serverless-tencent-scf
This plugin enables [Tencent SCF (Serverless Cloud Function)] (https://cloud.tencent.com/product/scf) support for [Serverless Framework] (https://github.com/serverless/serverless).
Read this in other languages: English, 简体中文
Getting started
Pre-requisites
- Node.js v8.x+
- Serverless CLI v1.35.0+ (install via
npm i -g serverless
) - Qcloud account - APPID - SecretId - SecretKey
###example
The project file structure is similar to this:
├── index.js├── package.json└── serverless.yml
serverless.yml
:
service: hello-worldprovider: name: tencent region: ap-guangzhou runtime: Nodejs8.9 stage: dev credentials: ~/.tencentcloud/credentials.ini # must provide absolute pathplugins: - serverless-tencent-scfpackage: exclude: - ./** include: - index.jsfunctions: hello: handler: index.hello description: hello world function memorySize: 128 timeout: 3 events: - timer: name: 5m cron: "*/5 * * * *"
For more examples of trigger configuration, please refer to example/serverless.yml
package.json
:
{ "devDependencies": { "serverless-tencent-scf": "*" }}
index.js
:
"use strict";exports.hello = (event, context, callback) => { callback(null, "Hello world!");};
API key configuration credentials.ini
:
[default]tencent_secret_id=AKIxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxtencent_secret_key=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxtencent_app_id=1251******
This file contains sensitive information, please do not put it in the project directory, it is recommended to put it in your personal directory and configure it to provider.credentials with an absolute path.
If you do not configure provider.credentials
, the default credential configuration of [tencentcli] (https://github.com/TencentCloud/tencentcloud-cli) will be used, but some features cannot work because there is no APPID
, see FAQ.
The following is the access to each information.
- The
tencent_secret_id
andtencent_secret_key
cloud API keys can be queried in [Tencent Cloud-API Key Management] (https://console.cloud.tencent.com/cam/capi). If not, please create a new one. tencent_app_id
The APPID of Tencent Cloud account can be found in [Tencent Cloud-Account Center] (https://console.cloud.tencent.com/developer)
Development & Publishing
-
Initial Tencent SCF plugin:
serverless plugin install --name serverless-tencent-scf -
Deploy or update scf to Tencent Cloud:
serverless deploy
TIP: The command sls
is shortcut of serverless
, so you can simply use sls deploy
-
Removed from Tencent Cloud scf:
serverless remove -
Remote call
serverless invoke -f hello -
Log query
serverless logs -f hello
FAQ
APPID
In the example provider.credentials
is additionally configured with tencent_app_id
, which is optional and only required by some functions.
Here are the features that need to use APPID
- Release package file larger than 10MB
If not configured, an error will be displayed when performing the above functions.
cos Authorization
When the package file is larger than 10MB, it will upload package via user's own cos. The upload operation requires the account to have the read and write permissions of the transfer bucket (scf-deployment
). If you are using sub-account, you can login owner account [associate CAM policy] (https://cloud.tencent.com/document/product/436/11714) to sub-account
Of course you can also do [more precise CAM authorization] (https://cloud.tencent.com/document/product/598/11084)
Role Authorization
Here are the features that need to grant permissions to the scf role.
- [Cloud Object Storage - cos] (https://console.cloud.tencent.com/cos)
- When the package file is larger than 10MB, it will upload package file via cos, and scf needs to access the user-uploaded package file. - cos trigger
- [API Gateway - API Gateway] (https://console.cloud.tencent.com/apigateway) - API Gateway Trigger
Usually it is automate authorized by the tool, but if you are using a sub-account secret key, and the current cloud account does not have initial role creation and authorization, and there is no permission to perform initial operations, an error will be reported.
You can use the primary account to execute serverless tencent initcam
, which will initialize the role authorization, so that scf can access other business resources (such as object storage, API gateway, etc.)
Visit [Tencent Cloud - Access Management - Roles] (https://console.cloud.tencent.com/cam/role) to view the strategy that the scf role (SCF_QcsRole
) is bound to.
proxy
To use a proxy, configure the https_proxy
environment variable