GCR deployment testing in progress - content type issue still remaining.
This commit is contained in:
+13
-11
@@ -1,11 +1,12 @@
|
||||
#Requires -Version 5.1
|
||||
Set-StrictMode -Version Latest
|
||||
$ErrorActionPreference = 'Stop'
|
||||
|
||||
param(
|
||||
[switch]$Yes
|
||||
)
|
||||
|
||||
Set-StrictMode -Version Latest
|
||||
$ErrorActionPreference = 'Stop'
|
||||
|
||||
$RootDir = Split-Path -Parent $MyInvocation.MyCommand.Path
|
||||
$EnvFile = Join-Path $RootDir ".env"
|
||||
|
||||
@@ -63,7 +64,8 @@ function Test-Login {
|
||||
$dockerCfg = if ($env:DOCKER_CONFIG) { Join-Path $env:DOCKER_CONFIG "config.json" } else { Join-Path $HOME ".docker\config.json" }
|
||||
$dockerOk = $false
|
||||
if (Test-Path $dockerCfg) {
|
||||
$dockerOk = (Select-String -Path $dockerCfg -Pattern "\"$($Cfg['GCP_REGION'])-docker.pkg.dev\"" -SimpleMatch -Quiet)
|
||||
$dockerPattern = "`"$($Cfg['GCP_REGION'])-docker.pkg.dev`""
|
||||
$dockerOk = (Select-String -Path $dockerCfg -Pattern $dockerPattern -SimpleMatch -Quiet)
|
||||
}
|
||||
|
||||
return (-not [string]::IsNullOrWhiteSpace($activeAccount)) -and
|
||||
@@ -75,7 +77,7 @@ function Test-Login {
|
||||
function Test-ProjectSetup {
|
||||
param([hashtable]$Cfg)
|
||||
|
||||
$billingEnabled = (gcloud billing projects describe $Cfg['GCP_PROJECT_ID'] --format="value(billingEnabled)" 2>$null)
|
||||
$billingEnabled = (gcloud billing projects describe $Cfg['GCP_PROJECT_ID'] --format='value(billingEnabled)' 2>$null)
|
||||
if ($billingEnabled -ne 'True') { return $false }
|
||||
|
||||
try {
|
||||
@@ -85,7 +87,7 @@ function Test-ProjectSetup {
|
||||
}
|
||||
|
||||
foreach ($api in @('run.googleapis.com', 'artifactregistry.googleapis.com', 'secretmanager.googleapis.com', 'cloudresourcemanager.googleapis.com')) {
|
||||
$enabled = gcloud services list --enabled --project=$Cfg['GCP_PROJECT_ID'] --format="value(config.name)" 2>$null | Select-String -Pattern "^$([regex]::Escape($api))$"
|
||||
$enabled = gcloud services list --enabled --project=$Cfg['GCP_PROJECT_ID'] --format='value(config.name)' 2>$null | Select-String -Pattern "^$([regex]::Escape($api))$"
|
||||
if (-not $enabled) { return $false }
|
||||
}
|
||||
|
||||
@@ -101,14 +103,14 @@ function Test-SecretsSetup {
|
||||
return $false
|
||||
}
|
||||
|
||||
$serviceAccount = "serviceAccount:$($Cfg['GCP_PROJECT_ID'])@appspot.gserviceaccount.com"
|
||||
$binding = gcloud secrets get-iam-policy mongodb-connection-string `
|
||||
# Check if any service account has secretAccessor access (not just @appspot)
|
||||
$bindings = gcloud secrets get-iam-policy mongodb-connection-string `
|
||||
--project=$Cfg['GCP_PROJECT_ID'] `
|
||||
--flatten="bindings[].members" `
|
||||
--filter="bindings.role=roles/secretmanager.secretAccessor AND bindings.members=$serviceAccount" `
|
||||
--format="value(bindings.members)" 2>$null
|
||||
--flatten='bindings[].members' `
|
||||
--filter='bindings.role=roles/secretmanager.secretAccessor' `
|
||||
--format='value(bindings.members)' 2>$null
|
||||
|
||||
return ($binding -match [regex]::Escape($serviceAccount))
|
||||
return (-not [string]::IsNullOrWhiteSpace($bindings))
|
||||
}
|
||||
|
||||
function Test-DeployDone {
|
||||
|
||||
Reference in New Issue
Block a user