-
Notifications
You must be signed in to change notification settings - Fork 462
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #5001 from openstates/entrypoint-support-for-googl…
…e-credentials Fix usage of --archive in container by using entrypoint to handle GCP credentials
- Loading branch information
Showing
4 changed files
with
131 additions
and
84 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
#!/usr/bin/env bash | ||
### | ||
# Entrypoint that sets up GOOGLE_APPLICATION_CREDENTIALS, if present | ||
# | ||
# This simple script: | ||
# 1. ensures any GOOGLE_APPLICATION_CREDENTIALS are correctly enabled | ||
# 2. Executes the actual CMD args passed to the container, using "poetry run os-update" as entrypoint | ||
# | ||
# Sometimes we want to be able to pass in Google Cloud Platform credentials as an environment variable, | ||
# but GCP libraries look for this to be saved as a file and for the env var to be a filepath. | ||
# Only intended to be used in docker containers | ||
### | ||
if [[ -n "${GOOGLE_APPLICATION_CREDENTIALS}" ]]; then | ||
echo "Applying app credentials..." | ||
echo "${GOOGLE_APPLICATION_CREDENTIALS}" > /creds.json | ||
GOOGLE_APPLICATION_CREDENTIALS="/creds.json" | ||
export GOOGLE_APPLICATION_CREDENTIALS | ||
elif [[ -n "${GOOGLE_CREDENTIAL_FILE}" ]]; then | ||
echo "Assuming a valid credentials file is mounted at ${GOOGLE_CREDENTIAL_FILE}..." | ||
GOOGLE_APPLICATION_CREDENTIALS=${GOOGLE_CREDENTIAL_FILE} | ||
export GOOGLE_APPLICATION_CREDENTIALS | ||
fi | ||
|
||
# shellcheck disable=SC2048 disable=SC2086 | ||
poetry run os-update $* |
Oops, something went wrong.