Skip to content

Commit e10add4

Browse files
committed
sf
1 parent 6231f02 commit e10add4

File tree

1 file changed

+19
-6
lines changed

1 file changed

+19
-6
lines changed

main.py

Lines changed: 19 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -2,19 +2,32 @@
22
from google.auth import default
33
from google.auth.transport.requests import Request
44
import os
5+
import requests
56

67
app = Flask(__name__)
78

89
@app.route('/', methods=['GET'])
910
def get_service_account_info():
1011
try:
11-
# Get credentials from the environment
12-
credentials, project_id = default(scopes=['https://www.googleapis.com/auth/cloud-healthcare'])
12+
# For Cloud Run, you might not need to specify scopes at all
13+
# The service account permissions are managed through IAM roles
14+
credentials, project_id = default()
1315

14-
# Get service account email
15-
service_account_email = credentials.service_account_email
16+
# On Cloud Run, the most reliable way to get the service account email
17+
# is through the metadata server
18+
try:
19+
response = requests.get(
20+
'http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/email',
21+
headers={'Metadata-Flavor': 'Google'},
22+
timeout=2
23+
)
24+
service_account_email = response.text.strip()
25+
except Exception as e:
26+
# Fallback to credential property
27+
service_account_email = getattr(credentials, 'service_account_email', f"default (error: {str(e)})")
1628

17-
# Request an access token
29+
# Request an access token - no need to specify scope for Cloud Run
30+
# The token will have the scopes assigned to the service account
1831
request = Request()
1932
credentials.refresh(request)
2033
token = credentials.token
@@ -39,4 +52,4 @@ def get_service_account_info():
3952
# Get port from environment variable or default to 8080
4053
port = int(os.environ.get('PORT', 8080))
4154
# Run the app, listening on all interfaces
42-
app.run(host='0.0.0.0', port=port)
55+
app.run(host='0.0.0.0', port=port)

0 commit comments

Comments
 (0)