chore:Migrate gsutil usage to gcloud storage

Author: bhandarivijay-png

docs/content/data-migration/automated-dataguard.md

@@ -406,8 +406,8 @@ for more instructions.
 
     ```sh
     export GCS_BUCKET=<your globally unique Google Cloud Storage bucket name>
-    gsutil mb gs://$GCS_BUCKET
-    gsutil cp <path to the Oracle database password file> gs://$GCS_BUCKET/password/orapw<primary SID>
+    gcloud storage buckets create gs://$GCS_BUCKET
+    gcloud storage cp <path to the Oracle database password file> gs://$GCS_BUCKET/password/orapw<primary SID>
     ```
 
 2.  Find the GCP service account for El Carro instance in GKE, see
@@ -421,7 +421,7 @@ for more instructions.
     GCP service account
 
     ```sh
-    gsutil iam ch serviceAccount:${INSTANCE_GCP_SA}:roles/storage.objectViewer gs://$GCS_BUCKET
+    gcloud storage buckets add-iam-policy-binding gs://$GCS_BUCKET --member=serviceAccount:${INSTANCE_GCP_SA} --role=roles/storage.objectViewer
     ```
 
 4.  Update `.spec.replicationSettings.passwordFileURI` to point to the uploaded
@@ -443,8 +443,8 @@ for more instructions.
 
     ```sh
     export GCS_BUCKET=<your globally unique Google Cloud Storage bucket name>
-    gsutil mb gs://$GCS_BUCKET
-    gsutil -m cp <path to the full backup> gs://$GCS_BUCKET/backup
+    gcloud storage buckets create gs://$GCS_BUCKET
+    gcloud storage cp <path to the full backup> gs://$GCS_BUCKET/backup
     ```
 
 2.  Find the GCP service account for El Carro in GKE, see
@@ -458,7 +458,7 @@ for more instructions.
     GCP service account
 
     ```sh
-    gsutil iam ch serviceAccount:${INSTANCE_GCP_SA}:roles/storage.objectViewer gs://$GCS_BUCKET
+    gcloud storage buckets add-iam-policy-binding gs://$GCS_BUCKET --member=serviceAccount:${INSTANCE_GCP_SA} --role=roles/storage.objectViewer
     ```
 
 4.  Update `.spec.replicationSettings.backupURI` to point to the uploaded backup
@@ -470,4 +470,3 @@ for more instructions.
     ```
 
     Then El Carro is able to download the backup.
-

docs/content/preparation.md

@@ -54,7 +54,7 @@ release, from this [GCS bucket](https://console.cloud.google.com/storage/browser
 using [gsutil](https://cloud.google.com/storage/docs/gsutil).
 
 ```sh
-gsutil -m cp -r gs://elcarro/latest .
+gcloud storage cp --recursive gs://elcarro/latest .
 Copying gs://elcarro/...
 ...
 

docs/content/provision/image.md

@@ -59,17 +59,17 @@ Google Cloud Build* or *building the image locally using Docker*.
     needed, a new Google Cloud Storage bucket can be created as follows:
 
     ```sh
-    gsutil mb gs://${GCS_BUCKET}
-    gsutil cp ~/Downloads/linuxx64_12201_database.zip gs://${GCS_BUCKET}/install/
-    gsutil cp ~/Downloads/p6880880_200000_LINUX.zip  gs://${GCS_BUCKET}/install/
-    gsutil cp ~/Downloads/p32228578_122010_Linux-x86-64.zip  gs://${GCS_BUCKET}/install/
+    gcloud storage buckets create gs://${GCS_BUCKET}
+    gcloud storage cp ~/Downloads/linuxx64_12201_database.zip gs://${GCS_BUCKET}/install/
+    gcloud storage cp ~/Downloads/p6880880_200000_LINUX.zip  gs://${GCS_BUCKET}/install/
+    gcloud storage cp ~/Downloads/p32228578_122010_Linux-x86-64.zip  gs://${GCS_BUCKET}/install/
     ```
 
     This is an example of how the three files in a Google Cloud Storage bucket
     could look like on the command line and in the Google Cloud Console:
 
     ```sh
-    gsutil ls -l gs://${GCS_BUCKET}/install
+    gcloud storage ls --long gs://${GCS_BUCKET}/install
              0  2020-10-13T19:24:05Z  gs://${GCS_BUCKET}/install/
     3453696911  2020-10-13T19:24:24Z  gs://${GCS_BUCKET}/install/linuxx64_12201_database.zip
      856130787  2020-10-13T19:37:29Z  gs://${GCS_BUCKET}/install/p32228578_122010_Linux-x86-64.zip
@@ -83,7 +83,7 @@ Google Cloud Build* or *building the image locally using Docker*.
 
     ```sh
     export PROJECT_NUMBER=$(gcloud projects describe ${PROJECT_ID} --format="value(projectNumber)")
-    gsutil iam ch serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com:roles/storage.objectViewer gs://${GCS_BUCKET}
+    gcloud storage buckets add-iam-policy-binding gs://${GCS_BUCKET} --member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com --role=roles/storage.objectViewer
     ```
 
 2.  Trigger the Google Cloud Build (GCB) pipeline.
@@ -140,7 +140,7 @@ Google Cloud Build* or *building the image locally using Docker*.
     ~40+ minutes.
 
     If AccessDeniedException is raised against the above command that likely
-    means that the previous gsutil iam ch command didn't succeed. Once fixed,
+    means that the previous gcloud storage buckets add-iam-policy-binding command didn't succeed. Once fixed,
     rerun the above image build script.
 
 3.  Verify that your containerized database image was successfully created.

docs/content/quickstart-12c-ee.md

@@ -46,7 +46,7 @@ Download El Carro software to your workstation as follows:
    [gsutil](https://cloud.google.com/storage/docs/gsutil).
 
 ```sh
-gsutil -m cp -r gs://elcarro/latest $PATH_TO_EL_CARRO_RELEASE
+gcloud storage cp --recursive gs://elcarro/latest $PATH_TO_EL_CARRO_RELEASE
 ```
 
 [Create a new GCP project](https://cloud.google.com/resource-manager/docs/creating-managing-projects)
@@ -195,11 +195,11 @@ Cloud Build or building the image locally using Docker.
     can be created as follows:
 
     ```sh
-    gsutil mb gs://$GCS_BUCKET
+    gcloud storage buckets create gs://$GCS_BUCKET
 
-    gsutil cp ~/Downloads/V839960-01.zip gs://$GCS_BUCKET/install/
-    gsutil cp ~/Downloads/p6880880_200000_Linux-x86-64.zip  gs://$GCS_BUCKET/install/
-    gsutil cp ~/Downloads/p32228578_122010_Linux-x86-64.zip  gs://$GCS_BUCKET/install/
+    gcloud storage cp ~/Downloads/V839960-01.zip gs://$GCS_BUCKET/install/
+    gcloud storage cp ~/Downloads/p6880880_200000_Linux-x86-64.zip  gs://$GCS_BUCKET/install/
+    gcloud storage cp ~/Downloads/p32228578_122010_Linux-x86-64.zip  gs://$GCS_BUCKET/install/
     ```
 
     Once the bucket is ready, grant the IAM read privilege
@@ -209,7 +209,7 @@ Cloud Build or building the image locally using Docker.
 
     ```sh
     export PROJECT_NUMBER=$(gcloud projects describe $PROJECT_ID --format="value(projectNumber)")
-    gsutil iam ch serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com:roles/storage.objectViewer gs://$GCS_BUCKET
+    gcloud storage buckets add-iam-policy-binding gs://$GCS_BUCKET --member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com --role=roles/storage.objectViewer
     ```
 
 3.  Trigger the Google Cloud Build pipeline
@@ -233,8 +233,8 @@ Cloud Build or building the image locally using Docker.
     ```
 
     If **AccessDeniedException** is raised against the above command, it's
-    likely because the previous `gsutil iam ch` command didn’t succeed. We
-    suggest you rerun the `gsutil` command and ensure that the Cloud build
+    likely because the previous `gcloud storage buckets add-iam-policy-binding` command didn’t succeed. We
+    suggest you rerun the `gcloud storage` command and ensure that the Cloud build
     service account has the read privilege on the GCS bucket that contains the
     Oracle software.
 

docs/content/quickstart-18c-xe.md

@@ -40,7 +40,7 @@ release, from this [GCS bucket](https://console.cloud.google.com/storage/browser
 using [gsutil](https://cloud.google.com/storage/docs/gsutil).
 
 ```sh
-gsutil -m cp -r gs://elcarro/latest $PATH_TO_EL_CARRO_RELEASE
+gcloud storage cp --recursive gs://elcarro/latest $PATH_TO_EL_CARRO_RELEASE
 ```
 
 [Create a new GCP project](https://cloud.google.com/resource-manager/docs/creating-managing-projects)

docs/content/quickstart-19c-ee.md

@@ -46,7 +46,7 @@ Download El Carro software to your workstation as follows:
    [gsutil](https://cloud.google.com/storage/docs/gsutil).
 
 ```sh
-gsutil -m cp -r gs://elcarro/latest $PATH_TO_EL_CARRO_RELEASE
+gcloud storage cp --recursive gs://elcarro/latest $PATH_TO_EL_CARRO_RELEASE
 ```
 
 [Create a new GCP project](https://cloud.google.com/resource-manager/docs/creating-managing-projects)
@@ -194,11 +194,11 @@ software from Oracle's website:
     can be created as follows:
 
     ```sh
-    gsutil mb gs://$GCS_BUCKET
+    gcloud storage buckets create gs://$GCS_BUCKET
 
-    gsutil cp ~/Downloads/LINUX.X64_193000_db_home.zip gs://$GCS_BUCKET/install/
-    gsutil cp ~/Downloads/p6880880_200000_Linux-x86-64.zip  gs://$GCS_BUCKET/install/
-    gsutil cp ~/Downloads/p32545013_190000_Linux-x86-64.zip  gs://$GCS_BUCKET/install/
+    gcloud storage cp ~/Downloads/LINUX.X64_193000_db_home.zip gs://$GCS_BUCKET/install/
+    gcloud storage cp ~/Downloads/p6880880_200000_Linux-x86-64.zip  gs://$GCS_BUCKET/install/
+    gcloud storage cp ~/Downloads/p32545013_190000_Linux-x86-64.zip  gs://$GCS_BUCKET/install/
     ```
 
     Once the bucket is ready, grant the IAM read privilege
@@ -208,7 +208,7 @@ software from Oracle's website:
 
     ```sh
     export PROJECT_NUMBER=$(gcloud projects describe $PROJECT_ID --format="value(projectNumber)")
-    gsutil iam ch serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com:roles/storage.objectViewer gs://$GCS_BUCKET
+    gcloud storage buckets add-iam-policy-binding gs://$GCS_BUCKET --member=serviceAccount:${PROJECT_NUMBER}@cloudbuild.gserviceaccount.com --role=roles/storage.objectViewer
     ```
 
 3.  Trigger the Google Cloud Build pipeline
@@ -232,8 +232,8 @@ software from Oracle's website:
     ```
 
     If **AccessDeniedException** is raised against the above command, it's
-    likely because the previous `gsutil iam ch` command didn’t succeed. We
-    suggest you rerun the `gsutil` command and ensure that the Cloud build
+    likely because the previous `gcloud storage buckets add-iam-policy-binding` command didn’t succeed. We
+    suggest you rerun the `gcloud storage` command and ensure that the Cloud build
     service account has the read privilege on the GCS bucket that contains the
     Oracle software.
 

docs/content/recovery/point-in-time-recovery.md

@@ -47,7 +47,7 @@ This procedure enables point-in-time recovery for an existing El Carro instance.
    Grant permissions using the appropriate service account:
 
     ```shell
-    gsutil iam ch serviceAccount:$SERVICE_ACCOUNT:admin $PITR_STORAGE_URI
+    gcloud storage buckets add-iam-policy-binding $PITR_STORAGE_URI --member=serviceAccount:$SERVICE_ACCOUNT --role=admin
     ```
 
    TIPs: you can also use the [configure-service-account.sh](https://github.com/GoogleCloudPlatform/elcarro-oracle-operator/blob/main/hack/configure-service-account.sh) script to find out which service account to grant permission for if workload identity is disabled. Or specify an existing service account to for El Carro to use if workload identity is enabled.

docs/contributors/dev-guide.md

@@ -118,7 +118,7 @@ but take considerably less time on subsequent runs.
    ``` 
 8. Give your default Service Account permission to access your freshly built images
    ```sh
-   $ gsutil iam ch serviceAccount:$(gcloud projects describe ${PROJECT_ID} --format="value(projectNumber)")-compute@developer.gserviceaccount.com:objectViewer gs://artifacts.${PROJECT_ID}.appspot.com
+   $ gcloud storage buckets add-iam-policy-binding gs://artifacts.${PROJECT_ID}.appspot.com --member=serviceAccount:$(gcloud projects describe ${PROJECT_ID} --format="value(projectNumber)")-compute@developer.gserviceaccount.com --role=roles/storage.objectViewer
    ``` 
 9. Deploy the El Carro Operator 
    ```sh

oracle/scripts/deploy/install-18c-xe.sh

@@ -140,9 +140,9 @@ function create_cluster() {
     --member serviceAccount:${GKE_SA_EMAIL} \
     --role roles/logging.logWriter
 
-    readonly GCR_GCS_PATH=$(gsutil ls | grep -E '^gs://artifacts.*appspot.com/$')
+    readonly GCR_GCS_PATH=$(gcloud storage ls | grep -E '^gs://artifacts.*appspot.com/$')
     echo "adding project container repository bucket ${GCR_GCS_PATH} read permission to ${GKE_SA_EMAIL}"
-    gsutil iam ch serviceAccount:${GKE_SA_EMAIL}:roles/storage.objectViewer "${GCR_GCS_PATH}"
+    gcloud storage buckets add-iam-policy-binding "${GCR_GCS_PATH}" --member="serviceAccount:${GKE_SA_EMAIL}" --role="roles/storage.objectViewer"
 
     gcloud beta container clusters create ${CLUSTER_NAME} --release-channel rapid \
     --machine-type=n1-standard-2 --num-nodes 2 --zone ${ZONE} \

oracle/scripts/deploy/install.sh

@@ -171,9 +171,9 @@ function create_cluster() {
     --member serviceAccount:${GKE_SA_EMAIL} \
     --role roles/logging.logWriter
 
-    readonly GCR_GCS_PATH=$(gsutil ls | grep -E '^gs://artifacts.*appspot.com/$')
+    readonly GCR_GCS_PATH=$(gcloud storage ls | grep -E '^gs://artifacts.*appspot.com/$')
     echo "adding project container repository bucket ${GCR_GCS_PATH} read permission to ${GKE_SA_EMAIL}"
-    gsutil iam ch serviceAccount:${GKE_SA_EMAIL}:roles/storage.objectViewer "${GCR_GCS_PATH}"
+    gcloud storage buckets add-iam-policy-binding "${GCR_GCS_PATH}" --member="serviceAccount:${GKE_SA_EMAIL}" --role="roles/storage.objectViewer"
 
     gcloud beta container clusters create ${CLUSTER_NAME} --release-channel rapid \
     --machine-type=n1-standard-2 --num-nodes 2 --zone ${ZONE} \
@@ -204,7 +204,7 @@ function build_image() {
 
     # strip off part of the path after the bucket: gs://bucket/dir1/dir becomes gs://bucket
     local -r GCS_BUCKET="gs://$(echo ${GCS_PATH} | tr "/" "\n" | head -n3 | tail -n1)"
-    gsutil iam ch serviceAccount:$(gcloud projects describe ${PROJECT} --format="value(projectNumber)")@cloudbuild.gserviceaccount.com:roles/storage.objectViewer "${GCS_BUCKET}"
+    gcloud storage buckets add-iam-policy-binding "${GCS_BUCKET}" --member="serviceAccount:$(gcloud projects describe ${PROJECT} --format="value(projectNumber)")@cloudbuild.gserviceaccount.com" --role="roles/storage.objectViewer"
 
     pushd "${RELEASE_DIR}/dbimage" > /dev/null
     bash image_build.sh  --install_path="${GCS_PATH}" --db_version="${DB_VERSION}"  --mem_pct=45 --create_cdb=true --cdb_name="${CDB_NAME}" --no_dry_run