Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(106)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: scripts/slave/recipes/infra/recipe_roll_tryjob.py

Issue 1870903002: recipe_roll_tryjob: Add service_account argument. (Closed) Base URL: https://chromium.googlesource.com/chromium/tools/build.git@master
Patch Set: pragma no cover Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: scripts/slave/recipes/infra/recipe_roll_tryjob.py
diff --git a/scripts/slave/recipes/infra/recipe_roll_tryjob.py b/scripts/slave/recipes/infra/recipe_roll_tryjob.py
index cfdb1f5999199067c12d8144e67d7a991bf9582b..efea67f0579214840a4f0d3c81bd398425285a1a 100644
--- a/scripts/slave/recipes/infra/recipe_roll_tryjob.py
+++ b/scripts/slave/recipes/infra/recipe_roll_tryjob.py
@@ -25,14 +25,22 @@ import base64
import json
-def get_auth_token(api):
+def get_auth_token(api, service_account=None):
"""
Get an auth token; this assumes the user is logged in with the infra
authutil command line utility.
- """
- result = api.step('Get auth token',
- ['/opt/infra-tools/authutil', 'token',],
+ If service_account is provided, that service account will be used when calling
+ authutil.
+ """
+ cmd = ['/opt/infra-tools/authutil', 'token']
+ if service_account: # pragma: no cover
+ cmd.extend([
+ '-service-account-json='
+ '/creds/service_accounts/service-account-%s.json' % service_account])
+
+ result = api.step(
+ 'Get auth token', cmd,
stdout=api.raw_io.output(),
step_test_data=lambda: api.raw_io.test_api.stream_output('ya29.foobar'))
return result.stdout.strip()
@@ -346,17 +354,28 @@ PROPERTIES = {
# To generate an auth token for running locally, run
# infra/go/bin/authutil login
- 'auth_token': Property(default=None),
+ 'auth_token': Property(
+ default=None, help="The auth_token to use to talk to luci-config. "
+ "Mutually exclusive with the service_account property"),
+ 'service_account': Property(
+ default=None, kind=str,
+ help="The name of the service account to use when running on a bot. For "
+ "example, if you use \"recipe-roller\", this recipe will try to use "
+ "the /creds/service_accounts/service-account-recipe-roller.json "
+ "service account")
}
def RunSteps(api, patches_raw, rietveld, issue, patchset, patch_project,
- auth_token):
+ auth_token, service_account):
# TODO(martiniss): use real types
issue = int(issue) if issue else None
patchset = int(patchset) if patchset else None
if not auth_token:
- auth_token = get_auth_token(api)
+ auth_token = get_auth_token(api, service_account)
+ else: # pragma: no cover
+ assert not service_account, (
+ "Only one of \"service_account\" and \"auth_token\" may be set")
headers = {'Authorization': 'Bearer %s' % auth_token}
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698