gaargh 0.1.0 → 0.1.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/gaargh.gemspec +2 -0
- data/lib/gaargh/version.rb +1 -1
- data/lib/gaargh.rb +12 -3
- metadata +16 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 238c7db86824931e9ef8cae0ce7812102daeabcaaec094981b586c8b06664c5f
|
4
|
+
data.tar.gz: 26e4964113ad46e52312cfdd9225c006d8f5e034c31062cb5088512ef815f1b6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9c39e9fd9e4b8b2429ce11248002465f5dd8cee571e5717cc5893c4f35c55c4ff9d80755c2e6eeec81631a701afe7f960d1b7051fbbda252eaef164b777d4d3e
|
7
|
+
data.tar.gz: fd7f72d0b325a2ff208278a93c5d02b267f3ab3017eea979a8b25ffe6ef369dfa414dbeb4dba805d84bf00b4db34b881c8b6198909f829c39c51d446447e42a6
|
data/gaargh.gemspec
CHANGED
@@ -34,6 +34,8 @@ Gem::Specification.new do |spec|
|
|
34
34
|
|
35
35
|
# Uncomment to register a new dependency of your gem
|
36
36
|
spec.add_dependency "google-apis-iamcredentials_v1", "~> 0.17"
|
37
|
+
spec.add_dependency "signet", "~> 0.17"
|
38
|
+
|
37
39
|
|
38
40
|
# For more information and examples about making a new gem, check out our
|
39
41
|
# guide at: https://bundler.io/guides/creating_gem.html
|
data/lib/gaargh/version.rb
CHANGED
data/lib/gaargh.rb
CHANGED
@@ -19,6 +19,7 @@ module Gaargh
|
|
19
19
|
#
|
20
20
|
# @param [String] service_account_email - the email of the service account to impersonate (e.g. 'my-service-account@my-project-id.iam.gserviceaccount.com')
|
21
21
|
# @param [String] lifetime - the lifetime of the access token in seconds (default: 3600s)
|
22
|
+
# @param [Array] scopes - the scopes to be used with the access token (default: ['https://www.googleapis.com/auth/cloud-platform'])
|
22
23
|
# @return [Signet::OAuth2::Client] client - the client to be used with GCP clients
|
23
24
|
def self.impersonate_service_account(service_account_email: '', lifetime: '3600s', scopes: ['https://www.googleapis.com/auth/cloud-platform'])
|
24
25
|
creds_service = Google::Apis::IamcredentialsV1::IAMCredentialsService.new
|
@@ -29,8 +30,16 @@ module Gaargh
|
|
29
30
|
lifetime: lifetime,
|
30
31
|
scope: ['https://www.googleapis.com/auth/cloud-platform']
|
31
32
|
)
|
33
|
+
# The resource name of the service account
|
34
|
+
service_account_resourec_name = "projects/-/serviceAccounts/#{service_account_email}"
|
35
|
+
|
36
|
+
begin
|
37
|
+
impersonated_account = creds_service.generate_service_account_access_token(service_account_resourec_name, generate_token_request)
|
38
|
+
rescue Google::Apis::ClientError => e
|
39
|
+
logger.error("Service account #{service_account_resourec_name} does not exist or you do not have permissions.")
|
40
|
+
raise e
|
41
|
+
end
|
32
42
|
|
33
|
-
impersonated_account = creds_service.generate_service_account_access_token("projects/-/serviceAccounts/#{service_account_email}", generate_token_request)
|
34
43
|
client = Signet::OAuth2::Client.new
|
35
44
|
client.access_token = impersonated_account.access_token
|
36
45
|
return client
|
@@ -53,7 +62,7 @@ module Gaargh
|
|
53
62
|
data = JSON.parse(response.body)
|
54
63
|
expiration_time = Time.at(data['exp'].to_i)
|
55
64
|
logger.info("Token expires at: #{expiration_time}")
|
56
|
-
|
65
|
+
logger.debug("token_info: #{data}")
|
57
66
|
token_info = {
|
58
67
|
token_data: data,
|
59
68
|
token_expiration_time: expiration_time
|
@@ -65,7 +74,7 @@ module Gaargh
|
|
65
74
|
response_code: response.code,
|
66
75
|
response_body: response.body
|
67
76
|
}
|
68
|
-
logger.
|
77
|
+
logger.error("Error retrieving token information: response.code: #{response.code}, response.body: #{response.body}")
|
69
78
|
return error_hash
|
70
79
|
end
|
71
80
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: gaargh
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- ml
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-08-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: google-apis-iamcredentials_v1
|
@@ -24,6 +24,20 @@ dependencies:
|
|
24
24
|
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: '0.17'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: signet
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '0.17'
|
34
|
+
type: :runtime
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0.17'
|
27
41
|
description: GCP account impersonation helper.
|
28
42
|
email:
|
29
43
|
executables: []
|