variable "project_id" {
  type    = string
  default = "datacom-poc"
}

variable "region" {
  type    = string
  default = "asia-northeast1"
} 

variable "function_name" {
  type    = string
  default = "mrt-create-log-sheet"
}


# Scheduler実行用サービスアカウント
resource "google_service_account" "cf_scheduler_sa" {
  project      = var.project_id
  account_id   = "mrt-scheduler-sa-devtest" 
  display_name = "Cloud Functions 起動用サービスアカウント"
}

# 権限を SA に付与
resource "google_project_iam_member" "scheduler_role" {
  for_each       = toset(["roles/cloudfunctions.invoker","roles/run.invoker"])
  project        = var.project_id
  role           = each.value
  member         = "serviceAccount:${google_service_account.cf_scheduler_sa.email}"
}


# 毎月1日0時に Function を実行する Scheduler ジョブ
resource "google_cloud_scheduler_job" "monthly_cf_trigger" {
  project     = var.project_id
  name        = "monthly-cf-trigger"
  description = "Invoke Cloud Function on the 1st of each month at 00:00"
  region      = var.region
  schedule    = "0 0 1 * *"
  time_zone   = "Asia/Tokyo"

  http_target {
    uri         = "https://${var.region}-${var.project_id}.cloudfunctions.net/${var.function_name}"
    http_method = "POST"
    oidc_token {
      service_account_email = google_service_account.cf_scheduler_sa.email
      audience              = "https://${var.region}-${var.project_id}.cloudfunctions.net/${var.function_name}"
    }
  }
}