Skip to content

Commit 9bcb0d0

Browse files
eaball35eaball35
authored
chore: migrate to secretmanager (GoogleCloudPlatform#6664)
* chore: migrate to secretmanager * update path * remove unused resources
1 parent 5947dc2 commit 9bcb0d0

File tree

3 files changed

+24
-23
lines changed

3 files changed

+24
-23
lines changed

.kokoro/java11/common.cfg

-3
Original file line numberDiff line numberDiff line change
@@ -17,9 +17,6 @@
1717
# Build timeout of 12 hours
1818
timeout_mins: 720
1919

20-
# Download secrets from Cloud Storage.
21-
gfile_resources: "/bigstore/cloud-devrel-kokoro-resources/java-docs-samples"
22-
2320
# Download trampoline resources.
2421
gfile_resources: "/bigstore/cloud-devrel-kokoro-resources/trampoline"
2522

.kokoro/java8/common.cfg

-3
Original file line numberDiff line numberDiff line change
@@ -17,9 +17,6 @@
1717
# Build timeout of 5 hours
1818
timeout_mins: 360
1919

20-
# Download secrets from Cloud Storage.
21-
gfile_resources: "/bigstore/cloud-devrel-kokoro-resources/java-docs-samples"
22-
2320
# Download trampoline resources.
2421
gfile_resources: "/bigstore/cloud-devrel-kokoro-resources/trampoline"
2522

.kokoro/tests/run_tests.sh

+24-17
Original file line numberDiff line numberDiff line change
@@ -55,30 +55,37 @@ if [[ "$SCRIPT_DEBUG" != "true" ]]; then
5555
# Setup required env variables
5656
export GOOGLE_CLOUD_PROJECT=java-docs-samples-testing
5757
export TRANSCODER_PROJECT_NUMBER="779844219229" # For Transcoder samples
58-
export GOOGLE_APPLICATION_CREDENTIALS=${KOKORO_GFILE_DIR}/service-acct.json
58+
export GOOGLE_APPLICATION_CREDENTIALS=${KOKORO_GFILE_DIR}/secrets/java-docs-samples-service-account.json
5959
# For Tasks samples
6060
export QUEUE_ID=my-appengine-queue
6161
export LOCATION_ID=us-east1
6262
# For Datalabeling samples to hit the testing endpoint
6363
export DATALABELING_ENDPOINT="test-datalabeling.sandbox.googleapis.com:443"
64-
# shellcheck source=src/aws-secrets.sh
65-
source "${KOKORO_GFILE_DIR}/aws-secrets.sh"
66-
# shellcheck source=src/dlp_secrets.txt
67-
source "${KOKORO_GFILE_DIR}/dlp_secrets.txt"
68-
# shellcheck source=src/bigtable_secrets.txt
69-
source "${KOKORO_GFILE_DIR}/bigtable_secrets.txt"
70-
# shellcheck source=src/automl_secrets.txt
71-
source "${KOKORO_GFILE_DIR}/automl_secrets.txt"
72-
# shellcheck source=src/functions_secrets.txt
73-
source "${KOKORO_GFILE_DIR}/functions_secrets.txt"
74-
# spellcheck source=src/firestore_secrets.txt
75-
source "${KOKORO_GFILE_DIR}/firestore_secrets.txt"
76-
# spellcheck source=src/cts_v4_secrets.txt
77-
source "${KOKORO_GFILE_DIR}/cts_v4_secrets.txt"
78-
# shellcheck source=src/cloud_sql_secrets.txt
79-
source "${KOKORO_GFILE_DIR}/cloud_sql_secrets.txt"
8064
# For Cloud Run filesystem sample
8165
export FILESTORE_IP_ADDRESS=$(gcloud secrets versions access latest --secret fs-app)
66+
67+
SECRET_FILES=("java-docs-samples-service-account.json" \
68+
"java-aws-samples-secrets.txt" \
69+
"java-dlp-samples-secrets.txt" \
70+
"java-bigtable-samples-secrets.txt" \
71+
"java-automl-samples-secrets.txt" \
72+
"java-functions-samples-secrets.txt" \
73+
"java-firestore-samples-secrets.txt" \
74+
"java-cts-v4-samples-secrets.txt" \
75+
"java-cloud-sql-samples-secrets.txt")
76+
77+
# create secret dir
78+
mkdir -p "${KOKORO_GFILE_DIR}/secrets"
79+
80+
for SECRET in "${SECRET_FILES[@]}"; do
81+
# grab latest version of secret
82+
gcloud secrets versions access latest --secret="${SECRET%.*}" > "${KOKORO_GFILE_DIR}/secrets/$SECRET"
83+
# execute secret file contents
84+
if [[ "$SECRET" != *json ]]; then
85+
source "${KOKORO_GFILE_DIR}/secrets/$SECRET"
86+
fi
87+
done
88+
8289
# Activate service account
8390
gcloud auth activate-service-account \
8491
--key-file="$GOOGLE_APPLICATION_CREDENTIALS" \

0 commit comments

Comments
 (0)