Persist ThreatMatches into Spec11ThreatMatch (#723)

* Replace jpaTm with a JpaSupplierFactory * Style * Style * Pipeline takes in a SerializableSupplier instead * Change the ordering of imports * Test a good domain in addition to a bad one * Rename and check good domain for Transact Answer * Use standard Mockito verify * Verify transact call and no more interactions * Remove Answer comment * Naming chsnges * Deploy Spec 11 pipeline correctly * Fix formatting of deploy file * Use a file to persist state across Cloud Build steps Co-authored-by: Gus Brodman <gbrodman@google.com>
2025-07-25 20:18:34 +02:00 · 2020-08-03 14:40:00 -07:00 · 2020-08-03 14:40:00 -07:00 · d3098b35a4
commit d3098b35a4
parent 917a72e2cb
6 changed files with 171 additions and 7 deletions
--- a/release/cloudbuild-deploy.yaml
+++ b/release/cloudbuild-deploy.yaml
@ -37,6 +37,18 @@ steps:
    cat tool-credential.json.enc | base64 -d | gcloud kms decrypt \
      --ciphertext-file=- --plaintext-file=tool-credential.json \
      --location=global --keyring=nomulus-tool-keyring --key=nomulus-tool-key
+# Set the path to the file for sql_access_info to deploy the Spec 11 pipeline
+- name: 'gcr.io/$PROJECT_ID/builder:latest'
+  entrypoint: /bin/bash
+  args:
+  - -c
+  - |
+    set -e
+    if [ ${_ENV} == production ]; then
+      echo "gs://domain-registry-beam/cloudsql/admin_credential.enc" > sql_access_path.txt
+    else
+      echo "gs://domain-registry-${_ENV}-beam/cloudsql/admin_credential.enc" > sql_access_path.txt
+    fi
 # Deploy the Spec11 pipeline to GCS.
 - name: 'gcr.io/$PROJECT_ID/nomulus-tool:latest'
  args:
@ -44,7 +56,11 @@ steps:
  - ${_ENV}
  - --credential
  - tool-credential.json
+  - --sql_access_info
+  - `cat sql_access_path.txt`
  - deploy_spec11_pipeline
+  - --project
+  - $PROJECT_ID
 # Deploy the invoicing pipeline to GCS.
 - name: 'gcr.io/$PROJECT_ID/nomulus-tool:latest'
  args: