jmhbnz/gitlab-gcp-deployment
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Process updated for GitHub CLI and gcp service account.

Browse Source 
Co-authored-by: jmhbnz <mail@jamesblair.net>
This commit is contained in:
Daljit Singh
2021-02-17 18:15:07 +13:00
parent bd70187287
commit f7c3a796b4
10 changed files with 87 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
2-configure-gcp-project.sh
View File

@ -1,7 +1,6 @@
#!/bin/bash
# Once we have authenticated we can create a project and then create a new virtual machine instance within that project.
# Firstly let's create a new project, a project is the logical boundary all our cloud resources for this deployment will live within. To be able to deploy resources we also need to enable billing.
@ -11,7 +10,7 @@
# #+NAME: Create a new google cloud project
# Create a project id based on date
export gcp_project_id="gitlab-gcp-"$(date +"%s")
export gcp_project_id="gitlab-gcp-ci-cd"
# Create new project using a random project id
gcloud projects create $gcp_project_id
@ -22,3 +21,20 @@ gcloud alpha billing projects link $gcp_project_id --billing-account $gcp_billin
# Make sure the project is set active
gcloud config set project $gcp_project_id
# Create service accounts
gcloud iam service-accounts create $gcp_project_id-sa \
--description="GitHub actions deploy account" \
--display-name="GitHub-Action-Deploy"
# Assign role
gcloud projects add-iam-policy-binding $gcp_project_id \
--member=serviceAccount:$gcp_project_id-sa@$gcp_project_id.iam.gserviceaccount.com \
--role=roles/compute.instanceAdmin.v1
gcloud projects add-iam-policy-binding $gcp_project_id \
--member=serviceAccount:$gcp_project_id-sa@$gcp_project_id.iam.gserviceaccount.com \
--role=roles/iam.serviceAccountUser
gcloud iam service-accounts keys create key.json \
--iam-account $gcp_project_id-sa@$gcp_project_id.iam.gserviceaccount.com