From 6cc6d7000510cca37790bc4d71ecfb1d0f66525f Mon Sep 17 00:00:00 2001
From: Cody Oss <6331106+codyoss@users.noreply.github.com>
Date: Mon, 16 Oct 2023 11:29:37 -0500
Subject: [PATCH] chore: update sa for loading secrets (#8729)

---
 internal/kokoro/populate-secrets.sh | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/internal/kokoro/populate-secrets.sh b/internal/kokoro/populate-secrets.sh
index 6f3972140e80..f76a5abaf7f1 100755
--- a/internal/kokoro/populate-secrets.sh
+++ b/internal/kokoro/populate-secrets.sh
@@ -15,23 +15,22 @@
 
 set -eo pipefail
 
-function now { date +"%Y-%m-%d %H:%M:%S" | tr -d '\n' ;}
-function msg { println "$*" >&2 ;}
-function println { printf '%s\n' "$(now) $*" ;}
-
+function now { date +"%Y-%m-%d %H:%M:%S" | tr -d '\n'; }
+function msg { println "$*" >&2; }
+function println { printf '%s\n' "$(now) $*"; }
 
 # Populates requested secrets set in SECRET_MANAGER_KEYS from service account:
 # kokoro-trampoline@cloud-devrel-kokoro-resources.iam.gserviceaccount.com
 SECRET_LOCATION="${KOKORO_GFILE_DIR}/secret_manager"
 msg "Creating folder on disk for secrets: ${SECRET_LOCATION}"
 mkdir -p ${SECRET_LOCATION}
-for key in $(echo ${SECRET_MANAGER_KEYS} | sed "s/,/ /g")
-do
+for key in $(echo ${SECRET_MANAGER_KEYS} | sed "s/,/ /g"); do
   msg "Retrieving secret ${key}"
   docker run --entrypoint=gcloud \
     --volume=${KOKORO_GFILE_DIR}:${KOKORO_GFILE_DIR} \
     gcr.io/google.com/cloudsdktool/cloud-sdk \
     secrets versions access latest \
+    --credential-file-override=${KOKORO_GFILE_DIR}/kokoro-trampoline.service-account.json \
     --project cloud-devrel-kokoro-resources \
     --secret ${key} > \
     "${SECRET_LOCATION}/${key}"