Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

local-exec is not picking up GOOGLE_APPLICATION_CREDENTIALS #65

Closed
komasoftware opened this issue Sep 3, 2019 · 1 comment · Fixed by #83
Closed

local-exec is not picking up GOOGLE_APPLICATION_CREDENTIALS #65

komasoftware opened this issue Sep 3, 2019 · 1 comment · Fixed by #83
Labels
bug Something isn't working

Comments

@komasoftware
Copy link

komasoftware commented Sep 3, 2019
edited
Loading

For my environment, there is a terraform specific service account with the right set of permissions to modify the infrastructure. So I generate a secrets.json key for the service account use this key as below to execute terraform :

GOOGLE_APPLICATION_CREDENTIALS=secrets.json TF_VAR_xxxx=yyy TF_VAR_zzz=aaa terraform apply --input=false

This works just fine, terraform is executing while impersonating the desired service account.
Except for delete-default-gateway-routes.sh
This script is executing as local-exec and is not using the GOOGLE_APPLICATION_CREDENTIALS environment variable set. The script is executing as the account setup by gcloud auth application-default login.
This results is undesired and inconsistent behavioour IMO.
@morgante
Copy link
Contributor

morgante commented Sep 4, 2019

As a workaround, you can also set CLOUDSDK_AUTH_CREDENTIAL_FILE_OVERRIDE=secrets.json and it should work.

@aaron-lane aaron-lane added the bug Something isn't working label Sep 6, 2019
omazin added a commit to omazin/terraform-google-network that referenced this issue Oct 14, 2019
@omazin
Make use of GOOGLE_APPLICATION_CREDENTIALS in local-exec script. Fix t…
3d6c326 
…erraform-google-modules#65.
@omazin omazin mentioned this issue Oct 14, 2019
Merged
omazin added a commit to omazin/terraform-google-network that referenced this issue Oct 16, 2019
@omazin
[delete-default-gateway-routes.sh] Set CLOUDSDK_AUTH_CREDENTIAL_FILE_…
32ba93a 
…OVERRIDE. Fix terraform-google-modules#65.
@omazin omazin mentioned this issue Oct 21, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Make use of GOOGLE_APPLICATION_CREDENTIALS in local-exec script. omazin/terraform-google-network
3 participants
@komasoftware @morgante @aaron-lane