File tree Expand file tree Collapse file tree 1 file changed +15
-5
lines changed
Expand file tree Collapse file tree 1 file changed +15
-5
lines changed Original file line number Diff line number Diff line change 2424
2525 - name : Create DB dump bucket
2626 run : |
27+ SOURCE_PROJECT_ID={{ vars.PROD_MOBILITY_FEEDS_PROJECT_ID }}
28+ DEST_PROJECT_ID={{ vars.QA_MOBILITY_FEEDS_PROJECT_ID }}
2729 DUMP_BUCKET_NAME="mobilitydata-database-dump-qa"
2830 BUCKET_PROJECT_ID=${{ vars.QA_MOBILITY_FEEDS_PROJECT_ID }}
2931 GCP_REGION=${{ vars.MOBILITY_FEEDS_REGION }}
3638 echo "Bucket already exists."
3739 fi
3840
39- # Give write permission for the source sql instance to write to the bucket
40- # gsutil iam ch serviceAccount:$SOURCE_SQL_SERVICE_ACCOUNT:objectCreator gs://$BUCKET_NAME
41-
42- # Give read permission on the bucket to the destination sql instance
43- # gsutil iam ch serviceAccount:$DEST_SQL_SERVICE_ACCOUNT:objectViewer gs://$BUCKET_NAME
41+ # Get the service account got the PROD DB and give write permsssion to the bucket
42+ SOURCE_SQL_SERVICE_ACCOUNT=$(gcloud sql instances describe $SQL_INSTANCE_NAME --project=$SOURCE_PROJECT_ID --format="value(serviceAccountEmailAddress)")
43+ echo "Source SQL Service Account: $SOURCE_SQL_SERVICE_ACCOUNT"
44+
45+ # Give write permission for the source sql instance to write to the bucket
46+ gsutil iam ch serviceAccount:$SOURCE_SQL_SERVICE_ACCOUNT:objectCreator gs://$DUMP_BUCKET_NAME
47+
48+ # Get the service account got the QA DB and give read permsssion to the bucket
49+ DEST_SQL_SERVICE_ACCOUNT=$(gcloud sql instances describe $SQL_INSTANCE_NAME --project=DEST_PROJECT_ID --format="value(serviceAccountEmailAddress)")
50+ echo "Destination SQL Service Account: $DEST_SQL_SERVICE_ACCOUNT"
51+
52+ # Give read permission on the bucket to the destination sql instance
53+ gsutil iam ch serviceAccount:$DEST_SQL_SERVICE_ACCOUNT:objectViewer gs://$BUCKET_NAME
You can’t perform that action at this time.
0 commit comments