Home Verkennen Help
Registreren Inloggen
oscarleiva
/
energylink
1
0
Vork 0
Bestanden Issues 0 Pull-aanvragen 0 Wiki
Bladeren bron

Reduced OAuth scope to read_write

Konstantin Chukhlomin 8 jaren geleden
bovenliggende
fcdf282090
commit
7e3c9fcc1c
3 gewijzigde bestanden met toevoegingen van 3 en 1 verwijderingen
Zij-aan-zij weergave Toon Diff Stats
  1. 2 0
      docs/sources/installation/configuration.md
  2. 1 1
      pkg/components/imguploader/gcsuploader.go
  3. 0 0
      pkg/components/imguploader/gcsuploader_test.go

+ 2 - 0
docs/sources/installation/configuration.md
Bestand weergeven 

@@ -683,6 +683,8 @@ basic auth password
 
 Path to JSON key file associated with a Google service account to authenticate and authorize.
 
 Service Account keys can be created and downloaded from https://console.developers.google.com/permissions/serviceaccounts.
 
 
+Service Account should have "Storage Object Writer" role.
 
+
 
 ### bucket name
 
 Bucket Name on Google Cloud Storage.

+ 1 - 1
pkg/components/imguploader/gcpuploader.go → pkg/components/imguploader/gcsuploader.go
Bestand weergeven 

@@ -39,7 +39,7 @@ func (u *GCSUploader) Upload(imageDiskPath string) (string, error) {
 
 
 	log.Debug("Creating JWT conf")
 
 
-	conf, err := google.JWTConfigFromJSON(data, "https://www.googleapis.com/auth/devstorage.full_control")
 
+	conf, err := google.JWTConfigFromJSON(data, "https://www.googleapis.com/auth/devstorage.read_write")
 
 	if err != nil {
 
 		return "", err
 
 	}

+ 0 - 0
pkg/components/imguploader/gcpuploader_test.go → pkg/components/imguploader/gcsuploader_test.go
Bestand weergeven