scripts/slave/recipe_modules/service_account/api.py - Issue 1954753003: Service account module

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: scripts/slave/recipe_modules/service_account/api.py

Issue 1954753003: Service account module (Closed) Base URL: https://chromium.googlesource.com/chromium/tools/build.git@master

Patch Set: Added proper logging, removed pragma no cover. Created 4 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« scripts/slave/recipe_modules/service_account/__init__.py ('K') | « scripts/slave/recipe_modules/service_account/__init__.py ('k') | scripts/slave/recipe_modules/service_account/config.py » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: scripts/slave/recipe_modules/service_account/api.py

diff --git a/scripts/slave/recipe_modules/service_account/api.py b/scripts/slave/recipe_modules/service_account/api.py

new file mode 100644

index 0000000000000000000000000000000000000000..0d018cd061ec53ebbdb60804cd31681b28ca0ab3

--- /dev/null

+++ b/scripts/slave/recipe_modules/service_account/api.py

@@ -0,0 +1,42 @@

+# Use of this source code is governed by a BSD-style license that can be

+# found in the LICENSE file.

+"""API for generating oauth2 tokens from locally stored secrets.

+This is a thin wrapper over the authutil go executable, which itself calls

+https://github.com/luci/luci-go/blob/master/client/authcli/authcli.go

+"""

+from recipe_engine import recipe_api

+class ServiceAccountApi(recipe_api.RecipeApi):

+ def _config_defaults(self):

+ if self.m.platform.is_win:

+ self.set_config('service_account_windows')

+ else:

+ self.set_config('service_account_default')

+ def get_token(self, account):

+ if self.c is None:

+ self._config_defaults()

+ account_file = self.m.path.join(self.c.accounts_path,

+ 'service-account-%s.json' % account)

+ try:

+ # TODO: authutil is to be deployed using cipd.

+ step_result = self.m.step('get access token',

+ [self.c.authutil_path, 'token',

+ '-service-account-json=' + account_file],

+ stdout=self.m.raw_io.output())

+ except self.m.step.StepFailure as ex:

+ if not self.m.path.exists(self.c.authutil_path):

+ ex.result.presentation.logs['Authutil not found'] = [

+ 'The authutil binary was not found at the default location.',

+ '',

+ 'Build the following go module: infra/go/infra/tools/authutil',

+ 'and deploy it to: ' + self.c.authutil_path ]

+ raise

+ return step_result.stdout.strip()