github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-08-03 09:22:44 +00:00
Code Issues Projects Releases Wiki Activity

Inject service-account.json into test container

Browse Source
This commit is contained in:
Erick Fejta 2016-07-11 09:15:44 -07:00
parent 9b74e24fa3
commit 3d30caf80c
2 changed files with 19 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
hack/jenkins/dockerized-e2e-runner.sh
View File

@ -29,14 +29,13 @@ mkdir -p "${HOST_ARTIFACTS_DIR}"
: ${JENKINS_GCE_SSH_PRIVATE_KEY_FILE:='/var/lib/jenkins/gce_keys/google_compute_engine'} : ${JENKINS_GCE_SSH_PRIVATE_KEY_FILE:='/var/lib/jenkins/gce_keys/google_compute_engine'}
: ${JENKINS_GCE_SSH_PUBLIC_KEY_FILE:='/var/lib/jenkins/gce_keys/google_compute_engine.pub'} : ${JENKINS_GCE_SSH_PUBLIC_KEY_FILE:='/var/lib/jenkins/gce_keys/google_compute_engine.pub'}
env -u HOME -u PATH -u PWD -u WORKSPACE >${WORKSPACE}/env.list env \
-u HOME \
# Add all uncommented lines for metadata.google.internal in /etc/hosts to the -u KUBEKINS_SERVICE_ACCOUNT_FILE \
# test container. -u PATH \
readonly METADATA_SERVER_ADD_HOST_ARGS=($( -u PWD \
grep '^[0-9a-fA-F\.:]\+ \+metadata\.google\.internal' /etc/hosts |\ -u WORKSPACE \
cut -f1 -d' ' |\ >${WORKSPACE}/env.list
xargs -r printf -- '--add-host="metadata.google.internal:%s"\n'))
docker_extra_args=() docker_extra_args=()
if [[ "${JENKINS_ENABLE_DOCKER_IN_DOCKER:-}" =~ ^[yY]$ ]]; then if [[ "${JENKINS_ENABLE_DOCKER_IN_DOCKER:-}" =~ ^[yY]$ ]]; then
@ -56,10 +55,11 @@ docker run --rm=true -i \
${JENKINS_AWS_SSH_PRIVATE_KEY_FILE:+-v "${JENKINS_AWS_SSH_PRIVATE_KEY_FILE}:/workspace/.ssh/kube_aws_rsa:ro"} \ ${JENKINS_AWS_SSH_PRIVATE_KEY_FILE:+-v "${JENKINS_AWS_SSH_PRIVATE_KEY_FILE}:/workspace/.ssh/kube_aws_rsa:ro"} \
${JENKINS_AWS_SSH_PUBLIC_KEY_FILE:+-v "${JENKINS_AWS_SSH_PUBLIC_KEY_FILE}:/workspace/.ssh/kube_aws_rsa.pub:ro"} \ ${JENKINS_AWS_SSH_PUBLIC_KEY_FILE:+-v "${JENKINS_AWS_SSH_PUBLIC_KEY_FILE}:/workspace/.ssh/kube_aws_rsa.pub:ro"} \
${JENKINS_AWS_CREDENTIALS_FILE:+-v "${JENKINS_AWS_CREDENTIALS_FILE}:/workspace/.aws/credentials:ro"} \ ${JENKINS_AWS_CREDENTIALS_FILE:+-v "${JENKINS_AWS_CREDENTIALS_FILE}:/workspace/.aws/credentials:ro"} \
${KUBEKINS_SERVICE_ACCOUNT_FILE:+-v "${KUBEKINS_SERVICE_ACCOUNT_FILE}:/service-account.json:ro"} \
--env-file "${WORKSPACE}/env.list" \ --env-file "${WORKSPACE}/env.list" \
-e "HOME=/workspace" \ -e "HOME=/workspace" \
-e "WORKSPACE=/workspace" \ -e "WORKSPACE=/workspace" \
${KUBEKINS_SERVICE_ACCOUNT_FILE:+-e "KUBEKINS_SERVICE_ACCOUNT_FILE=/service-account.json"} \
"${docker_extra_args[@]:+${docker_extra_args[@]}}" \ "${docker_extra_args[@]:+${docker_extra_args[@]}}" \
"${METADATA_SERVER_ADD_HOST_ARGS[@]:+${METADATA_SERVER_ADD_HOST_ARGS[@]}}" \
gcr.io/google_containers/kubekins-test:go1.6.2-docker1.9.1-rev3 \ gcr.io/google_containers/kubekins-test:go1.6.2-docker1.9.1-rev3 \
bash -c "bash <(curl -fsS --retry 3 --keepalive-time 2 'https://raw.githubusercontent.com/kubernetes/kubernetes/master/hack/jenkins/e2e-runner.sh')" bash -c "bash <(curl -fsS --retry 3 --keepalive-time 2 'https://raw.githubusercontent.com/kubernetes/kubernetes/master/hack/jenkins/e2e-runner.sh')"

17
hack/jenkins/e2e-runner.sh
View File

@ -190,13 +190,6 @@ if running_in_docker; then
fi fi
fi fi
if [[ -f "${KUBEKINS_SERVICE_ACCOUNT_FILE:-}" ]]; then
echo 'Activating service account...' # No harm in doing this multiple times.
gcloud auth activate-service-account --key-file="${KUBEKINS_SERVICE_ACCOUNT_FILE}"
elif [[ -n "${KUBEKINS_SERVICE_ACCOUNT_FILE:-}" ]]; then
echo "ERROR: cannot access service account file at: ${KUBEKINS_SERVICE_ACCOUNT_FILE}"
fi
# Install gcloud from a custom path if provided. Used to test GKE with gcloud # Install gcloud from a custom path if provided. Used to test GKE with gcloud
# at HEAD, release candidate. # at HEAD, release candidate.
# TODO: figure out how to avoid installing the cloud sdk twice if run inside Docker. # TODO: figure out how to avoid installing the cloud sdk twice if run inside Docker.
@ -230,6 +223,16 @@ if [[ -n "${JENKINS_GCI_IMAGE_FAMILY:-}" ]]; then
fi fi
fi fi
if [[ -f "${KUBEKINS_SERVICE_ACCOUNT_FILE:-}" ]]; then
echo 'Activating service account...' # No harm in doing this multiple times.
gcloud auth activate-service-account --key-file="${KUBEKINS_SERVICE_ACCOUNT_FILE}"
export GCE_SERVICE_ACCOUNT=$(gcloud auth list 2> /dev/null | grep active | cut -f3 -d' ')
unset KUBEKINS_SERVICE_ACCOUNT_FILE
elif [[ -n "${KUBEKINS_SERVICE_ACCOUNT_FILE:-}" ]]; then
echo "ERROR: cannot access service account file at: ${KUBEKINS_SERVICE_ACCOUNT_FILE}"
fi
function e2e_test() { function e2e_test() {
local -r ginkgo_test_args="${1}" local -r ginkgo_test_args="${1}"
# Check to make sure the cluster is up before running tests, and fail if it's not. # Check to make sure the cluster is up before running tests, and fail if it's not.