Skip to content

Commit 49533bb

Browse files
Arakel2811Arakel2811
authored
samples: environment setup twice error. (#213)
1 parent 436240e commit 49533bb

File tree

1 file changed

+38
-12
lines changed

1 file changed

+38
-12
lines changed

retail/interactive-tutorials/user_environment_setup.sh

+38-12
Original file line numberDiff line numberDiff line change
@@ -37,20 +37,46 @@ project_id=$1
3737
echo "Project ID: $project_id"
3838
gcloud config set project "$project_id"
3939

40-
timestamp=$(date +%s)
41-
service_account_id="service-acc-$timestamp"
42-
echo "Service Account: $service_account_id"
43-
# create service account (your service-acc-$timestamp)
44-
gcloud iam service-accounts create "$service_account_id"
40+
email=$(gcloud auth list --filter="status:ACTIVE account:$project_id.iam.gserviceaccount.com" --format="value(account)")
41+
echo $email
4542

46-
# assign necessary roles to your new service account
47-
for role in {retail.admin,editor}
48-
do
49-
gcloud projects add-iam-policy-binding "$project_id" --member="serviceAccount:$service_account_id@$project_id.iam.gserviceaccount.com" --role=roles/"${role}"
50-
done
43+
# check if user has service account active
44+
if [ -z "$email" ]
45+
then
46+
# create a new service account
47+
timestamp=$(date +%s)
48+
service_account_id="service-acc-$timestamp"
49+
echo "Service Account: $service_account_id"
50+
gcloud iam service-accounts create "$service_account_id"
51+
else
52+
service_account_id="${email%@*}"
53+
# log out of service account
54+
gcloud auth revoke 2>/dev/null
55+
fi
56+
echo "$service_account_id"
57+
58+
editor=$(gcloud projects get-iam-policy $project_id \
59+
--flatten="bindings[].members" \
60+
--format='table(bindings.role)' \
61+
--filter="bindings.members:$service_account_id ROLE=roles/editor")
62+
63+
retail_admin=$(gcloud projects get-iam-policy $project_id \
64+
--flatten="bindings[].members" \
65+
--format='table(bindings.role)' \
66+
--filter="bindings.members:$service_account_id ROLE=roles/retail.admin")
67+
68+
# check if any of the needed roles is missing
69+
if [ -z "$editor" ] || [ -z "$retail_admin" ]
70+
then
71+
# assign necessary roles to your new service account.
72+
for role in {retail.admin,editor}
73+
do
74+
gcloud projects add-iam-policy-binding "$project_id" --member="serviceAccount:$service_account_id@$project_id.iam.gserviceaccount.com" --role=roles/"${role}"
75+
done
76+
echo "Wait ~60 seconds to be sure the appropriate roles have been assigned to your service account"
77+
sleep 60
78+
fi
5179

52-
echo "Wait ~60 seconds to be sure the appropriate roles have been assigned to your service account"
53-
sleep 60
5480
# upload your service account key file
5581
service_acc_email="$service_account_id@$project_id.iam.gserviceaccount.com"
5682
gcloud iam service-accounts keys create ~/key.json --iam-account "$service_acc_email"

0 commit comments

Comments
 (0)