authentication-with-a default service-account isn't working

[lappazos]

regarding comment in PR #221, i tried https://docs.iterative.ai/PyDrive2/oauth/#authentication-with-a-service-account

i couldn't find where this function is implemented.
i tried to implement it by myself (copy pate), but the GCP environment couldn't find the "client_json_file_path": "service-secrets.json",

[lappazos]

@shcheklein

[shcheklein]

@lappazos please, no need to ping me directly and/or use my email. At least not immediately. We are getting notifications about the new issues.

i couldn't find where this function is implemented.

what function?
try to follow these steps to generate the secrets file - https://dvc.org/doc/user-guide/how-to/setup-google-drive-remote#using-service-accounts

[lappazos]

@shcheklein I don't think you understand. When you log in to a VM of GCP, you always use a service account. the service account credentials are available somehow in the machine (I'm not sure how, and that is the whole point of this request - automatic authentication using the VM service account credentials). many libraries can authenticate automatically when they are inside a GCP VM, saving the need in a JSON file. we don't want to create a JSON file, that is a potential security breach. BTW, at the moment I have no problem authenticating with JSON file - the whole point is avoiding that, using the VM Metadata credentials of the Service Account.

Back to your question, in the PR you suggested using https://docs.iterative.ai/PyDrive2/oauth/#authentication-with-a-service-account. This leads to a function called login_with_service_account, which I can't find in the library implementation.
As I mentioned above, I tried to implement it by myself (copy-paste), but the GCP environment couldn't find the "client_json_file_path": "service-secrets.json",

[shcheklein]

Okay, I see. This duplicates this #187 and #179 ?

@lappazos @junp Do you know what is the mechanism behind the default service account? Is there a file in some location, ENV variable, etc? Is it the same as GoogleCredentials.get_application_default()?

Back to your question, in the PR you suggested using https://docs.iterative.ai/PyDrive2/oauth/#authentication-with-a-service-account. This leads to a function called login_with_service_account, which I can't find in the library implementation.

Could you give a link and / or more context?

[lappazos]

Okay, I see. This duplicates this #187 and #179 ?

Yes, exactly

@lappazos @junp Do you know what is the mechanism behind the default service account? Is there a file in some location, ENV variable, etc? Is it the same as GoogleCredentials.get_application_default()?

Unfortunately, I don't know what is the mechanism

Back to your question, in the PR you suggested using https://docs.iterative.ai/PyDrive2/oauth/#authentication-with-a-service-account. This leads to a function called login_with_service_account, which I can't find in the library implementation.

Could you give a link and / or more context?

I'm not sure what you mean - you gave me the link to that function. it is nowhere to be found in the library, only in the documentation and didn't work when I implemented it by copying it to my python file since the file path wasn't correct.

[shcheklein]

I'm not sure what you mean - you gave me the link to that function. it is nowhere to be found in the library, only in the documentation and didn't work when I implemented it by copying it to my python file since the file path wasn't correct.

okay, got it. Yes, for that workflow to work you need a file, or an ENV var, or something with the service account credentials. I would try to google and see how the default credentials are implemented - is a service account or not, are those saved in some file or not. Depending on that we either could modify the code a bit (I can help), or we'll need to wait for the PR to lend, or may be we'll have some way to fix the current implementation a bit to incorporate that flow.

[lappazos]

@shcheklein Thanks, ill wait for your update