From d873af389e935e562e0f4dd71c59ac9dc50865e3 Mon Sep 17 00:00:00 2001 From: Paolo Mainardi Date: Mon, 23 Sep 2024 16:30:53 +0200 Subject: [PATCH 1/8] feat: try to autenticate otherwise fail (15s) --- templates/.gitlab-ci-template.yml | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) diff --git a/templates/.gitlab-ci-template.yml b/templates/.gitlab-ci-template.yml index 70698be3..38660047 100644 --- a/templates/.gitlab-ci-template.yml +++ b/templates/.gitlab-ci-template.yml @@ -89,12 +89,32 @@ variables: if command -v docker-compose &> /dev/null; then docker-compose version fi - + section_end "docker" fi if command -v gcloud &> /dev/null; then section_start "gcloud" "Gcloud authentication setup" + gcp_service_account = $(gcloud auth list --filter=status:ACTIVE --format="value(account)") + + # if service account is empty, wait for it to be set. + if [ -z "${gcp_service_account}" ]; then + for i in $(seq 1 3); do + echo "Waiting for gcloud to authenticate..." + sleep 5s + gcp_service_account = $(gcloud auth list --filter=status:ACTIVE --format="value(account)") + if [ -n "${gcp_service_account}" ]; then + break + fi + done + fi + + # if still empty, fail. + if [ -z "${gcp_service_account}" ]; then + echo "Failed to authenticate with gcloud." + exit 1 + fi + gcloud version gcloud auth configure-docker --quiet gcloud auth configure-docker europe-west1-docker.pkg.dev --quiet @@ -102,7 +122,8 @@ variables: echo "The following docker credHelpers are configured:" jq '.credHelpers' ~/.docker/config.json fi - printf "\n\n%-${PAD_LEN}s \e[1m%s\e[0m\n\n" "GCP Auth user (workload identity):" $(gcloud auth list --filter=status:ACTIVE --format="value(account)") + + printf "\n\n%-${PAD_LEN}s \e[1m%s\e[0m\n\n" "GCP Auth user (workload identity): ${gcp_service_account}" section_end "gcloud" fi @@ -125,7 +146,7 @@ variables: # Handle debug sleep. section_start "debug-sleep" "Print debug information" print_debug_sleep_help - + # Default to 1 hour if not set DEBUG_JOB_SLEEP_SECONDS="${DEBUG_JOB_SLEEP_SECONDS:-3600}" if [ "${DEBUG_JOB_SLEEP}" = "1" ] && [ "${CI_JOB_NAME_SLUG}" = "${DEBUG_JOB_SLEEP_JOB_NAME}" ]; then From aaddcbaa01d1d220ade4eb2d692a9953193b33bb Mon Sep 17 00:00:00 2001 From: Paolo Mainardi Date: Mon, 23 Sep 2024 16:36:35 +0200 Subject: [PATCH 2/8] feat: try to autenticate otherwise fail (15s) --- templates/.gitlab-ci-template.yml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/templates/.gitlab-ci-template.yml b/templates/.gitlab-ci-template.yml index 38660047..5f1c9ccc 100644 --- a/templates/.gitlab-ci-template.yml +++ b/templates/.gitlab-ci-template.yml @@ -95,22 +95,24 @@ variables: if command -v gcloud &> /dev/null; then section_start "gcloud" "Gcloud authentication setup" - gcp_service_account = $(gcloud auth list --filter=status:ACTIVE --format="value(account)") + GCP_SERVICE_ACCOUNT=$(gcloud auth list --filter=status:ACTIVE --format="value(account)") # if service account is empty, wait for it to be set. if [ -z "${gcp_service_account}" ]; then - for i in $(seq 1 3); do + i=0 + while [ $i -lt 3 ]; do echo "Waiting for gcloud to authenticate..." sleep 5s - gcp_service_account = $(gcloud auth list --filter=status:ACTIVE --format="value(account)") + GCP_SERVICE_ACCOUNT=$(gcloud auth list --filter=status:ACTIVE --format="value(account)") if [ -n "${gcp_service_account}" ]; then break fi + i=$((i+1)) done fi # if still empty, fail. - if [ -z "${gcp_service_account}" ]; then + if [ -z "${GCP_SERVICE_ACCOUNT}" ]; then echo "Failed to authenticate with gcloud." exit 1 fi @@ -123,7 +125,7 @@ variables: jq '.credHelpers' ~/.docker/config.json fi - printf "\n\n%-${PAD_LEN}s \e[1m%s\e[0m\n\n" "GCP Auth user (workload identity): ${gcp_service_account}" + printf "\n\n%-${PAD_LEN}s \e[1m%s\e[0m\n\n" "GCP Auth user (workload identity): ${GCP_SERVICE_ACCOUNT}" section_end "gcloud" fi From b310198e777af6f7e9421e5afc4ba3f405e1d8ef Mon Sep 17 00:00:00 2001 From: Paolo Mainardi Date: Mon, 23 Sep 2024 16:37:22 +0200 Subject: [PATCH 3/8] feat: try to autenticate otherwise fail (15s) --- templates/.gitlab-ci-template.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/.gitlab-ci-template.yml b/templates/.gitlab-ci-template.yml index 5f1c9ccc..b641c60d 100644 --- a/templates/.gitlab-ci-template.yml +++ b/templates/.gitlab-ci-template.yml @@ -98,7 +98,7 @@ variables: GCP_SERVICE_ACCOUNT=$(gcloud auth list --filter=status:ACTIVE --format="value(account)") # if service account is empty, wait for it to be set. - if [ -z "${gcp_service_account}" ]; then + if [ -z "${GCP_SERVICE_ACCOUNT}" ]; then i=0 while [ $i -lt 3 ]; do echo "Waiting for gcloud to authenticate..." From 6a9cd99986e0b0e7f5f321aab6be9cb59065af52 Mon Sep 17 00:00:00 2001 From: Paolo Mainardi Date: Mon, 23 Sep 2024 16:39:13 +0200 Subject: [PATCH 4/8] feat: try to autenticate otherwise fail (15s) --- templates/.gitlab-ci-template.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/.gitlab-ci-template.yml b/templates/.gitlab-ci-template.yml index b641c60d..6c410593 100644 --- a/templates/.gitlab-ci-template.yml +++ b/templates/.gitlab-ci-template.yml @@ -113,7 +113,7 @@ variables: # if still empty, fail. if [ -z "${GCP_SERVICE_ACCOUNT}" ]; then - echo "Failed to authenticate with gcloud." + echo "Failed to authenticate with gcloud after multiple attempts." exit 1 fi From 131a04a749a5a9b4e72b40fca6d710772ec130a5 Mon Sep 17 00:00:00 2001 From: Paolo Mainardi Date: Mon, 23 Sep 2024 16:40:55 +0200 Subject: [PATCH 5/8] fix: variable name --- templates/.gitlab-ci-template.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/.gitlab-ci-template.yml b/templates/.gitlab-ci-template.yml index 6c410593..2d3447ba 100644 --- a/templates/.gitlab-ci-template.yml +++ b/templates/.gitlab-ci-template.yml @@ -104,7 +104,7 @@ variables: echo "Waiting for gcloud to authenticate..." sleep 5s GCP_SERVICE_ACCOUNT=$(gcloud auth list --filter=status:ACTIVE --format="value(account)") - if [ -n "${gcp_service_account}" ]; then + if [ -n "${GCP_SERVICE_ACCOUNT}" ]; then break fi i=$((i+1)) From ceccb129f8093354101f22261a5127403b4f55ca Mon Sep 17 00:00:00 2001 From: Paolo Mainardi Date: Mon, 23 Sep 2024 16:41:49 +0200 Subject: [PATCH 6/8] feat: try to autenticate otherwise fail (15s) --- templates/.gitlab-ci-template.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/.gitlab-ci-template.yml b/templates/.gitlab-ci-template.yml index 2d3447ba..907bf2f8 100644 --- a/templates/.gitlab-ci-template.yml +++ b/templates/.gitlab-ci-template.yml @@ -98,13 +98,13 @@ variables: GCP_SERVICE_ACCOUNT=$(gcloud auth list --filter=status:ACTIVE --format="value(account)") # if service account is empty, wait for it to be set. - if [ -z "${GCP_SERVICE_ACCOUNT}" ]; then + if [ -z "${GCP_SERVICE_ACCOUNT##*[![:space:]]*}" ]; then i=0 while [ $i -lt 3 ]; do echo "Waiting for gcloud to authenticate..." sleep 5s GCP_SERVICE_ACCOUNT=$(gcloud auth list --filter=status:ACTIVE --format="value(account)") - if [ -n "${GCP_SERVICE_ACCOUNT}" ]; then + if [ -n "${GCP_SERVICE_ACCOUNT##*[![:space:]]*}" ]; then break fi i=$((i+1)) From 11dbc1610a4d000f4ba43588a68f85f457bfc6a9 Mon Sep 17 00:00:00 2001 From: Paolo Mainardi Date: Mon, 23 Sep 2024 16:43:29 +0200 Subject: [PATCH 7/8] feat: try to autenticate otherwise fail (15s) --- templates/.gitlab-ci-template.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/templates/.gitlab-ci-template.yml b/templates/.gitlab-ci-template.yml index 907bf2f8..7d81c0a9 100644 --- a/templates/.gitlab-ci-template.yml +++ b/templates/.gitlab-ci-template.yml @@ -99,8 +99,9 @@ variables: # if service account is empty, wait for it to be set. if [ -z "${GCP_SERVICE_ACCOUNT##*[![:space:]]*}" ]; then + MAX_ATTEMPTS=3 i=0 - while [ $i -lt 3 ]; do + while [ $i -lt $MAX_ATTEMPTS ]; do echo "Waiting for gcloud to authenticate..." sleep 5s GCP_SERVICE_ACCOUNT=$(gcloud auth list --filter=status:ACTIVE --format="value(account)") From 03589f84eb76e2f6af185e3f837b272e9969d3e0 Mon Sep 17 00:00:00 2001 From: Paolo Mainardi Date: Mon, 23 Sep 2024 17:06:59 +0200 Subject: [PATCH 8/8] feat: try to autenticate otherwise fail (15s) --- templates/.gitlab-ci-template.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/.gitlab-ci-template.yml b/templates/.gitlab-ci-template.yml index 7d81c0a9..062b316b 100644 --- a/templates/.gitlab-ci-template.yml +++ b/templates/.gitlab-ci-template.yml @@ -98,14 +98,14 @@ variables: GCP_SERVICE_ACCOUNT=$(gcloud auth list --filter=status:ACTIVE --format="value(account)") # if service account is empty, wait for it to be set. - if [ -z "${GCP_SERVICE_ACCOUNT##*[![:space:]]*}" ]; then + if [ -z "${GCP_SERVICE_ACCOUNT}" ]; then MAX_ATTEMPTS=3 i=0 while [ $i -lt $MAX_ATTEMPTS ]; do echo "Waiting for gcloud to authenticate..." sleep 5s GCP_SERVICE_ACCOUNT=$(gcloud auth list --filter=status:ACTIVE --format="value(account)") - if [ -n "${GCP_SERVICE_ACCOUNT##*[![:space:]]*}" ]; then + if [ -n "${GCP_SERVICE_ACCOUNT}" ]; then break fi i=$((i+1))