diff --git a/cli/docs/scorecard.md b/cli/docs/scorecard.md index f2046b4679f..a544e928d98 100644 --- a/cli/docs/scorecard.md +++ b/cli/docs/scorecard.md @@ -24,12 +24,12 @@ This tutorial will walk you through setting up Scorecard for a single project. ``` 4. Create a GCS bucket for storing CAI data: ``` - gsutil mb gs://$CAI_BUCKET_NAME + gcloud storage buckets create gs://$CAI_BUCKET_NAME ``` 5. Optionally, create a public GCS bucket to trigger a violation: ``` - gsutil mb gs://$PUBLIC_BUCKET_NAME - gsutil iam ch allUsers:objectViewer gs://$PUBLIC_BUCKET_NAME + gcloud storage buckets create gs://$PUBLIC_BUCKET_NAME + gcloud storage buckets add-iam-policy-binding gs://$PUBLIC_BUCKET_NAME --member=allUsers --role=roles/storage.objectViewer ``` 6. Optionally, export the CAI data to GCS: ``` @@ -91,8 +91,8 @@ You can also run CFT Scorecard against locally downloaded CAI data: ``` mkdir cai-dir -gsutil cp gs://$CAI_BUCKET_NAME/resource_inventory.json ./cai-dir/ -gsutil cp gs://$CAI_BUCKET_NAME/iam_inventory.json ./cai-dir/ +gcloud storage cp gs://$CAI_BUCKET_NAME/resource_inventory.json ./cai-dir/ +gcloud storage cp gs://$CAI_BUCKET_NAME/iam_inventory.json ./cai-dir/ ./cft scorecard --policy-path ./policy-library \ --dir-path ./cai-dir ``` diff --git a/infra/build/developer-tools/Dockerfile b/infra/build/developer-tools/Dockerfile index 22e2d407684..30677e98c45 100644 --- a/infra/build/developer-tools/Dockerfile +++ b/infra/build/developer-tools/Dockerfile @@ -68,7 +68,7 @@ RUN apk upgrade --no-cache && \ # Add all build scripts ADD ./build/*.sh /build/ -# Add cloud sdk first, gsutil required by some installers +# Add cloud sdk first ARG CLOUD_SDK_VERSION RUN /build/install_cloud_sdk.sh ${CLOUD_SDK_VERSION} diff --git a/infra/build/developer-tools/build/install_cloud_sdk.sh b/infra/build/developer-tools/build/install_cloud_sdk.sh index eb27f53d49c..af80e1be2d4 100755 --- a/infra/build/developer-tools/build/install_cloud_sdk.sh +++ b/infra/build/developer-tools/build/install_cloud_sdk.sh @@ -38,4 +38,3 @@ gcloud components install alpha beta terraform-tools gke-gcloud-auth-plugin --qu rm -rf /usr/local/google-cloud-sdk/.install/.backup gcloud --version -gsutil version -l diff --git a/infra/build/developer-tools/build/install_tinkey.sh b/infra/build/developer-tools/build/install_tinkey.sh index 47fd5bb3c2a..d8a33e60095 100755 --- a/infra/build/developer-tools/build/install_tinkey.sh +++ b/infra/build/developer-tools/build/install_tinkey.sh @@ -21,7 +21,7 @@ cd /build/install_tinkey TINKEY_VERSION=$1 -gsutil cp "gs://tinkey/tinkey-${TINKEY_VERSION}.tar.gz" . +gcloud storage cp "gs://tinkey/tinkey-${TINKEY_VERSION}.tar.gz" . tar -xzf "tinkey-${TINKEY_VERSION}.tar.gz" install -o 0 -g 0 -m 0755 tinkey_deploy.jar /usr/bin/ diff --git a/infra/build/developer-tools/build/scripts/task_helper_functions.sh b/infra/build/developer-tools/build/scripts/task_helper_functions.sh index d9093e572a4..1a324a75138 100755 --- a/infra/build/developer-tools/build/scripts/task_helper_functions.sh +++ b/infra/build/developer-tools/build/scripts/task_helper_functions.sh @@ -532,7 +532,7 @@ function fix_headers() { # Given SERVICE_ACCOUNT_JSON with the JSON string of a service account key, # initialize the SA credentials for use with: # 1: terraform -# 2: gcloud (passes SA creds implicitly to gsutil and bq-script) +# 2: gcloud (passes SA creds implicitly bq-script) # 3: Kitchen and inspec # # Add service acocunt support for additional tools as needed, preferring the @@ -563,7 +563,7 @@ init_credentials() { # https://github.com/inspec/inspec-gcp#create-credentials-file-via export GOOGLE_APPLICATION_CREDENTIALS="${tmpfile}" - # Login to GCP for using bq-script and gsutil + # Login to GCP for using bq-script gcloud auth activate-service-account --key-file="${GOOGLE_APPLICATION_CREDENTIALS}" }