lypht/trigger-gcp-cloudbuild

Go

Trigger GCP Cloudbuild

References

"Authenticating to Cloud Platform with Service Accounts"

Test setup

Create GCP service account with "Cloud Container Builder Editor" role (check the box "Furnish a new private key" and select key type "JSON".
Note the [/PATH/TO/SERVICE/ACCOUNT/KEYFILE].json

Local test steps

Run the built test image:

$ docker run --rm -v [/PATH/TO/SERVICE/ACCOUNT/KEYFILE].json:/key.json --env PROJECT_ID=[GCP-PROJECT-ID] --env GOOGLE_APPLICATION_CREDENTIALS=/key.json docker.io/r6by/trigger-gcp-cloudbuild

Local test steps during development

Build vendor directory and packages:
```
$ dep ensure -v
```
In your local session, set the $GOOGLE_APPLICATION_CREDENTIALS variable that golang.org/x/oauth2/google FindDefaultCredentials() looks for, and the $PROJECT_ID variable with the name of your GCP project ID:
```
$ export GOOGLE_APPLICATION_CREDENTIALS=[/PATH/TO/SERVICE/ACCOUNT/KEYFILE].json'
$ export PROJECT_ID=[GCP-PROJECT-ID]
```
Run the main package:
```
$ go run main.go
```

GKE test steps

Create generic secret for $GOOGLE_APPLICATION_CREDENTIALS ENV var:

$ kubectl create secret generic google-application-credentials --from-file=key.json=[/PATH/TO/SERVICE/ACCOUNT/KEYFILE].json

Deploy the main test app:

$ helm install trigger-gcp-cloudbuild/ --set projectID=[GCP-PROJECT-ID] --name trigger-gcp-cloudbuild

Monitor the output with kubectl logs (or - shameless plug - try kpoof for fast, prompted k8s logs)

Cleanup:

$ helm delete --purge trigger-gcp-cloudbuild
$ kubectl delete secret google-application-credentials