We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sudo-gcp --version sudo-gcp 0.2.1
$ cat ./gcloud-tokeninfo #!/bin/bash token="${GOOGLE_OAUTH_ACCESS_TOKEN:-"$(gcloud auth print-access-token)"}" curl --oauth2-bearer "$token" https://openidconnect.googleapis.com/v1/userinfo echo # they don't provide a newline ¯\_(ツ)_/¯ curl --oauth2-bearer "$token" https://www.googleapis.com/oauth2/v3/tokeninfo
As implemented in my prototype sudo-gcp:
$ ./sudo-gcp -u packer-build-cli@sns-dev-staging--buckevan.iam.gserviceaccount.com ./gc loud-tokeninfo You are authenticated for the next hour as: packer-build-cli@sns-dev-staging--buckevan.iam.gserviceaccount.com + ./gcloud-tokeninfo { "sub": "11747330...234366816", "picture": "https://lh3.googleusercontent.com/a/default-user\u003ds96-c", "email": "packer-build-cli@sns-dev-staging--buckevan.iam.gserviceaccount.com", "email_verified": true } { "azp": "11747330...1234366816", "aud": "11747330...1234366816", "sub": "11747330...1234366816", "scope": "https://www.googleapis.com/auth/apps.groups.settings https://www.googleapis.com/auth/admin.directory.user https://www.googleapis.com/auth/admin.directory.rolemanagement https://www.googleapis.com/auth/admin.directory.group https://www.googleapis.com/auth/admin.directory.customer https://www.googleapis.com/auth/chrome.management.policy https://www.googleapis.com/auth/admin.directory.userschema https://www.googleapis.com/auth/admin.directory.orgunit https://www.googleapis.com/auth/gmail.settings.sharing https://www.googleapis.com/auth/admin.directory.domain https://www.googleapis.com/auth/gmail.settings.basic https://www.googleapis.com/auth/compute https://www.googleapis.com/auth/sqlservice.login https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/appengine.admin https://www.googleapis.com/auth/userinfo.email openid", "exp": "1689094837", "expires_in": "3598", "email": "packer-build-cli@sns-dev-staging--buckevan.iam.gserviceaccount.com", "email_verified": "true", "access_type": "online" }
$ touch sudo-gcp.toml # see issue #8 $ SUDOGCP_SERVICE_ACCOUNT=packer-build-cli@sns-dev-staging--buckevan.iam.gserviceaccount.com ~/.cargo/bin/sudo-gcp ./gcloud-tokeninfo { "error": "invalid_request", "error_description": "Invalid Credentials" } { "azp": "11747330...1234366816", "aud": "11747330...1234366816", "scope": "https://www.googleapis.com/auth/cloud-platform", "exp": "1689094289", "expires_in": "2954", "access_type": "online" }
Export CLOUDSDK_AUTH_ACCESS_TOKEN in addition to GOOGLE_OAUTH_ACCESS_TOKEN.
CLOUDSDK_AUTH_ACCESS_TOKEN
GOOGLE_OAUTH_ACCESS_TOKEN
The text was updated successfully, but these errors were encountered:
Interesting. We do export CLOUDSDK_AUTH_ACCESS_TOKEN.
sudo-gcp/src/main.rs
Line 73 in 1883e4d
Can you share your script?
Sorry, something went wrong.
No branches or pull requests
Environment
Steps to Reproduce
Expected Result
As implemented in my prototype sudo-gcp:
Actual Result
Suggested Fix
Export
CLOUDSDK_AUTH_ACCESS_TOKEN
in addition toGOOGLE_OAUTH_ACCESS_TOKEN
.The text was updated successfully, but these errors were encountered: