From ccae70581cdc79d4f5b2900a4efa1dfd428864f4 Mon Sep 17 00:00:00 2001 From: Tomo Suzuki Date: Mon, 4 Nov 2024 16:16:27 -0500 Subject: [PATCH 1/2] ci: release configuration update --- .kokoro/populate-secrets.sh | 6 +++++- .kokoro/release.cfg | 5 +++++ .kokoro/trampoline_v2.sh | 30 +++++++++++++++++++----------- 3 files changed, 29 insertions(+), 12 deletions(-) diff --git a/.kokoro/populate-secrets.sh b/.kokoro/populate-secrets.sh index aab0ec38..de6c0db5 100644 --- a/.kokoro/populate-secrets.sh +++ b/.kokoro/populate-secrets.sh @@ -23,6 +23,10 @@ function msg { println "$*" >&2 ;} function println { printf '%s\n' "$(now) $*" ;} # Populates requested secrets set in SECRET_MANAGER_KEYS +if [[ -z "${SECRET_MANAGER_PROJECT_ID-}" ]]; then + msg "SECRET_MANAGER_PROJECT_ID is not set in environment variables, using default" + SECRET_MANAGER_PROJECT_ID="cloud-devrel-kokoro-resources" +fi # In Kokoro CI builds, we use the service account attached to the # Kokoro VM. This means we need to setup auth on other CI systems. @@ -64,7 +68,7 @@ do msg "Retrieving secret ${key}" "${GCLOUD_COMMANDS[@]}" \ secrets versions access latest \ - --project cloud-devrel-kokoro-resources \ + --project "${SECRET_MANAGER_PROJECT_ID}" \ --secret $key > \ "$SECRET_LOCATION/$key" if [[ $? == 0 ]]; then diff --git a/.kokoro/release.cfg b/.kokoro/release.cfg index 2f8f18c5..95a3496a 100644 --- a/.kokoro/release.cfg +++ b/.kokoro/release.cfg @@ -27,6 +27,11 @@ env_vars: { value: ".kokoro/release.sh" } +env_vars: { + key: "SECRET_MANAGER_PROJECT_ID" + value: "cloud-sdk-release-custom-pool" +} + env_vars: { key: "SECRET_MANAGER_KEYS" value: "releasetool-publish-reporter-app,releasetool-publish-reporter-googlecloudplatform-installation,releasetool-publish-reporter-pem,docuploader_service_account" diff --git a/.kokoro/trampoline_v2.sh b/.kokoro/trampoline_v2.sh index ef6972b4..11918a26 100644 --- a/.kokoro/trampoline_v2.sh +++ b/.kokoro/trampoline_v2.sh @@ -138,18 +138,26 @@ if [[ -n "${KOKORO_BUILD_ID:-}" ]]; then RUNNING_IN_CI="true" TRAMPOLINE_CI="kokoro" if [[ "${TRAMPOLINE_USE_LEGACY_SERVICE_ACCOUNT:-}" == "true" ]]; then - if [[ ! -f "${KOKORO_GFILE_DIR}/kokoro-trampoline.service-account.json" ]]; then - log_red "${KOKORO_GFILE_DIR}/kokoro-trampoline.service-account.json does not exist. Did you forget to mount cloud-devrel-kokoro-resources/trampoline? Aborting." - exit 1 - fi - # This service account will be activated later. - TRAMPOLINE_SERVICE_ACCOUNT="${KOKORO_GFILE_DIR}/kokoro-trampoline.service-account.json" + if [[ ! -f "${KOKORO_GFILE_DIR}/kokoro-trampoline.service-account.json" ]]; then + log_red "${KOKORO_GFILE_DIR}/kokoro-trampoline.service-account.json does not exist. Did you forget to mount cloud-devrel-kokoro-resources/trampoline? Aborting." + exit 1 + fi + # This service account will be activated later. + TRAMPOLINE_SERVICE_ACCOUNT="${KOKORO_GFILE_DIR}/kokoro-trampoline.service-account.json" else - if [[ "${TRAMPOLINE_VERBOSE:-}" == "true" ]]; then - gcloud auth list - fi - log_yellow "Configuring Container Registry access" - gcloud auth configure-docker --quiet + if [[ "${TRAMPOLINE_VERBOSE:-}" == "true" ]]; then + gcloud auth list + fi + log_yellow "Configuring Container Registry access" + TRAMPOLINE_HOST=$(echo "${TRAMPOLINE_IMAGE}" | cut -d/ -f1) + if [[ ! "${TRAMPOLINE_HOST}" =~ "gcr.io" ]]; then + # If you need to specificy a host other than gcr.io, you have to run on an update version of gcloud. + echo "TRAMPOLINE_HOST: ${TRAMPOLINE_HOST}" + gcloud components update + gcloud auth configure-docker "${TRAMPOLINE_HOST}" + else + gcloud auth configure-docker --quiet + fi fi pass_down_envvars+=( # KOKORO dynamic variables. From 20da8931cbd0d9150da211db7305707c3cd443af Mon Sep 17 00:00:00 2001 From: Tomo Suzuki Date: Mon, 4 Nov 2024 16:18:01 -0500 Subject: [PATCH 2/2] container image --- .kokoro/release.cfg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.kokoro/release.cfg b/.kokoro/release.cfg index 95a3496a..a1fe4eb1 100644 --- a/.kokoro/release.cfg +++ b/.kokoro/release.cfg @@ -19,7 +19,7 @@ build_file: "functions-framework-ruby/.kokoro/trampoline_v2.sh" # Configure the docker image for kokoro-trampoline. env_vars: { key: "TRAMPOLINE_IMAGE" - value: "gcr.io/cloud-devrel-kokoro-resources/yoshi-ruby/release" + value: "us-central1-docker.pkg.dev/cloud-sdk-release-custom-pool/release-images/ruby-multi" } env_vars: {