Skip to content
This repository has been archived by the owner on Nov 14, 2024. It is now read-only.

Commit

Permalink
Ansible - allowing for creds to be passed in as string/env var (#200)
Browse files Browse the repository at this point in the history
Signed-off-by: Modular Magician <[email protected]>
  • Loading branch information
modular-magician authored and rambleraptor committed Sep 5, 2019
1 parent e95d3b2 commit 109b689
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 3 deletions.
12 changes: 9 additions & 3 deletions plugins/doc_fragment/gcp.py
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,11 @@ class ModuleDocFragment(object):
service_account_file:
description:
- The path of a Service Account JSON file if serviceaccount is selected as type.
type: path
service_account_contents:
description:
- A string representing the contents of a Service Account JSON file.
- This should not be passed in as a dictionary, but a string has
the exact contents of a service account json file (valid JSON).
service_account_email:
description:
- An optional service account email address if machineaccount is selected
Expand All @@ -38,8 +42,10 @@ class ModuleDocFragment(object):
- Array of scopes to be used.
type: list
notes:
- For authentication, you can set service_account_file using the
C(GCP_SERVICE_ACCOUNT_FILE) env variable.
- for authentication, you can set service_account_file using the
c(gcp_service_account_file) env variable.
- for authentication, you can set service_account_contents using the
c(GCP_SERVICE_ACCOUNT_CONTENTS) env variable.
- For authentication, you can set service_account_email using the
C(GCP_SERVICE_ACCOUNT_EMAIL) env variable.
- For authentication, you can set service_account_contents using the
Expand Down
3 changes: 3 additions & 0 deletions plugins/module_utils/gcp_utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -158,6 +158,9 @@ def _credentials(self):
elif cred_type == 'serviceaccount' and self.module.params.get('service_account_file'):
path = os.path.realpath(os.path.expanduser(self.module.params['service_account_file']))
return service_account.Credentials.from_service_account_file(path).with_scopes(self.module.params['scopes'])
elif cred_type == 'serviceaccount' and self.module.params.get('service_account_contents'):
cred = json.loads(self.module.params.get('service_account_contents'))
return service_account.Credentials.from_service_account_info(cred).with_scopes(self.module.params['scopes'])
elif cred_type == 'machineaccount':
return google.auth.compute_engine.Credentials(
self.module.params['service_account_email'])
Expand Down

0 comments on commit 109b689

Please sign in to comment.