Skip to content
This repository was archived by the owner on Mar 9, 2023. It is now read-only.

Commit 652c00c

Browse files
srinandansrinandan
authored
Merge pull request #113 from srinandan/issue112
fetch default SA only when grant perm is set
2 parents 09a1e84 + 09b3a14 commit 652c00c

File tree

2 files changed

+9
-10
lines changed

2 files changed

+9
-10
lines changed

apiclient/iam.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -179,7 +179,7 @@ func setProjectIAMPermission(project string, memberName string, role string) (er
179179
//this method treats errors as info since this is not a blocking problem
180180

181181
//Get the current IAM policies for the project
182-
respBody, err := HttpClient(false, getendpoint, "")
182+
respBody, err := HttpClient(false, getendpoint)
183183
if err != nil {
184184
clilog.Info.Printf("error getting IAM policies for the project %s: %v", project, err)
185185
return err
@@ -399,7 +399,7 @@ func GetComputeEngineDefaultServiceAccount(projectId string) (serviceAccount str
399399
var getendpoint = fmt.Sprintf("https://cloudresourcemanager.googleapis.com/v3/projects/%s", projectId)
400400

401401
//Get the project number
402-
respBody, err := HttpClient(false, getendpoint, "")
402+
respBody, err := HttpClient(false, getendpoint)
403403
if err != nil {
404404
clilog.Info.Printf("error getting details for the project %s: %v", projectId, err)
405405
return serviceAccount, err

client/connections/connectors.go

Lines changed: 7 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -139,10 +139,6 @@ func Create(name string, content []byte, serviceAccountName string, serviceAccou
139139
return nil, err
140140
}
141141

142-
if c.ServiceAccount == nil {
143-
c.ServiceAccount = new(string)
144-
}
145-
146142
//service account overrides have been provided, use them
147143
if serviceAccountName != "" {
148144
//set the project id if one was not presented
@@ -154,14 +150,17 @@ func Create(name string, content []byte, serviceAccountName string, serviceAccou
154150
if err = apiclient.CreateServiceAccount(serviceAccountName); err != nil {
155151
return nil, err
156152
}
157-
} else { //use the default compute engine SA
153+
} else if grantPermission { //use the default compute engine SA to grant permissions
158154
serviceAccountName, err = apiclient.GetComputeEngineDefaultServiceAccount(apiclient.GetProjectID())
159155
if err != nil {
160156
return nil, err
161157
}
162158
}
163159

164-
*c.ServiceAccount = serviceAccountName
160+
if c.ServiceAccount == nil && serviceAccountName != "" {
161+
c.ServiceAccount = new(string)
162+
*c.ServiceAccount = serviceAccountName
163+
}
165164

166165
if c.ConnectorDetails == nil {
167166
return nil, fmt.Errorf("connectorDetails must be set. See https://github.com/srinandan/integrationcli#connectors-for-third-party-applications for more details")
@@ -282,9 +281,9 @@ func Create(name string, content []byte, serviceAccountName string, serviceAccou
282281
c.AuthConfig.UserPassword.Password.SecretVersion = secretVersion
283282
c.AuthConfig.UserPassword.PasswordDetails = nil //clean the input
284283

285-
if grantPermission {
284+
if grantPermission && c.ServiceAccount != nil {
286285
//grant connector service account access to secretVersion
287-
if err = apiclient.SetSecretManagerIAMPermission(apiclient.GetProjectID(), secretName, serviceAccountName); err != nil {
286+
if err = apiclient.SetSecretManagerIAMPermission(apiclient.GetProjectID(), secretName, *c.ServiceAccount); err != nil {
288287
return nil, err
289288
}
290289
}

0 commit comments

Comments
 (0)