the link. But, it's public. If there is confidential logs (such as secrets) it's dangerous to make these log files publics. – guillaume blaquiere Jan 11 '21 at 22:22
  • yes, you are right i want to post logs to slack but just want to share the link of `raw log` file. So if any developer wants to check build log anytime they can visit respective URL and confirm. currently looking if i can use signed URL to add expiration. But looks like default LOG bucket i can not edit and it's not public by default. – chagan Jan 12 '21 at 06:17
  • 1
    signed URL is great but there is expiration. That's why I didn't propose it, but if it's fit your requirements, it's the best solution! – guillaume blaquiere Jan 12 '21 at 07:55
  • ...`hmac-key-bucket-auth@project-id.iam.gserviceaccount.com` does not have `storage.objects.get` access to the `Google Cloud Storage object. but my service account have `storage admin` and `storage object admin` permission in IAM. – chagan Jan 21 '21 at 14:12
  • i am using default log bucket name while generating singedurl : `345555555555619.cloudbuild-logs.googleusercontent.com` and file name something like `log-9dddd52v5-b457-42d1-52db-f767c24cc29e.txt` – chagan Jan 21 '21 at 14:13
  • 1
    Are you on the same project? – guillaume blaquiere Jan 21 '21 at 16:18
  • Resolved issue was passing wrong id log. THANKS, A LOT FOR HELPING US OUT EVERYTIME. – chagan Jan 21 '21 at 19:39
0

as @guillaume blaquiere helped.

Just sharing the piece of code used in cloud function to generate the singedURL of cloud build logs.

var filename ='log-' + build.id + '.txt';
    var file = gcs.bucket(BUCKET_NAME).file(filename);
    const getURL = async () => {
  return new Promise((resolve, reject) => {
    file.getSignedUrl({
      action: 'read',
      expires: Date.now() + 76000000
    }, (err, url) => {
      if (err) {
        console.error(err);
        reject(err);
      }
      console.log("URL");
      resolve(url);
    });
  })
}
    const singedUrl = await getURL();

if anyone looking for the whole code please follow this link : https://github.com/harsh4870/Cloud-build-slack-notification/blob/master/singedURL.js

Harsh Manvar
  • 27,020
  • 6
  • 48
  • 102