gcp_scanner icon indicating copy to clipboard operation
gcp_scanner copied to clipboard

Published 20 hours ago verified publisher icon google

Implement a script to mirror test GCP project

Open mshudrak opened this issue 2 years ago • 13 comments

Currently, there is no simple way for developers to mirror GCP project used in testing. However, this might be required for developers in order to locally test their version of GCP scanner or even debug tests itself.

It would be great to have a script that can deploy a mirror/copy of our test GCP project for new developers. We also need to provide documentation to ensure easy setup.

mshudrak avatar Feb 23 '23 15:02 mshudrak

I am interested in this topic as we discussed already in the google group.

sudiptob2 avatar Feb 23 '23 15:02 sudiptob2

I think we need following DOD to cover

  • [ ] Create a script to deploy the project in the GCP
  • [ ] Documentation on how to use the script
  • [ ] Documentation on how to run the tests against the project

One of my concerns is, to setup up the project enabling billing might be required in the GCP. Not everyone will be interested to add billing information. Do you have any workaround in mind for this

sudiptob2 avatar Feb 23 '23 16:02 sudiptob2

Yea, that's a decent plan. As for billing, I don't think I have a simple solution for that. GCP offers free $300 credit https://cloud.google.com/free/docs/free-cloud-features#free-trial for new customers but that's obviously does not solve the problem.

Alternatively, we might potentially think about safe way to grant any new developer access to main test GCP project (e.g. viewer access).

mshudrak avatar Feb 23 '23 16:02 mshudrak

Alternatively, we might potentially think about safe way to grant any new developer access to main test GCP project (e.g. viewer access).

This sounds better

ArkaprabhaChakraborty avatar Feb 23 '23 16:02 ArkaprabhaChakraborty

yes, 300$ credit is there but it still needs a credit card to avail that. Later solution seems feasible

sudiptob2 avatar Feb 23 '23 16:02 sudiptob2

Actually, we can kinda have an "OAuth2"-ed gateway kinda logic for contributors and that "token" can be used to run the tests on an "instance" and return the results probably?

ArkaprabhaChakraborty avatar Feb 23 '23 16:02 ArkaprabhaChakraborty

It's a bad idea that came in my mind :)

ArkaprabhaChakraborty avatar Feb 23 '23 16:02 ArkaprabhaChakraborty

I think I can do a POC regarding a safe way to grant any new developer access

sudiptob2 avatar Feb 23 '23 16:02 sudiptob2

I think I can do a POC regarding a safe way to grant any new developer access

On a custom project? That POC can be done tho.

ArkaprabhaChakraborty avatar Feb 23 '23 16:02 ArkaprabhaChakraborty

On a custom project? That POC can be done tho.

Yes, basically we need to check if we can safely grant user read access to the project that GitHub action uses to run the tests.

sudiptob2 avatar Feb 23 '23 16:02 sudiptob2

Let me think about this one. It is not super clear on what would be the best option here.

mshudrak avatar Feb 23 '23 23:02 mshudrak

TBH, a well-documented step by step guide for setting up GCP for local testing is also good if the other options were cumbersome.

mhdsysy avatar Feb 25 '23 21:02 mhdsysy

@mhdsysy Yes but the issue is that GCP requires credit card in order to setup a project which might be a problem for some folks.

mshudrak avatar Feb 27 '23 14:02 mshudrak