Skip to content

Commit c5e2a76

Browse files
minherzminherz
authored
chore: modify secret management (#9393)
after provisioning secrets to the shared location, the script is updated to use the same secret reading mechanism as in run_tests.sh
1 parent 1d67335 commit c5e2a76

File tree

1 file changed

+24
-7
lines changed

1 file changed

+24
-7
lines changed

.kokoro/tests/run_prptst_tests.sh

Lines changed: 24 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -42,21 +42,38 @@ mvn -v
4242
echo "********** GRADLE INFO ***********"
4343
gradle -v
4444

45-
# (need review) load secrets from GDU project 'java-docs-samples-testing'
45+
# Setup required env variables
46+
export GOOGLE_CLOUD_PROJECT=java-docs-samples-testing
47+
export GOOGLE_APPLICATION_CREDENTIALS=${KOKORO_GFILE_DIR}/secrets/prptst-java-docs-samples-service-account.json
48+
49+
## Download secrets
50+
SECRET_FILES=("prptst-java-docs-samples-service-account.json" \
51+
"prptst-gcloud-cli-configuration")
52+
53+
# Create secrets dir
4654
mkdir -p "${KOKORO_GFILE_DIR}/secrets"
55+
for SECRET in "${SECRET_FILES[@]}"; do
56+
# grab latest version of secret
57+
gcloud secrets versions access latest --secret="${SECRET%.*}" > "${KOKORO_GFILE_DIR}/secrets/$SECRET"
58+
fi
59+
done
60+
61+
# Copy gcloud CLI configuration to configured location
4762
CONFIG_PATH=$(gcloud info --format='value(config.paths.global_config_dir)')
4863
mkdir -p "${CONFIG_PATH}/configurations"
49-
gcloud secrets versions access latest --project="java-docs-samples-testing" --secret="tpc-java-docs-samples-service-account" > "${KOKORO_GFILE_DIR}/secrets/tpc-java-docs-samples-service-account.json"
50-
gcloud secrets versions access latest --project="java-docs-samples-testing" --secret="tpc-configuration" > "${CONFIG_PATH}/configurations/config_tpc"
64+
cp "${KOKORO_GFILE_DIR}/secrets/prptst-gcloud-cli-configuration" "${CONFIG_PATH}/configurations/config_prptst"
5165

52-
# Setup environment vars required for testing
53-
gcloud config configurations active tpc
54-
export GOOGLE_CLOUD_PROJECT="tpczero-system:java-docs-samples-testing"
55-
export GOOGLE_APPLICATION_CREDENTIALS=${KOKORO_GFILE_DIR}/secrets/tpc-java-docs-samples-service-account.json
66+
# Setup env variables to run tests
5667
export GOOGLE_CLOUD_UNIVERSE_DOMAIN="$(gcloud config get universe_domain)"
5768
export JAVA_DOCS_COMPUTE_TEST_ZONES="u-us-prp1-a,u-us-prp1-b,u-us-prp1-c"
5869
export JAVA_DOCS_COMPUTE_TEST_IMAGE_PROJECT="tpczero-system:java-docs-samples-testing" # test will fail anyway because images are not there
5970

71+
# Activate service account
72+
gcloud config configurations active prptst
73+
gcloud auth activate-service-account \
74+
--key-file="$GOOGLE_APPLICATION_CREDENTIALS" \
75+
--project="$GOOGLE_CLOUD_PROJECT"
76+
6077
# Execute compute/cloud-client tests
6178
git config --global --add safe.directory $PWD
6279

0 commit comments

Comments
 (0)