gcp-logging-tests focuses on the continuous verification of the end to end processes of generating events and their associated Google Cloud Platform logs. We want to identify log diffs, new log generations in common cloud workflows.
We recommend ensuring that you familiarize yourself with the different types of Google Cloud Audit Logs.
- A Google Cloud Project with an associated Billing Account
- The default role of
roles/ownerwill work. If you do not have owner, you will need the following roles: (roles/compute.admin,roles/storage.admin,roles/resourcemanager.projectIamAdmin) - the service account will create GCE VMs, GCS buckets, FW rules, Subnets, and SetIAMPolicy
Running bash/init.sh will configure your environment for testing. Running bash/teardown.sh will teardown your environment.
- Create a Service Account with the IAM Roles (
roles/compute.admin, roles/storage.admin, roles/resourcemanager.projectIamAdmin, roles/iam.securityReviewer, roles/viewer) - Download a Service Account Key JSON file from GCP (assume its called
sa-key.json). - Set an env var,
export GOOGLE_APPLICATION_CREDENTIALS=sa-key.json - To unset the env var after dev, use
unset GOOGLE_APPLICATION_CREDENTIALS
Refer to: https://github.com/garrettwong/gcp-logging-tests/settings/secrets/actions
- Create a Service Account JSON Key,
sa-key.jsonthat is used locally - On Mac OSX, run
base64 -i sa-key.json - Copy the contents of that and create a GITHUB Secret in the Repository called
GCP_CREDENTIALS - Create another GITHUB Secret called
GCP_PROJECT_IDwith the value of the GCP Project ID - Commit to Github using
git add .
git commit -m "My Commit Message"
git push -u origin main
# OR...
GITUSER=""
GITTOKEN=""
git push -u "https://$GITUSER":"$GITTOKEN@github.com/$GITUSER/gcp-logging-tests.git"dotnet build
dotnet testSee CONTRIBUTING.md for details around contributing.