Add service account and keys

2025-07-23 07:19:50 -04:00 · 2020-11-30 15:32:45 -05:00 · 2020-11-30 15:32:45 -05:00 · 875cf51a88
commit 875cf51a88
parent 7a91bb42ba
1 changed files with 35 additions and 19 deletions
--- a/src/gcloud/buckets.yaml
+++ b/src/gcloud/buckets.yaml
@ -1,5 +1,24 @@
 ---
 resources:
+  #- name: dynamicbible.com
+  #  type: storage.v1.bucket
+  #  properties:
+  #    bucket: dynamicbible.com
+  #    project: "dynamicbible-7c6cf"
+  #    location: "us-east1"
+  #    website:
+  #      notFoundPage: 404.html
+  #      mainPageSuffix: index.html
+  #    acl:
+  #      - entity: "project-owners-dynamicbible-7c6cf"
+  #        role: OWNER
+  #      - entity: "project-editors-dynamicbible-7c6cf"
+  #        role: WRITER
+  #      - entity: "project-viewers-dynamicbible-7c6cf"
+  #        role: READER
+  #    defaultObjectAcl:
+  #      - entity: allUsers
+  #        role: READER
  - name: staging.dynamicbible.com
    type: storage.v1.bucket
    properties:
@ -19,30 +38,27 @@ resources:
      defaultObjectAcl:
        - entity: allUsers
          role: READER
-  # - name: dynamicbible.com
-  #   type: storage.v1.bucket
-  #   properties:
-  #     bucket: dynamicbible.com
-  #     project: "dynamicbible-7c6cf"
-  #     location: "us-east1"
-  #     website:
-  #       notFoundPage: 404.html
-  #       mainPageSuffix: index.html
-  #     acl:
-  #       - entity: "project-owners-dynamicbible-7c6cf"
-  #         role: OWNER
-  #       - entity: "project-editors-dynamicbible-7c6cf"
-  #         role: WRITER
-  #       - entity: "project-viewers-dynamicbible-7c6cf"
-  #         role: READER
-  #     defaultObjectAcl:
-  #       - entity: allUsers
-  #         role: READER
+  - name: gitlab-service-account
+    type: iam.v1.serviceAccount
+    properties:
+      displayName: gitlab-service-account
+      accountId: gitlab-service-account
+  - name: gitlab-service-account-key
+    type: iam.v1.serviceAccounts.key
+    properties:
+      parent: $(ref.gitlab-service-account.name)
+      name: gitlab-service-account-key
 outputs:
  #- name: dynamicbible.comselfLink
  #  value: "https://console.cloud.google.com/storage/browser/dynamicbible.com"
  #- name: dynamicbible.comgsLink
  #  value: "gs://dynamicbible.com"
+  - name: gitlab-service-account-id
+    value: $(ref.gitlab-service-account.uniqueId)
+  - name: gitlab-service-account-email
+    value: $(ref.gitlab-service-account.email)
+  - name: gitlab-service-account-privateKey
+    value: $(ref.gitlab-service-account-key.privateKeyData)
  - name: staging.dynamicbible.comselfLink
    value: "https://console.cloud.google.com/storage/browser/staging.dynamicbible.com"
  - name: staging.dynamicbible.comgsLink