This repository implements Event Sources to wire G Suite events into Knative Eventing.
You will need:
- A Google Cloud project and install the
gcloud CLI and run
gcloud auth login. The samples below will use a mix ofgcloudandkubectlcommands. We assume that you have set the$PROJECT_IDenvironment variable to your GCP project ID, and that you set your project ID as default usinggcloud config set project $PROJECT_ID. - An internet-accessible Kubernetes cluster with Knative Serving installed. Follow the installation instructions if you need to create one.
- Ensure Knative Serving is configured with a domain name that allows G Suite to call into the cluster.
- Ensure Knative Serving is configured with HTTPS with a custom certificate as G Suite Push Notifications require HTTPS and valid certificates.
- If you're using GKE, you'll also want to assign a static IP address.
- Install Knative Eventing. Those instructions also install the default eventing sources.
- A G Suite domain where you have administrator privileges, as we will do G Suite Domain-Wide Delegation of Authority.
-
Create a GCP Service Account. All the examples below use the same service account but you can create different ones for the different G Suite applications. Create a new service account named gcs-source with the following command:
- Create a new service account named
gsuite-sourcewith the following command:gcloud iam service-accounts create gsuite-source
- Give that service account the viewer role for your GCP project:
gcloud projects add-iam-policy-binding $PROJECT_ID \ --member=serviceAccount:gsuite-source@$PROJECT_ID.iam.gserviceaccount.com \ --role roles/viewer
- Edit that service account from the GCP UI, and mark the checkbox to Enable G Suite domain-wide delegation. Also, copy the Client ID to some notes as you will use it later.
- Download a new JSON private key for that service account.
gcloud iam service-accounts keys create gsuite-source.json \ --iam-account=gsuite-source@$PROJECT_ID.iam.gserviceaccount.com - Create a namespace where the secret is created and where our controller will run
kubectl create namespace gsuite-sources
- Create a secret on the Kubernetes cluster for the downloaded key. You need
to store this key in
key.jsonin a secret namedgsuite-source-key. This is used by thecontrollerto create webhooks to G Suite Push notifications.
kubectl -n gsuite-sources create secret generic gsuite-source-key \ --from-file=key.json=gsuite-source.json --dry-run -o yaml | kubectl apply --filename -- Create another secret for the downloaded key that we will use in the different examples.
kubectl -n default create secret generic gs-source-key --from-file=key.json=gsuite-source.json
- Create a new service account named
Install the G Suite sources by executing:
ko apply -f ./configWait until the controller has Running status:
kubectl get pods -n gsuite-sources NAME READY STATUS RESTARTS AGE
gsuite-controller-manager-0 1/1 Running 0 14s
The G Suite controller is up and running!
Below you can find the list of the currently supported G Suite sources CRDs and their respective examples that are packaged with this installation.
| Name | Status | Support | Description |
|---|---|---|---|
| Calendar | Proof of Concept | None | Brings Google Calendar events into Knative |
| Drive | Proof of Concept | None | Brings Google Drive events into Knative |
You can remove the G Suite sources by deleting the namespace:
kubectl delete namespace gsuite-sources