I have created an pub/sub topic to which I will publish a message every time an new object is uploaded to the bucket. Now I want to create a subscription to push a notification to an endpoint every time a new object is uploaded to that bucket. Following the documentation, I wanted something like that:
gcloud alpha pubsub subscriptions create orderComplete \ --topic projects/PROJECT-ID/topics/TOPIC \ --push-endpoint http://localhost:5000/ENDPOINT/ --ack-deadline=60 However my app is running on kubernetes and it seems that pub/sub cannot reach my endpoint. Any suggestions?
Yeah, so as @jakub-bujny points out you need a SSL endpoint. So one solution, on GKE, to use google's managed certificates with an Ingress resource (link shows you how)
In order for Cloud Pub/Sub to push messages to your application, you need to provide a publicly accessible endpoint. In Kubernetes, this most likely means exposing a Service. With this, you should have a non-local (i.e. no “localhost”) URL to reach the pods running your binaries.
Before creating the Cloud Pub/Sub subscription, you should also verify your domain with the Cloud Console.
Finally, you can set your subscription to push messages by changing its configuration:
gcloud pubsub subscriptions modify-push-config mySubscription \
--push-endpoint="https://publicly-available-domain.com/push-endpoint"As standing in documentation
In general, the push endpoint must be a publicly accessible HTTPS server, presenting a valid SSL certificate signed by a certificate authority and routable by DNS.
So you must expose your service via HTTPS using Ingress as described there: https://cloud.google.com/kubernetes-engine/docs/concepts/ingress