yacloud/acme.sh
1
0
Fork 0
mirror of https://github.com/acmesh-official/acme.sh.git synced 2025-05-06 02:04:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Implement service account key authentication dns_gcloud.sh

Browse Source
This commit is contained in:
Alex Cazacu 2021-06-01 22:50:22 +02:00
parent 130e8dbd40
commit 6283a7a319
No known key found for this signature in database
GPG Key ID: ACFF0A10AFC48850
1 changed files with 54 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
dnsapi/dns_gcloud.sh
View File

@ -12,6 +12,8 @@ dns_gcloud_add() {
_debug fulldomain "$fulldomain"
_debug txtvalue "$txtvalue"
_dns_gcloud_authenticate || return $?
_dns_gcloud_find_zone || return $?
# Add an extra RR
@ -33,6 +35,8 @@ dns_gcloud_rm() {
_debug fulldomain "$fulldomain"
_debug txtvalue "$txtvalue"
_dns_gcloud_authenticate || return $?
_dns_gcloud_find_zone || return $?
# Remove one RR
@ -47,6 +51,56 @@ dns_gcloud_rm() {
#################### Private functions below ##################################
_dns_gcloud_authenticate() {
_info "_dns_gcloud_authenticate: authenticating gcloud"
_debug "_dns_gcloud_authenticate: checking authenticated status"
account=$(gcloud auth list \
--filter "status:ACTIVE" \
--format "value(account)" \
--verbosity error
)
if [ "$account" ]; then
_info "_dns_gcloud_authenticate: already authenticated"
return 0
fi
_debug "_dns_gcloud_authenticate: attempting to authenticate using service account key"
GCLOUD_Service_Account_Key="${CF_Token:-$(_readaccountconf_mutable GCLOUD_Service_Account_Key)}"
GCLOUD_Project_ID="${CF_Account_ID:-$(_readaccountconf_mutable GCLOUD_Project_ID)}"
if [ -z "$GCLOUD_Service_Account_Key" ]; then
GCLOUD_Service_Account_Key=""
GCLOUD_Project_ID=""
_err "_dns_gcloud_authenticate: missing Google Cloud service account key"
return 1
fi
if [ -z "$GCLOUD_Project_ID" ]; then
GCLOUD_Service_Account_Key=""
GCLOUD_Project_ID=""
_err "_dns_gcloud_authenticate: missing Google Cloud project ID"
return 1
fi
if ! echo "$GCLOUD_Service_Account_Key" | gcloud auth activate-service-account --key-file -; then
_err "_dns_gcloud_authenticate: failed to authenticate with service account key"
return 1
fi
_info "_dns_gcloud_authenticate: successfully authenticated using service account key"
gcloud config set project "$GCLOUD_Project_ID"
_info "_dns_gcloud_authenticate: configured gcloud project"
}
_dns_gcloud_authenticate() {
account=$(gcloud auth list --filter "status:ACTIVE" --format "value(account)")
}
_dns_gcloud_start_tr() {
if ! trd=$(mktemp -d); then
_err "_dns_gcloud_start_tr: failed to create temporary directory"