Merge pull request #277 from donnadionne/docker
Docker
diff --git a/tools/dockerfile/grpc_cxx/Dockerfile b/tools/dockerfile/grpc_cxx/Dockerfile
index 141a20a..43da9fe 100644
--- a/tools/dockerfile/grpc_cxx/Dockerfile
+++ b/tools/dockerfile/grpc_cxx/Dockerfile
@@ -21,4 +21,6 @@
&& make interop_client \
&& make interop_server
+ADD service_account service_account
+
CMD ["/var/local/git/grpc/bins/opt/interop_server", "--enable_ssl", "--port=8010"]
diff --git a/tools/gce_setup/grpc_docker.sh b/tools/gce_setup/grpc_docker.sh
index 476aa3c..a97cc88 100755
--- a/tools/gce_setup/grpc_docker.sh
+++ b/tools/gce_setup/grpc_docker.sh
@@ -440,6 +440,55 @@
}
}
+# checks the positional args and assigns them to variables visible in the caller
+#
+# these are the positional args passed to grpc_cloud_prod_auth_test after option flags
+# are removed
+#
+# three args are expected, in order
+# - test_case
+# - host <the gce docker instance on which to run the test>
+# - client to run
+grpc_cloud_prod_auth_test_args() {
+ grpc_gen_test_cmd="grpc_cloud_prod_auth_"
+ [[ -n $1 ]] && { # test_case
+ test_case=$1
+ grpc_gen_test_cmd+="$1"
+ shift
+ } || {
+ echo "$FUNCNAME: missing arg: test_case" 1>&2
+ return 1
+ }
+
+ [[ -n $1 ]] && { # host
+ host=$1
+ shift
+ } || {
+ echo "$FUNCNAME: missing arg: host" 1>&2
+ return 1
+ }
+
+ [[ -n $1 ]] && { # client_type
+ case $1 in
+ cxx|go|java|nodejs|php|python|ruby)
+ grpc_gen_test_cmd+="_gen_$1_cmd"
+ declare -F $grpc_gen_test_cmd >> /dev/null || {
+ echo "-f: test_func for $1 => $grpc_gen_test_cmd is not defined" 1>&2
+ return 2
+ }
+ shift
+ ;;
+ *)
+ echo "bad client_type: $1" 1>&2
+ return 1
+ ;;
+ esac
+ } || {
+ echo "$FUNCNAME: missing arg: client_type" 1>&2
+ return 1
+ }
+}
+
_grpc_sync_scripts_args() {
grpc_gce_script_root='tools/gce_setup'
@@ -715,6 +764,52 @@
gcloud compute $project_opt ssh $zone_opt $host --command "$cmd"
}
+# Runs a test command on a docker instance.
+#
+# call-seq:
+# grpc_cloud_prod_auth_test <test_name> <host> <client_type>
+#
+# requirements:
+# host is a GCE instance running docker with access to the gRPC docker images
+# test_name is one of the named gRPC tests [http://go/grpc_interop_tests]
+# client_type is one of [cxx,go,java,php,python,ruby]
+#
+# it assumes:
+# that each grpc-imp has a docker image named grpc/<imp>, e.g, grpc/java
+# a test is run using $ docker run 'path/to/interop_test_bin --flags'
+# the required images are available on <host>
+#
+# each client_type should have an associated bash func:
+# grpc_cloud_prod_auth_<test_case>_gen_<client_type>_cmd
+# the func provides the dockerized commmand for running client_type's test.
+# If no such func is available, tests for that client type cannot be run.
+grpc_cloud_prod_auth_test() {
+ _grpc_ensure_gcloud_ssh || return 1;
+ # declare vars local so that they don't pollute the shell environment
+ # where they this func is used.
+
+ local grpc_zone grpc_project dry_run # set by _grpc_set_project_and_zone
+ # grpc_cloud_prod_test_args
+ local test_case host grpc_gen_test_cmd
+
+ # set the project zone and check that all necessary args are provided
+ _grpc_set_project_and_zone -f grpc_cloud_prod_auth_test_args "$@" || return 1
+ gce_has_instance $grpc_project $host || return 1;
+
+ local test_case_flag=" --test_case=$test_case"
+ cmd=$($grpc_gen_test_cmd $test_case_flag)
+ [[ -n $cmd ]] || return 1
+
+ local project_opt="--project $grpc_project"
+ local zone_opt="--zone $grpc_zone"
+ local ssh_cmd="bash -l -c \"$cmd\""
+ echo "will run:"
+ echo " $ssh_cmd"
+ echo "on $host"
+ [[ $dry_run == 1 ]] && return 0 # don't run the command on a dry run
+ gcloud compute $project_opt ssh $zone_opt $host --command "$cmd"
+}
+
# constructs the full dockerized ruby interop test cmd.
#
# call-seq:
@@ -848,4 +943,34 @@
echo $the_cmd
}
-# TODO(grpc-team): add grpc_interop_gen_python_cmd
+# constructs the full dockerized cpp interop test cmd.
+#
+#
+# call-seq:
+# flags= .... # generic flags to include the command
+# cmd=$($grpc_gen_test_cmd $flags)
+grpc_cloud_prod_auth_service_account_creds_gen_cxx_cmd() {
+ local cmd_prefix="sudo docker run grpc/cxx";
+ local test_script="/var/local/git/grpc/bins/opt/interop_client --enable_ssl";
+ local gfe_flags=" --use_prod_roots --server_port=443 --server_host=grpc-test.sandbox.google.com --server_host_override=grpc-test.sandbox.google.com"
+ local added_gfe_flags=" --service_account_key_file=/service_account/stubbyCloudTestingTest-7dd63462c60c.json --oauth_scope=https://www.googleapis.com/auth/xapi.zoo"
+ local the_cmd="$cmd_prefix $test_script $gfe_flags $added_gfe_flags $@";
+ echo $the_cmd
+}
+
+# constructs the full dockerized cpp interop test cmd.
+#
+#
+# call-seq:
+# flags= .... # generic flags to include the command
+# cmd=$($grpc_gen_test_cmd $flags)
+grpc_cloud_prod_auth_compute_engine_creds_gen_cxx_cmd() {
+ local cmd_prefix="sudo docker run grpc/cxx";
+ local test_script="/var/local/git/grpc/bins/opt/interop_client --enable_ssl";
+ local gfe_flags=" --use_prod_roots --server_port=443 --server_host=grpc-test.sandbox.google.com --server_host_override=grpc-test.sandbox.google.com"
+ local added_gfe_flags=" --default_service_account=155450119199-r5aaqa2vqoa9g5mv2m6s3m1l293rlmel@developer.gserviceaccount.com --oauth_scope=https://www.googleapis.com/auth/xapi.zoo"
+ local the_cmd="$cmd_prefix $test_script $gfe_flags $added_gfe_flags $@";
+ echo $the_cmd
+}
+
+# TODO(grpc-team): add grpc_interop_gen_xxx_cmd for python|nodejs
diff --git a/tools/gce_setup/new_grpc_docker_builder.sh b/tools/gce_setup/new_grpc_docker_builder.sh
index 9a3988f..5d4fc36 100755
--- a/tools/gce_setup/new_grpc_docker_builder.sh
+++ b/tools/gce_setup/new_grpc_docker_builder.sh
@@ -87,6 +87,7 @@
local the_image='container-vm-v20140925'
local scopes='compute-rw storage-full'
scopes+=' https://www.googleapis.com/auth/gerritcodereview'
+ scopes+=' https://www.googleapis.com/auth/xapi.zoo'
gcloud --project $project compute instances create $instance \
$address_flag \
--image $the_image \
diff --git a/tools/gce_setup/shared_startup_funcs.sh b/tools/gce_setup/shared_startup_funcs.sh
index 438c20a..3300eb2 100755
--- a/tools/gce_setup/shared_startup_funcs.sh
+++ b/tools/gce_setup/shared_startup_funcs.sh
@@ -416,6 +416,9 @@
[[ $image_label == "grpc/ruby" ]] && {
grpc_docker_sync_roots_pem $dockerfile_dir/cacerts || return 1;
}
+ [[ $image_label == "grpc/cxx" ]] && {
+ grpc_docker_sync_service_account $dockerfile_dir/service_account || return 1;
+ }
# TODO(temiola): maybe make cache/no-cache a func option?
@@ -503,3 +506,31 @@
}
gsutil cp $src $gcs_certs_path $local_certs_path
}
+
+# grpc_docker_sync_service_account.
+#
+# Copies the service account from GCS to the target dir
+#
+# call-seq:
+# grpc_docker_sync_service_account <target_dir>
+grpc_docker_sync_service_account() {
+ local target_dir=$1
+ [[ -n $target_dir ]] || { echo "$FUNCNAME: missing arg: target_dir" >&2; return 1; }
+
+ # determine the admin root; the parent of the dockerfile root,
+ local gs_dockerfile_root=$(load_metadata "attributes/gs_dockerfile_root")
+ [[ -n $gs_dockerfile_root ]] || {
+ echo "$FUNCNAME: missing metadata: gs_dockerfile_root" >&2
+ return 1
+ }
+ local gcs_admin_root=$(dirname $gs_dockerfile_root)
+
+ # cp the file from gsutil to a known local area
+ local gcs_acct_path=$gcs_admin_root/service_account/stubbyCloudTestingTest-7dd63462c60c.json
+ local local_acct_path=$target_dir/stubbyCloudTestingTest-7dd63462c60c.json
+ mkdir -p $target_dir || {
+ echo "$FUNCNAME: could not create dir: $target_dir" 1>&2
+ return 1
+ }
+ gsutil cp $src $gcs_acct_path $local_acct_path
+}