fix: fixed service account key download script

apigee · Oct 29, 2023 · 1c84f96 · 1c84f96
1 parent 0a07512
commit 1c84f96
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 19 deletions.
diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml
@@ -123,13 +123,13 @@ jobs:
           GCP_REGION: ${{ secrets.GCP_REGION }}
 
   deploy-runtime-plane:
-    name: Deploy Apigee Hybrid Runtime GKE Platform
+    name: Deploy Apigee Hybrid Cluster
     runs-on: self-hosted
     if: github.event_name == 'push'
-    # needs:
-    #   - docker-build
-    #   - deploy-runtime-plane-gke
-    #   - deploy-control-plane
+    needs:
+      - docker-build
+      - deploy-runtime-plane-gke
+      - deploy-control-plane
     permissions:
       contents: 'read'
       id-token: 'write'
@@ -162,7 +162,7 @@ jobs:
         id: init
         run: |
           bash run_playbook.sh \
-            ${{ github.workspace }} latest
+            ${{ github.workspace }} ${{ steps.commit.outputs.short }}
         shell: bash
         working-directory: ./test/scripts
         env:

diff --git a/roles/prepare-service-accounts/tasks/main.yml b/roles/prepare-service-accounts/tasks/main.yml
@@ -76,14 +76,13 @@
         - name: Create Service Account
           shell: |
             download_keys(){
-            local sa_name=$1
-            local sa_email=$2
-            local output_dir=$3
-            local project_id=$4
-            gcloud iam service-accounts keys create "${output_dir}/${project_id}-${sa_name}.json" \
-                --iam-account="${sa_email}" || \
-                    log_error "Failed to download keys for service account ${sa_name}"
-            echo "JSON Key ${sa_name} was successfully download to directory ${output_dir}."
+                local sa_name=$1
+                local sa_email=$2
+                local output_dir=$3
+                local project_id=$4
+                gcloud iam service-accounts keys create "${output_dir}/${project_id}-${sa_name}.json" \
+                    --iam-account="${sa_email}" || exit 1
+                echo "JSON Key ${sa_name} was successfully download to directory ${output_dir}."
             }
             download_keys {{ item }} {{ item }}@{{ overrides.gcp.projectID }}.iam.gserviceaccount.com {{ setup_path }}/service-accounts {{ overrides.gcp.projectID }}
           with_items: "{{ missing_svc_account_files }}"

diff --git a/test/scripts/run_playbook.sh b/test/scripts/run_playbook.sh
@@ -35,10 +35,9 @@ replace_string "$ANSIBLE_DIR/vars/test.yaml" "_GCP_REGION_" "${GCP_REGION}"
 docker run -v "$ANSIBLE_DIR:/app" \
     -v "$GOOGLE_APPLICATION_CREDENTIALS:/svc_account/account.json" \
     -e GOOGLE_APPLICATION_CREDENTIALS=/svc_account/account.json \
-    "$GCP_REGION-docker.pkg.dev/$GCP_PROJECT_ID/$GCP_GAR_REPO/ansible-helm-apigee-hybrid-deployer:$GIT_COMMIT_SHORT_ID" \
-    /bin/bash -c "cd /app; PLAYBOOK_STATUS=\"success\";\
+    "$GCP_REGION-docker.pkg.dev/$GCP_PROJECT_ID/$GCP_GAR_REPO/ansible-helm-apigee-hybrid-deployer:latest" \
+    /bin/bash -c "cd /app; \
       gcloud auth login --cred-file=/svc_account/account.json; \
       gcloud container clusters get-credentials apigee-hybrid-cicd-test --region $GCP_REGION --project $GCP_PROJECT_ID; \
-      ansible-playbook playbook.yaml --tags 'dc1' -e @vars/test.yaml || PLAYBOOK_STATUS=\"fail\"; \
-      gsutil cp -q -r /tmp/setup gs://$TF_BACKEND_BUCKET/ansible_run_log/$(date +%s) && \
-      [[ \"$PLAYBOOK_STATUS\" = 'fail' ]] && exit 1"
+      ansible-playbook playbook.yaml --tags 'dc1' -e @vars/test.yaml || \
+      gsutil -m cp -r /tmp/setup gs://$TF_BACKEND_BUCKET/ansible_run_log/$GIT_COMMIT_SHORT_ID && exit 1"