pass resolved credentials to gcp provider for all assets

Signed-off-by: Ivan Milchev <[email protected]>
mondoohq · Jan 26, 2023 · bf94304 · bf94304
1 parent 576ff80
commit bf94304
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/motor/discovery/gcp/resolver_project.go b/motor/discovery/gcp/resolver_project.go
@@ -51,6 +51,11 @@ func (r *GcpProjectResolver) Resolve(ctx context.Context, tc *providers.Config,
 		return nil, errors.New("could not create gcp provider")
 	}
 
+	// If there is a service account provided in the inventory, resolve it and then copy it to the provider config we use
+	if len(tc.Credentials) != 0 {
+		tc.Credentials[0] = provider.GetCredential()
+	}
+
 	identifier, err := provider.Identifier()
 	if err != nil {
 		return nil, err

diff --git a/motor/providers/google/provider.go b/motor/providers/google/provider.go
@@ -10,6 +10,7 @@ import (
 	"go.mondoo.com/cnquery/motor/providers"
 	"go.mondoo.com/cnquery/motor/providers/os/fsutil"
 	"go.mondoo.com/cnquery/motor/vault"
+	"google.golang.org/protobuf/proto"
 )
 
 var (
@@ -143,6 +144,10 @@ type Provider struct {
 	platformOverride      string
 }
 
+func (p *Provider) GetCredential() *vault.Credential {
+	return proto.Clone(p.cred).(*vault.Credential)
+}
+
 func (p *Provider) FS() afero.Fs {
 	return &fsutil.NoFs{}
 }