Integration with graph-google-cloud failure on .env generation

[lemontreeran]

When we are doing yarn starbase run to run the Google Cloud(graph-google-cloud) integration with Starbase, the .env in .integrations/graph-google-cloud is not generated correctly. Therefore nothing is imported into the Neo4J database. Would you please have a look at this issue and supply the fix?

Here is the config.xml in different format that I tested.

1. Use filename for config.yaml[1] in Starbase

   integrations:
   - name: graph-google-cloud
   instanceId: testInstanceId
   directory: ./.integrations/graph-google-cloud
   gitRemoteUrl: https://github.com/JupiterOne/graph-google-cloud.git
   config:
     SERVICE_ACCOUNT_KEY_FILE: sa-private-key.json
     PROJECT_ID: "PROJECT_ID"
     ORGANIZATION_ID: "ORGANIZATION_ID"
     CONFIGURE_ORGANIZATION_PROJECTS: false
     FOLDER_ID: ""
   storage:
   engine: neo4j
   config: 
   username: neo4j
   password: devpass
   uri: bolt://localhost:7687

   • Here is the .env generated .integrations/graph-google-cloud. According to docs[2], this .env is expecting only string. The json file name is treated as a string which is not getting any correct connections with GCP.

     SERVICE_ACCOUNT_KEY_FILE=sa-private-key.json
     PROJECT_ID=PROJECT_ID
     ORGANIZATION_ID=ORGANIZATION_ID
     CONFIGURE_ORGANIZATION_PROJECTS=false
     FOLDER_ID=

2. 1. Use the flattened GSA private key json string for config.yaml[1] in Starbase

      integrations:
      - name: graph-google-cloud
      instanceId: testInstanceId
      directory: ./.integrations/graph-google-cloud
      gitRemoteUrl: https://github.com/JupiterOne/graph-google-cloud.git
      config:
      SERVICE_ACCOUNT_KEY_FILE: {"type":"service_account","project_id":"project_id","private_key_id":"private_key_id","private_key":"-----BEGIN PRIVATE KEY-----\n<encrypted string>\n-----END PRIVATE KEY-----\n","client_email":"client_email","client_id":"client_id","auth_uri":"auth_uri","token_uri":"https://oauth2.googleapis.com/token","auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs","client_x509_cert_url":"client_x509_cert_url"}
      PROJECT_ID: "PROJECT_ID"
      ORGANIZATION_ID: "ORGANIZATION_ID"
      CONFIGURE_ORGANIZATION_PROJECTS: false
      FOLDER_ID: ""
      storage:
      engine: neo4j
      config: 
      username: neo4j
      password: devpass
      uri: bolt://localhost:7687

      • Here is the .env generated .integrations/graph-google-cloud. According to docs[2], this .env is expecting only string. The json object is just converted into [object Object] which is not a json object anymore.

        SERVICE_ACCOUNT_KEY_FILE=[object Object]
        PROJECT_ID=PROJECT_ID
        ORGANIZATION_ID=ORGANIZATION_ID
        CONFIGURE_ORGANIZATION_PROJECTS=false
        FOLDER_ID=

Referece: [1] https://github.com/JupiterOne/starbase/blob/main/README.md?plain=1#L170 [2] https://github.com/JupiterOne/graph-google-cloud/blob/main/docs/development.md?plain=1#L229

[adam-in-ict]

Hi there!

In the second configuration I think the only needed update is to surround the entire SERVICE_ACCOUNT_KEY_VALUE in single quotes, like:

SERVICE_ACCOUNT_KEY_FILE: '{"type":"service_account","project_id":"project_id",...}'

That should let Starbase see the value as a flattened string value instead of an object. Long term, we can look at better handling when Starbase sees config values as objects like this, but this should hopefully be a workaround for you to move forward now.

[lemontreeran]

Thanks @adam-in-ict ! This workaround works. I will try this solution for the time being.