search

devtron-labs / devtron

Tool integration platform for Kubernetes
https://devtron.ai
Apache License 2.0
4.32k stars 476 forks source link

Bug: Json file is not passing in correct format in build argument #5438

Closed ajaydevtron closed 2 months ago

ajaydevtron commented 3 months ago

๐Ÿ“œ Description

We have Devtron application and passing the GCP service account json file in build argument to authentication , In Previous build it was passing in correct format as below .

GOOGLE_APPLICATION_CREDENTIALS='{
     "type": "service_account",
     "project_id": "test",

     "private_key_id": "test",

     "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCgjb82Jf558cA0\nFvYnZdByw6BgczCqlk9qRSPoBA2hjX1kOFUoGCGr+\n-----END PRIVATE KEY-----\n",
     "client_email": "g-dd-@test.iam.gserviceaccount.com",
     "client_id": "test",
     "auth_uri": "https://accounts.google.com/o/oauth2/auth",
     "token_uri": "https://oauth2.googleapis.com/token",
     "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
     "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/test%40data-dev-348311.iam.gserviceaccount.com"
    }'

Currently it is passing in wrong format as below which cause authentication fails

GOOGLE_APPLICATION_CREDENTIALS="'{\n \"type\": \"service_account\",\n \"project_id\": \"test\",\n \"private_key_id\": \"test\",\n \"private_key\": \"-----BEGIN PRIVATE KEY-----\\nMIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCgjb82Jf558cA0\\nFvYnZdByw6BgczCqlk9qRSPoBA2hjX1kOFUoGCGr+7A+sd6RWajuEJ4mr36EFhYU\\ntsIESJ9XEEQhGCGFgrkXHtPRoIaTf54lAruSAruBjEFfzEmONUdhb7ER8Nwatrni\\nbImh/PyYlvNk8yDCh\\n-----END PRIVATE KEY-----\\n\",\n \"client_email\": \"test@data-dev-348311.iam.gserviceaccount.com\",\n \"client_id\": \"109\",\n \"auth_uri\": \"https://accounts.google.com/o/oauth2/auth\",\n \"token_uri\": \"https://oauth2.googleapis.com/token\",\n \"auth_provider_x509_cert_url\": \"https://www.googleapis.com/oauth2/v1/certs\",\n \"client_x509_cert_url\": \"https://www.googleapis.com/robot/v1/metadata/x509/test%40data-dev-348311.iam.gserviceaccount.com\"\n}'"

Affected areas

CD

Additional affected areas

CD

Prod/Non-prod environments?

Prod

Is User unblocked?

Yes

How was the user un-blocked?

None

Impact on Enterprise

Build is not able to happen on application

๐Ÿ‘Ÿ Steps to replicate the Issue

NA

๐Ÿ‘ Expected behavior

It should pass the json data in build argument in same format as previous one

๐Ÿ‘Ž Actual Behavior

Due to this below step for authentication is failing . RUN gcloud auth activate-service-account --key-file=/app/service-account-file.json

โ˜ธ Kubernetes version

1.30

Cloud provider

AWS

๐ŸŒ Browser

Chrome

โœ… Proposed Solution

No response

๐Ÿ‘€ Have you spent some time to check if this issue has been raised before?

๐Ÿข Have you read the Code of Conduct?

AB#10119

github-actions[bot] commented 3 months ago

Final Score: 200

gireesh-naidu commented 2 months ago

tracking this issue[https://github.com/devtron-labs/devtron/issues/4611] here