[grizzly] Add Google Cloud Storage credentials.

services/grizzly-macos/launch.sh

@@ -38,8 +38,10 @@ with open("$PIP_CONFIG_FILE", "r+") as fp:
     cfg.write(fp)
 EOF
 
+mkdir -p ~/.config/gcloud
 set +x
 retry_curl "$TASKCLUSTER_PROXY_URL/secrets/v1/secret/project/fuzzing/google-logging-creds" | python -c "import json,sys;json.dump(json.load(sys.stdin)['secret']['key'],open('google_logging_creds.json','w'))"
+retry_curl "$TASKCLUSTER_PROXY_URL/secrets/v1/secret/project/fuzzing/google-cloud-storage-creds" | python -c "import json,sys;json.dump(json.load(sys.stdin)['secret']['key'],open('$HOME/.config/gcloud/application_default_credentials.json','w'))"
 set -x
 cat > td-agent-bit.conf << EOF
 [SERVICE]

services/grizzly-win/launch.sh

@@ -24,8 +24,10 @@ status () {
 powershell -ExecutionPolicy Bypass -NoProfile -Command "Set-MpPreference -DisableScriptScanning \$true"
 powershell -ExecutionPolicy Bypass -NoProfile -Command "Set-MpPreference -DisableRealtimeMonitoring \$true"
 
+mkdir -p "$APPDATA/gcloud"
 set +x
 retry_curl "$TASKCLUSTER_PROXY_URL/secrets/v1/secret/project/fuzzing/google-logging-creds" | python -c "import json,sys;json.dump(json.load(sys.stdin)['secret']['key'],open('google_logging_creds.json','w'))"
+retry_curl "$TASKCLUSTER_PROXY_URL/secrets/v1/secret/project/fuzzing/google-cloud-storage-creds" | python -c "import json,sys;json.dump(json.load(sys.stdin)['secret']['key'],open('$APPDATA/gcloud/application_default_credentials.json','w'))"
 set -x
 cat > td-agent-bit.conf << EOF
 [SERVICE]

services/grizzly/launch-grizzly-worker.sh

@@ -33,6 +33,10 @@ EOF
 setup-fuzzmanager-hostname
 chmod 0600 .fuzzmanagerconf
 
+# Get Cloud Storage credentials
+mkdir -p ~/.config/gcloud
+get-tc-secret google-cloud-storage-creds ~/.config/gcloud/application_default_credentials.json raw
+
 # only clone if it wasn't already mounted via docker run -v
 if [ ! -d /src/bearspray ]; then
   update-ec2-status "Setup: cloning bearspray"