1*55e87721SMatt Gilbride#!/bin/bash 2*55e87721SMatt Gilbride# Copyright 2020 Google LLC. 3*55e87721SMatt Gilbride# 4*55e87721SMatt Gilbride# Licensed under the Apache License, Version 2.0 (the "License"); 5*55e87721SMatt Gilbride# you may not use this file except in compliance with the License. 6*55e87721SMatt Gilbride# You may obtain a copy of the License at 7*55e87721SMatt Gilbride# 8*55e87721SMatt Gilbride# http://www.apache.org/licenses/LICENSE-2.0 9*55e87721SMatt Gilbride# 10*55e87721SMatt Gilbride# Unless required by applicable law or agreed to in writing, software 11*55e87721SMatt Gilbride# distributed under the License is distributed on an "AS IS" BASIS, 12*55e87721SMatt Gilbride# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13*55e87721SMatt Gilbride# See the License for the specific language governing permissions and 14*55e87721SMatt Gilbride# limitations under the License. 15*55e87721SMatt Gilbride 16*55e87721SMatt Gilbrideset -eo pipefail 17*55e87721SMatt Gilbride 18*55e87721SMatt Gilbridefunction now { date +"%Y-%m-%d %H:%M:%S" | tr -d '\n' ;} 19*55e87721SMatt Gilbridefunction msg { println "$*" >&2 ;} 20*55e87721SMatt Gilbridefunction println { printf '%s\n' "$(now) $*" ;} 21*55e87721SMatt Gilbride 22*55e87721SMatt Gilbride 23*55e87721SMatt Gilbride# Populates requested secrets set in SECRET_MANAGER_KEYS from service account: 24*55e87721SMatt Gilbride# kokoro-trampoline@cloud-devrel-kokoro-resources.iam.gserviceaccount.com 25*55e87721SMatt GilbrideSECRET_LOCATION="${KOKORO_GFILE_DIR}/secret_manager" 26*55e87721SMatt Gilbridemsg "Creating folder on disk for secrets: ${SECRET_LOCATION}" 27*55e87721SMatt Gilbridemkdir -p ${SECRET_LOCATION} 28*55e87721SMatt Gilbridefor key in $(echo ${SECRET_MANAGER_KEYS} | sed "s/,/ /g") 29*55e87721SMatt Gilbridedo 30*55e87721SMatt Gilbride msg "Retrieving secret ${key}" 31*55e87721SMatt Gilbride docker run --entrypoint=gcloud \ 32*55e87721SMatt Gilbride --volume=${KOKORO_GFILE_DIR}:${KOKORO_GFILE_DIR} \ 33*55e87721SMatt Gilbride gcr.io/google.com/cloudsdktool/cloud-sdk \ 34*55e87721SMatt Gilbride secrets versions access latest \ 35*55e87721SMatt Gilbride --project cloud-devrel-kokoro-resources \ 36*55e87721SMatt Gilbride --secret ${key} > \ 37*55e87721SMatt Gilbride "${SECRET_LOCATION}/${key}" 38*55e87721SMatt Gilbride if [[ $? == 0 ]]; then 39*55e87721SMatt Gilbride msg "Secret written to ${SECRET_LOCATION}/${key}" 40*55e87721SMatt Gilbride else 41*55e87721SMatt Gilbride msg "Error retrieving secret ${key}" 42*55e87721SMatt Gilbride fi 43*55e87721SMatt Gilbridedone