eclass/cros-credentials.eclass - third_party/overlays/chromiumos-overlay - Git at Google

 # Copyright 2019 The ChromiumOS Authors
 # Distributed under the terms of the GNU General Public License v2

 # @ECLASS: cros-credentials.eclass
 # @MAINTAINER:
 # ChromiumOS Build Team
 # @BUGREPORTS:
 # Please report bugs via http://crbug.com/new (with label Build)
 # @VCSURL: https://chromium.googlesource.com/chromiumos/overlays/chromiumos-overlay/+/HEAD/eclass/@ECLASS@
 # @BLURB: Set credentials properly to access private git repo.
 # @DESCRIPTION:
 # Copy in credentials to fake home directory so that build process can
 # access vcs and ssh if needed.
 # Add a call to cros-credentials_setup before accessing a private repo.

 cros-credentials_setup() {
 	einfo "Setting up CrOS credentials"
 	mkdir -vp "${HOME}"
 	local whoami=$(whoami)
 	local ssh_config_dir="/home/${whoami}/.ssh"
 	if [[ -d "${ssh_config_dir}" ]]; then
 		cp -vrfp "${ssh_config_dir}" "${HOME}" || die
 	fi
 	local net_config="/home/${whoami}/.netrc"
 	if [[ -f "${net_config}" ]]; then
 		einfo "Copying ${net_config} to ${HOME}"
 		cp -vfp "${net_config}" "${HOME}" || die
 	fi
 	local gitcookies_src="/home/${whoami}/.gitcookies"
 	local gitcookies_dst="${HOME}/.gitcookies"
 	if [[ -f "${gitcookies_src}" ]]; then
 		cp -vfp "${gitcookies_src}" "${gitcookies_dst}" || die
 		echo 'gitcookies accounts:'
 		awk 'NF && $1 !~ /^#/ {print $1}' "${gitcookies_dst}"
 		git config --global http.cookiefile "${gitcookies_dst}"
 	fi
 	local luci_creds_src="/home/${whoami}/.config/chrome_infra/auth/creds.json"
 	local luci_creds_dest="${HOME}/.config/chrome_infra/auth/"
 	if [[ -f "${luci_creds_src}" ]]; then
 		einfo "Copying ${luci_creds_src} to ${HOME}"
 		mkdir -p "${luci_creds_dest}"
 		cp -vfp "${luci_creds_src}" "${luci_creds_dest}" || die
 	fi

 	# Force disable user/pass prompting to avoid hanging builds.
 	git config --global core.askPass true
 }

 # @FUNCTION: cros-fetch_google_app_credentials
 # @USAGE:
 # @RETURN: "true" if able to get local dev's app credentials. "false" otherwise.
 # @INTERNAL
 # @DESCRIPTION:
 # Copy over app credentials from chroot -> sysroot for local developers only (this is not needed for build bots)
 # gcloud default credentials are located in chroot user's:
 # ~/.config/gcloud directory (eg. /home/<user>/.config/gcloud)
 # However, the build executes relative to sysroot, where the homedir is something like:
 # (eg. /build/hatch/tmp/portage/chromeos-base/chromeos-chrome-9999/homedir)
 # So when we run reproxy process, we need to provide it with the gcloud credentials under the
 # sysroot home path, which are the actions done below.
 # Do so only for local development (no need for buildbots)
 cros-fetch_google_app_credentials() {
 	local has_app_credentials="true"

 	local whoami=$(whoami)
 	if [[ "${whoami}" == "root" && -n "${SUDO_USER}" ]]; then
 		# Use ${SUDO_USER} instead of `whoami` when running with sudo.
 		whoami="${SUDO_USER}"
 	fi
 	local chroot_app_credentials="/home/${whoami}/.config/gcloud"

 	if [[ ! -d "${chroot_app_credentials}" ]]; then
 		if [[ -z ${GCE_METADATA_HOST} ]]; then
 			einfo "*************************************************************************************"
 			einfo "*** Defaulting to slower local build due to missing gcloud app credentials, instead of faster distributed builds on reclient."
 			einfo "*** Unable to find gcloud credentials under: ${chroot_app_credentials}"
 			einfo "*** For googlers, run 'gcloud auth application-default login' outside of chroot, then retry. go/cloud-cli-tpc to get the CLI"
 			einfo "*************************************************************************************"
 			has_app_credentials="false"
 		else
 			einfo "Using GCE metadata host for gcloud app authentication: ${GCE_METADATA_HOST}"
 		fi
 	else
 		# The env variable below is also used by reproxy to find where the credentials is located in sysroot.
 		export GOOGLE_APPLICATION_CREDENTIALS="${HOME}/.config/gcloud/application_default_credentials.json"

 		# Only update if credential file doesn't already exist.
 		if [[ ! -f "${GOOGLE_APPLICATION_CREDENTIALS}" ]]; then
 			# The env variable below is also used by reproxy to find where the credentials is located.
 			einfo "Copying over google app credentials from chroot -> sysroot. [${chroot_app_credentials} -> ${GOOGLE_APPLICATION_CREDENTIALS}]"
 			mkdir -p "${HOME}/.config"
 			cp -R "${chroot_app_credentials}" "${HOME}/.config/"
 		fi
 	fi

 	echo ${has_app_credentials}
 }
	# Copyright 2019 The ChromiumOS Authors
	# Distributed under the terms of the GNU General Public License v2

	# @ECLASS: cros-credentials.eclass
	# @MAINTAINER:
	# ChromiumOS Build Team
	# @BUGREPORTS:
	# Please report bugs via http://crbug.com/new (with label Build)
	# @VCSURL: https://chromium.googlesource.com/chromiumos/overlays/chromiumos-overlay/+/HEAD/eclass/@ECLASS@
	# @BLURB: Set credentials properly to access private git repo.
	# @DESCRIPTION:
	# Copy in credentials to fake home directory so that build process can
	# access vcs and ssh if needed.
	# Add a call to cros-credentials_setup before accessing a private repo.

	cros-credentials_setup() {
	einfo "Setting up CrOS credentials"
	mkdir -vp "${HOME}"
	local whoami=$(whoami)
	local ssh_config_dir="/home/${whoami}/.ssh"
	if [[ -d "${ssh_config_dir}" ]]; then
	cp -vrfp "${ssh_config_dir}" "${HOME}" \|\| die
	fi
	local net_config="/home/${whoami}/.netrc"
	if [[ -f "${net_config}" ]]; then
	einfo "Copying ${net_config} to ${HOME}"
	cp -vfp "${net_config}" "${HOME}" \|\| die
	fi
	local gitcookies_src="/home/${whoami}/.gitcookies"
	local gitcookies_dst="${HOME}/.gitcookies"
	if [[ -f "${gitcookies_src}" ]]; then
	cp -vfp "${gitcookies_src}" "${gitcookies_dst}" \|\| die
	echo 'gitcookies accounts:'
	awk 'NF && $1 !~ /^#/ {print $1}' "${gitcookies_dst}"
	git config --global http.cookiefile "${gitcookies_dst}"
	fi
	local luci_creds_src="/home/${whoami}/.config/chrome_infra/auth/creds.json"
	local luci_creds_dest="${HOME}/.config/chrome_infra/auth/"
	if [[ -f "${luci_creds_src}" ]]; then
	einfo "Copying ${luci_creds_src} to ${HOME}"
	mkdir -p "${luci_creds_dest}"
	cp -vfp "${luci_creds_src}" "${luci_creds_dest}" \|\| die
	fi

	# Force disable user/pass prompting to avoid hanging builds.
	git config --global core.askPass true
	}

	# @FUNCTION: cros-fetch_google_app_credentials
	# @USAGE:
	# @RETURN: "true" if able to get local dev's app credentials. "false" otherwise.
	# @INTERNAL
	# @DESCRIPTION:
	# Copy over app credentials from chroot -> sysroot for local developers only (this is not needed for build bots)
	# gcloud default credentials are located in chroot user's:
	# ~/.config/gcloud directory (eg. /home/<user>/.config/gcloud)
	# However, the build executes relative to sysroot, where the homedir is something like:
	# (eg. /build/hatch/tmp/portage/chromeos-base/chromeos-chrome-9999/homedir)
	# So when we run reproxy process, we need to provide it with the gcloud credentials under the
	# sysroot home path, which are the actions done below.
	# Do so only for local development (no need for buildbots)
	cros-fetch_google_app_credentials() {
	local has_app_credentials="true"

	local whoami=$(whoami)
	if [[ "${whoami}" == "root" && -n "${SUDO_USER}" ]]; then
	# Use ${SUDO_USER} instead of `whoami` when running with sudo.
	whoami="${SUDO_USER}"
	fi
	local chroot_app_credentials="/home/${whoami}/.config/gcloud"

	if [[ ! -d "${chroot_app_credentials}" ]]; then
	if [[ -z ${GCE_METADATA_HOST} ]]; then
	einfo "*************************************************************************************"
	einfo "*** Defaulting to slower local build due to missing gcloud app credentials, instead of faster distributed builds on reclient."
	einfo "*** Unable to find gcloud credentials under: ${chroot_app_credentials}"
	einfo "*** For googlers, run 'gcloud auth application-default login' outside of chroot, then retry. go/cloud-cli-tpc to get the CLI"
	einfo "*************************************************************************************"
	has_app_credentials="false"
	else
	einfo "Using GCE metadata host for gcloud app authentication: ${GCE_METADATA_HOST}"
	fi
	else
	# The env variable below is also used by reproxy to find where the credentials is located in sysroot.
	export GOOGLE_APPLICATION_CREDENTIALS="${HOME}/.config/gcloud/application_default_credentials.json"

	# Only update if credential file doesn't already exist.
	if [[ ! -f "${GOOGLE_APPLICATION_CREDENTIALS}" ]]; then
	# The env variable below is also used by reproxy to find where the credentials is located.
	einfo "Copying over google app credentials from chroot -> sysroot. [${chroot_app_credentials} -> ${GOOGLE_APPLICATION_CREDENTIALS}]"
	mkdir -p "${HOME}/.config"
	cp -R "${chroot_app_credentials}" "${HOME}/.config/"
	fi
	fi

	echo ${has_app_credentials}
	}