fetch and set up secret for skaffold-metrics project

deploy/setup-secret.sh

@@ -17,6 +17,7 @@
 set -x
 # set default project id
 PROJECT_ID="k8s-skaffold"
+METRICS_PROJECT_ID="skaffold-metrics"
 KEY_FILE="./secrets/keys.json"
 BUCKET_ID="k8s-skaffold-secrets"
 LATEST_GCS_PATH="keys.json"
@@ -30,10 +31,10 @@ done
 
 function download_existing_key() {
   # Download a valid key created within the past two weeks.
-  KEY_IDS=$(gcloud iam service-accounts keys list --iam-account=metrics-writer@k8s-skaffold.iam.gserviceaccount.com --project=k8s-skaffold --managed-by=user --filter="validAfterTime>-P2W" --format="value(name)")
+  KEY_IDS=$(gcloud iam service-accounts keys list --iam-account=metrics-writer@${METRICS_PROJECT_ID}.iam.gserviceaccount.com --project=${METRICS_PROJECT_ID} --managed-by=user --format="value(name)")
   while read -r KEY_ID
   do
-    if gsutil cp gs://${BUCKET_ID}/${KEY_ID}.json ${KEY_FILE}; then
+    if gsutil cp gs://${BUCKET_ID}/${LATEST_GCS_PATH}.json ${KEY_FILE}; then
       echo "Downloaded existing key to ${KEY_FILE}"
       return 0
     fi
@@ -43,7 +44,7 @@ function download_existing_key() {
 
 function upload_new_key() {
   echo "Creating new service account key..."
-  gcloud iam service-accounts keys create ${KEY_FILE} --iam-account=metrics-writer@${PROJECT_ID}.iam.gserviceaccount.com --project=${PROJECT_ID}
+  gcloud iam service-accounts keys create ${KEY_FILE} --iam-account=metrics-writer@${METRICS_PROJECT_ID}.iam.gserviceaccount.com --project=${METRICS_PROJECT_ID}
   retVal=$?
   if [ $retVal -ne 0 ]; then
     echo "No key created."