From 1eff8a9e39d8253a7e76aff2c850a8854d62c745 Mon Sep 17 00:00:00 2001 From: Dmitry Balabka Date: Wed, 10 Jul 2024 15:44:00 +0300 Subject: [PATCH] Use gcp sdk provided flow for obtaininng application default credentials (#429) --- dask_cloudprovider/gcp/instances.py | 29 +++++------------------------ 1 file changed, 5 insertions(+), 24 deletions(-) diff --git a/dask_cloudprovider/gcp/instances.py b/dask_cloudprovider/gcp/instances.py index 5ef9c0da..f5d9f3c5 100644 --- a/dask_cloudprovider/gcp/instances.py +++ b/dask_cloudprovider/gcp/instances.py @@ -18,6 +18,7 @@ try: import googleapiclient.discovery + import google.auth from googleapiclient.errors import HttpError except ImportError as e: msg = ( @@ -647,31 +648,11 @@ def __init__(self): self._compute = self.refresh_client() def refresh_client(self): - if os.environ.get("GOOGLE_APPLICATION_CREDENTIALS", False): - import google.oauth2.service_account # google-auth + # Obtain Application Default Credentials + credentials, _ = google.auth.default() - creds = google.oauth2.service_account.Credentials.from_service_account_file( - os.environ["GOOGLE_APPLICATION_CREDENTIALS"], - scopes=["https://www.googleapis.com/auth/cloud-platform"], - ) - else: - import google.auth.credentials # google-auth - - path = os.path.join( - os.path.expanduser("~"), ".config/gcloud/credentials.db" - ) - if not os.path.exists(path): - raise GCPCredentialsError() - conn = sqlite3.connect(path) - creds_rows = conn.execute("select * from credentials").fetchall() - with tmpfile() as f: - with open(f, "w") as f_: - # take first row - f_.write(creds_rows[0][1]) - creds, _ = google.auth.load_credentials_from_file(filename=f) - return googleapiclient.discovery.build( - "compute", "v1", credentials=creds, requestBuilder=build_request(creds) - ) + # Use the credentials to build a service client + return googleapiclient.discovery.build('compute', 'v1', credentials=credentials) def instances(self): try: