google-secret-manager

Why isn't my Firebase app connecting to Google Secret Manager?

 ̄綄美尐妖づ 提交于 2021-02-11 15:12:13
问题 I can't figure out why I keep getting the error: Error: Could not load the default credentials. Browse to https://cloud.google.com/docs/authentication/getting-started for more information. firebase login from my command line returns that I am already logged in and I have configured my-app@appspot.gserviceaccount.com to be a Secret Manager Secret Accessor in the GCP IAM admin dashboard within the same project. Here's the code I'm using: const { SecretManagerServiceClient } = require("@google

How do I use Google Secrets Manager to create a docker ARG in Google Cloud Build?

一个人想着一个人 提交于 2021-01-29 07:05:00
问题 I'm doing a build on GCB in which I need to install private dependencies, so am using Google Secrets Manager. My cloudbuild.yaml looks like this: steps: - name: gcr.io/cloud-builders/gcloud entrypoint: 'bash' args: [ '-c', "gcloud secrets versions access latest --secret=PERSONAL_ACCESS_TOKEN_GITHUB --format='get(payload.data)' | tr '_-' '/+' | base64 -d > decrypted-pat.txt" ] - name: 'gcr.io/cloud-builders/docker' args: - build - '--build-arg' - PERSONAL_ACCESS_TOKEN_GITHUB=$(cat decrypted

Access environment variables stored in Google Secret Manager from Google Cloud Build

我的未来我决定 提交于 2021-01-04 05:40:12
问题 How can I access the variables I define in Google Secret Manager from my Google Cloud Build Pipeline ? 回答1: You can access to secret from Cloud Build by using the standard Cloud Builder gcloud But, there is 2 issues: If you want to use the secret value in another Cloud Build step, you have to store your secret in a file, the only way to reuse a previous value from one step to another one The current Cloud Builder gcloud isn't up to date (today, 03 feb 2020). You have to add a gcloud component

Can't access secret in GCP Secret Manager

本秂侑毒 提交于 2020-08-09 10:33:10
问题 I'm trying from storing my API keys in a .env to using Google Cloud Platform Secrets Manager. I've followed the instructions here but I encounter an error saying that I don't have permissions to access the secret. import * as admin from "firebase-admin" import { SecretManagerServiceClient } from "@google-cloud/secret-manager" admin.initializeApp() const secretClient = new SecretManagerServiceClient() async function main() { async function getSecret(): Promise<string | null | undefined> {

Can't access secret in GCP Secret Manager

生来就可爱ヽ(ⅴ<●) 提交于 2020-08-09 10:32:24
问题 I'm trying from storing my API keys in a .env to using Google Cloud Platform Secrets Manager. I've followed the instructions here but I encounter an error saying that I don't have permissions to access the secret. import * as admin from "firebase-admin" import { SecretManagerServiceClient } from "@google-cloud/secret-manager" admin.initializeApp() const secretClient = new SecretManagerServiceClient() async function main() { async function getSecret(): Promise<string | null | undefined> {

How should I store secrets for use in Google Cloud Platform?

柔情痞子 提交于 2020-07-21 07:07:54
问题 If I had credentials I need to store in Google Compute Engine or Google App Engine for use at build time, how should I store them? Is there something better than storing them in code, or in a bucket? 回答1: One option is to encrypt the secrets with a key from Cloud KMS, and store them either in a storage bucket or keep them in the binary. This lets you manage permissions and logging on the key, to indirectly manage who accesses the secret. 回答2: As of December 2019, you should store secrets with

How should I store secrets for use in Google Cloud Platform?

孤街浪徒 提交于 2020-07-21 07:05:28
问题 If I had credentials I need to store in Google Compute Engine or Google App Engine for use at build time, how should I store them? Is there something better than storing them in code, or in a bucket? 回答1: One option is to encrypt the secrets with a key from Cloud KMS, and store them either in a storage bucket or keep them in the binary. This lets you manage permissions and logging on the key, to indirectly manage who accesses the secret. 回答2: As of December 2019, you should store secrets with

How should I store secrets for use in Google Cloud Platform?

本秂侑毒 提交于 2020-07-21 07:05:08
问题 If I had credentials I need to store in Google Compute Engine or Google App Engine for use at build time, how should I store them? Is there something better than storing them in code, or in a bucket? 回答1: One option is to encrypt the secrets with a key from Cloud KMS, and store them either in a storage bucket or keep them in the binary. This lets you manage permissions and logging on the key, to indirectly manage who accesses the secret. 回答2: As of December 2019, you should store secrets with

How do you get secrets from GCP's Secret Manager in a local environment?

青春壹個敷衍的年華 提交于 2020-05-30 08:00:09
问题 I created a secret on the Secrets Manager console. Then I took tried using the Go code quickstart guide like ctx := context.Background() client, err := secretmanager.NewClient(ctx) if err != nil { log.Println(err) } // Build the request. req := &secretmanagerpb.AccessSecretVersionRequest{ Name: "projects/my-project/secrets/API_KEY/versions/latest", } // Call the API. result, err := client.AccessSecretVersion(ctx, req) if err != nil { log.Println(err) } but then I get rpc error: code =

How to access GCP Secret Manager from Angular 9 web app service

南笙酒味 提交于 2020-04-30 06:32:10
问题 I am having Angular service (Cloud Run fully managed) from which I would like to access 'googleapis' Secret Manager API with HTTP client call. The problem is I do not find a way to get the current service account's auth token that I can further use into the Authorization header field. This is an approach to use Secret Manager API, but I can change this with possible other solutions too unless it is working from the Agular app. Thanks a lot in advance. 回答1: I found a conceptual solution to the