particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

worker: rework GCP credentials handling

Browse source 
Refactor the handling of GCP credentials in the worker to be equivalent
to what is done for AWS. The main idea is that the code decides which
credentials to use when processing each job. This change will allow
preferring credentials passed via upload `TargetOptions` with the job,
over the credentials configured in worker's configuration or the default
way of authenticating implemented by the Google library.

Move loading of GCP credentials to the internal `gcp` library into
`NewFromFile()` function accepting path to the file with credentials.

Signed-off-by: Tomas Hozza <thozza@redhat.com>
This commit is contained in:
Tomas Hozza 2022-03-07 14:29:38 +01:00 committed by Tom Gundersen
parent 29174bfbef
commit 249661a948
3 changed files with 47 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

10
internal/cloud/gcp/gcp.go
View file

@ -55,6 +55,16 @@ func New(credentials []byte) (*GCP, error) {
return &GCP{creds}, nil
}
// NewFromFile loads the credentials from a file and returns an authenticated
// *GCP object instance.
func NewFromFile(path string) (*GCP, error) {
gcpCredentials, err := ioutil.ReadFile(path)
if err != nil {
return nil, fmt.Errorf("cannot load GCP credentials from file %q: %v", path, err)
}
return New(gcpCredentials)
}
// GetCredentialsFromEnv reads the service account credentials JSON file from
// the path pointed to by the environment variable name stored in
// 'GCPCredentialsEnvName'. If the content of the JSON file was read successfully,