A few updates to permissions.sh (knative#771)

Nits, nits, nits. :)
coryrc · May 14, 2019 · ddaab49 · ddaab49
1 parent b3ba92e
commit ddaab49
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 19 deletions.
diff --git a/ci/prow/boskos/README.md b/ci/prow/boskos/README.md
@@ -2,5 +2,7 @@
 
 This directory contains the config for our [Boskos](https://github.com/kubernetes/test-infra/tree/master/boskos) instance.
 
+* `config_start.yaml` Initial Boskos configuration.
 * `config.yaml` Boskos configuration.
+* `permissions.sh` Script to set up permissions for a new Boskos project.
 * `resources.yaml` Pool of projects used by Boskos.
diff --git a/ci/prow/boskos/permissions.sh b/ci/prow/boskos/permissions.sh
@@ -14,28 +14,36 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-project=$1
-owners=("[email protected]")
-groups=("[email protected]")
-sas=("[email protected]" "[email protected]" "[email protected]" "[email protected]") 
-apis=("compute.googleapis.com" "container.googleapis.com")
+set -e
 
-# Add an owner to the project
-for owner in ${owners[@]}; do
-    gcloud projects add-iam-policy-binding $project --member group:$owner --role roles/OWNER
+readonly PROJECT=${1:?"First argument must be the new boskos project name."}
+readonly OWNERS=("[email protected]")
+readonly GROUPS=("[email protected]")
+readonly SAS=(
+    "[email protected]" \
+    "[email protected]" \
+    "[email protected]" \
+    "[email protected]")
+readonly APIS=(
+    "compute.googleapis.com" \
+    "container.googleapis.com")
+
+# Add an owner to the PROJECT
+for owner in ${OWNERS[@]}; do
+  gcloud projects add-iam-policy-binding ${PROJECT} --member group:${owner} --role roles/OWNER
 done
 
-# Add all groups as editors
-for group in ${groups[@]}; do
-    gcloud projects add-iam-policy-binding $project --member group:$group --role roles/EDITOR
+# Add all GROUPS as editors
+for group in ${GROUPS[@]}; do
+  gcloud projects add-iam-policy-binding ${PROJECT} --member group:${group} --role roles/EDITOR
 done
 
 # Add all service accounts as editors
-for sa in ${sas[@]}; do
-    gcloud projects add-iam-policy-binding $project --member serviceAccount:$sa --role roles/EDITOR
+for sa in ${SAS[@]}; do
+  gcloud projects add-iam-policy-binding ${PROJECT} --member serviceAccount:${sa} --role roles/EDITOR
 done
 
-# Enable apis
-for api in ${apis[@]}; do
-    gcloud services enable $api --project=$1
+# Enable APIS
+for api in ${APIS[@]}; do
+  gcloud services enable ${api} --project=${PROJECT}
 done
diff --git a/ci/prow_setup.md b/ci/prow_setup.md
@@ -20,11 +20,11 @@
 
 ## Expanding Boskos pool
 
-1. Create a new GCP project and add it to [resources.yaml](./prow/boskos/resources.yaml).
+1. Create a new GCP project and add it to [resources.yaml](./prow/boskos/resources.yaml). Please follow the current naming scheme.
 
-1. Run `./ci/prow/boskos/permissions.sh <project_name>` to setup IAM permissions and APIs needed
+1. Run `./ci/prow/boskos/permissions.sh <project_name>` to setup the IAM permissions and APIs needed.
 
-1. Run `make update-boskos-config` to update the boskos config.
+1. Run `make update-boskos-config` to update the Boskos config.
 
 ## Setting up Prow for a new repo (reviewers assignment and auto merge)