honeymoose/angular-cn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

build: migrate to using google_default_credentials and update setup-rbe script (#33109)

Browse Source 
PR Close #33109
This commit is contained in:
Joey Perrott 2019-10-11 10:56:06 -07:00 committed by Matias Niemelä
parent 2ea52b0cb9
commit 37a87418b6
2 changed files with 59 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.bazelrc
View File

@ -71,6 +71,8 @@ test --test_output=errors
# any bazel target. This is a temporary flag until codebase is permanently switched to Ivy. # any bazel target. This is a temporary flag until codebase is permanently switched to Ivy.
build --define=compile=legacy build --define=compile=legacy
build --google_default_credentials
####################### #######################
# Remote HTTP Caching # # Remote HTTP Caching #
####################### #######################

109
scripts/local-dev/setup-rbe.sh
View File

@ -2,69 +2,74 @@
# A script for automatically configuring a user's local dev # A script for automatically configuring a user's local dev
# environment to use Remote Build Execution. # environment to use Remote Build Execution.
# Short cuts to set output as bold and normal
bold=$(tput bold)
normal=$(tput sgr0)
# Determine the root directory of the Angular github repo. # Determine the root directory of the Angular github repo.
project_directory=$(git rev-parse --show-toplevel 2> /dev/null); project_directory=$(git rev-parse --show-toplevel 2> /dev/null)
if [[ $? -ne 0 ]]; then if [[ $? -ne 0 ]]; then
echo "This command must be run from within the cloned \"angular/angular\" repository."; echo "This command must be run from within the cloned \"angular/angular\" repository"
exit 1; exit 1
fi fi
# Confirm gcloud installed and available as a command. # Confirm gcloud installed and available as a command.
if [ ! -x "$(command -v gcloud)" ]; then if [ ! -x "$(command -v gcloud)" ]; then
echo "gcloud command is not available. Please install gcloud before continuing."; echo "gcloud command is not available. Please install gcloud before continuing"
exit 1; echo "Please visit: https://cloud.google.com/sdk/install"
exit 1
fi fi
# Confirm the parameter provided to the script is a directory # Confirm the user is already logged into gcloud, if they aren't
if [[ ! -d $1 ]]; then # attempt to login
echo -e "Invalid command syntax. echo "Checking gcloud login state"
gcloud auth application-default print-access-token &> /dev/null
\e[1mUsage:\e[0m $0 <ServiceAccountKeyLocation> if [[ $? -ne 0 ]]; then
echo "Not currently logged into gcloud. Starting gcloud login now"
\e[1mExample:\e[0m ./setup-rbe ~/my_key_storage_directory/ gcloud auth application-default login
The directory provided will be used to store the GCP service account key
for the angular-local-dev service account. This key will then be used to
authenticate for usage of the Remote Build Execution system and Remote Caching.
";
exit 1;
fi
credentials_directory=$(readlink -f $1)
if [[ ! -d $credentials_directory ]]; then
echo "The specified directory does not exist. Please create the directory and rerun.";
exit 1;
fi
# Create the service account key in the provided directory.
echo "Checking provided directory for a service account key.";
json_key_filepath="$credentials_directory/angular-local-dev-key.json";
if [[ -f $json_key_filepath ]]; then
echo "Angular Local Dev key already exists, reusing this key.";
else
# Confirm the user is already logged into gcloud, if they aren't
# attempt to login
echo "Checking gcloud login state.";
gcloud auth print-identity-token &> /dev/null;
if [[ $? -ne 0 ]]; then if [[ $? -ne 0 ]]; then
echo "Not currently logged into gcloud. Starting gcloud login now."; echo "gcloud login failed. Aborting"
gcloud auth login; exit 2
if [[ $? -ne 0 ]]; then
echo "gcloud login failed. Aborting.";
exit 2;
fi
fi
gcloud iam service-accounts keys create $json_key_filepath \
--iam-account angular-local-dev@internal-200822.iam.gserviceaccount.com \
--quiet --project internal-200822;
if [[ $? -ne 0 ]]; then
echo "Downloading service account key failed. Aborting.";
exit 2;
fi fi
fi fi
access_token=$(gcloud auth application-default print-access-token)
current_account=$(curl -s https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=$access_token | jq -r '.email')
if [[ ! $current_account =~ (angular\.io$)|(google\.com$) ]]; then
echo "Currently an angular.io or google.com account must be used for remote Bazel usage"
echo "Please login instead using the correct account with the following command, then rerun"
echo " gcloud auth application-default login"
exit 3
fi
echo "Logged in as $current_account";
# The full path to the .bazelrc.user file # The full path to the .bazelrc.user file
bazelrc_user_filepath="$project_directory/.bazelrc.user"; bazelrc_user_filepath="$project_directory/.bazelrc.user"
# Create the bazelrc.user file, echo the config flags into the file. # Create the bazelrc.user file, echo the config flags into the file.
touch $bazelrc_user_filepath; touch $bazelrc_user_filepath
echo "build --config=remote-http-caching" >> $bazelrc_user_filepath;
echo "build --google_credentials=$json_key_filepath" >> $bazelrc_user_filepath; # Prompts to add a flag to the .bazelrc.user file if its not already in place
function add_flag() {
flag=$1
read -p " Add $flag flag? [Y/y]"
if [[ $REPLY =~ ^[Yy]$ ]]; then
if [[ ! $(grep "^$flag$" $bazelrc_user_filepath) ]]; then
echo "$flag" >> $bazelrc_user_filepath
echo "Added $flag to .bazelrc.user"
else
echo "$flag already in .bazelrc.user"
fi
fi
echo
}
# Add extra line space before config setup.
echo
# Remote HTTP Caching
echo "The ${bold}remote-http-caching${normal} flag enables uploading build results to the http cache,"
echo "but not does enable remote builds"
add_flag "build --config=remote-http-caching"
# Remote builds
echo "The ${bold}remote${normal} flag enables RBE, builds occurs remotely when possible and caching"
echo "occurs in the RBE context"
add_flag "build --config=remote"