feat: add auth support for GCP access tokens (#574)

Introduce choice "accesstoken" for auth_kind for modules Introduce optional access_token string param that falls back to GCP_ACCESS_TOKEN env var
2025-07-25 14:20:29 -07:00 · 2023-06-10 14:20:57 -04:00 · 2023-06-10 14:20:57 -04:00 · 203961b045
commit 203961b045
parent 86e0cef208
173 changed files with 1181 additions and 13 deletions
--- a/plugins/inventory/gcp_compute.py
+++ b/plugins/inventory/gcp_compute.py
@ -57,7 +57,7 @@ DOCUMENTATION = """
            description:
                - The type of credential used.
            required: True
-            choices: ['application', 'serviceaccount', 'machineaccount']
+            choices: ['application', 'serviceaccount', 'machineaccount', 'accesstoken']
            env:
                - name: GCP_AUTH_KIND
        scopes:
@ -86,6 +86,11 @@ DOCUMENTATION = """
                  and the user does not wish to use the default email.
            env:
                - name: GCP_SERVICE_ACCOUNT_EMAIL
+        access_token:
+            description:
+                - An OAuth2 access token if credential type is accesstoken.
+            env:
+                - name: GCP_ACCESS_TOKEN
        vars_prefix:
            description: prefix to apply to host variables, does not include facts nor params
            default: ''
@ -558,6 +563,7 @@ class InventoryModule(BaseInventoryPlugin, Constructable, Cacheable):
            "service_account_file": self.get_option("service_account_file"),
            "service_account_contents": self.get_option("service_account_contents"),
            "service_account_email": self.get_option("service_account_email"),
+            "access_token": self.get_option("access_token"),
        }

        self.fake_module = GcpMockModule(params)