Closed plyr4 closed 3 years ago
Vela should be able to properly escape and inject the multi-line JSON secret in a format that containers and plugins like vela-terraform can process.
example FAKE credentials used for terraform that DO NOT work
{ "type": "service_account", "project_id": "tgt-pe-fake", "private_key_id": "bcaab01d-0651-4bb1-9005-60b979fccc2a", "private_key": "-----BEGIN PRIVATE KEY-----\nMIICXAIBAAKBgQCysZWyIw8QoY4fs/1eTYkDveUFR+wGFUEVHnqDo5QA0FZmKKpx eRYI5DOjeeMAW/iXUTrVrr67WLZnpoxWroEKKfPgd5C8e6UdToaAhvHD9Y5PBQJ0 B0L8aYvsC28Fw2ZCPP9bosLk/qjrweN4j/6UYZ8LMDYzAouOy43gdXGU2QIDAQAB AoGAZ+W7LSUXSEs20JYddixMwwExXP2xbOQEwFvFTi7ZChQYeDOiznFh72+H2sAu zXGsO4b+V2nP+iwdemyq4md6HM0JXLTG7h3omyYyWJXFquKhMCcoQZISWomE5KoM jV8IOF6P5JBjIUh0UZ7fAukwCWBsFh2hTsIKITkedgrpj1ECQQDyzOlHeyvAjca5 oLSjm4JUUWU3ukk6V6+l4e2/auMl90uBeibUVMc3cJD8EdzpbWb9wciFfoqm6ixC KLT1d/+9AkEAvGh9nOjLo0UfdaCgYupUW8ATYQVUMIgUijaQvFL8HYUqPjWRI/gl Q+FmPwu+JBXFrUx250QzkKbdgaNAoFpdTQJACxWv0MOey7utRuw/UvjWimLs7A5l KXS3YCtgX0zR8fnISLD69NaqAa3x8JAgNcf427ztGqscSWKHgr25BTvlQQJBAI6X hnn6tiQbbHPZ3Yj/UFkgRYpoPg987g6svV3KcITnA9GROQfABnQZYwjUGlO1JqbB +DuPoncX0w0KQR8bRQECQE3Tb3Dc7JT2LB5inMbVJLlS9m/Ue5dEqxJdVDhH6JMT W0c7pR1VzxwpLmM7UHlGrwqQX0lJ+CogJQbEQ+82kjE=\n-----END PRIVATE KEY-----\n", "client_email": "svc-apiplatform-config-fake@tgt-pe-fake.iam.gserviceaccount.com", "client_id": "123456789101112", "auth_uri": "https://accounts.google.com/o/oauth2/auth", "token_uri": "https://accounts.google.com/o/oauth2/token", "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/svc-apiplatform-config-fake%40tgt-pe-fake.iam.gserviceaccount.com" }
example FAKE credentials used for terraform as a WORKAROUND
"GOOGLE_CREDENTIALS={\n \"type\": \"service_account\",\n \"project_id\": \"tgt-pe-fake\",\n \"private_key_id\": \"bcaab01d-0651-4bb1-9005-60b979fccc2a\",\n \"private_key\": \"-----BEGIN PRIVATE KEY-----\nMIICXAIBAAKBgQCysZWyIw8QoY4fs/1eTYkDveUFR+wGFUEVHnqDo5QA0FZmKKpx\neRYI5DOjeeMAW/iXUTrVrr67WLZnpoxWroEKKfPgd5C8e6UdToaAhvHD9Y5PBQJ0\nB0L8aYvsC28Fw2ZCPP9bosLk/qjrweN4j/6UYZ8LMDYzAouOy43gdXGU2QIDAQAB\nAoGAZ+W7LSUXSEs20JYddixMwwExXP2xbOQEwFvFTi7ZChQYeDOiznFh72+H2sAu\nzXGsO4b+V2nP+iwdemyq4md6HM0JXLTG7h3omyYyWJXFquKhMCcoQZISWomE5KoM\njV8IOF6P5JBjIUh0UZ7fAukwCWBsFh2hTsIKITkedgrpj1ECQQDyzOlHeyvAjca5\noLSjm4JUUWU3ukk6V6+l4e2/auMl90uBeibUVMc3cJD8EdzpbWb9wciFfoqm6ixC\nKLT1d/+9AkEAvGh9nOjLo0UfdaCgYupUW8ATYQVUMIgUijaQvFL8HYUqPjWRI/gl\nQ+FmPwu+JBXFrUx250QzkKbdgaNAoFpdTQJACxWv0MOey7utRuw/UvjWimLs7A5l\nKXS3YCtgX0zR8fnISLD69NaqAa3x8JAgNcf427ztGqscSWKHgr25BTvlQQJBAI6X\nhnn6tiQbbHPZ3Yj/UFkgRYpoPg987g6svV3KcITnA9GROQfABnQZYwjUGlO1JqbB\n+DuPoncX0w0KQR8bRQECQE3Tb3Dc7JT2LB5inMbVJLlS9m/Ue5dEqxJdVDhH6JMT\nW0c7pR1VzxwpLmM7UHlGrwqQX0lJ+CogJQbEQ+82kjE=\n-----END PRIVATE KEY-----\",\n \"client_email\": \"svc-apiplatform-config-fake@tgt-pe-fake.iam.gserviceaccount.com\",\n \"client_id\": \"123456789101112\",\n \"auth_uri\": \"https://accounts.google.com/o/oauth2/auth\",\n \"token_uri\": \"https://accounts.google.com/o/oauth2/token\",\n \"auth_provider_x509_cert_url\": \"https://www.googleapis.com/oauth2/v1/certs\",\n \"client_x509_cert_url\": \"https://www.googleapis.com/robot/v1/metadata/x509/svc-apiplatform-config-fake%40tgt-pe-fake.iam.gserviceaccount.com\"\n}\n",
Duplicate of https://github.com/go-vela/community/issues/75
Description
Vela should be able to properly escape and inject the multi-line JSON secret in a format that containers and plugins like vela-terraform can process.
Useful Information
example FAKE credentials used for terraform that DO NOT work
example FAKE credentials used for terraform as a WORKAROUND