Skip to content

Commit 1a50ad3

Browse files
openshift-merge-bot[bot]openshift-merge-bot[bot]
authored
Merge pull request openshift#8077 from patrickdillon/gcp-capi-sa-auth
CORS-3259: GCP CAPI Infra: auth with service account
2 parents 11fb96e + defe334 commit 1a50ad3

File tree

2 files changed

+20
-3
lines changed

2 files changed

+20
-3
lines changed

pkg/infrastructure/gcp/clusterapi/dns.go

Lines changed: 11 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ import (
77
"time"
88

99
"google.golang.org/api/dns/v1"
10+
"google.golang.org/api/option"
1011

1112
"github.com/openshift/installer/pkg/asset/installconfig"
1213
gcpic "github.com/openshift/installer/pkg/asset/installconfig/gcp"
@@ -116,8 +117,12 @@ func createRecordSets(ctx context.Context, ic *installconfig.InstallConfig, clus
116117

117118
// createDNSRecords will get the list of records to be created and execute their creation through the gcp dns api.
118119
func createDNSRecords(ctx context.Context, ic *installconfig.InstallConfig, clusterID, apiIP, apiIntIP string) error {
120+
ssn, err := gcpic.GetSession(ctx)
121+
if err != nil {
122+
return fmt.Errorf("failed to get session: %w", err)
123+
}
119124
// TODO: use the opts for the service to restrict scopes see google.golang.org/api/option.WithScopes
120-
dnsService, err := dns.NewService(ctx)
125+
dnsService, err := dns.NewService(ctx, option.WithCredentials(ssn.Credentials))
121126
if err != nil {
122127
return fmt.Errorf("failed to create the gcp dns service: %w", err)
123128
}
@@ -144,7 +149,11 @@ func createDNSRecords(ctx context.Context, ic *installconfig.InstallConfig, clus
144149
// private managed zone should only be created when one is not specified in the install config.
145150
func createPrivateManagedZone(ctx context.Context, ic *installconfig.InstallConfig, clusterID, network string) error {
146151
// TODO: use the opts for the service to restrict scopes see google.golang.org/api/option.WithScopes
147-
dnsService, err := dns.NewService(ctx)
152+
ssn, err := gcpic.GetSession(ctx)
153+
if err != nil {
154+
return fmt.Errorf("failed to get session: %w", err)
155+
}
156+
dnsService, err := dns.NewService(ctx, option.WithCredentials(ssn.Credentials))
148157
if err != nil {
149158
return fmt.Errorf("failed to create the gcp dns service: %w", err)
150159
}

pkg/infrastructure/gcp/clusterapi/service.go

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,13 +5,21 @@ import (
55
"fmt"
66

77
"google.golang.org/api/compute/v1"
8+
"google.golang.org/api/option"
9+
10+
"github.com/openshift/installer/pkg/asset/installconfig/gcp"
811
)
912

1013
// NewComputeService wraps the creation of a gcp compute service creation.
1114
func NewComputeService() (*compute.Service, error) {
1215
ctx := context.Background()
1316

14-
service, err := compute.NewService(ctx)
17+
ssn, err := gcp.GetSession(ctx)
18+
if err != nil {
19+
return nil, fmt.Errorf("failed to get session: %w", err)
20+
}
21+
22+
service, err := compute.NewService(ctx, option.WithCredentials(ssn.Credentials))
1523
if err != nil {
1624
return nil, fmt.Errorf("failed to create compute service: %w", err)
1725
}

0 commit comments

Comments
 (0)