ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-07-23 05:10:22 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

cloud: gce: Allow specifying scopes by URI (#25074)

Browse source 
Previously the gce module would only allow scopes to be specified by
alias, this adds support for specifying scopes by full URI, however
validation is limited to just ensuring the URI begins with:
https://www.googleapis.com/auth
This commit is contained in:
Jason DeTiberus 2017-07-11 15:12:10 -04:00 committed by Ryan Brown
commit d173217833
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
lib/ansible/modules/cloud/google/gce.py
View file

@ -233,6 +233,7 @@ EXAMPLES = '''
- storage-full
- taskqueue
- bigquery
- https://www.googleapis.com/auth/ndev.clouddns.readwrite
service_account_email: "your-sa@your-project-name.iam.gserviceaccount.com"
credentials_file: "/path/to/your-key.json"
project_id: "your-project-name"
@ -463,7 +464,7 @@ def create_instances(module, gce, instance_names, number, lc_zone):
bad_perms = []
if service_account_permissions:
for perm in service_account_permissions:
if perm not in gce.SA_SCOPES_MAP:
if perm not in gce.SA_SCOPES_MAP and not perm.startswith('https://www.googleapis.com/auth'):
bad_perms.append(perm)
if len(bad_perms) > 0:
module.fail_json(msg='bad permissions: %s' % str(bad_perms))