stackoom
  简体   繁体   中英

Maven automated deploy on google app engine

 原文  2015-09-22 14:44:56       java/ maven/ google-app-engine

Question

I know that to deploy onto app-engine you can run the maven command: 

mvn appengine:update

Which then prompts for the auth code and launches a browser to confirm you want to publish onto the app engine. I'm looking to automate this fully so it can just be run as a command from maven. I have the appengine-maven-plugin setup but there doesn't seem to be any functionality to skip the manual step.

Has anyone managed to solve this? I know you can deploy right from Jenkins but we're looking for a solution that could be automates if our Jenkins server was down

Thanks

1 answers

solution1
 1  2015-09-24 17:24:47

The authentication flow which redirects you to the browser for login and consent is call three-legged Oauth because it involves three steps: 1) request for a token 2) login and consent 3) API call with token.

An authentication flow which does not involve user login and consent is called two-legged Oauth (server to server): 1) request for a token, signed with a private key 2) API call with token. Server to server auth requires that you setup a service account with appropriate permissions (scopes). You must also safely distribute the private key for that service account so that you can sign your requests. See the OAuth2ServiceAccount instructions

The Bitnami Jenkins image actually does quite a bit for you out of the box. When you setup Push-to-Deploy you launch an instance with gcloud. That launch command specifies the scopes you want that images to have access too with the --scopes parameter, including "https://www.googleapis.com/auth/appengine.admin" . Permission to these scopes is given to the default project service account. When Jenkins deploys your code, the service account credentials are made available through the Jenkins Google Oauth Plugin.

You can build another tool that will push code programatically. You will need to create a service account which generates a JSON Web Token (JWT) Again see the Outh2ServiceAccount instructions. The JWT is your private credential and you need to find a secure place to store it. The App Engine SDK knows how to use JWTs to get auth tokens.

During runtime you can pass the path to the JWT file as the --service_account_json_key_file parameter to appcfg.py. To plumb that parameter through the Maven plugin you'll have to use -DadditionalParams="--service_account_json_key_file " which is available on the tip of github.com/GoogleCloudPlatform/appengine-maven-plugin/master. (Will be in App Engine release 1.9.27, but you can pull from Github until then.)

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Failed to deploy Google APP Engine Java /Maven Google App Engine maven spring project not able to deploy Deploy the app on Google App Engine error with google app engine deploy Deploy Failed when Deploy on google App Engine (for upload on app engine) Google app engine: maven or eclipse google plugin Deploy Google App Engine Java Eclipse project with gcloud app deploy Unable to deploy java project on Google App Engine How to deploy application into google app engine Deploy Google Flexible App Engine with Dockerfile (IntelliJ)
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM