blob: 9098a1b60b2cf826b32f29e22df15fb4f4a18368 [file] [log] [blame]
#!/bin/bash
# Copyright 2022 The Go Authors. All rights reserved.
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
set -xe
# One-time project setup:
#
# 1. Create artifact registry for the project:
#
# $ gcloud artifacts repositories create golang-perf-docker-repo \
# --repository-format=docker \
# --location=us-central1 --description="Docker repository"
#
# 2. Configure authentication for (sudo) docker:
#
# $ sudo gcloud auth configure-docker us-central1-docker.pkg.dev
#
# 3. Create the secrets to store InfluxDB passwords/tokens in:
#
# $ gcloud secrets create influx-admin-pass
# $ gcloud secrets create influx-admin-token
# $ gcloud secrets create influx-reader-pass
# $ gcloud secrets create influx-reader-token
#
# 4. Grant access to the GCE default service account to update the secrets.
#
# $ export SERVICE_ACCOUNT=$(gcloud iam service-accounts list --format="value(EMAIL)" --filter="displayName:Compute Engine default service account")
# $ gcloud secrets add-iam-policy-binding influx-admin-pass --member=serviceAccount:${SERVICE_ACCOUNT} --role="roles/secretmanager.secretVersionAdder"
# $ gcloud secrets add-iam-policy-binding influx-admin-token --member=serviceAccount:${SERVICE_ACCOUNT} --role="roles/secretmanager.secretVersionAdder"
# $ gcloud secrets add-iam-policy-binding influx-reader-pass --member=serviceAccount:${SERVICE_ACCOUNT} --role="roles/secretmanager.secretVersionAdder"
# $ gcloud secrets add-iam-policy-binding influx-reader-token --member=serviceAccount:${SERVICE_ACCOUNT} --role="roles/secretmanager.secretVersionAdder"
# TODO(prattmic): This is getting complicated; move to Go program, including
# initial one-time setup above.
if [[ $# != 2 ]]; then
echo "Usage: $0 <gcp project> <docker registry>"
exit 1
fi
declare -r PROJECT=$1
declare -r REGISTRY=$2
declare -r TAG="${REGISTRY}/golang-influx:latest"
echo "Building Docker image..."
# We must be in this directory for docker.
(cd "$(dirname -- "${BASH_SOURCE[0]}")" && sudo docker build -t ${TAG} .)
echo "Pushing Docker image..."
sudo docker push ${TAG}
# TODO(prattmic): Set up VM with no external IP.
echo "Creating instance..."
gcloud --project ${PROJECT} compute instances create-with-container influx-test-1 \
--container-image ${TAG} \
--zone us-central1-a \
--machine-type n1-standard-1 \
--tags https-server \
--scopes cloud-platform # Access fully controlled via IAM.