Commit 910b040c authored by Dmytro Bogatov's avatar Dmytro Bogatov 💕

Fix gcloud auth.

parent 644ac890
Pipeline #5204 passed with stages
in 1 minute and 12 seconds
......@@ -18,3 +18,5 @@ infra/spaces/
infra/spaces-buffer
docker/out
infra/key.json
......@@ -24,11 +24,10 @@ deploy-latest:
- touch .secret.sh
- ./build-services.sh
- rm ./services/namespace.yaml
- curl -s https://$TOKEN@token.dbogatov.org/config > config
- export KUBECONFIG=$(pwd)/config
- source <(curl -s https://git.dbogatov.org/templates/ci-snippets/raw/master/setup-kubectl.sh)
- kubectl apply -R -f ./services/
tags:
- docker
only:
- triggers
- pipelines
# only:
# - triggers
# - pipelines
......@@ -34,6 +34,7 @@ PROJECT=$2
STATUSSITECONFIG=$CERTDIRPATH/appsettings.production.yml
VERSION="1.13.10-gke.0"
APIKEY=$(cat $STATUSSITECONFIG | grep "ApiKey:" | cut -d'"' -f 2)
SERVICEACC="admin-acc"
docker info > /dev/null
gcloud --version > /dev/null
......@@ -69,6 +70,14 @@ gcloud beta container --project "$PROJECT" clusters create "websites-$TIMESTAMP"
rm ~/.kube/config
gcloud container clusters get-credentials "websites-$TIMESTAMP" --zone us-central1-a --project "$PROJECT"
gcloud services enable cloudresourcemanager.googleapis.com
gcloud beta iam service-accounts create $SERVICEACC
gcloud projects add-iam-policy-binding "$PROJECT" \
--member serviceAccount:$SERVICEACC@$PROJECT.iam.gserviceaccount.com \
--role roles/owner
gcloud iam service-accounts keys create key.json \
--iam-account $SERVICEACC@$PROJECT.iam.gserviceaccount.com
echo "Cluster provisioned!"
# NAMESPACES
......@@ -138,16 +147,10 @@ SERVER=$(kubectl config view -o jsonpath='{.clusters[0].cluster.server}')
cd token-proxy
rm -rf ./dist
mkdir ./dist
cp Dockerfile token.conf ./dist
cp Dockerfile token.conf ~/.kube/config $CWD/key.json ./dist
cd ./dist
sed -i -e "s#__TOKEN__#$DASHBOARD_TOKEN#g" token.conf
sed -i -e "s#__SERVER__#$SERVER#g" token.conf
CONFIG=$(cat ~/.kube/config)
CONFIG=$(echo "${CONFIG}" | sed '$!s@$@\\@g')
CONFIG="${CONFIG//\"/\\\\\"}"
sed -i -e "s#__CONFIG__#$CONFIG#g" token.conf
docker build -t registry.dbogatov.org/dbogatov/proxy-registry .
docker push registry.dbogatov.org/dbogatov/proxy-registry
cd $CWD
......
......@@ -2,6 +2,10 @@ FROM dbogatov/docker-images:nginx-latest
LABEL maintainer="Dmytro Bogatov <dmytro@dbogatov.org>"
WORKDIR /srv
COPY --chown=nginx:nginx config key.json ./
COPY token.conf /etc/nginx/conf.d/
CMD ["nginx", "-g", "daemon off;"]
......@@ -2,17 +2,19 @@ server {
listen 80 default_server;
listen [::]:80 default_server;
location / {
location =/token {
return 200 "__TOKEN__";
}
location /server {
location =/server {
return 200 "__SERVER__";
}
location /config {
return 200
"__CONFIG__
";
location =/config {
alias /srv/config;
}
location =/gcloud-key {
alias /srv/key.json;
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment