--plugin-secret support for Cloud Run

2019-07-07 18:55:42 -07:00 · 2019-07-07 18:55:42 -07:00 · c2df6f3482
commit c2df6f3482
--- a/datasette/publish/cloudrun.py
+++ b/datasette/publish/cloudrun.py
@ -1,6 +1,7 @@
 from datasette import hookimpl
 import click
 import json
+import os
 from subprocess import check_call, check_output

 from .common import (
@ -24,6 +25,11 @@ def publish_subcommand(publish):
        "--service", default="", help="Cloud Run service to deploy (or over-write)"
    )
    @click.option("--spatialite", is_flag=True, help="Enable SpatialLite extension")
+    @click.option(
+        "--show-files",
+        is_flag=True,
+        help="Output the generated Dockerfile and metadata.json",
+    )
    def cloudrun(
        files,
        metadata,
@ -45,6 +51,7 @@ def publish_subcommand(publish):
        name,
        service,
        spatialite,
+        show_files,
    ):
        fail_if_publish_binary_not_installed(
            "gcloud", "Google Cloud", "https://cloud.google.com/sdk/"
@ -53,6 +60,30 @@ def publish_subcommand(publish):
            "gcloud config get-value project", shell=True, universal_newlines=True
        ).strip()

+        extra_metadata = {
+            "title": title,
+            "license": license,
+            "license_url": license_url,
+            "source": source,
+            "source_url": source_url,
+            "about": about,
+            "about_url": about_url,
+        }
+
+        environment_variables = {}
+        if plugin_secret:
+            extra_metadata["plugins"] = {}
+            for plugin_name, plugin_setting, setting_value in plugin_secret:
+                environment_variable = (
+                    "{}_{}".format(plugin_name, plugin_setting)
+                    .upper()
+                    .replace("-", "_")
+                )
+                environment_variables[environment_variable] = setting_value
+                extra_metadata["plugins"].setdefault(plugin_name, {})[
+                    plugin_setting
+                ] = {"$env": environment_variable}
+
        with temporary_docker_directory(
            files,
            name,
@ -65,16 +96,17 @@ def publish_subcommand(publish):
            install,
            spatialite,
            version_note,
-            {
-                "title": title,
-                "license": license,
-                "license_url": license_url,
-                "source": source,
-                "source_url": source_url,
-                "about": about,
-                "about_url": about_url,
-            },
+            extra_metadata,
+            environment_variables,
        ):
+            if show_files:
+                if os.path.exists("metadata.json"):
+                    print("=== metadata.json ===\n")
+                    print(open("metadata.json").read())
+                print("\n==== Dockerfile ====\n")
+                print(open("Dockerfile").read())
+                print("\n====================\n")
+
            image_id = "gcr.io/{project}/{name}".format(project=project, name=name)
            check_call("gcloud builds submit --tag {}".format(image_id), shell=True)
        check_call(
--- a/docs/datasette-publish-cloudrun-help.txt
+++ b/docs/datasette-publish-cloudrun-help.txt
@ -24,4 +24,5 @@ Options:
  -n, --name TEXT                 Application name to use when building
  --service TEXT                  Cloud Run service to deploy (or over-write)
  --spatialite                    Enable SpatialLite extension
+  --show-files                    Output the generated Dockerfile and metadata.json
  --help                          Show this message and exit.
--- a/tests/test_publish_cloudrun.py
+++ b/tests/test_publish_cloudrun.py
@ -1,6 +1,7 @@
 from click.testing import CliRunner
 from datasette import cli
 from unittest import mock
+import json


@mock.patch("shutil.which")
@ -46,3 +47,56 @@ def test_publish_cloudrun(mock_call, mock_output, mock_which):
                ),
            ]
        )
+
+
+@mock.patch("shutil.which")
+@mock.patch("datasette.publish.cloudrun.check_output")
+@mock.patch("datasette.publish.cloudrun.check_call")
+def test_publish_cloudrun_plugin_secrets(mock_call, mock_output, mock_which):
+    mock_which.return_value = True
+    mock_output.return_value = "myproject"
+
+    runner = CliRunner()
+    with runner.isolated_filesystem():
+        open("test.db", "w").write("data")
+        result = runner.invoke(
+            cli.cli,
+            [
+                "publish",
+                "cloudrun",
+                "test.db",
+                "--plugin-secret",
+                "datasette-auth-github",
+                "client_id",
+                "x-client-id",
+                "--show-files",
+            ],
+        )
+        dockerfile = (
+            result.output.split("==== Dockerfile ====\n")[1]
+            .split("\n====================\n")[0]
+            .strip()
+        )
+        expected = """FROM python:3.6
+COPY . /app
+WORKDIR /app
+
+ENV DATASETTE_AUTH_GITHUB_CLIENT_ID 'x-client-id'
+RUN pip install -U datasette
+RUN datasette inspect test.db --inspect-file inspect-data.json
+ENV PORT 8001
+EXPOSE 8001
+CMD datasette serve --host 0.0.0.0 -i test.db --cors --inspect-file inspect-data.json --metadata metadata.json --port $PORT""".strip()
+        assert expected == dockerfile
+        metadata = (
+            result.output.split("=== metadata.json ===\n")[1]
+            .split("\n==== Dockerfile ====\n")[0]
+            .strip()
+        )
+        assert {
+            "plugins": {
+                "datasette-auth-github": {
+                    "client_id": {"$env": "DATASETTE_AUTH_GITHUB_CLIENT_ID"}
+                }
+            }
+        } == json.loads(metadata)