hack/upload: avoid ACLs for GCS buckets with UBLA enabled

2021-07-14 22:46:07 -07:00 · 2021-07-14 22:46:07 -07:00 · e4ae593554
parent 92201f921a
commit e4ae593554
1 changed files with 8 additions and 1 deletions
--- a/hack/upload
+++ b/hack/upload
@ -26,7 +26,14 @@ if [[ "${DEST:0:5}" == "s3://" ]]; then
 fi

 if [[ "${DEST:0:5}" == "gs://" ]]; then
-  gsutil -h "Cache-Control:private,max-age=0" rsync -r ${PUBLIC:+-a public-read} ${SRC} ${DEST}
+  bucket=$(echo "${DEST}" | cut -d/ -f1-3)
+  acl_flag="${PUBLIC:+-a public-read}"
+  # GCS buckets with UBLA enabled error on attempts to set ACLs
+  # ref: https://cloud.google.com/storage/docs/uniform-bucket-level-access#enabled
+  if gsutil ubla get "${bucket}" | grep -q "Enabled: True" 2>/dev/null; then
+    acl_flag=""
+  fi
+  gsutil -h "Cache-Control:private,max-age=0" rsync -r ${acl_flag} ${SRC} ${DEST}
  exit 0
 fi