def remove_white_listed_service_account_ids(sa_ids): """ Remove any service account emails that should be ignored when determining validitity. Args: sa_ids (List[str]): Service account emails Returns: List[str]: Service account emails """ white_listed_sa_emails = config.get("WHITE_LISTED_SERVICE_ACCOUNT_EMAILS", []) logger.debug( "Removing whitelisted SAs {} from the SAs on the project.".format( white_listed_sa_emails)) monitoring_service_account = get_monitoring_service_account_email() if monitoring_service_account in sa_ids: sa_ids.remove(monitoring_service_account) for email in white_listed_sa_emails: if email in sa_ids: sa_ids.remove(email) return sa_ids
def remove_white_listed_service_account_ids( sa_ids, app_creds_file=None, white_listed_sa_emails=None ): """ Remove any service account emails that should be ignored when determining validitity. Args: sa_ids (List[str]): Service account emails Returns: List[str]: Service account emails """ if white_listed_sa_emails is None: white_listed_sa_emails = flask.current_app.config.get( "WHITE_LISTED_SERVICE_ACCOUNT_EMAILS", [] ) monitoring_service_account = get_monitoring_service_account_email(app_creds_file) if monitoring_service_account in sa_ids: sa_ids.remove(monitoring_service_account) for email in white_listed_sa_emails: if email in sa_ids: sa_ids.remove(email) return sa_ids
def _get_monitoring_service_account_response(self): """ Return a response that includes our app's service account used for monitoring user's Google projects. Returns: tuple(dict, int): (response_data, http_status_code) """ monitoring_account_email = get_monitoring_service_account_email() if not monitoring_account_email: error = ( "No monitoring service account. Fence is not currently " "configured to support user-registration of service accounts.") return {"message": error}, 404 response = {"service_account_email": monitoring_account_email} return response, 200