Merge pull request #12 from ft-circleci-orbs/default_settings

robgodfrey · web-flow · commit 4aca63642e78 · 2023-10-03T15:24:50.000+01:00
Extract Cloudsmith Org and Download Domains to Environment Variables
diff --git a/.circleci/test-deploy.yml b/.circleci/test-deploy.yml
@@ -33,6 +33,11 @@ jobs:
       - run:
           name: Assert environment variables have been set
           command: | 
+            if [ $CLOUDSMITH_ORGANISATION != "financial-times" ]
+            then
+              echo "Test failed: CLOUDSMITH_ORGANISATION has not been set correctly."
+              exit 1
+            fi
             if [ $CLOUDSMITH_SERVICE_IDENTIFIER != "circleci-orb-testing" ]
             then
               echo "Test failed: CLOUDSMITH_SERVICE_IDENTIFIER has not been set."
@@ -56,6 +61,11 @@ jobs:
       - run:
           name: Assert environment variables have been set
           command: | 
+            if [ $CLOUDSMITH_DOWNLOADS_DOMAIN != "packages.ft.com" ]
+            then
+              echo "Test failed: CLOUDSMITH_DOWNLOADS_DOMAIN has not been set correctly."
+              exit 1
+            fi
             if [ -z $CLOUDSMITH_PIP_INDEX_URL ]
             then
               echo "Test failed: CLOUDSMITH_PIP_INDEX_URL has not been set."
diff --git a/src/commands/authenticate_with_oidc.yml b/src/commands/authenticate_with_oidc.yml
@@ -9,9 +9,16 @@ parameters:
     type: string
 steps:
   - run:
-      name: Prepare script parameters
+      name: Configure Cloudsmith organisation
       command: |
-        echo "export CLOUDSMITH_SERVICE_IDENTIFIER=\"<<parameters.service_identifier>>\"" >> $BASH_ENV
+        if [ -z "$CLOUDSMITH_ORGANISATION" ]
+        then
+          echo "export CLOUDSMITH_ORGANISATION=\"financial-times\"" >> "$BASH_ENV"
+        fi
   - run:
-      name: Authenticate with OIDC and generate a temporary OIDC token
+      name: Configure Cloudsmith service account
+      command: |
+        echo "export CLOUDSMITH_SERVICE_IDENTIFIER=\"<<parameters.service_identifier>>\"" >> "$BASH_ENV"
+  - run:
+      name: Authenticate with OIDC
       command: <<include(scripts/authenticate_with_oidc.sh)>>
diff --git a/src/commands/set_env_vars_for_pip.yml b/src/commands/set_env_vars_for_pip.yml
@@ -11,9 +11,13 @@ steps:
   - authenticate_with_oidc:
       service_identifier: <<parameters.service_identifier>>
   - run:
-      name: Prepare script parameters
+      name: Configure Cloudsmith domains
+      command: <<include(scripts/configure_cloudsmith_domains.sh)>>
+  - run:
+      name: Configure Cloudsmith repository
       command: |
         echo "export CLOUDSMITH_REPOSITORY_IDENTIFIER=\"<<parameters.repository_identifier>>\"" >> $BASH_ENV
+        echo "CLOUDSMITH_REPOSITORY_IDENTIFIER=<<parameters.repository_identifier>>"
   - run:
       name: Set environment variables for pip
       command: <<include(scripts/set_env_vars_for_pip.sh)>>
diff --git a/src/scripts/authenticate_with_oidc.sh b/src/scripts/authenticate_with_oidc.sh
@@ -5,17 +5,23 @@
 
 set +e
 
+if [ -z "$CLOUDSMITH_ORGANISATION" ]
+then
+  echo "Unable to generate OIDC token. Environment variable CLOUDSMITH_ORGANISATION is not set."
+  exit 1
+fi
+
 if [ -z "$CLOUDSMITH_SERVICE_IDENTIFIER" ]
 then
   echo "Unable to generate OIDC token. Environment variable CLOUDSMITH_SERVICE_IDENTIFIER is not set."
   exit 1
 fi
 
-echo "Generating Cloudsmith OIDC token for service account: $CLOUDSMITH_SERVICE_IDENTIFIER"
+echo "Generating Cloudsmith OIDC token for service account: $CLOUDSMITH_ORGANISATION/$CLOUDSMITH_SERVICE_IDENTIFIER"
 
 RESPONSE=$(curl -X POST -H "Content-Type: application/json" \
             -d "{\"oidc_token\":\"$CIRCLE_OIDC_TOKEN_V2\", \"service_slug\":\"$CLOUDSMITH_SERVICE_IDENTIFIER\"}" \
-            --silent --show-error "https://api.cloudsmith.io/openid/financial-times/")
+            --silent --show-error "https://api.cloudsmith.io/openid/$CLOUDSMITH_ORGANISATION/")
 
 CLOUDSMITH_OIDC_TOKEN=$(echo "$RESPONSE" | grep -o '"token": "[^"]*' | grep -o '[^"]*$')
 
diff --git a/src/scripts/configure_cloudsmith_domains.sh b/src/scripts/configure_cloudsmith_domains.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+if [ -z "$CLOUDSMITH_DOWNLOADS_DOMAIN" ]
+then
+  echo "export CLOUDSMITH_DOWNLOADS_DOMAIN=\"packages.ft.com\"" >> "$BASH_ENV"
+fi
+
diff --git a/src/scripts/set_env_vars_for_pip.sh b/src/scripts/set_env_vars_for_pip.sh
@@ -7,7 +7,7 @@ set +e
 
 if [ -z "$CLOUDSMITH_SERVICE_IDENTIFIER" ] || [ -z "$CLOUDSMITH_OIDC_TOKEN" ]
 then
-  echo "Unable to find an OIDC token to use. Please ensure the authenticate-with-oidc command has been run before this command."
+  echo "Unable to find an OIDC token to use. Please ensure the authenticate_with_oidc command has been run before this command."
   exit 1
 fi
 
@@ -17,10 +17,17 @@ then
   exit 1
 fi
 
-CLOUDSMITH_PIP_INDEX_URL="https://$CLOUDSMITH_SERVICE_IDENTIFIER:$CLOUDSMITH_OIDC_TOKEN@packages.ft.com/basic/$CLOUDSMITH_REPOSITORY_IDENTIFIER/python/simple/"
+if [ -z "$CLOUDSMITH_DOWNLOADS_DOMAIN" ]
+then
+  echo "Unable to set environment variables for pip. Env var CLOUDSMITH_DOWNLOADS_DOMAIN is not defined."
+  exit 1
+fi
+
+
+CLOUDSMITH_PIP_INDEX_URL="https://$CLOUDSMITH_SERVICE_IDENTIFIER:$CLOUDSMITH_OIDC_TOKEN@$CLOUDSMITH_DOWNLOADS_DOMAIN/basic/$CLOUDSMITH_REPOSITORY_IDENTIFIER/python/simple/"
 
 echo "export CLOUDSMITH_PIP_INDEX_URL=\"$CLOUDSMITH_PIP_INDEX_URL\"" >> "$BASH_ENV"
 
 echo "The following environment variables have been exported. Note, the OIDC token has been masked below."
 echo ""
-echo "CLOUDSMITH_PIP_INDEX_URL=https://$CLOUDSMITH_SERVICE_IDENTIFIER:********@packages.ft.com/basic/$CLOUDSMITH_REPOSITORY_IDENTIFIER/python/simple/"
+echo "CLOUDSMITH_PIP_INDEX_URL=https://$CLOUDSMITH_SERVICE_IDENTIFIER:********@$CLOUDSMITH_DOWNLOADS_DOMAIN/basic/$CLOUDSMITH_REPOSITORY_IDENTIFIER/python/simple/"
