Remove the client secrets file for Google provider #452
Conversation
stuntgoat
changed the title
|
This is pretty interesting. I'm going to hold off for 0.3.1 to test it a bit more. Will get it in after that. |
|
Sounds good. I've just removed the authURL and tokenURL. |
|
I don't even have an appengine service account on my newer GCP project. This could be because it has been discontinued, or it could be because I haven't set up appengine within that project. I could find out, but either way, it'd be confusing for users to be told by Terraform (and Packer) documentation to download a key from a non-existent service account. So it's a good idea to remove this. One service account is all you need to authenticate |
sethvargo
changed the title
|
FYI hashicorp/packer#1669 As far as I can tell, this PR and proposed changes to packer (by my colleagues) are consistent, which is good. |
| secrets file_. | ||
|
|
||
| 4. Create a new OAuth client ID and select "Service account" as the type | ||
| 3. Create a new OAuth client ID and select "Service account" as the type |
There was a problem hiding this comment.
Just a small detail here: the packer documentation changes are slightly different (and more correct). This description should be changed to note that after creating the service account, the user is prompted to download a .p12 file first. After this, you need to generate a new JSON key. This key is that should be used for the account file.
It took me a few minutes to figure out just what I needed to do here. It would be nice to make the documentation clear that the first file that is downloaded is not what is needed. In fact, you can delete the p12 key since that won't be used by terraform.
|
Hi again, any update on this? I'd like to work on #606 which is related. |
This has been fixed.
Remove workaround for hashicorp/terraform#452
|
I'm confused as to why tests are failing; they're passing locally. |
|
Looks like the test run got killed, maybe due to some transient problem with the travis hosting (out of RAM or whatever). |
|
I'd love to see this get merged. Could someone re-run the Travis build? |
|
Retriggered! 🎸 |
|
Looks like the build was unsalvageable in its current state. I'm rebasing and testing this branch now - will push as a separate PR and link here. 🐫 |
with this commit, the google compute instance acceptance tests are passing - remove GOOGLE_CLIENT_FILE requirement from provider tests to finish out #452 - skip extra "#" key that shows up in metadata maps, fixes #757 and sprouts #883 to figure out core issue - more verbose variablenames in metadata parsing, since it took me awhile to grok and i thought there might have been a shadowing bug in there for a minute. maybe someday when i'm a golang master i'll be smart enough to be comfortable with one-char varnames. :)
|
Closing this in favor of #884, (which squashes but retains commit authorship) - thanks for the contribution @stuntgoat! 🍬 |
[REPACK] #452 providers/google: remove deprecated client secrets file
with this commit, the google compute instance acceptance tests are passing - remove GOOGLE_CLIENT_FILE requirement from provider tests to finish out hashicorp#452 - skip extra "#" key that shows up in metadata maps, fixes hashicorp#757 and sprouts hashicorp#883 to figure out core issue - more verbose variablenames in metadata parsing, since it took me awhile to grok and i thought there might have been a shadowing bug in there for a minute. maybe someday when i'm a golang master i'll be smart enough to be comfortable with one-char varnames. :)
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
ghost
locked and limited conversation to collaborators
Terraform seems to work without the client secrets json file. I haven't run all the acceptance tests but I'm able to interact with the API.