GoogleCloudPlatform · aandreassa · Nov 4, 2024 · Nov 4, 2024 · Nov 4, 2024
diff --git a/.kokoro/populate-secrets.sh b/.kokoro/populate-secrets.sh
@@ -23,6 +23,10 @@ function msg { println "$*" >&2 ;}
 function println { printf '%s\n' "$(now) $*" ;}
 
 # Populates requested secrets set in SECRET_MANAGER_KEYS
+if [[ -z "${SECRET_MANAGER_PROJECT_ID-}" ]]; then
+  msg "SECRET_MANAGER_PROJECT_ID is not set in environment variables, using default"
+  SECRET_MANAGER_PROJECT_ID="cloud-devrel-kokoro-resources"
+fi
 
 # In Kokoro CI builds, we use the service account attached to the
 # Kokoro VM. This means we need to setup auth on other CI systems.
@@ -64,7 +68,7 @@ do
     msg "Retrieving secret ${key}"
     "${GCLOUD_COMMANDS[@]}" \
         secrets versions access latest \
-        --project cloud-devrel-kokoro-resources \
+        --project "${SECRET_MANAGER_PROJECT_ID}" \
         --secret $key > \
         "$SECRET_LOCATION/$key"
     if [[ $? == 0 ]]; then

diff --git a/.kokoro/release.cfg b/.kokoro/release.cfg
@@ -19,14 +19,19 @@ build_file: "functions-framework-ruby/.kokoro/trampoline_v2.sh"
 # Configure the docker image for kokoro-trampoline.
 env_vars: {
   key: "TRAMPOLINE_IMAGE"
-  value: "gcr.io/cloud-devrel-kokoro-resources/yoshi-ruby/release"
+  value: "us-central1-docker.pkg.dev/cloud-sdk-release-custom-pool/release-images/ruby-multi"
 }
 
 env_vars: {
   key: "TRAMPOLINE_BUILD_FILE"
   value: ".kokoro/release.sh"
 }
 
+env_vars: {
+  key: "SECRET_MANAGER_PROJECT_ID"
+  value: "cloud-sdk-release-custom-pool"
+}
+
 env_vars: {
   key: "SECRET_MANAGER_KEYS"
   value: "releasetool-publish-reporter-app,releasetool-publish-reporter-googlecloudplatform-installation,releasetool-publish-reporter-pem,docuploader_service_account"

diff --git a/.kokoro/trampoline_v2.sh b/.kokoro/trampoline_v2.sh
@@ -138,18 +138,26 @@ if [[ -n "${KOKORO_BUILD_ID:-}" ]]; then
     RUNNING_IN_CI="true"
     TRAMPOLINE_CI="kokoro"
     if [[ "${TRAMPOLINE_USE_LEGACY_SERVICE_ACCOUNT:-}" == "true" ]]; then
-	if [[ ! -f "${KOKORO_GFILE_DIR}/kokoro-trampoline.service-account.json" ]]; then
-	    log_red "${KOKORO_GFILE_DIR}/kokoro-trampoline.service-account.json does not exist. Did you forget to mount cloud-devrel-kokoro-resources/trampoline? Aborting."
-	    exit 1
-	fi
-	# This service account will be activated later.
-	TRAMPOLINE_SERVICE_ACCOUNT="${KOKORO_GFILE_DIR}/kokoro-trampoline.service-account.json"
+        if [[ ! -f "${KOKORO_GFILE_DIR}/kokoro-trampoline.service-account.json" ]]; then
+            log_red "${KOKORO_GFILE_DIR}/kokoro-trampoline.service-account.json does not exist. Did you forget to mount cloud-devrel-kokoro-resources/trampoline? Aborting."
+            exit 1
+        fi
+        # This service account will be activated later.
+        TRAMPOLINE_SERVICE_ACCOUNT="${KOKORO_GFILE_DIR}/kokoro-trampoline.service-account.json"
     else
-	if [[ "${TRAMPOLINE_VERBOSE:-}" == "true" ]]; then
-	    gcloud auth list
-	fi
-	log_yellow "Configuring Container Registry access"
-	gcloud auth configure-docker --quiet
+        if [[ "${TRAMPOLINE_VERBOSE:-}" == "true" ]]; then
+            gcloud auth list
+        fi
+        log_yellow "Configuring Container Registry access"
+        TRAMPOLINE_HOST=$(echo "${TRAMPOLINE_IMAGE}" | cut -d/ -f1)
+        if [[ ! "${TRAMPOLINE_HOST}" =~ "gcr.io" ]]; then
+            # If you need to specificy a host other than gcr.io, you have to run on an update version of gcloud.
+            echo "TRAMPOLINE_HOST: ${TRAMPOLINE_HOST}"
+            gcloud components update
+            gcloud auth configure-docker "${TRAMPOLINE_HOST}"
+        else
+            gcloud auth configure-docker --quiet
+        fi
     fi
     pass_down_envvars+=(
 	# KOKORO dynamic variables.