Allow 'service_account_key' to contain either the path to or the cont…

…ent of a key file (#5) * Allow 'service_account_key' to contain either the path to or the content of a key file * Check if service account key is valid JSON
hanneshayashi · Aug 19, 2021 · 28a73ed · 28a73ed
1 parent 2bdb710
commit 28a73ed
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 9 deletions.
diff --git a/docs/index.md b/docs/index.md
@@ -56,6 +56,6 @@ provider "gdrive" {
 - **retry_on** (List of Number) A list of HTTP error codes you want the provider to retry on (e.g. 404).
 - **service_account** (String) The email address of the Service Account you want to impersonate with Application Default Credentials (ADC).
 Leave empty if you want to use the Service Account of a GCE instance directly.
-- **service_account_key** (String) The path to a key file for your Service Account.
+- **service_account_key** (String) The path to or the content of a key file for your Service Account.
 Leave empty if you want to use Application Default Credentials (ADC).
 - **subject** (String) The email address of the Workspace user you want to impersonate with Domain Wide Delegation (DWD)
diff --git a/provider/provider.go b/provider/provider.go
@@ -19,6 +19,7 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
 package provider
 
 import (
+	"encoding/json"
 	"io"
 	"os"
 
@@ -36,7 +37,7 @@ func Provider() *schema.Provider {
 			"service_account_key": {
 				Type:     schema.TypeString,
 				Optional: true,
-				Description: `The path to a key file for your Service Account.
+				Description: `The path to or the content of a key file for your Service Account.
 Leave empty if you want to use Application Default Credentials (ADC).`,
 				DefaultFunc: schema.EnvDefaultFunc("SERVICE_ACCOUNT_KEY", ""),
 			},
@@ -79,13 +80,19 @@ Leave empty if you want to use the Service Account of a GCE instance directly.`,
 func providerConfigure(d *schema.ResourceData) (interface{}, error) {
 	serviceAccountKey := d.Get("service_account_key").(string)
 	if serviceAccountKey != "" {
-		f, err := os.Open(serviceAccountKey)
-		if err != nil {
-			return nil, err
-		}
-		saKey, err := io.ReadAll(f)
-		if err != nil {
-			return nil, err
+		var saKey []byte
+		s := []byte(serviceAccountKey)
+		if json.Valid(s) {
+			saKey = s
+		} else {
+			f, err := os.Open(serviceAccountKey)
+			if err != nil {
+				return nil, err
+			}
+			saKey, err = io.ReadAll(f)
+			if err != nil {
+				return nil, err
+			}
 		}
 		client := gsmauth.GetClient(d.Get("subject").(string), saKey, drive.DriveScope)
 		gsmdrive.SetClient(client)