Skip to content

[GCP/Auth] Use the application key in the env var #2116

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 10 commits into from
Jun 22, 2023
Merged

[GCP/Auth] Use the application key in the env var #2116

merged 10 commits into from
Jun 22, 2023

Conversation

Michaelvll
Copy link
Collaborator

@Michaelvll Michaelvll commented Jun 21, 2023
edited
Loading

Fixes #2115 and #2109.

The problem causing the two issues is that we hardcoded the application default key path in our code to find the credentials. However, the user may specify the key in the environment variable GOOGLE_APPLICATION_CREDENTIALS

We now first check the env var to look for the credential file, if the env var does not exist, we will use the default path (same as the gcloud's behavior).

TODO:

  • add instruction for log in with service account.

Tested (run the relevant ones):

  • Code formatting: bash format.sh
  • Any manual or new tests for this PR (please specify below) 
    Download the service account key
mv ~/.config/gcloud ~/.config/gcloud.bk
export GOOGLE_APPLICATION_CREDENTIALS="path/to/the/key/file"
gcloud auth activate-service-account --key-file $GOOGLE_APPLICATION_CREDENTIALS
gcloud config set project project-id
sky launch -c test-sa --cloud gcp --cpus 2 -i 0
sleep 120
sky status -r test-sa
  • All smoke tests: pytest tests/test_smoke.py with the service account. (except for TPU VM and azure_start_stop [Core] Avoid uploading public key #2119)
  • Relevant individual smoke tests: pytest tests/test_smoke.py::test_fill_in_the_name
  • Backward compatibility tests: bash tests/backward_comaptibility_tests.sh

@Michaelvll Michaelvll linked an issue Jun 21, 2023 that may be closed by this pull request
Logging in to GCP using a service account #2109
Closed
@Michaelvll Michaelvll mentioned this pull request Jun 21, 2023
Closed
concretevitamin
concretevitamin approved these changes Jun 22, 2023
View reviewed changes
Copy link
Member

@concretevitamin concretevitamin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks @Michaelvll.

@Michaelvll Michaelvll merged commit db5d15b into master Jun 22, 2023
@Michaelvll Michaelvll deleted the use-application-key-in-env branch June 22, 2023 06:18
This was referenced Jun 22, 2023
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@concretevitamin concretevitamin concretevitamin approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@Michaelvll @concretevitamin