func publicACL(proj string) []storage.ACLRule {
return []storage.ACLRule{
// If you don't give the owners access, the web UI seems to
// have a bug and doesn't have access to see that it's public, so
// won't render the "Shared Publicly" link. So we do that, even
// though it's dumb and unnecessary otherwise:
{Entity: storage.ACLEntity("project-owners-" + proj), Role: storage.RoleOwner},
{Entity: storage.AllUsers, Role: storage.RoleReader},
}
}
// uploadBinary uploads the currently-running Linux binary.
// It crashes if it fails.
func (cl *cloudLaunch) uploadBinary() {
ctx := context.Background()
if cl.BinaryBucket == "" {
log.Fatal("cloudlaunch: Config.BinaryBucket is empty")
}
stoClient, err := storage.NewClient(ctx, option.WithHTTPClient(cl.oauthClient))
if err != nil {
log.Fatal(err)
}
w := stoClient.Bucket(cl.BinaryBucket).Object(cl.binaryObject()).NewWriter(ctx)
if err != nil {
log.Fatal(err)
}
w.ACL = []storage.ACLRule{
// If you don't give the owners access, the web UI seems to
// have a bug and doesn't have access to see that it's public, so
// won't render the "Shared Publicly" link. So we do that, even
// though it's dumb and unnecessary otherwise:
{
Entity: storage.ACLEntity("project-owners-" + cl.GCEProjectID),
Role: storage.RoleOwner,
},
// Public, so our systemd unit can get it easily:
{
Entity: storage.AllUsers,
Role: storage.RoleReader,
},
}
w.CacheControl = "no-cache"
selfPath := getSelfPath()
log.Printf("Uploading %q to %v", selfPath, cl.binaryURL())
f, err := os.Open(selfPath)
if err != nil {
log.Fatal(err)
}
defer f.Close()
n, err := io.Copy(w, f)
if err != nil {
log.Fatal(err)
}
if err := w.Close(); err != nil {
log.Fatal(err)
}
log.Printf("Uploaded %d bytes", n)
}