updates as per PR review

Signed-off-by: Roberto Rojas <[email protected]>
dapr · Aug 2, 2023 · b6f9f9f · b6f9f9f
1 parent 7c1f83b
commit b6f9f9f
Show file tree

Hide file tree

Showing 3 changed files with 85 additions and 78 deletions.
diff --git a/.build-tools/builtin-authentication-profiles.yaml b/.build-tools/builtin-authentication-profiles.yaml
@@ -103,3 +103,70 @@ azuread:
           - AzurePublicCloud
           - AzureChinaCloud
           - AzureUSGovernmentCloud
+
+gcp:
+  - title: "GCP API call Authentication"
+    description: |
+      Authenticate authenticates API calls with the given service account or refresh token JSON credentials.
+    metadata:
+      - name: private_key_id
+        required: true
+        sensitive: true
+        description: |
+          GCP private key id.
+        example: '"privateKeyId"'
+      - name: private_key
+        required: true
+        sensitive: true
+        description: |
+          GCP credentials private key. Replace with x509 cert.
+        example: '"-----BEGIN PRIVATE KEY-----\nMIIEvgIBADAsUw+2/y/MfhhkIKQTgnoiIZFHximeQN67VF9pifNR/D0k\\n-----END PRIVATE KEY-----\n"'
+      - name: type
+        type: string
+        required: true
+        description: |
+          The GCP credentials type.
+        example: '"service_account"'
+      - name: project_id
+        type: string
+        required: true
+        description: |
+          GCP project id.
+        example: '"projectId"'
+      - name: client_email
+        type: string
+        required: true
+        description: |
+          GCP client email.
+        example: '"[email protected]"'
+      - name: client_id
+        type: string
+        required: true
+        description: |
+          GCP client id.
+        example: '"0123456789-0123456789"'
+      - name: auth_uri
+        type: string
+        required: false
+        description: |
+          Google account OAuth endpoint.
+        example: '"https://accounts.google.com/o/oauth2/auth"'
+      - name: token_uri
+        type: string
+        required: false
+        description: |
+          Google account token uri.
+        example: '"https://oauth2.googleapis.com/token"'
+      - name: auth_provider_x509_cert_url
+        type: string
+        required: false
+        description: |
+          GCP credentials cert url.
+        example: '"https://www.googleapis.com/oauth2/v1/certs"'
+      - name: client_x509_cert_url
+        type: string
+        required: false
+        description: |
+          GCP credentials project x509 cert url.
+        example: '"https://www.googleapis.com/robot/v1/metadata/x509/<PROJECT_NAME>.iam.gserviceaccount.com"'
+
diff --git a/bindings/gcp/bucket/bucket.go b/bindings/gcp/bucket/bucket.go
@@ -54,19 +54,22 @@ type GCPStorage struct {
 }
 
 type gcpMetadata struct {
-	Bucket              string `json:"bucket" mapstructure:"bucket"`
-	Type                string `json:"type" mapstructure:"type"`
-	ProjectID           string `json:"project_id" mapstructure:"project_id"`
-	PrivateKeyID        string `json:"private_key_id" mapstructure:"private_key_id"`
-	PrivateKey          string `json:"private_key" mapstructure:"private_key"`
-	ClientEmail         string `json:"client_email " mapstructure:"client_email"`
-	ClientID            string `json:"client_id" mapstructure:"client_id"`
-	AuthURI             string `json:"auth_uri" mapstructure:"auth_uri"`
-	TokenURI            string `json:"token_uri" mapstructure:"token_uri"`
-	AuthProviderCertURL string `json:"auth_provider_x509_cert_url" mapstructure:"auth_provider_x509_cert_url"`
-	ClientCertURL       string `json:"client_x509_cert_url" mapstructure:"client_x509_cert_url"`
-	DecodeBase64        bool   `json:"decodeBase64,string" mapstructure:"decodeBase64"`
-	EncodeBase64        bool   `json:"encodeBase64,string" mapstructure:"encodeBase64"`
+	// Ignored by metadata parser because included in built-in authentication profile
+
+	Type                string `json:"type" mapstructure:"type" mdignore:"true"`
+	ProjectID           string `json:"project_id" mapstructure:"project_id" mdignore:"true"`
+	PrivateKeyID        string `json:"private_key_id" mapstructure:"private_key_id" mdignore:"true"`
+	PrivateKey          string `json:"private_key" mapstructure:"private_key" mdignore:"true"`
+	ClientEmail         string `json:"client_email " mapstructure:"client_email" mdignore:"true"`
+	ClientID            string `json:"client_id" mapstructure:"client_id" mdignore:"true"`
+	AuthURI             string `json:"auth_uri" mapstructure:"auth_uri" mdignore:"true"`
+	TokenURI            string `json:"token_uri" mapstructure:"token_uri" mdignore:"true"`
+	AuthProviderCertURL string `json:"auth_provider_x509_cert_url" mapstructure:"auth_provider_x509_cert_url" mdignore:"true"`
+	ClientCertURL       string `json:"client_x509_cert_url" mapstructure:"client_x509_cert_url" mdignore:"true"`
+
+	Bucket       string `json:"bucket" mapstructure:"bucket"`
+	DecodeBase64 bool   `json:"decodeBase64,string" mapstructure:"decodeBase64"`
+	EncodeBase64 bool   `json:"encodeBase64,string" mapstructure:"encodeBase64"`
 }
 
 type listPayload struct {

diff --git a/bindings/gcp/bucket/metadata.yaml b/bindings/gcp/bucket/metadata.yaml
@@ -14,78 +14,15 @@ binding:
     - name: create
       description: "Create an item."
 capabilities: []
-authenticationProfiles:
-  - title: "GCP API call Authentication"
-    description: |
-      Authenticate authenticates API calls with the given service account or refresh token JSON credentials.
-    metadata:
-      - name: private_key_id
-        required: true
-        sensitive: true
-        description: |
-          GCP private key id.
-        example: '"privateKeyId"'
-      - name: private_key
-        required: true
-        sensitive: true
-        description: |
-          GCP credentials private key. Replace with x509 cert.
-        example: '"12345-12345"'
+builtinAuthenticationProfiles:
+  - name: "gcp"
 metadata:
   - name: bucket
     required: true
     description: |
       The bucket name.
     example: '"mybucket"'
     type: string
-  - name: type
-    type: string
-    required: true
-    description: |
-      The GCP credentials type.
-    example: '"service_account"'
-  - name: project_id
-    type: string
-    required: true
-    description: |
-      GCP project id.
-    example: '"projectId"'
-  - name: client_email
-    type: string
-    required: true
-    description: |
-      GCP client email.
-    example: '"[email protected]"'
-  - name: client_id
-    type: string
-    required: true
-    description: |
-      GCP client id.
-    example: '"0123456789-0123456789"'
-  - name: auth_uri
-    type: string
-    required: false
-    description: |
-      Google account OAuth endpoint.
-    example: '"https://accounts.google.com/o/oauth2/auth"'
-  - name: token_uri
-    type: string
-    required: false
-    description: |
-      Google account token uri.
-    example: '"https://oauth2.googleapis.com/token"'
-  - name: auth_provider_x509_cert_url
-    type: string
-    required: false
-    description: |
-      GCP credentials cert url.
-    example: '"https://www.googleapis.com/oauth2/v1/certs"'
-  - name: client_x509_cert_url
-    type: string
-    required: false
-    description: |
-      GCP credentials project x509 cert url.
-    example: '"https://www.googleapis.com/robot/v1/metadata/x509/<PROJECT_NAME>.iam.gserviceaccount.com"'
   - name: decodeBase64
     type: bool
     required: false