- Issue created by @mgifford
- 🇨🇦Canada mgifford Ottawa, Ontario
Asking ChatGPT Led me to https://console.cloud.google.com/iam-admin/serviceaccounts/details/YOUR_...
And the info I was missing:
4. Create JSON Key
• Click the service account you just created.
• Go to the “Keys” tab.
• Click Add Key > Create New Key
• Select JSON
• Click CreateA .json file (not .key) will download — this is the “key file” Drupal is asking for.
It was there in my download file, I just hadn't noticed it.
- 🇺🇸United States Owen Barton
The other missing detail here is that it needs to be added with the key provider "Configuration" (not File!) which was a bit confusing.
- 🇧🇬Bulgaria valthebald Sofia
I see 2 parts here:
1. Although Vertex authentication should be done via JSON file, keys of type "File" do not work. This is a bug that is easily fixable in VertexProvider::getAccessToken() - which should try to unserialize the key before creating ServiceAccountCredentials
2. (working) keys of type environment/configuration should be documented better. This part specifically?
Could explain that the key should be in fact the path to the JSON file (which is a bit controversial) - Merge request !3Switch to file-based keys, make key selection clearer → (Open) created by valthebald
- 🇧🇬Bulgaria valthebald Sofia
What if, to avoid confusion, we limit selection of keys in provider form to only file-based? Suggested MR does just that, and changes a little description of the key select to
Choose an available key. If the desired key is not listed, create a new key. Important: Key must use "File" provider and point to the JSON credentials file. Read more at https://cloud.google.com/docs/authentication/application-default-credent....
One thing to decide is whether we need an update hook to switch from config/environment key to file based for existing installations.
- 🇨🇦Canada mgifford Ottawa, Ontario
Thanks @valthebald just scanned the code. Looks good to me. I'll try to test the patch.