You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have uploaded a GCP service account key to Vault from a JSON file.
$ vault kv get kv/store/gcp
====== Metadata ======
Key Value
--- -----
created_time 2020-09-14T16:13:34.5395125Z
deletion_time n/a
destroyed false
version 1
=============== Data ===============
Key Value
--- -----
auth_provider_x509_cert_url https://www.googleapis.com/oauth2/v1/certs
auth_uri https://accounts.google.com/o/oauth2/auth
client_email [email protected]
client_id 00000000000
client_x509_cert_url https://www.googleapis.com/robot/v1/metadata/x509/0000000-compute%40developer.gserviceaccount.com
private_key -----BEGIN PRIVATE KEY-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
yyyyyyy==
-----END PRIVATE KEY-----
private_key_id 00000000000000000000
project_id myproject_id
token_uri https://oauth2.googleapis.com/token
type service_account
Ideally I want to pull the whole entry out. But I will settle for fields.
So on the TC side I have a variable GCP_CREDS: %vault:/kv/data/store/gcp!/private_key%
Added this in a build step at I can't debug the creds in TC! 👎 echo "${GCP_CREDS}" > ./gcp_creds
On the agent host
$ cat gcp_creds
-----BEGIN
$
It seems to chop at the first white space?
With agent debug set to max on the agent, I can see the whole GCP key arriving intact . I then see [2021-03-04 12:42:32,310] DEBUG - ath.internal.path.CompiledPath - Evaluating path: $['private_key']
I tried a few ideas on here: https://github.com/json-path/JsonPath as theis seems to be what the code is based on. No joy.
Any ideas? Is it just my iffy BASH in the build step? :)
The vault plugin works fine for simple key value pairs. I can extract any other field from the GCP data correctly, just not "private_key" !
The text was updated successfully, but these errors were encountered:
TeamCity Enterprise 2019.2.2 (build 71923)
Plugin 2021 0.1.98
Hi,
I have uploaded a GCP service account key to Vault from a JSON file.
Ideally I want to pull the whole entry out. But I will settle for fields.
So on the TC side I have a variable GCP_CREDS: %vault:/kv/data/store/gcp!/private_key%
Added this in a build step at I can't debug the creds in TC! 👎
echo "${GCP_CREDS}" > ./gcp_creds
On the agent host
It seems to chop at the first white space?
With agent debug set to max on the agent, I can see the whole GCP key arriving intact . I then see [2021-03-04 12:42:32,310] DEBUG - ath.internal.path.CompiledPath - Evaluating path: $['private_key']
I tried a few ideas on here: https://github.com/json-path/JsonPath as theis seems to be what the code is based on. No joy.
Any ideas? Is it just my iffy BASH in the build step? :)
The vault plugin works fine for simple key value pairs. I can extract any other field from the GCP data correctly, just not "private_key" !
The text was updated successfully, but these errors were encountered: