Using a regular cron job against a URL is common practice (Drupal!), though you should secure the URL...
create a cron.yaml at the root level of your project (right alongside app.yaml)
cron:
- description: daily summary job
url: /summary/daily
schedule: every 24 hours
# schedule: every monday 09:00
# schedule: every 5 minutes from 10:00 to 14:00
# schedule: 2nd,third mon,wed,thu of march 17:00
# schedule: 1st monday of sep,oct,nov 17:00
# schedule: every day 00:00
# schedule: every N (hours|mins|minutes) ["from" (time) "to" (time)]
# schedule:
# target: version-2 # specific version of your app!
# timezone: Australia/NSW # if not specified, then it uses the default UTC
https://developers.google.com/appengine/docs/python/config/cron
Securing a URL via App Engine framework (app.yaml)
While any script can be run (instead of main.app) we'll stick to just protecting a part of your application...
- url: /admin-only/.*
script: main.app
login: admin
appengine.google.com/settings
Administration -> Application Settings (ensure that Authentication Type is Google Accounts API if you want redirect to google login)
(If set to OpenID a failed auth will return: http://MYAPP.appspot.com/_ah/login_required?continue=http://MYAPP.appspot.com/PROTECTED-URL )