#12298 Google Cloud Engine credentials for fedora-image-uploader
Opened 3 months ago by jcline. Modified a day ago

Describe what you would like us to do:


The image uploader has support for Google Cloud now, but we need to add credentials to start uploading images, and we need a few objects created in our Google Cloud project.

Since I don't know if anyone in Infra has access to GCP, the only thing I know I need is for the credentials, when they're created, to be added to Ansible so I can put them in the fedora-image-upload container.

Credentials

I know Fedora CoreOS already uploads their images to Google Cloud so they might be able to provide details on the required permissions (cc @dustymabe) and how to inject the credentials. There's a fedora-cloud-devel project we can wire up to the staging instance for testing, but while I do have access to create the necessary storage bucket, I can't configure credentials. I believe only Dusty has access to do that.

For the production environment, I assume there's a fedora-cloud project and someone (Dusty?) has access. Sorry to be so hand-wavy, I don't have any visibility into who can do what here.

Objects

In production, we need a storage bucket created so we can upload the image tarballs. I have permission to create this in the fedora-cloud-devel project, so I did and named the development one fedora-cloud-image-upload-devel. If whoever has access to production can make fedora-cloud-image-upload that'd be great. Also please configure the bucket with the following lifecycle rules to keep the bucket tidy:

  • Delete object 7+ days since object was created
  • Delete multi-part upload 7+ days since upload initiated

When do you need this to be done by? (YYYY/MM/DD)


No hard deadline.


Can take a look. I can't recall what our setup is there.

Perhaps @dustymabe or @jlebon knows?

Metadata Update from @kevin:
- Issue priority set to: Waiting on Assignee (was: Needs Review)
- Issue tagged with: low-gain, low-trouble, ops

3 months ago

Checking in here to see where this stands, as it is blocking https://pagure.io/cloud-sig/issue/402 which in turn means no Fedora images aside from CoreOS are available on GCP.

Log in to comment on this ticket.

Metadata
Boards 1
ops Status: Backlog