-
Notifications
You must be signed in to change notification settings - Fork 1.2k
/
Copy pathuser_environment_setup.sh
96 lines (80 loc) · 3.21 KB
/
user_environment_setup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
#!/bin/bash
# Copyright 2022 Google Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
failure() {
echo "========================================="
echo "The Google Cloud setup was not completed."
echo "Please fix the errors above!"
echo "========================================="
exit 0
}
# catch any error that happened during execution
trap 'failure' ERR
# Set the Google Cloud Project ID.
project_id=$1
echo "Project ID: $project_id"
gcloud config set project "$project_id"
email=$(gcloud auth list --filter="status:ACTIVE account:$project_id.iam.gserviceaccount.com" --format="value(account)")
echo $email
# Check if user has service account active
if [ -z "$email" ]
then
# Create a new service account
timestamp=$(date +%s)
service_account_id="service-acc-$timestamp"
echo "Service Account: $service_account_id"
gcloud iam service-accounts create "$service_account_id"
else
service_account_id="${email%@*}"
# Log out of service account
gcloud auth revoke 2>/dev/null
fi
echo "$service_account_id"
editor=$(gcloud projects get-iam-policy $project_id \
--flatten="bindings[].members" \
--format='table(bindings.role)' \
--filter="bindings.members:$service_account_id ROLE=roles/editor")
retail_admin=$(gcloud projects get-iam-policy $project_id \
--flatten="bindings[].members" \
--format='table(bindings.role)' \
--filter="bindings.members:$service_account_id ROLE=roles/retail.admin")
# Check if any of the needed roles is missing
if [ -z "$editor" ] || [ -z "$retail_admin" ]
then
# Assign necessary roles to your new service account.
for role in {retail.admin,editor}
do
gcloud projects add-iam-policy-binding "$project_id" --member="serviceAccount:$service_account_id@$project_id.iam.gserviceaccount.com" --role=roles/"${role}"
done
echo "Wait ~60 seconds to be sure the appropriate roles have been assigned to your service account"
sleep 60
fi
# Upload your service account key file.
service_acc_email="$service_account_id@$project_id.iam.gserviceaccount.com"
gcloud iam service-accounts keys create ~/key.json --iam-account "$service_acc_email"
# Activate the service account using the key.
gcloud auth activate-service-account --key-file ~/key.json
# Install necessary Google Cloud Retail libraries.
for service_dir in \
{RetailEvents.Samples,RetailProducts.Samples,RetailSearch.Samples}
do
path=~/cloudshell_open/dotnet-docs-samples/retail/interactive-tutorial/$service_dir
cd $path
dotnet add package Google.Cloud.Retail.V2
dotnet add package Google.Cloud.Storage.V1
done
echo "========================================="
echo "The Google Cloud setup is completed."
echo "Please proceed with the Tutorial steps"
echo "========================================="