steampipe plugin install gcp

Table: gcp_cloud_run_job - Query GCP Cloud Run Jobs using SQL

Google Cloud Run is a managed compute platform that enables you to run stateless containers that are invocable via HTTP requests. Cloud Run is serverless: it abstracts away all infrastructure management, so you can focus on what matters most — building great applications. It automatically scales up or down from zero to N depending on traffic.

Table Usage Guide

The gcp_cloud_run_job table provides insights into Cloud Run jobs within Google Cloud Platform (GCP). As a developer or DevOps engineer, explore job-specific details through this table, including configurations and executions. Utilize it to uncover information about jobs, such as the application's traffic flow, deployment history, and the current state of the job.

Examples

Basic info

Explore the basic details of your Google Cloud Run jobs, including their names, and client versions. This information can help you understand the configuration and status of your jobs, which is useful for managing and optimizing your cloud resources.

select
name,
client,
client_version,
create_time,
creator,
generation,
launch_stage
from
gcp_cloud_run_job;
select
name,
client,
client_version,
create_time,
creator,
generation,
launch_stage
from
gcp_cloud_run_job;

Count of jobs by launch stage

Determine the distribution of jobs based on their launch stages. This can help in understanding how many jobs are in different stages of their lifecycle, providing insights for resource allocation and strategic planning.

select
launch_stage,
count(*)
from
gcp_cloud_run_job
group by
launch_stage;
select
launch_stage,
count(*)
from
gcp_cloud_run_job
group by
launch_stage;

List cloud-run jobs that are reconciling

Analyze the settings to understand which cloud-run jobs are currently in the process of reconciling. This can be useful for tracking and managing jobs that may be undergoing changes or updates.

select
name,
client,
client_version,
create_time,
creator,
generation,
launch_stage,
reconciling
from
gcp_cloud_run_job
where
reconciling;
select
name,
client,
client_version,
create_time,
creator,
generation,
launch_stage,
reconciling
from
gcp_cloud_run_job
where
reconciling = 1;

List jobs created in the last 30 days

Discover the jobs that were established in the past 30 days to gain insights into recent activities and understand the context of their creation. This could be useful in tracking the growth of jobs over time or identifying any unexpected or unauthorized job creation.

select
name,
create_time,
creator,
launch_stage
from
gcp_cloud_run_job
where
create_time >= now() - interval '30' day;
select
name,
create_time,
creator,
launch_stage
from
gcp_cloud_run_job
where
create_time >= datetime('now', '-30 day');

Get condition details of jobs

This example allows you to gain insights into the status and condition details of various jobs in the Google Cloud Run environment. It can be used to understand the health of jobs, the reasons for their current state, and when they last transitioned, which can assist in troubleshooting and maintaining job stability.

select
name,
c ->> 'ExecutionReason' as execution_reason,
c ->> 'LastTransitionTime' as last_transition_time,
c ->> 'Message' as message,
c ->> 'Reason' as reason,
c ->> 'RevisionReason' as revision_reason,
c ->> 'State' as state,
c ->> 'Type' as type
from
gcp_cloud_run_job,
jsonb_array_elements(conditions) as c;
select
name,
json_extract(c.value, '$.ExecutionReason') as execution_reason,
json_extract(c.value, '$.LastTransitionTime') as last_transition_time,
json_extract(c.value, '$.Message') as message,
json_extract(c.value, '$.Reason') as reason,
json_extract(c.value, '$.RevisionReason') as revision_reason,
json_extract(c.value, '$.State') as state,
json_extract(c.value, '$.Type') as type
from
gcp_cloud_run_job,
json_each(conditions) as c;

Get associated members or principals, with a role of jobs

Attaching an Identity and Access Management (IAM) policy to a Google Cloud Run job involves setting permissions for that particular job. Google Cloud Run jobs use IAM for access control, and by configuring IAM policies, you can define who has what type of access to your Cloud Run jobs.

select
name,
i -> 'Condition' as condition,
i -> 'Members' as members,
i ->> 'Role' as role
from
gcp_cloud_run_job,
jsonb_array_elements(iam_policy -> 'Bindings') as i;
select
name,
json_extract(i.value, '$.Condition') as condition,
json_extract(i.value, '$.Members') as members,
json_extract(i.value, '$.Role') as role
from
gcp_cloud_run_job,
json_each(json_extract(iam_policy, '$.Bindings')) as i;

Get template details of jobs

Explore the various attributes of your cloud-based jobs, such as encryption keys, container details, and scaling parameters. This query is useful to gain an understanding of your job configurations and identify areas for potential adjustments or enhancements.

select
name,
template ->> 'Containers' as containers,
template ->> 'EncryptionKey' as encryption_key,
template ->> 'ExecutionEnvironment' as execution_environment,
template ->> 'MaxRetries' as max_retries,
template ->> 'ServiceAccount' as service_account,
template ->> 'Timeout' as timeout,
template ->> 'Volumes' as volumes,
template ->> 'VpcAccess' as vpc_access
from
gcp_cloud_run_job;
select
name,
json_extract(template, '$.Containers') as containers,
json_extract(template, '$.EncryptionKey') as encryption_key,
json_extract(template, '$.ExecutionEnvironment') as execution_environment,
json_extract(template, '$.MaxRetries') as max_retries,
json_extract(template, '$.ServiceAccount') as service_account,
json_extract(template, '$.Timeout') as timeout,
json_extract(template, '$.Volumes') as volumes,
json_extract(template, '$.VpcAccess') as vpc_access
from
gcp_cloud_run_job;

Schema for gcp_cloud_run_job

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
annotationsjsonbUnstructured key value map that may be set by external tools to store and arbitrary metadata.
binary_authorizationjsonbSettings for the Binary Authorization feature.
clienttextArbitrary identifier for the API client.
client_versiontextArbitrary version identifier for the API client.
conditionsjsonbThe Conditions of all other associated sub-resources.
create_timetimestamp with time zoneThe creation time.
creatortextEmail address of the authenticated creator.
delete_timetimestamp with time zoneThe deletion time.
etagtextA system-generated fingerprint for this version of the resource.
execution_countbigintNumber of executions created for this job.
expire_timetimestamp with time zoneFor a deleted resource, the time after which it will be permamently deleted.
generationbigintA number that monotonically increases every time the user modifies the desired state.
iam_policyjsonbAn Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.
labelsjsonbUnstructured key value map that can be used to organize and categorize objects.
last_modifiertextEmail address of the last authenticated modifier.
latest_created_executionjsonbThe last created execution.
launch_stagetextThe launch stage as defined by Google Cloud Platform Launch Stages (https://cloud.google.com/terms/launch-stages). Cloud Run supports `ALPHA`, `BETA`, and `GA`. If no value is specified, GA is assumed.
locationtext=The GCP multi-region, region, or zone in which the resource is located.
nametext=The fully qualified name of this Job.
observed_generationtextThe generation of this Job.
projecttext=, !=, ~~, ~~*, !~~, !~~*The GCP Project in which the resource is located.
reconcilingbooleanReturns true if the Job is currently being acted upon by the system to bring it into the desired state.
run_execution_tokentextA unique string used as a suffix for creating a new execution. The Job will become ready when the execution is successfully completed.
satisfies_pzsbooleanReserved for future use.
self_linktextThe server-defined URL for the resource.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
start_execution_tokentextA unique string used as a suffix creating a new execution. The Job will become ready when the execution is successfully started.
tagsjsonbA map of tags for the resource.
templatejsonbThe template used to create executions for this Job.
terminal_conditionjsonbThe Condition of this Job, containing its readiness status, and detailed error information in case it did not reach a serving state.
titletextTitle of the resource.
uidtextServer assigned unique identifier for the trigger.
update_timetimestamp with time zoneThe last-modified time.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- gcp

You can pass the configuration to the command with the --config argument:

steampipe_export_gcp --config '<your_config>' gcp_cloud_run_job