def __init__(self): self._service_account_data = _TEST_CONFIG['auth_data'][ 'service_account'] self._project = _TEST_CONFIG['property_overrides'].get('project', None) self._orig_account = None self._credentials = auth_service_account.CredentialsFromAdcDict( self._service_account_data)
def Run(self, args): """Create service account credentials.""" file_content, is_json = _IsJsonFile(args.key_file) if is_json: if _UseGoogleAuth(): cred = auth_service_account.CredentialsFromAdcDictGoogleAuth( file_content) else: # TODO(b/161992086): Remove the flow of activating via oauth2client once # this legacy auth lib is deprecated. Leave this option for now so that # the users are able to fall back to the old flow of if any issues # related to google-auth comes up. The users can do this by setting # property auth/disable_activate_service_account_google_auth to True. cred = auth_service_account.CredentialsFromAdcDict( file_content) if args.password_file or args.prompt_for_password: raise c_exc.InvalidArgumentException( '--password-file', 'A .json service account key does not require a password.') account = cred.service_account_email if args.account and args.account != account: raise c_exc.InvalidArgumentException( 'ACCOUNT', 'The given account name does not match the account name in the key ' 'file. This argument can be omitted when using .json keys.' ) else: account = args.account if not account: raise c_exc.RequiredArgumentException( 'ACCOUNT', 'An account is required when using .p12 keys') password = None if args.password_file: try: password = files.ReadFileContents( args.password_file).strip() except files.Error as e: raise c_exc.UnknownArgumentException('--password-file', e) elif args.prompt_for_password: password = console_io.PromptPassword('Password: '******'Activated service account credentials for: [{0}]'.format(account))
def Run(self, args): """Create service account credentials.""" file_content, is_json = _IsJsonFile(args.key_file) if is_json: cred = auth_service_account.CredentialsFromAdcDict(file_content) if args.password_file or args.prompt_for_password: raise c_exc.InvalidArgumentException( '--password-file', 'A .json service account key does not require a password.') account = cred.service_account_email if args.account and args.account != account: raise c_exc.InvalidArgumentException( 'ACCOUNT', 'The given account name does not match the account name in the key ' 'file. This argument can be omitted when using .json keys.') else: account = args.account if not account: raise c_exc.RequiredArgumentException( 'ACCOUNT', 'An account is required when using .p12 keys') password = None if args.password_file: try: with open(args.password_file) as f: password = f.read().strip() except IOError as e: raise c_exc.UnknownArgumentException('--password-file', e) elif args.prompt_for_password: password = getpass.getpass('Password: '******'Failed to activate the given service account. ' 'Please ensure provided key file is valid.') project = args.project if project: properties.PersistProperty(properties.VALUES.core.project, project) log.status.Print('Activated service account credentials for: [{0}]' .format(account))