mirrors/nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus synced 2025-12-23 06:15:42 +00:00
Code Issues Releases Wiki Activity

Use base64-encoded SQL credentials (#314)

Browse Source 
* Use base64-encoded SQL credentials

Encode Cloud SQL credential files on gcs with base64,
to be consistent with our Cloud Build practices.

Also renamed a property that specifies where to publish
the schema jar. New name is schema_publish_repo.
This commit is contained in:
Weimin Yu
2019-10-18 11:48:40 -04:00
committed by GitHub
parent 85c11ca889
commit 13dc758747
2 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
db/build.gradle
View File

@@ -94,6 +94,7 @@ ext {
def command = def command =
"""gsutil cp \ """gsutil cp \
gs://domain-registry${env}-cloudsql-credentials/${role}_credential.enc - | \ gs://domain-registry${env}-cloudsql-credentials/${role}_credential.enc - | \
base64 -d | \
gcloud kms decrypt --location global --keyring nomulus \ gcloud kms decrypt --location global --keyring nomulus \
--key sql-credentials-on-gcs-key --plaintext-file=- \ --key sql-credentials-on-gcs-key --plaintext-file=- \
--ciphertext-file=- \ --ciphertext-file=- \
@@ -118,11 +119,11 @@ artifacts {
publishing { publishing {
repositories { repositories {
maven { maven {
url project.schema_jar_repo url project.schema_publish_repo
} }
} }
publications { publications {
schemaOrmPublication(MavenPublication) { sqlSchemaPublication(MavenPublication) {
groupId 'google.registry' groupId 'google.registry'
artifactId 'schema' artifactId 'schema'
version project.schema_version version project.schema_version

2
gradle.properties
View File

@@ -24,5 +24,5 @@ dbPassword=
# Maven repository of the Cloud SQL schema jar, which contains the # Maven repository of the Cloud SQL schema jar, which contains the
# SQL DDL scripts. # SQL DDL scripts.
schema_jar_repo= schema_publish_repo=
schema_version= schema_version=