Loading .gitlab-ci.yml +2 −2 Original line number Diff line number Diff line Loading @@ -125,11 +125,11 @@ test-token-succeeds: - | response_status=$(curl -s -o "resp.txt" -w "%{http_code}" "http://gcp-auth-provider/token") assert_eq "200" $response_status token=`cat resp.txt` token=$(cat resp.txt) response_status=$(curl -s -o resp.txt -w "%{http_code}" -H "Authorization: Bearer $token" "https://cloudresourcemanager.googleapis.com/v1/projects/$GCP_PROJECT") assert_eq "200" $response_status project_id_result=$(cat resp.txt | jq .projectId | tr -d '"') project_id_result=$(cat resp.txt | jq -r .projectId) assert_eq "$GCP_PROJECT" $project_id_result rules: - if: $CI_SERVER_HOST != "gitlab.com" Loading app/gcp_client.py +3 −3 Original line number Diff line number Diff line import requests, json, os from fastapi import HTTPException CI_JOB_JWT_V2 = os.environ.get('CI_JOB_JWT_V2') JWT_TOKEN = os.environ.get('GCP_JWT') or os.environ.get('CI_JOB_JWT_V2') def get_iam_credentials(service_account, federated_token): Loading @@ -26,7 +26,7 @@ def get_iam_credentials(service_account, federated_token): def get_sts_token(audience): if not CI_JOB_JWT_V2: if not JWT_TOKEN: raise HTTPException( status_code=401, detail='Missing $CI_JOB_JWT_V2 token' Loading @@ -45,7 +45,7 @@ def get_sts_token(audience): "requestedTokenType": "urn:ietf:params:oauth:token-type:access_token", "scope": "https://www.googleapis.com/auth/cloud-platform", "subjectTokenType": "urn:ietf:params:oauth:token-type:jwt", "subjectToken": CI_JOB_JWT_V2 "subjectToken": JWT_TOKEN }) ) if resp.status_code != 200: Loading Loading
.gitlab-ci.yml +2 −2 Original line number Diff line number Diff line Loading @@ -125,11 +125,11 @@ test-token-succeeds: - | response_status=$(curl -s -o "resp.txt" -w "%{http_code}" "http://gcp-auth-provider/token") assert_eq "200" $response_status token=`cat resp.txt` token=$(cat resp.txt) response_status=$(curl -s -o resp.txt -w "%{http_code}" -H "Authorization: Bearer $token" "https://cloudresourcemanager.googleapis.com/v1/projects/$GCP_PROJECT") assert_eq "200" $response_status project_id_result=$(cat resp.txt | jq .projectId | tr -d '"') project_id_result=$(cat resp.txt | jq -r .projectId) assert_eq "$GCP_PROJECT" $project_id_result rules: - if: $CI_SERVER_HOST != "gitlab.com" Loading
app/gcp_client.py +3 −3 Original line number Diff line number Diff line import requests, json, os from fastapi import HTTPException CI_JOB_JWT_V2 = os.environ.get('CI_JOB_JWT_V2') JWT_TOKEN = os.environ.get('GCP_JWT') or os.environ.get('CI_JOB_JWT_V2') def get_iam_credentials(service_account, federated_token): Loading @@ -26,7 +26,7 @@ def get_iam_credentials(service_account, federated_token): def get_sts_token(audience): if not CI_JOB_JWT_V2: if not JWT_TOKEN: raise HTTPException( status_code=401, detail='Missing $CI_JOB_JWT_V2 token' Loading @@ -45,7 +45,7 @@ def get_sts_token(audience): "requestedTokenType": "urn:ietf:params:oauth:token-type:access_token", "scope": "https://www.googleapis.com/auth/cloud-platform", "subjectTokenType": "urn:ietf:params:oauth:token-type:jwt", "subjectToken": CI_JOB_JWT_V2 "subjectToken": JWT_TOKEN }) ) if resp.status_code != 200: Loading
